The "QuickAction - Remediation Menu for MS Defender for Endpoint" workflow template provides a streamlined solution for IT security teams to quickly address potential threats on devices managed by Microsoft Defender for Endpoint. This workflow allows users to initiate antivirus scans, isolate devices, or release them from isolation, all from a centralized menu. By automating these critical remediation actions, organizations can enhance their incident response efficiency and minimize potential security risks.

Workflow Breakdown

Vendors

Utils, Microsoft Defender for Endpoint, Torq Cases

Workflow Template: Run LiveResponses on Microsoft Defender for Endpoint

Microsoft Defender for Endpoint

Workflow Template: QuickAction - Isolate or Release a Device on MS Defender Endpoint

Workflow Template: QuickAction - Scan Device on MS Defender for Endpoint

Workflow Template: QuickAction - Fetch a File from Device on MS Defender Endpoint

Workflow Template: QuickAction - Remediation Menu for MS Defender for Endpoint

Workflow Breakdown

Vendors