Microsoft Defender for Identity

GPTKB entity

Statements (35)
Predicate Object
gptkbp:instanceOf cloud-based security solution
gptkbp:alerts pass-the-hash attacks
pass-the-ticket attacks
lateral movement
brute-force attacks
domain dominance
reconnaissance activities
gptkbp:availableOn public service
gptkbp:detects suspicious activities
advanced attacks
compromised identities
gptkbp:developedBy gptkb:Microsoft
gptkbp:documentation https://learn.microsoft.com/en-us/defender-for-identity/
gptkbp:focusesOn identity protection
Active Directory security
identity threat detection
gptkbp:formerName gptkb:Azure_Advanced_Threat_Protection
https://www.w3.org/2000/01/rdf-schema#label Microsoft Defender for Identity
gptkbp:integratesWith gptkb:on-premises_Active_Directory
gptkb:Azure_Active_Directory
gptkb:Microsoft_365_Defender
gptkbp:launched 2018
gptkbp:monitors entity activities
user activities
gptkbp:partOf gptkb:Microsoft_Defender_suite
gptkbp:provides real-time monitoring
security alerts
investigation tools
gptkbp:requires sensor deployment on domain controllers
gptkbp:supports incident response
security operations teams
gptkbp:uses gptkb:machine_learning
behavioral analytics
gptkbp:bfsParent gptkb:Microsoft_365_E5
gptkbp:bfsLayer 6