Event banner

Microsoft Defender for Identity AMA

Event Ended

Wednesday, Jun 29, 2022, 09:00 AM PDT

In-Person

Event details

We are very excited to announce our Microsoft Defender for Identity AMA! An AMA is a live text-based online event similar to a “YamJam” on Yammer or an “Ask Me Anything” on Reddit. This AMA giv...

Trevor_Rusher

Updated Jun 29, 2022

microsoft defender for identity

Or Tsemah

Iron Contributor

Jun 29, 2022

While there is no immediate correlation for MDI with that specific Sentinel workbook, MDI has various security assessments, including detection of NTLMv1 and LDAP Simple Bind activities that is also used on that workbook, you can find them all in Microsoft Secure Score feature at the Microsoft 365 Defender portal (Filter for Defender for identity)

PeterJoInobits

Brass Contributor

Jun 29, 2022

Does that have a requirement for that requisite auditing to be enabled as with the Sentinel Workbook.. I have a customer who has required to be able to report on things such as PlainText LDAP etc. but is const sensitive especially w.r.t Sentinel

Or Tsemah
Iron Contributor
Jun 29, 2022
Yes, a couple of non default audit configurations on the DCs are required, see here https://docs.microsoft.com/en-us/defender-for-identity/configure-windows-event-collection

Date and Time

Jun 29, 20229:00 AM - 10:00 AM PDT