Identities are still one of the main attack scenarios and many different threats and attack techniques will be used to gain credentials and access. Microsoft security products offers many capabilities to monitor identities in a hybrid identity environment and use latest integrated threat intelligence (including anomaly detections)

But which integrations between the indiviual products, such as Microsoft 365 Defender and Identity Protection are available? How can you take advantage of "User and Entity Behavior Analytics" to detect suspicious activities? Which options for automated response should be considered?

In this talk, I like to give a practical view on Microsoft 365 Defender and Microsoft Sentinel and which features should be used by every organization.