https://catalogartifact.azureedge.net/publicartifacts/adaquestinc1589508805668.scp_agent_entity_guard_investigator-d94437be-b326-4471-aba9-ec47145e2bbd/57262406-0969-43f8-9d60-09adfa705e50_adaLogo.png

Entity Guard Investigator Agent

durch adaQuest

Investigates Defender incidents and delivers clear risk verdicts with actionable insights.

The Entity Guard Investigator Agent determines whether identities and related entities referenced by a Microsoft Defender incident are compromised. Starting from a Defender IncidentId, the agent extracts entities (users, email addresses & message IDs, devices, IPs, URLs/domains, file hashes), enriches them with Microsoft Entra identity signals, Defender device posture, Threat Intelligence (DTI) reputation, and optionally Intune compliance. It then produces a human-readable verdict per entity with concise evidence and prioritized actions.

Auf einen Blick

https://catalogartifact.azureedge.net/publicartifacts/adaquestinc1589508805668.scp_agent_entity_guard_investigator-d94437be-b326-4471-aba9-ec47145e2bbd/2cd28488-d461-4118-891b-21216e931a7e_ScreenshotEGIA.png
https://catalogartifact.azureedge.net/publicartifacts/adaquestinc1589508805668.scp_agent_entity_guard_investigator-d94437be-b326-4471-aba9-ec47145e2bbd/4baf0da6-f519-41f2-b59d-e9a65ce03115_ScreenshotEGIA2.png