Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Automate machine isolation with MDATP and Microsoft Flow - YouTube MVP Demo

Microsoft

Learn how to automate suspicious machine isolation with MDATP and Microsoft Flow.

https://www.youtube.com/watch?v=uT2RQf_uPKA

 

We are proud of our Security MVPs

 

@Dan Michelson , @danm332

 

 

4 Replies

What is a good way to test this flow? The downloads from https://demo.wd.microsoft.com all generate Informational severity alerts. 

@Joe Stern 

 

Have you tried our "Simulations and Tutorials"?

On the upper right side of the MDATP portal you'll find the "?" menu. There you may pick the Simulations menu item and try different scenarios. Most of the attack scenarios will create the alerts you're looking for.

 

Please share your feedback.

Thanks, Dan. The fileless PowerShell scenario on that page triggered my flow successfully; I'm hoping never to see a real one but I will ready when it comes.

@Dan Michelson Hi! Does the customer need addtional license for FLOW or what is included to M365 E3 is enough?