
close
close
Upcoming FREE Conference on Identity Management and Privileged Access Management
Microsoft has introduced a new Report Suspicious Activity feature in Azure Active Directory (Azure AD). Suspicious activity reports provide detailed information about unusual sign-in attempts to help organizations detect and respond to potential security threats.
According to Microsoft, the new feature enables users to report suspicious activities for unknown authentication requests. Users can report the fraudulent attempt via the Microsoft Authenticator app or their phone call. IT Admins can then review the activity logs to investigate and take necessary action to protect their data and resources.
“Administrators can use risk-based policies to limit access for these users, or enable self-service password reset (SSPR) for users to remediate problems on their own. If you previously used the Fraud Alert automatic blocking feature and don’t have an Azure AD P2 license for risk-based policies, you can use risk detection events to identify and disable impacted users and automatically prevent their sign-in,” Microsoft explained.
To enable the Report Suspicious Activity feature, administrators will need to follow the steps mentioned below:
Once enabled, IT admins will be able to view the risk detection report by heading to Azure Active Directory >> Security >> Identity Protection >> Risk detection. The risk event will appear as detection type “User Reported Suspicious Activity,” with risk level High and source End user reported.
Earlier this month, Microsoft warned about a new consent-based phishing campaign that tricks users into authorizing permissions for malicious OAuth apps. The Report Suspicious Activity feature should make it easier for IT admins to proactively identify and mitigate security risks in their organizations. This capability is currently available in preview, and it’s unclear when it becomes generally available for all enterprise customers.
More in Azure Active Directory
Microsoft Releases Azure AD System-Preferred Authentication Policy in Preview
Mar 7, 2023 | Rabia Noureen
Microsoft Releases New Azure AD Property Lock Feature to Prevent Changes to App Credentials
Mar 6, 2023 | Rabia Noureen
Microsoft Now Lets IT Admins Enable Suspicious Activities Reporting in Azure AD
Feb 27, 2023 | Rabia Noureen
Securing Azure Virtual Desktop with Azure Active Directory Conditional Access
Feb 22, 2023 | Shabaz Darr
Zero Trust: How Azure Active Directory and Identity Management Enable Cloud Security
Feb 15, 2023 | Sander Berkouwer
Most popular on petri