Rules Contributing to Microsoft Entra Federation Modified Alert

The following rules are used to identify suspicious Microsoft Entra federation modified activity. Any one or more of these will trigger the Microsoft Entra Federation Modified Alert. Details for each rule can be viewed by clicking the More Details link in the description.

Title

Description

Azure Domain Federation Settings Modified

Identifies when a user or application modified the federation settings on the domain.