Microsoft is updating Microsoft Defender for Identity to allow SecOps teams to block attacks by locking a compromised user’s Active Directory account. Microsoft plans to make the feature generally available worldwide to standard multi-tenants later this month. Microsoft also announced in March that Threat Analytics for Microsoft 365 Defender customers and Microsoft 365 Insider Risk Management Analytics entered public preview. The feature is bundled with Microsoft 365 E5 and you can get a Security E5 trial right now to try this new feature as soon as it’s released.
Source: https://www.bleepingcomputer.com/news/security/microsoft-365-to-let-secops-lock-hacked-active-directory-accounts/