Sign-in Risk Policy
The sign-in risk policy detects suspicious actions that come along with the sign-in. It is focused on the sign-in activity itself and analyzes the probability that the sign-in may not have been performed by the user. The sign-in risk checks for things like whether a user has signed in from an unfamiliar location or unfamiliar IP address. You can then choose to require MFA for users based on the risk level of their sign-ins.
User Risk Policy
The user risk policy detects the probability that a user account has been compromised by detecting risk events that are atypical of a user’s behavior. Risk events require the recording of a user’s activity over a length of time so that it’s possible to detect abnormalities. You can then choose to block access to users based on their risk levels.
By Khalid Hussain