Behavior detection enables you to configure sign-on policy rules that take into account changes in user behavior. For example, you can configure a policy to require multifactor authentication if a user signs in from a new location or using a new device.
You can't configure policies to deny users access based on behavior changes. However, you can configure the specific types of behavior you want to track and when they should take effect. After you configure the behavior conditions you're interested in, you can add them to your sign-on policy rules to control when users are required to provide multifactor authentication.