68891 – Microsoft Defender for Identity: Detection improvement – Suspicious additions to sensitive groups

cloudscout.one Icon

check before: 2021-02-28

Product:

Azure Advanced Threat Protection, Defender, Microsoft Defender for Identity

Scope:

Please log-in or
get a plan

Platform:

World tenant, Online

Links:

Details:

New logs are being added to the detection logic for what is "normal" in a particular environment. This will remove an initial dependency on establishing a baseline so that detection is available to use immediately for known sensitive groups. In other words, this eliminates the need for a learning period to conclude before you can take advantage of this alert that may indicate signs of an attack, or potential insider threat.

Change Category:
Please log-in or
get a plan

Status:
In development

Ring:
General Availability

Created:
2020-11-24

updated:
2021-02-06

Change type:
Admin impact, New feature

task type:

an advanced plan is required to see all details


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose for a plan.


Leave a Reply

more to explore