Microsoft announced yesterday a new update for its Microsoft Entra ID Protection service. This release brings a new dashboard, advanced detection capabilities, integration with Microsoft 365 Defender, and more.
The Microsoft Entra ID Protection service leverages machine learning to detect, investigate, and remediate identity-based sign-in risks and unusual activities. It uses risk-based adaptive access policies and phishing-resistant authentication methods to prevent identity compromise in enterprise environments.
First off, Microsoft has rolled out a new dashboard experience in preview for Microsoft Entra ID Protection. The feature is designed to help IT admins understand their security posture and boost protections against cyberattacks. They can visualize common identity-based attack patterns detected within the past 30 days. The new dashboard also offers actionable recommendations based on the risk exposure.
Additionally, there are two high-fidelity detections to block potential cyberattacks at an early stage. With verified threat actor ID, security teams can track sign-in attempts made by known cybercrime groups and nation-state actors. The Azure AD threat intelligence detection allows organizations to revoke compromised sessions and require password resets. The new detections are available for all Microsoft Entra ID Protection customers.
Microsoft Entra ID Protections now provides real-time Azure AD threat intelligence detections to protect organizations against identity-based attacks. Administrators can secure their identities with risk-based conditional access (CA) policies. It’s also possible to view the risk detection report available in ID Protection for further investigation.
Lastly, Microsoft announced that Entra ID Protection integration with Microsoft 365 Defender is now generally available for commercial customers. This release lets IT Pros view Entra ID Protection alerts directly within Microsoft 365 Defender. The Microsoft 365 Defender Incident API enables IT admins to track Entra ID Protection alert-related incidents in security solutions such as Microsoft Sentinel.