Windows Defender for Identity

GPTKB entity

Statements (27)
Predicate Object
gptkbp:instanceOf cloud-based security solution
gptkbp:availableOn public service
gptkbp:detects pass-the-hash attacks
pass-the-ticket attacks
lateral movement
brute-force attacks
suspicious activities
domain dominance
reconnaissance activities
gptkbp:developedBy gptkb:Microsoft
gptkbp:documentation https://docs.microsoft.com/en-us/defender-for-identity/
gptkbp:focusesOn identity-based threats
gptkbp:formerName gptkb:Azure_Advanced_Threat_Protection
https://www.w3.org/2000/01/rdf-schema#label Windows Defender for Identity
gptkbp:integratesWith gptkb:Active_Directory
gptkb:Microsoft_365_Defender
gptkbp:launched 2018
gptkbp:monitors domain controllers
gptkbp:partOf gptkb:Microsoft_Defender_suite
gptkbp:provides security reports
real-time monitoring
security alerts
gptkbp:requires sensor deployment
gptkbp:supports hybrid environments
gptkbp:uses behavioral analytics
gptkbp:bfsParent gptkb:Microsoft_Windows_ecosystem
gptkbp:bfsLayer 7