Introduction
Microsoft has secured cloud-based identities for more than a decade. By implementing Microsoft Entra ID Protection, otherwise known as Azure Identity Protection (AIP), you can use the same protection systems Microsoft uses to secure identities.
Most security breaches take place when attackers gain access to an environment by stealing a user’s identity. Over the years, attackers have become increasingly effective in using third-party breaches and sophisticated phishing attacks. As soon as attackers gain access to even low privileged user accounts, it’s relatively easy for them to gain access to important company resources through lateral movement.
Discovering compromised identities is no easy task. Microsoft Entra ID uses adaptive machine learning algorithms and heuristics to detect anomalies and suspicious incidents that indicate potentially compromised identities. Identity Protection uses this data to generate reports and alerts. Given this visibility into suspicious incidents, organizations can then evaluate the detected issues and take appropriate mitigation or remediation actions.
After completing this module, you'll be able to:
- Describe Azure Identity Protection and what kind of identities can be protected.
- Understand how to enable Azure Identity Protection.
- Know how to identify vulnerabilities and risk events.
- Plan your investigation in protecting cloud-based identities and how to protect your Microsoft Entra environment from security breaches.