Chapter 4: Implementing Microsoft Defender for Identity

Now that we've covered the deployment process of Microsoft Defender for Endpoint (MDE), it's time to move on to Microsoft Defender for Identity (MDI). This tool, in my opinion, is perhaps one of the best, if not the best, tools in the Microsoft 365 security stack. We can talk all day long about how the cloud is everything right now, but the reality is that most businesses have an on-premises presence, and that almost always means Active Directory. With Active Directory being at the core of operations as the hierarchal structure of your computer and user accounts within an environment, it's critical we keep it protected by monitoring its signals.

Firstly, its previous name is Azure Advanced ...

Get Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.