Many times it is not necessary to make stratospheric changes to increase the functionality of a product. With Defender, the same thing has happened that when we go to a mechanic they knew what the point of action was to improve their response to malware attacks.
The Microsoft Defender team has indicated that it has increased endpoint security with a key change in the settings. No, it is not changing a zero for a one but almost. Defender has changed the default from automatic optional malware fixes to fully automatic fixes.
The defender will better protect us against malware attacks
We will explain what the change consists of and why it has not come before. This change means that when Microsoft Defender for Endpoint detects a malicious program or malware on computers on a network, the antivirus will automatically start scanning all threats related to the alert. By analyzing files, processes, services, registry keys, and all other areas where a threat could reside.
“The result of an automated investigation initiated by an alert is a list of related entities. These are found on a device and its results (malicious, suspicious or clean) “ , explains Microsoft in a blog post.
“For any malicious entity, the investigation will create a remedial action. An action that, when approved, will remove or contain a malicious entity that was found in the investigation. Microsoft Defender for Endpoint defines, manages, and executes these actions without the security operations team having to remotely connect to the device. “
The actions taken depend on the level of device automation that has been configured. Previously, Microsoft Defender for Endpoints customers who opted for public previews were placed on “Semi.” This required approval for any correction. Soon, they will be moved to the “Full” setting, which allows Windows 10 to fix threats automatically.
As always, we are faced with a situation in which if we have greater control we react more slowly. However, if Microsoft Defender is given greater control, it is possible to have a faster response and that the malware does not affect multiple computers.