Microsoft Defender for Endpoint, Microsoft's endpoint security platform, is being updated to better protect organizations against ransomware and other cyber threats.

In a recent announcement (opens in a new tab), the company said that by having certain features enabled by default, businesses will have a better chance against evolving cyber-attacks with a feature it simply calls "Built-in Protection."

“For the best protection against ransomware and other cyber threats, certain settings must be configured,” the Redmond giant explained. "Built-in protection can help by providing default settings for better protection."


Built-in protection is described as a "set of default settings" that the company implements for Defender for Endpoint. Tamper protection is one such setting, but Microsoft said other default settings will be available soon.

Defender for Endpoint users can expect to receive two types of notifications: a message center post announcing the imminent arrival of built-in protection, and a banner in the Microsoft 365 Defender portal announcing automatic activation of tamper protection.

In case you're wondering, you can always turn off built-in protection by specifying your own security settings, Microsoft explained. However, the company does not recommend it.

“Tamper Protection gives you better protection against ransomware. You must be a global administrator or a security administrator to perform the following procedure », she warns.

Still, those who want to disable the feature can head over to the Microsoft 365 Defender portal, navigate to Settings > Endpoints > Advanced features and turn on tamper protection (if it's not already enabled), tap Save, and then configure tamper protection. . Shutdown (and save again).

The built-in protection feature began rolling out to Defender for Office 365 users in November last year, protecting users against suspicious links and attachments in emails.

Via: BleepingComputer (Opens in a new tab)

Share This