Incident Investigation with Microsoft Defender for Identity

Published Sep 22 2020 06:39 AM 2,610 Views
Microsoft

Learn how to Detect, investigate and respond to advanced threats targeting identities and domain controllers with Microsoft Defender for Identity. Starting with an alert in Microsoft Defender for Identity we’ll demonstrate how that information is correlated into an incident, how to hunt for threats using information captured by Microsoft Defender for Identity and how we can initiate an automatic incident response to remediate the incident before it evolves into a bigger problem.

%3CLINGO-SUB%20id%3D%22lingo-sub-1698840%22%20slang%3D%22en-US%22%3EIncident%20Investigation%20with%20Microsoft%20Defender%20for%20Identity%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1698840%22%20slang%3D%22en-US%22%3E%3CP%3ELearn%20how%20to%20Detect%2C%20investigate%20and%20respond%20to%20advanced%20threats%20targeting%20identities%20and%20domain%20controllers%20with%20Microsoft%20Defender%20for%20Identity.%20Starting%20with%20an%20alert%20in%20Microsoft%20Defender%20for%20Identity%20we%E2%80%99ll%20demonstrate%20how%20that%20information%20is%20correlated%20into%20an%20incident%2C%20how%20to%20hunt%20for%20threats%20using%20information%20captured%20by%20Microsoft%20Defender%20for%20Identity%20and%20how%20we%20can%20initiate%20an%20automatic%20incident%20response%20to%20remediate%20the%20incident%20before%20it%20evolves%20into%20a%20bigger%20problem.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1698840%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Defender%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Sentinel%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%20Defender%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20Defender%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EThreat%20Protection%20from%20Microsoft%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Version history
Last update:
‎Oct 04 2021 05:08 PM
Updated by:

Session Resources