Microsoft has unveiled its latest identity protection solution, Microsoft Entra ID Protection, to tackle the increasing threats to digital identities. The company acknowledges the rising sophistication and frequency of attacks targeting identities, necessitating a different approach to safeguarding and rapidly responding to emerging threats.
The newly renamed Entra ID Protection, and fans did not like the new name at first, boasts several key enhancements designed to prevent attacks before they occur. Among these upgrades is a brand-new dashboard, serving as a central hub for identity administrators and IT practitioners to better understand their organization’s security posture and facilitate effective protection against identity compromises.
The dashboard provides valuable insights with clear visualizations and actionable recommendations. Key metrics with monthly trends are now available, allowing organizations to gauge the effectiveness of their deployed protections. Furthermore, a new attack graphic illustrates common identity-based attack patterns detected within the past 30 days, along with the number of blocked and remediated attacks.
Microsoft Entra ID Protection also introduces two high-fidelity detections: verified threat actor ID and attacker in the middle. The former leverages threat intelligence from Microsoft’s security teams to assign real-time sign-in risk to known nation-state actors and cyber-crime groups. The latter detects phishing attacks that compromise users and subsequently applies risk to affected sign-ins and users.
Entra ID Protection now provides real-time Azure AD threat intelligence detections to tackle emerging identity-based attacks. These detections rapidly issue new, real-time responses to identified attack patterns, enabling customers to leverage risk-based conditional access policies to protect identities during sign-in.
Another significant development is the integration of Entra ID Protection with Microsoft 365 Defender, now generally available. This integration allows Entra ID Protection alerts to be surfaced in Microsoft 365 Defender, facilitating efficient investigation and a comprehensive understanding of end-to-end attacks.
Microsoft Entra ID Protection aims to provide customers with best-in-class identity security. The company encourages users to follow best practices and recommendations, deploy risk-based conditional access policies, and utilize the new detections for automatic protection and remediation.