Jan 31, 2023

Microsoft Defender can now isolate compromised Linux endpoints

Posted by in category: computing

Microsoft announced today that it added device isolation support to Microsoft Defender for Endpoint (MDE) on onboarded Linux devices.

Enterprise admins can manually isolate Linux machines enrolled as part of a public preview using the Microsoft 365 Defender portal or via API requests.

Once isolated, threat actors will no longer have a connection to the breached system, cutting off their control and blocking malicious activity like data theft.

Comments are closed.