Microsoft Security Product Hub

Risk based Conditional Access

Overview

Risk-based Conditional Access extends Conditional Access signals.

Sign-in risk-based Conditional Access identifies when an authentication request is of a higher risk due to location change with impossible travel, coming from an anonymous IP address such as Tor or VPN, atypical travel, malware linked IP address and more.

User risk-based Conditional Access identifies when user credentials have been leaked or Azure AD threat intelligence identifies higher user risk because of known attack patterns.

Outcomes

  • Escalate to MFA request when a sign-in or user risk is identified
  • Optionally enforce password change
All
Secure Remote Work
Zero Trust