Microsoft is introducing a new capability in Defender for Endpoint that automatically blocks communication with undiscovered devices to prevent lateral movement by attackers. This feature isolates the IP addresses of unboarded devices, ensuring they cannot communicate with other devices on the network. Admins can easily manage the containment through the Action Center whenever necessary.