There are two risk policies that can be enabled in the directory:
- Sign-in risk policy: The sign-in risk policy detects suspicious actions that come along with the sign-in. It’s focused on the sign-in activity itself and analyzes the probability that the sign-in was performed by some other than the user.
- User risk policy: The user risk policy detects the probability that a user account has been compromised by detecting risk events that are atypical of a user’s behavior.
Both policies work to automate the response to risk detections in your environment and allow users to self-remediate when risk is detected.
Leave a Reply