What's New in Microsoft Defender for Identity in September 2023 : Sander Berkouwer

What's New in Microsoft Defender for Identity in September 2023
by: Sander Berkouwer
blow post content copied from  The DirTeam.com / ActiveDir.org Weblogs
click here to view original post

Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures.

It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory, AD FS, and Certification Authority (CA) admins to investigate and remediate (potential) breaches related to advanced threats, compromised identities and malicious insider actions.

Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP) and Advanced Threat Analytics (ATA).


What's New

Alert learning period enhancements

Defender for Identity alert learning periods have been enhanced to provide more control over the learning period experience, including:

  • Any new Defender for Identity (MDI) workspace now automatically has an alert learning period turned on for 30 days. After these 30 days , the learning period is automatically turned off and a health alert is triggered to notify admins.
  • Admins can now configure the sensitivity used for specific alerts, and can also completely turn off learning for specific alerts.

During the learning period, Defender for Identity learns about your network and builds a profile of your network's normal activity. Learning periods can be useful for updating your baseline algorithms, but can also result in a high volume of alerts, some of which may be triggered by legitimate activity.


Defender for Identity reports moved to the main Reports area

Now, admins can access Defender for Identity reports from Microsoft 365 Defender's main Reports area instead of the Settings area.


Go hunt button for groups in Microsoft 365 Defender

Defender for Identity has added the Go hunt button for groups in Microsoft 365 Defender. Admins can use the Go hunt button to query for group-related activities and alerts during an investigation.


Performance enhancements

Defender for Identity has made internal improvements for latency, stability, and performance when transferring real-time events from Defender for Identity services to Microsoft 365 Defender. Organizations should expect no delays in Defender for Identity data appearing in Microsoft 365 Defender, such as alerts or activities for advanced hunting.


Defender for Identity release 2.214 and 2.215

These versions include improvements and bug fixes for cloud services and the Defender for Identity sensor.

The post What's New in Microsoft Defender for Identity in September 2023 appeared first on The DirTeam.com / ActiveDir.org Weblogs.

October 07, 2023 at 07:22PM
Click here for more details...

The original post is available in The DirTeam.com / ActiveDir.org Weblogs by Sander Berkouwer
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.