Azure ATP - Sensitive Accounts

CyberSecGuy · ‎Jun 27 2019

I am looking to configure Azure ATP to monitor sensitive accounts in my local Active Directory and want to know what is the max. number of accounts I can add in Sensitive accounts setting? Also, can adding sensitive accounts be automated using API or PS?

Thank you

Eli Ofek · ‎Jun 27 2019

@CyberSecGuy , there is no official max number as we didn't put any max cap to it.

in theory you can run out of space in the config, but since there is no automated way to do so, you are unlikely to get to this point.

IF you need many accounts, the more practical Idea is to create a "sensitive" AD group, add all the accounts there, and mark the group as sensitive, this will eventually propagate to all accounts automatically.

Gerson Levitz · ‎Jun 30 2019

@CyberSecGuy

AATP will also automatically consider users to be sensitive who are members of specific groups, such as domain admins. https://docs.microsoft.com/en-us/azure-advanced-threat-protection/sensitive-accounts

Thanks,

Gershon

Azure ATP - Sensitive Accounts

Azure ATP - Sensitive Accounts

Re: Azure ATP - Sensitive Accounts

Re: Azure ATP - Sensitive Accounts

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Azure ATP - Sensitive Accounts