Entra ID
      Back to home
      1. Sittadel Knowledge Base
      2. Azure Portals
      3. Entra ID

      Identity Protection Dismiss Sign-In Risk Action

      This guide will show an administrator how to confirm a system identified risky sign-in as a benign true positive.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.SecurityOperator

      Handbook Reference

      Package: Identity Security

      Domain: Risky Sign-Ins Queue

      Modifies: N/A

      Risky Sign-Ins Dismiss Sign-In Risk Action
      1. Navigate to the Risky Sign-ins – Azure Active Directory portal, locate and select a desired risky sign-in from the list.
      2. From the Risky Sign-in Details flyout, select the three dots followed by selecting the Dismiss sign-in risk action. This action should be taken after investigating and confirming that the sign-in attempt was real but not malicious.
      3. A disclaimer will be displayed detailing that the user risk associated with this sign-in will be reverted and all the corresponding risk detections will be dismissed as well. Select Yes to identify the sign-in risk as real but authorized.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.