Thank you all for participating in the live event. Please find the Q&A list below: 1. is the Defender for Identity part of Level1 frontline detection which pass the signals to Sentinel to act on? Defender for identity is a security tool that works like other tools at level 1, an agent that focuses on detection at the device level. The only difference is that defender for identity main intent is not to block these attacks using the agent, but to provide higher visibility on these types of attacks and their success. As such, one should treat it like a level 1 tool and have personnel that learn not only to understand the information it provides, but also how to securely configure and trouble it if issues arise. More information can be found at: https://docs.microsoft.com/en-us/defender-for-identity/what-is Please feel free to post any additional queries you may have, thanks!