Organizations using Microsoft’s Defender for Endpoint will now be able to isolate Linux devices from their networks to stop miscreants from remotely connecting to them.
Users can get to the device page of the Linux systems through the Microsoft 365 Defender portal, where they will see an “Isolate Device” tab in the upper right among other response actions.
Microsoft has outlined the APIs for both isolating the device and releasing it from lock down.
Microsoft Defender ASR rules strip icons, app shortcuts from Taskbar, Start Menu Microsoft and community release scripts to help mitigate Defender mess Microsoft closes another door to attackers by blocking Excel XLL files from the internet If your Start menu or apps are freezing up on Windows, Microsoft has a suggestion.
The Linux device isolation is the latest recent security feature Microsoft has put into the cloud service.
At its Ignite show in October 2022, Microsoft announced it was integrating the Zeek open-source network monitoring platform as a component of Defender for Endpoint for deep packet inspection of network traffic.