Thank you for reaching us!
I understand your query, that you are referring difference between the "Risk state" category in Microsoft Entra ID Protection and Security | Risky users.
Microsoft Entra ID Protection is a cloud-based identity and access management service that provides security features to protect user identities and access to resources.
The "Risk state category" is designed to categorize and provide information about the status of identified risks. It helps organizations track and manage the remediation of the risks effectively.
The "Risk state" category in Microsoft Entra ID is there to give you information about the current situation of risks that have been identified. It helps you understand if a risk has been fixed, is still a problem that needs attention, or if it has been determined to be a false alarm. This feature helps to keep track of reducing the risks.
The "Security | Risky users" section doesn't offer in-depth information about specific risks, instead, it provides a high-level overview of all users who are considered to be at risk, this includes information about risky sign-ins risk level, risk state, and risk detections for each user and perform actions such as verifying compromised users, clearing user risk, or changing user passwords.
The goal is here to identify which users are at risk, rather than tracking the status of individual risks.
When comparing Microsoft Entra ID Protection and Security | Risky users, it's important to focus on the specific requirements and objectives, that are relevant to your needs.
If you are looking to track the progress of risk remediation efforts, then the “Risk state” category in Microsoft Entra ID Protection would be useful.
If you want to identify which users are at risk, then the “Security | Risky users” section would be useful.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.