Microsoft Defender can now automatically isolate hacked endpoints
Summary
Microsoft is introducing a new automatic isolation feature for Defender for Endpoint. This capability aims to prevent attackers from spreading laterally within a network by quickly isolating compromised devices.
IFF Assessment
FRIEND
This feature is beneficial for defenders as it automates a critical response action to contain security incidents.
Defender Context
This new automation in Microsoft Defender for Endpoint can significantly reduce the time to contain a breach. Defenders should familiarize themselves with this feature and ensure it's properly configured to leverage its incident response benefits.