In an effort to improve and enhance your experience using Azure ATP, we’re renaming all Security Alerts with easier to understand titles and descriptions.
Effective 4 versions from now (v2.56) planned for release 25-27 November, all Azure ATP Security Alert names will be changed throughout the portal, syslogs and reports. Bellow you can find some examples.
Please contact me if you would like to get more information.
As always, we welcome your feedback, suggestions and ideas about how to improve your Azure ATP experience.
Azure ATP Product Team
Reconnaissance using SMB Session Enumeration -> User and IP address reconnaissance (SMB)
Reconnaissance using directory services queries -> User and group membership reconnaissance (SAMR)