top of page

Defender for Identity Reporting


Microsoft have finally added improved reporting to the Defender for Identity capabilities, with the implementation of four new reports.


To access, go to the Microsoft 365 Defender console (https://security.microsoft.com) > Settings > Identity > Report Management.


You'll be presented with;

  • Summary

  • Modifications to sensitive groups

  • Password exposed in clear text

  • Lateral movement paths to sensitive accounts

All of which can be manually downloaded for a specific time period or set to run at scheduled times (daily, weekly or monthly).


If scheduling, you can specify mailbox recipients accordingly.


Who would benefit from these reports?


Well it probably depends on your environment, but have a chat with your SecOps & Compliance Teams as they'd probably love to see this sort of data for their monthly reporting.

Comments


bottom of page