Today, we are excited to announce that Azure Advanced Threat Protection (Azure ATP) is being integrated with Azure Active Directory Identity Protection (Azure AD Identity Protection), and this functionality is expected to be available for Preview later this year.
In most large organizations, IT teams that administer identity and ones that investigate incidents are different and may or may not be working hand-in-hand. It is hard to find security solutions that work well together and are comprehensive at the same time. With the Azure AD Identity Protection and Azure ATP integration, Microsoft delivers a unified identity investigation experience across on-premises and cloud.
Protection built right into Azure Active Directory, Azure AD Identity Protection uses dynamic intelligence and machine learning to automatically detect and protect your organization from identity attacks. While Azure ATP, a cloud service, helps protect your enterprise hybrid environments from multiple types of advanced targeted cyber attacks and insider threats, leveraging machine learning analytics to determine suspicious user behavior.
Unlock new value with comprehensive identity protection:
- Controls to monitor and bring down risk by users or sign-ins (Know your risky users and sign-ins)
- Understand which incident to prioritize first based on risk and user access (Admins first, users next)
- Help prevent breaches before they happen
The Azure ATP and Azure AD Identity Protection integration allows SecOps investigations of risky users between the two products through a single pane of glass.
SecOps analysts can see a user’s Risk as calculated by Identity Protection along with the new Azure ATP Investigation Priority which highlights the most important users the security team needs to triage.
Security and identity administrators can navigate from the view of a User with Risk in AATP back to Identity Protection to configure Azure AD conditional access policies to prevent subsequent bad actor activities and safely get sole ownership of impacted user’s account back to the rightful owner.
The unified identity investigation experience through the Azure AD Identity Protection and Azure ATP integration provides comprehensive identity protection for any size enterprise.
Azure Active Directory Identity Protection and Azure Advanced Threat Protection are a part of Microsoft 365’s E5 suite. You can learn more about Azure ATP here and about Azure AD Identity Protection here.
Source: EM+S Blog Feed