Ninja Cat Giveaway: Episode 7 | Defender for Identity and Defender for Endpoint: Better to together

HeikeRitter I think a good example of the MSDI and MSDE integration, is when you can see an Incident that has an alert or activity such as a suspicious login event, and then go into the user's page, and get a detailed breakdown of the user's threat exposure, as well as any endpoints that user is associated with. You can then assess the users' threat level, dive deep into any active automatic investigations, as well as lock down the user (via AD or AAD or both), the devices that may have been compromised, or both depending on the threat, and activity.