deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 05:13:40 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update edr-in-block-mode.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT
2020-04-16 13:25:09 -07:00
parent 4aecc1f767
commit 636f57cf8d
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md
View File

@ -18,7 +18,7 @@ ms.custom:
ms.collection: ms.collection:
--- ---
# Endpoint detection adn response (EDR) in block mode # Endpoint detection and response (EDR) in block mode
**Applies to:** **Applies to:**
@ -29,7 +29,7 @@ ms.collection:
When [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) (EDR) in block mode is enabled, Microsoft Defender ATP leverages behavioral blocking and containment capabilities by blocking malicious artifacts or behaviors that are observed through post-breach protection. EDR in block mode works behind the scenes to remediate malicious entities that are detected post-breach. When [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) (EDR) in block mode is enabled, Microsoft Defender ATP leverages behavioral blocking and containment capabilities by blocking malicious artifacts or behaviors that are observed through post-breach protection. EDR in block mode works behind the scenes to remediate malicious entities that are detected post-breach.
> [!NOTE] > [!NOTE]
> EDR in block mode is currently in **[limited private preview](#can-i-participate-in-the-private-preview-of-edr-in-block-mode)**. To get the best protection, make sure to **[deploy Microsoft Defender ATP baselines](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline)**. > EDR in block mode is currently in **[preview](#can-i-participate-in-the-preview-of-edr-in-block-mode)**. To get the best protection, make sure to **[deploy Microsoft Defender ATP baselines](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline)**.
## What happens when something is detected? ## What happens when something is detected?
@ -83,9 +83,9 @@ The [Microsoft Defender ATP](https://docs.microsoft.com/windows/security/threat-
Cloud protection is needed to turn on the feature on the device. Cloud protection allows [Microsoft Defender ATP](https://docs.microsoft.com/windows/security/threat-protection) to deliver the latest and greatest protection based on the optics received, along with behavioral and machine learning models. Cloud protection is needed to turn on the feature on the device. Cloud protection allows [Microsoft Defender ATP](https://docs.microsoft.com/windows/security/threat-protection) to deliver the latest and greatest protection based on the optics received, along with behavioral and machine learning models.
### Can I participate in the private preview of EDR in block mode? ### Can I participate in the preview of EDR in block mode?
If you would like to participate in our private preview program, please send email to `shwjha@microsoft.com`. If you would like to participate in our private preview program, send email to `shwjha@microsoft.com`.
## See also ## See also