A hosted service designed to help organizations discover suspicious activities within their network
Roadmap for Microsoft Defender for Identity, a Microsoft-hosted service that captures, parses, and analyzes traffic of key unencrypted network protocols. It examines authentication, authorization, and other activities for indicators of potentially suspicious behavior by a user or on a device within an organization.
Roadmap for the Enterprise Mobility + Security suites of subscription services, which include Premium editions of Azure Active Directory, Azure Information Protection, as well as Intune and Microsoft Defender for Cloud Apps (formerly Microsoft Cloud App Security).
Azure Active Directory includes numerous features to enable interoperability with Active Directory on-premises, Microsoft 365 and third-party applications, and enable administration of AAD users and groups. Some additional services can help improve AAD security, at additional cost. Each of the reports in this kit discusses different features, technologies, or additional services that help with AAD management and security.
Microsoft has added AD FS support to Microsoft Defender for Identity, which could help customers defend against Solarigate and other complex attacks.
Microsoft again announced renaming of some of its client security services in late 2021, echoing similar changes made in 2020.
Several brands used by Microsoft describe features that are only available if multiple software components are licensed.
Most Microsoft 365 services offer different capabilities, depending on the platform being managed. Each of the seven reports in this kit examines the capabilities that a different Microsoft 365 service offers to each platform it supports.
Microsoft Defender for Identity discovers malicious activity within on-premises Active Directory but offers limited coverage for user activity outside of on-premises Windows devices.
Government customers in the US receive a limited set of Enterprise Mobility + Security suite features.