Security Mitigation Playbooks - Provides step-by-step instructions to reduce the attack surface and harden the environment against specific identity threats.
MITRE ATT&CK Analysis - Maps each attack scenario to the corresponding MITRE ATT&CK tactics, techniques, and procedures to guide defensive strategy.
Attack Scenario Mappings - Maps each attack scenario to the corresponding MITRE ATT&CK tactics, techniques, and procedures to guide defensive strategy.
Identity Risk Mitigation - Providing step-by-step instructions to reduce the attack surface and harden the environment against specific identity threats.
Identity Attack Detections - Detects identity-based attacks using Microsoft security products like Defender XDR, Sentinel, and Defender for Cloud Apps.
Microsoft Graph API Audits - Pulls security configuration from Microsoft Graph API into Log Analytics for visualization and alerting on critical changes.
Microsoft Security Stack Detections - Detecting identity-based attacks using Microsoft security products like Defender XDR, Sentinel, and Defender for Cloud Apps.
Attack Simulations - Describes realistic attack scenarios, including password spray and consent grant, to test and improve organizational defenses.
Common Attack Scenarios - Describes realistic attack scenarios, including password spray and consent grant, to test and improve organizational defenses.
Identity Threat Mitigations - Provides step-by-step instructions to reduce the attack surface and harden the environment against specific identity threats.
Security Audits - Auditing Microsoft Entra ID security configuration by pulling data into Log Analytics for visualization and alerting on critical changes.
Security Configuration Audits - Pulls security configuration from Microsoft Graph API into Log Analytics for visualization and alerting on critical changes.
Security Stack Integrations - Detects identity-based attacks using Microsoft security products like Defender XDR, Sentinel, and Defender for Cloud Apps.
Session Token Replays - Identifies and mitigates attacks that replay stolen tokens or session cookies to bypass authentication and MFA.
