The change in the default automation level from Semi to Full comes after the discovery that organizations that use full automation by default were more successful at addressing and containing threats.
The anti-virus software automatically starts analyzing all threats related to the alert when it detects malicious software within the network’s computers.
It also looks into files, processes, services, registry keys, and all other areas where the threat might exist.
Microsoft explains in a blog post, saying: The automated investigation that started with the alert provides a list of the relevant entities that were found on a device and their provisions (harmful, suspicious, or clean).
For any harmful party, the investigation creates a correction procedure, which, when approved, removes the harmful party found in the investigation.
These actions are identified, managed, and implemented by Microsoft Defender without the security operations team having to remotely contact the device.
The actions taken depend on the device settings level, as Microsoft Defender was previously set to the Semi setting For customers who have chosen Public Previews.
This required approval of any fix, and these clients are soon being taken to full setup, which allows Windows 10 to automatically handle threats.
Microsoft has made some improvements to the automatic malware detection feature since its first launch.
The accuracy of malware detection has been enhanced, so there should be fewer infections and false positives, and in addition, the feature now has better automated investigation capabilities.
According to Microsoft, customers using full automation removed 40 percent of highly trusted malware samples compared to customers who used lower levels of automation.
Microsoft said: “Full automation brings critical security resources to our customers so they can focus more on their strategic initiatives.
Microsoft is automatically heading from February 16, 2021 Upgrade organizations that choose public previews in Microsoft Defender to fully automated threat handling.