Update feedback-loop-blocking.md

2025-05-28 21:27:23 +00:00 · 2020-05-21 13:52:33 -07:00 · 2020-05-21 13:52:33 -07:00 · 455cd230de
commit 455cd230de
parent 2af807c404
1 changed files with 7 additions and 1 deletions
--- a/windows/security/threat-protection/microsoft-defender-atp/feedback-loop-blocking.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/feedback-loop-blocking.md
@ -24,4 +24,10 @@ ms.collection:
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-## Overview
+## Overview
 Feedback-loop blocking, also referred to as rapid protection, is a component of [behavioral blocking and containment capabilities](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment) in [Microsoft Defender ATP](https://docs.microsoft.com/windows/security/threat-protection/). With feedback-loop blocking, devices in your organization are protected better protected from threats. When a suspicious behavior or file is detected, such as by Microsoft Defender Antivirus, it's treated as a potential false negative. With machine learning and  and is observed more closely. Once confirmed as malicious, on a device is confirmed as malicious, 
 Feedback-loop blocking Within a few moments of confirming a file as malicious, , the file, machine learning models operating on the EDR data, which come with richer granular details, determined the file to be malware, raised an alert, and provided feedback to the rapid protection loop engine. This insight led to the immediate blocking of the file on subsequent machines.
 Behavioral detections feed into protection stack as potential FNs, generating new protection based on patient 0 behavioral intelligence. Patient 1+ are now protected and threats prevented higher in the stack