[MUSIC].
>> As the modern
workplace transforms,
identity attacks are growing
exponentially across
on-premises and in the cloud,
spanning endpoints and applications.
Security teams must monitor
user activities across
all identity attack surfaces,
often using multiple
security solutions.
Because identity
protection is paramount,
investigating
identity threats requires
a single monitoring and
hunting experience,
enabling rapid and effective triage.
Which is why Microsoft is providing
a new Identity Threat
Investigation Experience:
A deep integration between Azure
Advanced Threat Protection,
Microsoft Cloud App Security,
and Azure AD Identity Protection.
Azure ATP leverages
on-premises detections
and activities with
abnormal behavior analytics,
to assist in investigating
the most at-risk users.
Microsoft Cloud App Security
detects and alerts
security analysts on
activities across
Microsoft and third-party cloud apps.
And Azure AD Identity Protection
detects risky sign-in information,
implementing conditional access on
the compromised user until
the issue is resolved.
Microsoft analyzes
the activity and alerts based
on user and entity behavior
analytics to determine
risky behaviors and provide you
an investigation priority
score to streamline
incident response for
compromised identities.
With the Identity Threat
Investigation Experience,
you can investigate
identity activities
across on-prem and in the cloud,
correlate insights from a wide array
of signals and user telemetry,
and prioritize investigations based
on user and entity
behavior analytics,
so the greatest threats to
your organization can
be shut down first.
Sign up for a Microsoft Threat
Protection trial today.
[MUSIC].
