You're reading from Microsoft Defender for Identity in Depth An exhaustive guide to ITDR, breach prevention, and cyberattack response

Product type Paperback

Published in Dec 2024

Publisher Packt

ISBN-13 9781835884485

Length 380 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Pierre Thoor

View More author details

Table of Contents (16) Chapters

Preface

1. Part 1:Mastering the Fundamentals of Microsoft Defender for Identity FREE CHAPTER

2. Chapter 1: Introduction to Microsoft Defender for Identity

3. Chapter 2: Setting up Microsoft Defender for Identity

4. Chapter 3: Leveraging MDI PowerShell for Automation and Management

5. Part 2: Advanced Configuration, Integration, and Threat Detection

6. Chapter 4: Integrating MDI with AD FS, AD CS, and Entra Connect

7. Chapter 5: Extending MDI Capabilities Through APIs

8. Chapter 6: Mastering KQL for Advanced Threat Detection in MDI

9. Part 3: Operational Excellence with Microsoft Defender for Identity

10. Chapter 7: Investigating and Responding to Security Alerts

11. Chapter 8: Utilizing MDI Action Accounts Effectively

12. Chapter 9: Building a Resilient Identity Threat Detection and Response Framework

13. Chapter 10: Navigating Challenges: MDI Troubleshooting and Optimization

14. Index

Why subscribe?

15. Other Books You May Enjoy

Primer on the MDI PowerShell module

The second chapter and the overall documentation for Defender for Identity provide you with instructions for setting up the necessary configurations by hand. Yet, this manual process may lead to mistakes, consume considerable time, and present challenges in managing within complicated, multi-domain settings. For instance, implementing audit checks on read property activities can lead to an excessive burden on domain controllers. Additionally, if the correct events are not recorded, MDI might miss certain activities, and I bet those activities are very necessary for your SecOps team. It’s important to follow the setup guidelines carefully to ensure the system operates effectively and efficiently.

The Defender for Identity PowerShell module is here to help us with the automation for configuring domain controllers and other sensor servers.