Forum Discussion
Azure AD Risky User question
Hi Tech community,
I already try to find this out on the internet, but I don't get it yet.
Sometimes in our tenant we run into some risky users, with risky sign-ins. Do I need to set those users on "dismiss user risk", if the loggin is legit? Another thing, If I select the Risk State on dismissed in the filter, I see many dismissed with actor Azure AD. Will Azure AD automatic dismissed some risky users?
When I look on this .doc site https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-risk-feedback I cannot find my answer there.
Regards,
Ricardo
If you are certain that the sign in is genuine, and effectively a false positive, then yes you may go ahead and choose to Dismiss User Risk.
Risk policies can be configured to apply automatic remediation, so maybe this is what you are seeing here with the many dismissed risks you are seeing?
If you are certain that the sign in is genuine, and effectively a false positive, then yes you may go ahead and choose to Dismiss User Risk.
Risk policies can be configured to apply automatic remediation, so maybe this is what you are seeing here with the many dismissed risks you are seeing?
PeterRisingThank for your reply! I go ahead and play with this in my demo tenant.
