Am I'm the only one or SigninLogs table ConditionalAccessPolicies is currently showing [] for all entries, also Conditional Access Insights and reporting for "report-only" are empty..
I don't see any official health issue from Microsoft.
A simple KQL query against Sign-in logs gives you visibility into the MFA methods users are actually using:
SigninLogs
| where TimeGenerated > ago(90d)
| where ResultType == 0
| mv-expand AuthDetails = todynamic(AuthenticationDetails)
| extend AuthMethod = tostring(AuthDetails.authenticationMethod)
| where isnotempty(AuthMethod)
| where AuthMethod !in ("Previously satisfied")
| summarize AuthEvents = count(), Users = dcount(UserPrincipalName) by AuthMethod
| order by AuthEvents desc
Microsoft Defender XDR now provides visibility into devices that still need this update, making it easier to track readiness and reduce exposure across the environment.
Exposure Management → Recommendations → Devices → Misconfigurations (good adjustment if you have also Windows Servers onboarded to Defender for Endpoint P2)
