cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Azure Active Directory - Identity Protection

Eric Sabo
Occasional Contributor

‎Dec 13 2019 06:27 AM - last edited on ‎Jan 14 2022 04:35 PM by

‎Dec 13 2019 06:27 AM - last edited on ‎Jan 14 2022 04:35 PM by

Azure Active Directory - Identity Protection

Where can I find documentation on Azure Active Directory - Identity Protection - like once an end user is in the high risk users report, what do I do with this data?   

 

There is the following options:

Reset password

Confirm user compromised

Dismiss user risk

block user

Investigate with Azure ATP

 

I cannot find anywhere what or which one we should do for each.    Is there any blogs describing this part of the portal?

 

I guess I am looking at what an admin should do with these accounts when they show up in this portal

717 Views
0 Likes
2 Replies
Reply
2 Replies
best response confirmed by Eric Sabo (Occasional Contributor)
Kelvin Papp

‎Dec 13 2019 06:59 AM

‎Dec 13 2019 06:59 AM

Solution

Re: Azure Active Directory - Identity Protection

Hi @Eric Sabo,

 

Have you reviewed the documentation on Microsoft Docs?

 

Microsoft Identity Protection Overview

 

You'll find some guidance on using the various remediation options in the "Remediate Risks and Unblock Users" section. The choice of "what" to do is nearly always going to be subjective based on the nature / context of the alert.

 

Do you have specific examples you are looking for guidance on?

 

Kelvin

0 Likes
Reply
Eric Sabo

‎Dec 13 2019 07:06 AM

‎Dec 13 2019 07:06 AM

Re: Azure Active Directory - Identity Protection

@Kelvin Papp 

 

Thanks!   That is exactly what I needed

1 Like
Reply