At least one Conditional Access policy is configured to require MFA for risky sign-ins
Why This Matters
Risky sign-ins often indicate compromised credentials or malicious access attempts. Without a Conditional Access policy that enforces multifactor authentication (MFA) for these events, attackers may successfully authenticate and gain unauthorized access to your Microsoft 365 tenant. Configuring this policy adds a critical layer of defense against identity-based threats.
What Aether365 Checks
Aether365 scans your Microsoft 365 tenant to confirm that at least one Conditional Access policy is configured to require MFA for sign-ins classified as risky. This check appears in your Aether365 dashboard under the microsoft-365 service category.