LIVE · cybersecurity feed

siem

zeroday.news · 19d ago·high

Azure AD Graph Activity Logs: Ingestion and threat detection to close the visibility gap

Microsoft has made Azure AD Graph Activity Logs available for ingestion into Elastic, enabling threat detection within SIEM/XDR solutions. Previously, this critical telemetry was largely inaccessible to customers, leaving a significant visibility gap for defenders. This development allows for the monitoring of adversary activities that leverage the legacy graph.windows.net surface, which remained unlogged until recently.