Microsoft Defender for Endpoint – Automation defaults are changing

Microsoft Defender for Endpoint – Automation defaults are changing

Microsoft is about to increase your automated protection by an average of 40% by setting your default automation level to Full – remediate threats automatically. This change comes after a lengthy measurement and validation period, and making this change with a high level of confidence and minimum risk.

Data collected and analyzed over the past year shows that customers who are using full automation have had 40% more high-confidence malware samples removed than customers using lower levels of automation. Full automation also frees up customers’ critical security resources so they can focus more on their strategic initiatives.

When will this happen:

Microsoft will roll out this change on February 16, 2021

How this affects your organization:

On February 16, 2021, your tenant’s default automation level will change from Semi – require approval for any remediation to Full – remediate threats automatically. You’ll be able to review completed actions in the Action Center, and if necessary, you can undo an action that was taken. This change does not impact or override device group definitions that you are using to control your automation level.

What you need to do to prepare:

You can keep your default automation level(recommended) or change it according to your organizational needs. See adjust your device group settings.

No Comments

Sorry, the comment form is closed at this time.