Microsoft Defender wants to help your business stomp out internal security threats

Microsoft Defender for Identity is getting two useful new features

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Configuring security for internal organization identities and devices is about to get a whole lot easier inMicrosoft Defender for Identityas the company plans to add a new step-by-step guide to its cloud-based security solution.

According to anew postin theMicrosoft 365 roadmap, the software giant will be adding a new step-by-step guide toMicrosoftDefender for Identity this month.

The guide will verify that organizations have satisfied all environment prerequisites and from there it will help them create a Defender for Identity instance, connect toActive Directoryand install their sensor. Once complete, user identities will be monitored and immediate action can be taken against any malicious activity that tries to compromise an organization’s on-premises identities.

This feature will be available worldwide and we’ll likely hear more from Microsoft on how it works in a blog post once it begins rolling out to organizations.

Native response actions

In aseparate postin the Microsoft 365 roadmap, Microsoft revealed that it will also add native “response” actions to Microsoft Defender for Identity this month.

This new update will provideSecOps(security + operations) personnel with the ability to directly lock an Active Directory account or to prompt for thepasswordto be reset. This will allow them to take direct action when a user is compromised.

Up until now, when a user was confirmed as compromised in Microsoft Defender for Identity, the Azure Active Directory account would be effected via a conditional access rule according to Microsoft.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

While Microsoft Defender for Identity already provides admins with a central location where they can identify, detect and investigate on-premises identity-based threats, these two new features will make it easier for organizations to stomp out internal threats before they spread across their networks.

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Dangerous Android banking malware looks to trick victims with fake money transfers

Sophos Firewall hack on government network used an all-new custom malware

Zenless Zone Zero Version 1.3 adds two new playable agents, new story content, and special events