Not a user yet?
Log in Register for free Suggest a product
Update

Service account classification rules now available

Defender for IdentityDefender for Identity
Microsoft
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

June 2025
Scoped access by Active Directory domain now supported (Preview)
MDI scoping is now available as part of XDR User Role-Based Access Control (URBAC). Organizations can now define and refine the scope of MDI monitoring, providing granular control over which entities and resources are included in security analysis.

Scoping by Active Directory domains helps:

  • Optimize performance: Focus monitoring on critical assets and reduce noise from non-essential data.
  • Enhance visibility control: Tailor MDI coverage to specific domains and user groups.
  • Support operational boundaries: Align access for SOC analysts, identity administrators, and regional teams.
    For more information see: Configure scoped access for Microsoft Defender for Identity.

Okta integration is now available in Microsoft Defender for Identity
Microsoft Defender for Identity now supports integration with Okta, enabling detection of identity-based threats across cloud and on-premises environments. This integration helps identify suspicious sign-ins, risky role assignments, and potential privilege misuse within your Okta environment.

For prerequisites and configuration steps, see Integrate Okta with Microsoft Defender for Identity.

Service account classification rules now available
You can now create custom classification rules to identify service accounts based on your organization’s specific criteria. This complements automatic discovery, enabling more accurate identification of service accounts. For more information, see Service account discovery

Defender For Identity PowerShell module updates (version 1.0.0.4)
New Features and Improvements:

  • Added remote domain functionality.
  • Added SensorType parameter to Test-MDISensorApiConnection to inform endpoint URL.
  • Added ability to Get/Set/Test the Deleted Objects container permissions.
  • Added auditing for Delegated Managed Service Accounts (dMSA) in the DomainObjectAuditing configuration.
    Bug Fixes:
  • Fixed audit verification checks for non-English operating systems.
  • Fixed DomainObjectAuditing identity redundant parameter bug.
  • Fixed Domain Controller detection logic to confirm AD Web Services is running on the server.
  • Fixed issue with Test-MDIDSA not parsing Deleted Object permissions.
  • Other reliability fixes.
Version: June 2025 Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft Defender for Identity updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Banner Logitech