Microsoft has announced a new feature for the enterprise security solution Defender. Microsoft Defender for Endpoint (MDE) should help isolate hacked computers from the network, even if they are unmanaged. With this, the group aims to respond to attacks on corporate networks that are carried out indirectly by unattended PCs.
This comes from a report by beeping computer Online review. The new Microsoft Defender for Endpoint feature then prevents attackers and malware from using compromised devices to move laterally across the network. This new feature allows administrators to “contain” unattended Windows devices on their network if they have already been hacked or are suspected of being hacked.
Communication is interrupted
Isolation is then performed by managed devices on the network. When a compromised device is discovered, all communications to and from the device are automatically blocked. According to Microsoft, this should make it harder for attackers to do further damage. “This action can prevent adjacent devices from being compromised while the security operations analyst locates, identifies, and remediates the threat on the compromised device,” Microsoft said in a statement.
Support document for MDE However, the new MDE feature only works with built-in devices running Windows 10 and above or Windows Server 2019 and above. Older versions of Windows cannot be protected in this way. “Only devices running Windows 10 and later will perform the Trapped/Isolated action, meaning only devices running Windows 10 and later that are enrolled in Microsoft Defender for Endpoint on this time block are ‘blocked’ devices” , Microsoft said.
I’m a communications enthusiast and junior writer/reporter at Research Snipers, graduated with a degree in mass communications but am very enthusiastic about new technologies, games and mobile devices. I’m mainly interested in technology and games.