Forum Discussion
"Security Operations Admin User" Predefined Critical Asset classification
In our XDR instance, the new "Security Operations Admin User" predefined Critical Asset classification (introduced last month) contains a few non-privileged users. I can't figure out by what logic t...
ckyalo
Microsoft
MicrosoftAdmins can manually tag additional accounts as sensitive in the Defender portal, based on business context (executives, service accounts, SecOps personnel).
Additionally, devices frequently used by high criticality uses such as Domain Admins will also be classified as high critical assets. For additional details on this classification, refer to -Criticality Levels for Classifications - Microsoft Security Exposure Management | Microsoft Learn