![]() The authentication methods used for sign-ins, and more such details.Īzure AD Sign-in Logs Types of Azure AD Sign-ins in Microsoft 365.Is there any conditional access defined? If yes, the status of the conditional access. ![]() The number of users, apps or services that were signed in recently.Any sign-in occurred from disabled accounts or expired passwords.Client app that uses an access token to sign-in.Identify users’ sign-ins using legacy protocols.Why is it Important to Keep Track of Azure AD Sign-in Logs?īy reviewing Azure AD sign-in logs, admins can keep an eye and take required actions on the users’ sign-ins with the help of the below critical information that the report provides. Users can also view their sign-ins through.However, you’ll require an AAD P1 or P2 license if you wish to access the report through Microsoft Graph API. The sign-in activity report in the AAD admin center is available in all the editions of Azure AD.To access the sign-in logs, admins should be assigned with any one of the following roles. ![]() ![]() Also, admins should have an up-to-date authentication mechanism and knowledge about recent security attacks. Isn’t it suspicious when a login attempt occurs from an unusual location rather than the user’s current location?Ībsolutely! However, proactive and constant monitoring of Azure AD Sign-ins has the capability of preventing severe security risks like password spray attacks, logging in with malicious IP addresses, and more such threats. Frequent login failures and disabled account login attempts may indicate that your organization is prone to cyber threats. There are multiple ways for attackers to gain access to your Microsoft 365 organization. Stay tuned for more blogs in the Office 365 Cybersecurity blog series. On Day 20 of Cybersecurity awareness month, learn to safeguard risky users from threats and attacks by monitoring Azure AD sign-ins in Office 365.
0 Comments
Leave a Reply. |