Introduction
Microsoft launched its Azure cloud computing platform in 2010, at which time it began securing cloud-based identities. Over a decade later, Microsoft continues to secure cloud identities through expanding and enhancing its Microsoft Entra ID authentication service. By implementing Microsoft Entra ID Protection, previously known as Azure Identity Protection, you can use the same protection systems Microsoft uses to secure identities.
Most security breaches take place when attackers gain access to an environment by stealing a user’s identity. Over the years, attackers became increasingly effective in using third-party breaches and sophisticated phishing attacks. As soon as attackers gain access to even low privileged user accounts, it’s relatively easy for them to gain access to important company resources through lateral movement.
Discovering compromised identities is no easy task. This module examines how Microsoft Entra ID uses adaptive machine learning algorithms and heuristics to detect anomalies and suspicious incidents that indicate potentially compromised identities. You learn how Microsoft Entra ID Protection uses this data to generate reports and alerts. Given this visibility into suspicious incidents, organizations can then evaluate the detected issues and take appropriate mitigation or remediation actions.