Microsoft says the Microsoft Defender Advanced Threat Protection (ATP) endpoint security platform now can contain malicious behavior on enterprise devices using the new endpoint detection and response (EDR) in block mode capability. The feature is currently in public preview and it uses behavioral blocking to block and contain malware, malicious attacks, and malicious artifacts following post-breach detection or if they’re missed by the main antivirus solution. The new feature works on all Windows 10 versions and on Windows Server 2016 or later.
Source: https://www.bleepingcomputer.com/news/security/microsoft-defender-atp-adds-new-malicious-behavior-blocking-feature/