Threats analysis

 Identity protection Azure Active Directory Identity Protection takes secure identity and access
management to the next level by detecting attacks in real time, informing you of risks, and applying controls to help keep your enterprise safe. The service detects suspicious activities, based on signals like brute-force attacks, leaked credentials, sign-ins from unfamiliar locations, infected devices, and more, and provides remediation recommendations to protect against these activities in real time. Based on these suspicious activities, a user risk severity is calculated, and you can configure risk-based policies that automatically protect the identities of your organization from future threats. These risk-based policies, in addition to other conditional access controls provided by Azure AD and other EMS services, can either block or provide adaptive remediation actions that include password reset requests and MFA. The service is built on a decade of Microsoft experience in protecting consumer identities, and it has special features to reduce falsepositive rates and noise.

 On-premises threat detection Microsoft Advanced Threat Analytics (ATA) is an on-premises product that can help customers protect their enterprise from advanced targeted attacks by automatically learning, analyzing, and identifying normal and abnormal entity (user, devices, and
resources) behavior. ATA takes advantage of deep-packet inspection technology as well as information from additional data sources (SIEM and Active Directory) to build an organizational
security graph and to detect advanced attacks in real time. The solution is agnostic to the device type and operating system version—ATA witnesses all authentication and authorization.

 SaaS/Cloud Application Security Microsoft Cloud Application Security, based on the Microsoft
Adallom acquisition, is a comprehensive cloud service that provides deeper visibility, stronger controls, and increased security for the cloud applications.

 Malware detection When building an internal-facing app, Intune mobile device management and mobile application management solutions detect malware on Android and report jailbroken or rooted devices for iOS and Android. You also can use Intune MAM capabilities on their own or to complement an existing MDM solution.

Source Of Information : Microsoft Platform and Tools for Mobile App Development