What's New in Microsoft Defender for Identity in August 2023

Reading Time: 2 minutes

Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures.

It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory, AD FS, and Certification Authority (CA) admins to investigate and remediate (potential) breaches related to advanced threats, compromised identities and malicious insider actions.

Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP) and Advanced Threat Analytics (ATA).

 

What's New

New sensor type for Active Directory Certificate Services (AD CS)

Defender for Identity now supports the new ADCS sensor type for a dedicated server with Active Directory Certificate Services (AD CS) configured.

Admins can find the new sensor type identified on the Settings > Identities > Sensors page in Microsoft 365 Defender.

 

Certification Authority-related Alerts and Secure Score Reports

Defender for Identity also now provides AD CS-related alerts and Secure Score reports.

To view the new alerts and Secure Score reports, make sure that the required events are being collected and logged on Certification Authorities (CAs).

Active Directory Certificate Services (AD CS) is a Windows Server role that issues and manages public key infrastructure (PKI) certificates in secure communication and authentication protocols.

 

Four new releases

The Defender for Identity team performed four new releases:

  • v2.210
  • v2.211
  • v2.211
  • v2.213

These versions include improvements and bug fixes for cloud services and the Defender for Identity sensor.

Author: Sander Berkouwer

Sander Berkouwer is the author of the Active Directory Administration Cookbook, speaker and blogger at DirTeam.com and ServerCore.net. He is awarded Microsoft MVP, Veeam Vanguard and VMware vExpert. Since 2009, Microsoft has awarded Sander with the Most Valuable Professional (MVP) award. Since 2016, Veeam has awarded Sander with the Veeam Vanguard award.