Ninja Cat Giveaway: Episode 7 | Defender for Identity and Defender for Endpoint: Better to together

HeikeRitter The experience I want to describe comes from using Defender for Cloud Apps through the enrichment of alerts by Defender for Identity and Defender for Endpoint. Having fun with the product, I created a policy that was able to identify the massive download of data by a user on vacation, who accessed the system from an unusual location after several failed sign ins [Defender for Identity] from a device not managed by the organization and with an outdated browser [Defender for Endpoint]. The integration of the two products with each other has allowed the in-depth study of the case which otherwise would have been limited to a medium severity alert in the DFCA.
It was fun!