Forum Discussion
Automated Investigation and Response
Upgraded to Defender for 365 P2 based on the idea of setting automated responses to certain alerts. That's how it was described. Now I'm trying to enable and configure it. The documentation has b...
Hi, yes, unfortunately much of the Automated Investigation and Response configurations in Defender 365 P2 are related to the device groups in Defender for Endpoint. If you are not using Defender for Endpoint, your options are very limited. In fact, the advertised functionality includes XDR integrations that, without the device groups, remain inaccessible.
well that's a bit of a bummer. We use a 3rd party endpoint solution, but by far our biggest threat continues to be email. Was hoping for a better way to deal with quarantine release requests,, etc. Thanks for the reply
