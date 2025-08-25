Microsoft has rolled out an AI-driven security feature in Defender for Identity to tackle a critical vulnerability where credentials are stored in plain text within Active Directory and Entra ID fields, exposing thousands of organizations, Cyber Press reports.
Research by the company uncovered more than 40,000 exposed credentials across 2,500 tenants, a problem stemming from administrators using free-text fields for convenience, often to support HR integrations or privileged access management. Non-human identities, including service accounts that outnumber human users, are particularly at risk since they cannot leverage multi-factor authentication. The new feature uses a layered AI detection approach, scanning directories for base64-encoded secrets and patterns resembling passwords, then analyzing contextual factors like identity type, persistence, recent changes, and script references to reduce false positives. Ev Kontsevoy, CEO of Teleport, emphasized that "high-confidence alerts are essential for timely remediation." Currently in public preview, the feature is accessible under the "Exposure Management" section, enabling proactive identification and mitigation of identity misconfigurations.