We added user containment to the automatic attack disruption capability in Microsoft Defender for Endpoint, a unique and innovative defense mechanism that stops human-operated attacks in their tracks. User containment is automatically triggered by high-fidelity signals and limits attackers’ ability to move laterally within a network regardless of the compromised account’s Active Directory state or privilege level.
The post Automatic disruption of human-operated attacks through containment of compromised user accounts appeared first on Microsoft Security Blog.
This article has been indexed from Microsoft Security Blog