Oct 25 2018 04:44 AM
- Although your users are synched, can someone compromise one of them to go after a more privileged one or access confidential resources internally?
- Is there internal user behavior that i wish to monitor?
- Do i want to augment what Azure AD identity protection finds, or WDATP, or MCAS etc.
- Do i have VPN Servers that i need to monitor for abnormal user access
- should my on-premise identity infrastructure can be used against me
If you answered yes to any, than you probably need Azure ATP...