Security News > 2021 > January > Microsoft Enables Automatic Remediation in Defender for Endpoint

Microsoft Enables Automatic Remediation in Defender for Endpoint
2021-01-19 14:12

Microsoft this week announced that it has enabled automatic threat remediation in Microsoft Defender for Endpoint for users who opted into public previews.

For all alerts, Microsoft Defender for Endpoint automatically starts an investigation on the machine, inspecting files, processes, registry keys, services, and anything else that may contain threat-related evidence.

Microsoft Defender for Endpoint defines, executes and manages these actions, without requiring intervention from security operations teams, the tech company explains.

These remediation actions are either automatically approved without warning, if the device automation level is set to Full, or require manual approval, if the automation level is set to Semi.

Having remediation actions automatically applied could save time and help contain infections, Microsoft argues.

Microsoft says it has decided to upgrade the default automation level to Full due to increased malware detection accuracy, improved automated investigation infrastructure, and the option to undo any remediation.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/YMywxWW9RJs/microsoft-enables-automatic-remediation-defender-endpoint

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774