Hello,
During and after deployment of Microsoft Defender for Identity permissions will be required to view and administer the environment. Microsoft Defender for Identity offers role-based security allowing you to segregate duties within your security team and grant only the amount of access that users need to do their jobs.
When your MDI workspace is created, three Azure AD groups are created automatically:
- MDI Admin (Azure ATP [workspace] Administrators)
- MDI User (Azure [workspace] ATP Users)
- MDI Viewer (Azure [workspace] ATP Viewers)
for more information, visit the the site below:
Regards,
Rami KETATA
// If the response is helpful, please click "Accept Answer" //