Update whats-new.md with November 2025 features

rlitinsky · web-flow · commit 4a805bb30dd4 · 2025-11-16T04:54:40.000-08:00
Added details about new automatic event-auditing configuration and security posture assessment.
diff --git a/defender-for-identity/whats-new.md b/defender-for-identity/whats-new.md
@@ -27,6 +27,12 @@ For updates about versions and features released six months ago or earlier, see
 
 ### 
 Defender for Identity now offers an opt-in automatic event-auditing configuration for unified sensors (V3.x). This feature streamlines deployment by automatically applying required Windows auditing settings to new sensors and fixing misconfigurations on existing ones. Admins can enable the option in the Defender for Identity Settings -> Advanced Features or via Graph API. The capability and its related health alerts will roll out globally beginning mid-November 2025.
+**Releated Health alerts:**
+- NTLM Auditing is not enabled 
+- Directory Services Advanced Auditing is not enabled as required 
+- Directory Services Object Auditing is not enabled as required 
+- Auditing on the Configuration container is not enabled as required 
+- Auditing on the ADFS container is not enabled as required
 
 ### New security posture assessment: Change password for on-prem account with potentially leaked credentials (Preview)
 
