You are managing an Azure subscription where Microsoft Defender for Cloud is enabled. Recently, you have observed suspicious authentication activity alerts appearing in the Workload protections dashboard. Your objective is to find a solution that can both evaluate and remediate these alerts through workflow automation while ensuring minimal development effort is required. What should you include in your recommendation?