As GM continues its journey in bringing the best digital experiences to their customers, security remains a top priority. Security in the Enterprise is at a point where Identity is at the "Center of Everything", which means not only do we get it, but the bad guys understand it also. IAM infrastructure is the new "keys to the kingdom" and its simply not enough that strong authentication services are in place. Awareness of the sophistication of identity-based threats and how to address them is needed. With new breaches happening almost weekly, Identity Threat Detection and Response (ITDR) is an attempt to formalize a discipline around protecting identity assets in the enterprise. This session will dive into the key decisions that should be addressed when implementing a foundation of Identity Threat Detection. Additionally, we'll review key architectural considerations and guidance for implementing these critical detect and response controls. With a key principle of Zero Trust being "Assume Breach", we'll review proactive measures that can be taken for protecting human and non-human identities across the enterprise. While our focus will be on B2C architectures, there will be plenty of valuable guidance for B2B/B2E identity practitioners as well.