EDR in block mode using phased approach

Harithacissp · ‎Aug 04 2021

HI Team

Cannot we enable block mode on some machines and audit mode on some machines for ATP/EDR? In Mcafee and other vendors, we have an option to deploy EDR in audit mode on some machines and block mode on others. DO wehave same in MS here. Please elaborate.

Ambarish RH · ‎Aug 06 2021

@Harithacissp EDR in block mode provides an additional layer of protections against malicious artifacts when Microsoft Defender Av is not the primary product and is running in passive mode. Please check the official document for more info

Endpoint detection and response in block mode | Microsoft Docs

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

EDR in block mode using phased approach

EDR in block mode using phased approach

Re: EDR in block mode using phased approach