Microsoft today announced that Azure AD Identity Protection has just turned on support for federated identities. This allows customers with Active Directory Federation Server with Azure AD, can now take advantage of this security service.
Azure AD Identity Protection helps prevent the use of compromised accounts using industry leading machine learning (ML) based real time detection and automated mitigation, helping protect all of the cloud and on-premises applications customers use with Azure AD. This kind of ML based system only works if you have access to huge amounts of relevant data to use in training adaptive ML algorithms, which are critical to success in today’s rapidly changing landscape of cybercrime.
Starting today, all of Identity Protection’s risk event types will be covered for federated identities. Now you can tell if botnet infections, TOR networks, or location anomalies are present in your federated sign-ins. Also blocking or enforcing MFA on risky sessions is available for federated identities. So, your federated identities have an extra layer of protection when they try to access cloud services such as Office 365, Azure, or *any* apps configured for Single Sign-On with Azure Active Directory.
Read about it in detail here.