Cloud Identity Threat Protection Essentials
Microsoft Sentinel, Microsoft Corporation
Cloud Identity Threat Protection Essentials
Microsoft Sentinel, Microsoft Corporation
Cloud Identity Threat Protection Essentials
Microsoft Sentinel, Microsoft Corporation
Cloud Identity Threat Protection Essentials
Note: Please refer to the following before installing the solution:
• Review the solution Release Notes
• There may be known issues pertaining to this Solution, please refer to them before installing.
As more and more companies move to the cloud - attacks to the cloud identity system are becoming more commonplace. The Cloud Identity Threat Protection Essentials solution looks for most common cloud focused identity attacks such as Suspicious Sign-ins, privilege grants, MFA disable etc. Rapid detection of these attacks can enable organizations to respond faster and stop them from progressing further.
Pre-requisites:
This is a domain solution and does not include any data connectors. The content in this solution supports the connectors listed below. Install one or more of the listed solutions, to unlock the value provided by this solution.
1.Microsoft Entra ID
2.Amazon Web Services
3.Microsoft Entra ID Identity Protection
Keywords: MFA, Nord VPN, VPS, Disabled Account, Suspicious Sign-in, Service principal
Analytic Rules: 2, Hunting Queries: 8
Learn more about Microsoft Sentinel | Learn more about Solutions