Automate machine isolation with MDATP and Microsoft Flow - YouTube MVP Demo

Question

Learn how to automate suspicious machine isolation with MDATP and Microsoft Flow.
https://www.youtube.com/watch?v=uT2RQf_uPKA
&nbsp;
We are proud of our Security MVPs
&nbsp;
Dan Michelson&nbsp;,&nbsp;@danm332
&nbsp;
&nbsp;

joe stern · Answer

Thanks, Dan. The fileless PowerShell scenario on that page triggered my flow successfully; I'm hoping never to see a real one but I will ready when it comes.

joe stern · Answer

What is a good way to test this flow? The downloads from https://demo.wd.microsoft.com all generate Informational severity alerts.&nbsp;

dan michelson · Answer

Joe Stern&nbsp;
&nbsp;
Have you tried our "Simulations and Tutorials"?
On the upper right side of the MDATP portal you'll find the "?" menu. There you may pick the Simulations menu item and try different scenarios. Most of the attack scenarios will create the alerts you're looking for.
&nbsp;
Please share your feedback.

yulia_alekhina · Answer

Dan Michelson&nbsp;Hi! Does the customer need addtional license for FLOW or what is included to M365 E3 is enough?

Forum Discussion

Automate machine isolation with MDATP and Microsoft Flow - YouTube MVP Demo

4 Replies

Resources