2025年2月4日 · Live response gives security operations teams instantaneous access to a device (also referred to as a machine) using a remote shell connection. Live response gives you the power to do in-depth investigative work and take immediate response actions to promptly contain identified threats in real time.

2025年1月24日 · Learn to run basic or advanced live response commands for Microsoft Defender for Endpoint, and see examples on how they're used.

2024年4月24日 · Runs a sequence of live response commands on a device. Rate limitations for this API are 10 calls per minute (additional requests are responded with HTTP 429). 25 concurrently running sessions (requests exceeding the throttling limit receives a "429 - Too many requests" response).

2023年12月22日 · “Live response gives security operations teams instantaneous access to a device (also referred to as a machine) using a remote shell connection. This gives you the power to do in-depth...

2023年10月26日 · Live Response is a valuable tool that you can add to your incident response toolkit. Live Response provides a remote shell possibility on a compromised device, which allows you to run remote commands to investigate suspicious activity. This blog describes common commands and shows examples.

2024年4月25日 · Microsoft Live Response is a powerful feature included in the Microsoft 365 Defender portal. With the use of Live Response, IT teams can establish a remote session to run remote scripts for...

2023年10月16日 · To run and execute Live Response in M365 Defender on onboarded and Intune devices, you need to configure the following settings in your tenant: Enable Live Response: In the Microsoft 365 Defender portal, go to Settings > Endpoints > Advanced features, and enable the "Live Response" feature.

With Live response, you can hunt for malicious activities and files, collect those files for analysis, run scripts, and remediate threats all remotely. Live response can also be combined with device isolation to truly cut off the potential attack.

2023年8月15日 · Live Response is a powerful feature as part of the Microsoft 365 Defender portal. With the use of Live Response Security Operations Teams can establish a remote session to collect more files/ or forensic evidence/ run scripts remotely.

2023年7月31日 · Live response allows security analysts to connect to an endpoint using a remote shell connection. It provides the means to perform in-depth investigations and materialize incident response actions. Live response includes collecting forensic data, running scripts, sending suspicious entities for analysis, remediating threats, and proactively ...