Microsoft announced today that it added device isolation support to Microsoft Defender for Endpoint (MDE) on onboarded Linux devices.
Enterprise admins can manually isolate Linux machines enrolled as part of a public preview using the Microsoft 365 Defender portal or via API requests.
Once isolated, threat actors will no longer have a connection to the breached system, cutting off their control and blocking malicious activity like data theft.
Comments are closed.