Trace Id is missing
Skip to main content
Microsoft Security

Microsoft Defender for Identity

Detect and respond to advanced identity cyberthreats across your organization.

Try for free Contact Sales
People working in the Microsoft Security Response Center, looking at information on large desktop monitors.

Identity protection and security

Use Defender for Identity to help security operations teams manage identity risk and spot advanced identity-based cyberthreats.

Comprehensive protection

Get visibility, posture recommendations, and protections for your unique identity footprint.

Advanced detections

Spot identity cyberthreats in real time with preconfigured alerts and detections for common and emerging cyberattack patterns.

Incident-level visibility

Correlate identity alerts with signals from across Microsoft Defender XDR for true incident-level visibility.

Intelligent automation

Automatically take action on compromised identities to stop identity cyberattacks in real time.

Watch the video

Learn how Defender for Identity, a core element of the Microsoft identity threat detection and response (ITDR) solution, can help you prevent, detect, and respond to identity-based cyberattacks.

Capabilities

Help secure your modern identity landscape with cloud-powered intelligence from Defender for Identity.

Streamline your ITDR initiative Build a comprehensive identity inventory Investigate at-risk identities Use industry-leading detections Respond at machine speed Minimize cyberattack surface area

Streamline your ITDR initiative

Use personalized insights and real-time data within a central dashboard that aggregates all identity-specific information from across your organization.

Identities, Filters: User name, Affiliation, Type, App, Groups, Investigation priority, Admin

Build a comprehensive identity inventory

Gain greater visibility into your unique identity landscape with a comprehensive inventory of cloud and on-premises identities.

A dashboard assessing alerts and risky activities with an Investigation priority score of 40.

Investigate at-risk identities

Explore detailed views of each unique identity’s activities, recent alerts, and overall risk score.

Learn more
Examples of alerts that Microsoft Defender for Identity can generate

Use industry-leading detections

Identify cyberthreats quickly and accurately with prebuilt identity detections and prioritized alerts for the latest cyberattack strategies.

Learn more
The configuration of an action account, which is used to perform actions on Active Directory users, such as disabling a user and resetting a password.

Respond at machine speed

Immediately restrict identities confirmed as compromised so they can’t persist in your organization or be further exploited.

Learn more
WOODGROVE Microsoft Defender Initiatives: Identity Security, Zero Trust, Vulnerability Assessment, Ransomware Protection

Minimize cyberattack surface area

Easily identify configuration vulnerabilities and potential cyberattack paths and get recommendations on how to resolve them.

Learn more
Back to tabs

Unified security operations platform

Secure your digital estate with the only security operations (SecOps) platform that unifies the full capabilities of extended detection and response (XDR) and security information and event management (SIEM).

Animation of microsoft defender dashboard homepage

Unified portal

Detect and disrupt cyberthreats in near real time and streamline investigation and response.

Learn more about Microsoft unified XDR and SIEM
Back to tabs

Streamline identity protection

Redraw your security perimeter with identity threat detection and response (ITDR) strategies.

Learn more

See what our customers are saying

Siemens logo
When Siemens pivoted to a cloud-first approach, it turned to Microsoft Security solutions as the base for its Zero Trust posture and implemented a range of security solutions, including Microsoft Defender for Identity, to create the blueprint for ongoing, dynamic security enhancements.
Learn more
Heineken logo
Heineken turned to Microsoft Security solutions to blend security with the agility it needs to “brew a better world”—and a brighter future.
 
 
Learn more

Related products

Use industry-leading Microsoft security products to prevent and detect cyberattacks across your Microsoft 365 workloads.

Learn more
A person using a tablet.

Microsoft Defender XDR

Get integrated cyberthreat protection across devices, identities, apps, email, data, and cloud workloads.

Learn more
A person sitting in a chair using a laptop.

Microsoft Entra ID Protection

Stay informed about suspicious user and sign-in behavior in your Microsoft Entra ID (formerly Azure AD) environment.

Learn more
A person looking at a mobile device while sitting on a desk.

Microsoft Defender for Endpoint

Explore endpoint security for businesses with more than 300 users.

Learn more
A person looking at a phone.

Microsoft Defender for Cloud Apps

Modernize how you secure your apps, protect your data, and elevate your app posture with software as a service (SaaS) security.

Learn more

Additional resources

Documentation

Explore documentation

Get started with Defender for Identity guides, tutorials, and videos.

View resources
News

Secure Azure Directory Certificate Services (AD CS)

Get the latest information about new AD CS sensor and protections in Defender for Identity.

Learn more
News

Explore the new ITDR dashboard

Learn more about the new ITDR experience within Microsoft Defender XDR.

Read the blog
Video

Watch Microsoft Mechanics: ITDR episode

Learn how to strengthen your IDTR capabilities with Microsoft.

Watch the video

Protect everything

Make your future more secure. Explore your security options today.

Contact Sales Start free trial

Follow Microsoft