New opt-in setting for Microsoft Defender for Identity

Originally posted by Microsoft Jun 17, 2022 Microsoft 365 Apps 0 Comments

Over the last few months, the experiences and functions of Microsoft Defender for Identity have been made available in Microsoft’s extended detection and response (XDR) platform, Microsoft 365 Defender. Merging identity data and functions into this XDR experience is a valuable addition to a security teams capabilities, with identity providing important context to detection logic and investigation potential.

Since all major Microsoft Defender for Identity features have now been made available in Microsoft 365 Defender portal; we are introducing a portal redirection setting which will be available by navigating from the Microsoft 365 Defender homepage (security.microsoft.com) to Settings -> Identities -> General -> Portal redirection

Enabling this option will automatically redirect any requests to the standalone Defender for Identity portal (portal.atp.azure.com) to Microsoft 365 Defender along with any direct links to its functionality.

If your organization does not use Microsoft Defender for Identity, you may disregard the below message.

Key points

  • Timing: Starting from June 1st, 2022, Microsoft will make the settings available in tenants globally. The setting may take a few days to appear in your console after this date.
  • Action: Start using the Microsoft 365 Defender portal for Microsoft Defender for Identity. Microsoft recommends enabling redirection and to begin using Microsoft 365 Defender as the single place for operating and administering Defender for Identity.
  • Next steps: Starting from January 2023, we will enable this opt-in settings automatically for every tenant, however, organizations can still manually opt-out by switching it back.

How will this affect your organization

By enabling this redirection experience, any requests to the standalone Defender for Identity portal (portal.atp.azure.com) will be automatically redirected to Microsoft 365 Defender (security.microsoft.com). This includes any requests originating from alerting emails or notifications.

What do you need to do to prepare

Ensure your security teams are familiar with Defender for Identity’s features and settings as they are represented in Microsoft 365 Defender. If your security teams need help, please direct them to the updated documentation available here.

Message ID: MC387682

No comments yet

Leave a Reply

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: