Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

ATP defender remediation slowness

Copper Contributor

Hello community,
we are testing ATP Defender for endpoints in a test tenant.
We are running a simple test with EICAR test file and another test with a simulation file provided by Microsoft in tutorials page. Automated remediation is enabled and we noticed alerts are running for long time : EICAR 41 minutes to complete the automated investigation!
The other alert that use powershell scripts and it's more complex but 1h and 10 minutes to complete the remediation.
The API logs shows a status of active for this time, what is behind slowness?
Screenshots are in attachment.

0 Replies