Predictive Shielding - 1

2026 (2)

April (1)

security: Containing a domain compromise: How predictive shielding shut down lateral movement

Microsoft Security Blog

2026-04-17

Microsoft describes a real-world domain compromise where exposure-based containment and predictive shielding slowed attacker activity, stopped credential abuse, and disrupted lateral movement. The post focuses on how containment reduced the threat actor’s momentum during the incident.

March (1)

security: Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started

Microsoft Security Blog

2026-03-23

Microsoft Defender blocked a human-operated ransomware attack that used Group Policy Objects (GPOs) to disable defenses and deploy encryption at scale. Predictive shielding hardened 700 devices in time, preventing any GPO-based encryptions and blocking most of the attempted impact.