Talk With an Expert

Decreasing Attacker Dwell Time in Azure Active Directory

Decreasing Attacker Dwell Time in Azure Active Directory (PDF, 4.99MB)Published: 21 Jul, 2021
Created by
Mark Morowczynski

As companies continue to embrace the cloud, attackers also have shifted their attack methods to target cloud infrastructure. A popular target in 2020 has been an identity-based compromise (Verizon, 2020). Azure Active Directory is the identity provider behind Office 365, Azure, and thousands of applications for 200,000 companies, processing 30 billion authentications a day (Microsoft Corporation, 2021). Reducing attacker dwell time for any infrastructure is one of the most fundamental ways to minimize a breach's scope and financial impact. This paper provides an investigation into the effects on attacker dwell time when leveraging Microsoft's Security Operation Guide for Azure Active Directory.

Decreasing Attacker Dwell Time in Azure Active Directory