Forum Discussion
Solved
Dynamic Blocklist in Microsoft Defender XDR
Hello Community,
I have one question, and i think that is a request that could be useful to everyone.
We have a Dynamic list that are published over internet in read-only (into this list we put ioc like malicious domain or bad ip reputation) is a txt file.
There are a possibility from MDE o MDC to block all connection to this ioc ?
or MDE and MDC not support Dynamic BLocklist ?
Regards,
Guido
Hi GuidoImpe,
Currently, as far as i know, MDE and MDC don’t directly support blocking based on a dynamic blocklist (like a txt file with IOCs). You can integrate threat intelligence, but automatic blocking of dynamic IOCs in real-time would require a more manual or custom setup, such as using custom indicators in Defender or leveraging third-party solutions.
Hope that helps!
Regards,
Hi GuidoImpe,
Currently, as far as i know, MDE and MDC don’t directly support blocking based on a dynamic blocklist (like a txt file with IOCs). You can integrate threat intelligence, but automatic blocking of dynamic IOCs in real-time would require a more manual or custom setup, such as using custom indicators in Defender or leveraging third-party solutions.
Hope that helps!
Regards,
