Forum Discussion
Is there a playbook to deploy for users to complete MFA if there sign in is detected as being risky
Hey,
Not really sure if this is the answer on your question, but with Azure AD Identity Protection you can create policies based on the sign-in risk or the user risk levels.
This is also integrated with Conditional Access, so you can more specific policies what should happen when a user sign-ins with a specific risk level.
You can read more about Identity Protection https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-risk-policies
You can read more about risk-based conditional access https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-risk
Pontus Själander, Thanks for your response. I was searching for if we have any automated playbooks to implement in sentinel.
printscreen Mark user accounts as compromised using Logic Apps. How do you use conditional access to enforce MFA on high-risk accounts?
