Pilot Microsoft Defender for Identity
Applies to:
- Microsoft Defender XDR
This article is Step 3 of 3 in the process of setting up the evaluation environment for Microsoft Defender for Identity. For more information about this process, see the overview article.
Use the following steps to set up and configure the pilot for Microsoft Defender for identity. The recommendations don't include setting up a pilot group. The best practice is to install the sensor on all of your servers running Active Directory Domain Services (AD DS) and Active Directory Federated Services (AD FS).
The following table describes the steps in the illustration.
- Step 1: Configure benchmark recommendations for your identity environment
- Step 2: Try out capabilities — Walk through tutorials for identifying and remediating different attack types
Step 1: Configure benchmark recommendations for your identity environment
Microsoft provides security benchmark recommendations for customers using Microsoft Cloud services. The Azure Security Benchmark (ASB) provides prescriptive best practices and recommendations to help improve the security of workloads, data, and services on Azure.
These benchmark recommendations include Azure security baseline for Microsoft Defender for Identity. Implementing these recommendations can take some time to plan and implement. While these recommendations greatly increase the security of your identity environment, they shouldn't prevent you from continuing to evaluate and implement Microsoft Defender for Identity. These recommendations are provided here for your awareness.
Step 2: Try out capabilities — Walk through tutorials for identifying and remediating different attack types
The Microsoft Defender for Identity documentation includes a series of tutorials that walk through the process of identifying and remediating various attack types.
Try out Defender for Identity tutorials:
- Reconnaissance alerts
- Compromised credential alerts
- Lateral movement alerts
- Domain dominance alerts
- Exfiltration alerts
- Investigate a user
- Investigate a computer
- Investigate lateral movement paths
- Investigate entities
Next steps
Evaluate Microsoft Defender for Office 365.
Return to the overview for Evaluate Microsoft Defender for Office 365.
Return to the overview for Evaluate and pilot Microsoft Defender XDR
Tip
Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender XDR Tech Community.
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for