Microsoft Defender wants to help your business stomp out internal security threats

(Image credit: Shutterstock)

Configuring security for internal organization identities and devices is about to get a whole lot easier in Microsoft Defender for Identity as the company plans to add a new step-by-step guide to its cloud-based security solution.

According to a new post in the Microsoft 365 roadmap, the software giant will be adding a new step-by-step guide to Microsoft Defender for Identity this month.

The guide will verify that organizations have satisfied all environment prerequisites and from there it will help them create a Defender for Identity instance, connect to Active Directory and install their sensor. Once complete, user identities will be monitored and immediate action can be taken against any malicious activity that tries to compromise an organization's on-premises identities.

This feature will be available worldwide and we'll likely hear more from Microsoft on how it works in a blog post once it begins rolling out to organizations.

Native response actions

In a separate post in the Microsoft 365 roadmap, Microsoft revealed that it will also add native “response” actions to Microsoft Defender for Identity this month.

This new update will provide SecOps (security + operations) personnel with the ability to directly lock an Active Directory account or to prompt for the password to be reset. This will allow them to take direct action when a user is compromised.

Up until now, when a user was confirmed as compromised in Microsoft Defender for Identity, the Azure Active Directory account would be effected via a conditional access rule according to Microsoft.

While Microsoft Defender for Identity already provides admins with a central location where they can identify, detect and investigate on-premises identity-based threats, these two new features will make it easier for organizations to stomp out internal threats before they spread across their networks.

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.