Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures.
It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory admins to investigate (potential) breaches related to advanced threats, compromised identities and malicious insider actions.
Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP) and Advanced Threat Analytics (ATA).
In November 2021, three new versions of Microsoft Defender for Identity were released:
- Version 2.162, released on November 1st, 2021
- Version 2.163, released on November 8th, 2021
- Version 2.164, released on November 17th, 2021
These versions do not enable new detections or features, but they do include improvements and bug fixes for the internal sensor infrastructure.