You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: ATPDocs/unmonitored-entra-connect-servers.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,7 +16,7 @@ This article describes Microsoft Defender for Identity's unmonitored Microsoft E
16
16
17
17
## What risk do unmonitored Microsoft Entra Connect servers pose to an organization?
18
18
19
-
Unmonitored Microsoft Entra Connect servers (formerly Azure AD Connect) represent a significant security risk in hybrid identity environments. These servers synchronize identities between on-premises Active Directory and Entra ID. As a result, they have the power to introduce, modify, or remove accounts and attributes that directly affect cloud access.
19
+
Unmonitored Microsoft Entra Connect servers (formerly Azure AD Connect) pose a significant security risk in hybrid identity environments. These servers synchronize identities between on-premises Active Directory and Entra ID. They can introduce, modify, or remove accounts and attributes that directly affect cloud access.
20
20
21
21
If an attacker compromises a Microsoft Entra Connect server, they can inject shadow admins, manipulate group memberships, or sync malicious changes into the cloud without triggering traditional alerts.
0 commit comments