deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 13:57:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update edr-in-block-mode.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT 2020-05-14 12:03:28 -07:00
parent 7c13472e31
commit 80f3f3ae43
1 changed files with 1 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md
View File

@ -29,7 +29,7 @@ ms.collection:
When [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) (EDR) in block mode is enabled, Microsoft Defender ATP leverages behavioral blocking and containment capabilities by blocking malicious artifacts or behaviors that are observed through post-breach protection. EDR in block mode works behind the scenes to remediate malicious artifacts that are detected post-breach. When [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) (EDR) in block mode is enabled, Microsoft Defender ATP leverages behavioral blocking and containment capabilities by blocking malicious artifacts or behaviors that are observed through post-breach protection. EDR in block mode works behind the scenes to remediate malicious artifacts that are detected post-breach.
> [!NOTE] > [!NOTE]
> EDR in block mode is currently in **[limited private preview](#can-i-participate-in-the-preview-of-edr-in-block-mode)**. To get the best protection, make sure to **[deploy Microsoft Defender ATP baselines](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline)**. > EDR in block mode is currently in preview. To get the best protection, make sure to **[deploy Microsoft Defender ATP baselines](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline)**.
## What happens when something is detected? ## What happens when something is detected?
@ -83,10 +83,6 @@ Because Windows Defender Antivirus detects and remediates malicious items, it's
Cloud protection is needed to turn on the feature on the device. Cloud protection allows [Microsoft Defender ATP](https://docs.microsoft.com/windows/security/threat-protection) to deliver the latest and greatest protection based on our breadth and depth of security intelligence, along with behavioral and machine learning models. Cloud protection is needed to turn on the feature on the device. Cloud protection allows [Microsoft Defender ATP](https://docs.microsoft.com/windows/security/threat-protection) to deliver the latest and greatest protection based on our breadth and depth of security intelligence, along with behavioral and machine learning models.
### Can I participate in the preview of EDR in block mode?
EDR in block mode is currently in limited private preview. If you would like to participate in this private preview program, send email to `shwjha@microsoft.com`.
## Related articles ## Related articles
[Behavioral blocking and containment](behavioral-blocking-containment.md) [Behavioral blocking and containment](behavioral-blocking-containment.md)