Microsoft
IAM and Email Security
Mitigate Credential Leakage with Active Directory Integration
Azure Active Directory is a cloud-based identity and access management service (IDaaS) for your employees, partners,
and customers.
Website:
https://azure.microsoft.com/en-us/services/active-directory/
Twitter: @azuread
IntSights Active Directory Integration
See “Automating Leaked Credentials with Active Directory” in the IntSights External Threat Protection User Guide for details on how to configure this integration.
Integration Snapshot
Plug Into Your Existing Workflows:
- Continuously monitor forums, chat rooms, and social media platforms to identify potential credential leaks
- Real-time contextual alerting with actionable notifications
- Proactive mitigation capabilities by automatically disabling login and/or forcing password reset operations
Integration Benefits
- Out-of-the-box Integration: Direct integration with Azure Active Directory allows enforcing credential updates upon next login to ensure immediate threat remediation and employee protection.
- Tailored Intelligence: Continuous scanning of clear, deep, and dark web forums, chat rooms, and social media platforms to identify potential credential leaks.
- Real-time Alerting: Automated notifications to employees and security teams about potential credential leakage with instructions for immediate remediation actions.
Office 365 Exchange Online
The IntSights platform also shares threat indicators with Microsoft Exchange Online, a cloud-based hosted messaging solution that gives users access to email, calendar, contacts, and tasks from PCs, the web, and mobile devices. IntSights uses the Exchange “protection” module to block attacks. Domains and IPs are shared with the Exchange server to block malicious IOCs. See “Office 365 - Exchange Online” in the IntSights External Threat Protection User Guide for detailed instructions on how to implement this integration.
