This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Can Microsoft XDR perform isolation by its own if remediation level is set to fully?
An integrated threat protection solution designed to detect, investigate, and respond to cyber threats across Microsoft 365 services.
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
Answer accepted by question author
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 72%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESD%3C/text%3E%3C/svg%3E)
Your welcome, Foram!
To assist others facing similar issues, please consider rating the thread. The Microsoft Community is always here to help with any questions regarding Microsoft products.
Wishing you a wonderful week ahead.
Hi,
I'm Sumit, here to answer your query at the Microsoft Community.
Apologies for any inconvenience you are experiencing. I am happy to help you today.
Absolutely! Microsoft Defender XDR has a cool feature that allows it to automatically isolate devices if the automated investigation and remediation setting is on "fully automated remediation."
When an alert triggers an automated investigation, and the system decides that isolating a device is necessary due to a threat, it can take care of that all by itself.
The investigation process helps identify what actions need to be taken, and if it’s set up this way, the system can perform actions like device isolation automatically without needing a thumbs-up from someone. Device isolation is really important since it helps stop threats from spreading throughout the network.
You can tweak the level of automation, including the option to automatically isolate devices, for specific device groups within Microsoft Defender for Endpoint, which works seamlessly with Microsoft Defender XDR.
Reference:
https://learn.microsoft.com/en-us/defender-xdr/...
I hope this information is helpful. If you have any further questions, please feel free to reach out to us. Good luck!
Thank You Sumit