Microsoft Defender for Identity
GPTKB entity
Statements (35)
Predicate | Object |
---|---|
gptkbp:instanceOf |
cloud-based security solution
|
gptkbp:alerts |
pass-the-hash attacks
pass-the-ticket attacks lateral movement brute-force attacks domain dominance reconnaissance activities |
gptkbp:availableOn |
public service
|
gptkbp:detects |
suspicious activities
advanced attacks compromised identities |
gptkbp:developedBy |
gptkb:Microsoft
|
gptkbp:documentation |
https://learn.microsoft.com/en-us/defender-for-identity/
|
gptkbp:focusesOn |
identity protection
Active Directory security identity threat detection |
gptkbp:formerName |
gptkb:Azure_Advanced_Threat_Protection
|
https://www.w3.org/2000/01/rdf-schema#label |
Microsoft Defender for Identity
|
gptkbp:integratesWith |
gptkb:on-premises_Active_Directory
gptkb:Azure_Active_Directory gptkb:Microsoft_365_Defender |
gptkbp:launched |
2018
|
gptkbp:monitors |
entity activities
user activities |
gptkbp:partOf |
gptkb:Microsoft_Defender_suite
|
gptkbp:provides |
real-time monitoring
security alerts investigation tools |
gptkbp:requires |
sensor deployment on domain controllers
|
gptkbp:supports |
incident response
security operations teams |
gptkbp:uses |
gptkb:machine_learning
behavioral analytics |
gptkbp:bfsParent |
gptkb:Microsoft_365_E5
|
gptkbp:bfsLayer |
6
|