Hi @James Talley ,
Thanks for your post!
As documented in the Identity Protection guide, suspicious browser detection indicates anomalous behavior based on suspicious sign-in activity across multiple tenants from different countries in the same browser.
This is a relatively new detection that was released about a year ago.
What is the "Suspicious Browser" risk detection?
- This is a premium offline sign-in risk detection
- This detection flags sign-ins from browsers that are showing anomalous behavior, including sign-ins from multiple users and tenants, and from different IP addresses.
- Like other sign-in risk detection, this too will contribute to user risk, which will be remediable through Conditional Access grant control "password change" remediation.
Let me know if this helps. If you are looking for more details around this, please let me know the specific data you are looking for and I will help provide that.
-
If the information provided was helpful to you, please remember to "mark as answer" so that others in the community with similar questions can more easily find a solution.