Key features
Continuous audit log monitoring — RAIDEN polls your Microsoft 365 unified audit log in real time, processing sign-in events, admin activity, mailbox changes, and more across your entire tenant. AI-generated investigation cases — Related alerts are automatically grouped into Cases. Each case includes an AI-generated investigation report that summarises all evidence, explains the risk, and recommends next steps in plain language. One-click response actions — When you confirm a threat, RAIDEN lets you act directly from the investigation: revoke sessions, disable a compromised account, delete malicious inbox rules, or create a Conditional Access block policy — without opening a separate admin portal. Severity-based alert triage — Every detection is assigned a severity level (Critical, High, Medium, Low, or Info) so you can prioritise what needs attention immediately versus what can wait. Team roles — Invite your team with role-based access. Owners and Admins manage the platform, Analysts investigate and respond, and Viewers have read-only access.What you need to get started
- A Microsoft 365 tenant
- A Global Administrator account in that tenant (required once, for admin consent during setup)
- Your RAIDEN invite link (sent by your RAIDEN onboarding contact)
Cases vs Alerts
RAIDEN surfaces findings in two layers:| Term | What it is |
|---|---|
| Alert | A single detection event — for example, one suspicious sign-in from an unusual location |
| Case | A group of related alerts for the same user, treated as one investigation |
RAIDEN is in early access. Features are fully functional but some UI polish is still in progress. If you hit anything unexpected, contact your RAIDEN onboarding contact directly or email support@raidenhq.com.