This demo shows Microsoft Defender for Identity settings now living inside the Microsoft 365 Defender portal—so you can configure identity protection where you already investigate. It walks through Settings > Identities and tours the key tabs: Sensors (install on on-prem domain controllers or ADFS servers and check sensor health/details), Directory services accounts (service accounts for connecting to on-prem AD), VPN (configure RADIUS Accounting shared secret to enrich detections for abnormal VPN activity), and Entity tags. For tagging, it covers Sensitive tags for high-value assets (used in detections like riskiest lateral movement paths) and Honeytoken tags as trap accounts that trigger alerts on authentication. It finishes with Notifications—adding recipients for health issue notifications and configuring Syslog notifications by enabling the Syslog service, choosing a sensor, setting the endpoint, and saving—plus pointers to Microsoft Docs for deeper guidance.
We produced this as a settings walkthrough that’s structured like a checklist you can actually use: we organized the flow by “what you configure” (sensors, accounts, enrichment, tags, notifications), kept the visuals tight on each tab’s purpose, and smoothed the edit so admins can follow the sequence without backtracking. Final delivery includes closed captions, audio description, and thumbnails—ready for rollout, training, or handoff to the team that owns identity.
The inevitable sequels
Hollywood keeps stretching good ideas into progressively worse sequels. We don’t. These are the related videos—spiritual siblings of the one you just watched—as good or better than this video. Expect callbacks, new plot twists, and maybe even a scene-stealing cameo from a lower third.
