Triple

T13684533
Position Surface form Disambiguated ID Type / Status
Subject Microsoft Defender for Cloud Apps E328087 entity
Predicate supports P516 FINISHED
Object Conditional Access App Control
Conditional Access App Control is a Microsoft cloud security feature that enables real-time monitoring and control of user sessions to enforce access and data protection policies for cloud applications.
E328087 NE FINISHED

How this triple was built (4 steps)

Every LLM step that produced this triple, in pipeline order — named-entity classification, the disambiguation choices (the exact options shown, with the pick highlighted), and the generated description. The batch + timestamp of each is in the Provenance table below.

NER Named-entity recognition gpt-5-mini
Instruction
Given a phrase, classify it is english named entity (e.g., persons, organizations, works of art) in Latin script, or not (e.g., literals, dates, URLs, verbose phrases). For disambiguation, the statement where the phrase occurs as object is also given. Please return a JSON object with `phrase` (string, the phrase being analyzed) and `is_ne` (boolean, indicating whether the phrase is a Named Entity).
Input
Phrase: Conditional Access App Control | Statement: [Microsoft Defender for Cloud Apps, supports, Conditional Access App Control]
NED1 Entity disambiguation (via context triple) gpt-5-mini-2025-08-07
Target entity: Conditional Access App Control
Context triple: [Microsoft Defender for Cloud Apps, supports, Conditional Access App Control]
  • A. Device Guard
    Device Guard is a Windows security feature that uses virtualization-based security and code integrity policies to ensure only trusted applications can run on a device.
  • B. Microsoft Defender for Cloud Apps
    Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) solution from Microsoft that provides visibility, data protection, and threat detection across cloud applications and services.
  • C. Microsoft Defender for Identity
    Microsoft Defender for Identity is a cloud-based security solution that uses on-premises Active Directory signals to detect, investigate, and respond to advanced identity-based threats in enterprise environments.
  • D. Windows Information Protection
    Windows Information Protection is a Windows security feature that helps protect corporate data on devices by separating and controlling access to work and personal information.
  • E. Intune
    Intune is Microsoft’s cloud-based endpoint management and mobile device management (MDM) service used to securely manage users’ devices, apps, and policies across an organization.
  • F. None of above. chosen
  • G. Unsure - the case is ambiguous/there is not enough information to decide.
NEDg Description generation gpt-5.1
Instruction
Generate a one-sentence description of the target entity. 
You are given a context triple in the form (subject, predicate, object), where the object is the target entity. 
# Instructions
Use the triple to infer relevant information about the entity. Describe the entity based on what is most defining, well-known. 
Avoid repeating the information from the triple, unless really essential.
# Response Format
Return only the sentence: "Description: [one-sentence description of the target entity]"
Input
Entity: Conditional Access App Control
Triple: [Microsoft Defender for Cloud Apps, supports, Conditional Access App Control]
Generated description
Conditional Access App Control is a Microsoft cloud security feature that enables real-time monitoring and control of user sessions to enforce access and data protection policies for cloud applications.
NED2 Entity disambiguation (via description) gpt-5-mini-2025-08-07
Target entity: Conditional Access App Control
Target entity description: Conditional Access App Control is a Microsoft cloud security feature that enables real-time monitoring and control of user sessions to enforce access and data protection policies for cloud applications.
  • A. Device Guard
    Device Guard is a Windows security feature that uses virtualization-based security and code integrity policies to ensure only trusted applications can run on a device.
  • B. Microsoft Defender for Cloud Apps chosen
    Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) solution from Microsoft that provides visibility, data protection, and threat detection across cloud applications and services.
  • C. Microsoft Defender for Identity
    Microsoft Defender for Identity is a cloud-based security solution that uses on-premises Active Directory signals to detect, investigate, and respond to advanced identity-based threats in enterprise environments.
  • D. Windows Information Protection
    Windows Information Protection is a Windows security feature that helps protect corporate data on devices by separating and controlling access to work and personal information.
  • E. Intune
    Intune is Microsoft’s cloud-based endpoint management and mobile device management (MDM) service used to securely manage users’ devices, apps, and policies across an organization.
  • F. None of above.

Provenance (5 batches)

The batch behind each pipeline step, in order, with when it ran. Timestamps are batch-level — stages were processed in waves, so the object chain (NER → NED1 → NEDg → NED2) reads in order, but predicate / elicitation batches can sit in a different wave.

Step Stage Batch ID Status When
creating Elicitation batch_69d8076f1fa8819094664a59b55010df completed April 9, 2026, 8:09 p.m.
NER Named-entity recognition batch_69dbc66f8acc8190b2a82b722930b995 completed April 12, 2026, 4:21 p.m.
NED1 Entity disambiguation (via context triple) batch_69f7944765488190a97d2bea8c29e698 completed May 3, 2026, 6:30 p.m.
NEDg Description generation batch_69f7955fce288190a7e426f467517a91 completed May 3, 2026, 6:35 p.m.
NED2 Entity disambiguation (via description) batch_69f7996cddf08190973e493fb788ce7a completed May 3, 2026, 6:52 p.m.
Created at: April 9, 2026, 9:53 p.m.