Microsoft Defender
      Back to home
      1. Sittadel Knowledge Base
      2. Management Guides
      3. Microsoft Defender

      Defender for Endpoint Isolation Action

      This guide will show an administrator how to initiate a device isolation on a MDE enrolled machine that is showing signs of compromise.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: TBD

      Domain: TBD

      Modifies: TBD

      Defender for Endpoint Device Isolation

      1. Navigate to the Device Inventory – Microsoft Defender portal, select the device in question.
      2. Select the three dots, locate the Isolate Device option.
      3. A prompt will be generated asking for finalization on the isolation action, select Confirm to complete device isolation.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.