Skip to main content

Microsoft Defender wants to help your business stomp out internal security threats

Tablet
(Image credit: Shutterstock)

Configuring security for internal organization identities and devices is about to get a whole lot easier in Microsoft Defender for Identity as the company plans to add a new step-by-step guide to its cloud-based security solution.

According to a new post in the Microsoft 365 roadmap, the software giant will be adding a new step-by-step guide to Microsoft Defender for Identity this month.

The guide will verify that organizations have satisfied all environment prerequisites and from there it will help them create a Defender for Identity instance, connect to Active Directory and install their sensor. Once complete, user identities will be monitored and immediate action can be taken against any malicious activity that tries to compromise an organization's on-premises identities.

This feature will be available worldwide and we'll likely hear more from Microsoft on how it works in a blog post once it begins rolling out to organizations.

Native response actions

In a separate post in the Microsoft 365 roadmap, Microsoft revealed that it will also add native “response” actions to Microsoft Defender for Identity this month.

This new update will provide SecOps (security + operations) personnel with the ability to directly lock an Active Directory account or to prompt for the password to be reset. This will allow them to take direct action when a user is compromised.

Up until now, when a user was confirmed as compromised in Microsoft Defender for Identity, the Azure Active Directory account would be effected via a conditional access rule according to Microsoft.

While Microsoft Defender for Identity already provides admins with a central location where they can identify, detect and investigate on-premises identity-based threats, these two new features will make it easier for organizations to stomp out internal threats before they spread across their networks.

Anthony Spadafora

After living and working in South Korea for seven years, Anthony now resides in Houston, Texas where he writes about a variety of technology topics for ITProPortal and TechRadar. He has been a tech enthusiast for as long as he can remember and has spent countless hours researching and tinkering with PCs, mobile phones and game consoles.