From cd4b4f3b44d83bfd78f3a4130d8ac242e223eec1 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Wed, 10 Jun 2020 09:08:47 -0700 Subject: [PATCH 1/3] Update surface-enterprise-management-mode.md --- devices/surface/surface-enterprise-management-mode.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/devices/surface/surface-enterprise-management-mode.md b/devices/surface/surface-enterprise-management-mode.md index d44626e6a8..c983e5f0f5 100644 --- a/devices/surface/surface-enterprise-management-mode.md +++ b/devices/surface/surface-enterprise-management-mode.md @@ -32,6 +32,9 @@ There are two administrative options you can use to manage SEMM and enrolled Sur The primary workspace of SEMM is Microsoft Surface UEFI Configurator, as shown in Figure 1. Microsoft Surface UEFI Configurator is a tool that is used to create Windows Installer (.msi) packages or WinPE images that are used to enroll, configure, and unenroll SEMM on a Surface device. These packages contain a configuration file where the settings for UEFI are specified. SEMM packages also contain a certificate that is installed and stored in firmware and used to verify the signature of configuration files before UEFI settings are applied. +>[!NOTE] +>You can now use Surface UEFI Configurator and SEMM to manage ports on Surface Dock 2. To learn more, see [Secure Surface Dock 2 ports with SEMM](secure-surface-dock-ports-semm.md). + ![Microsoft Surface UEFI Configurator](images/surface-ent-mgmt-fig1-uefi-configurator.png "Microsoft Surface UEFI Configurator") *Figure 1. Microsoft Surface UEFI Configurator* @@ -282,6 +285,6 @@ This version of SEMM includes: ## Related topics -[Enroll and configure Surface devices with SEMM](enroll-and-configure-surface-devices-with-semm.md) - -[Unenroll Surface devices from SEMM](unenroll-surface-devices-from-semm.md) +- [Enroll and configure Surface devices with SEMM](enroll-and-configure-surface-devices-with-semm.md) +- [Unenroll Surface devices from SEMM](unenroll-surface-devices-from-semm.md) +- [Secure Surface Dock 2 ports with SEMM](secure-surface-dock-ports-semm.md) From abdc7edd5c7f59196f486aab7ca902dc9895afb6 Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Wed, 10 Jun 2020 11:36:58 -0700 Subject: [PATCH 2/3] pencil edit --- devices/surface/secure-surface-dock-ports-semm.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface/secure-surface-dock-ports-semm.md b/devices/surface/secure-surface-dock-ports-semm.md index dfd2d40c11..266f6d92cf 100644 --- a/devices/surface/secure-surface-dock-ports-semm.md +++ b/devices/surface/secure-surface-dock-ports-semm.md @@ -38,7 +38,7 @@ Restricting Surface Dock 2 to authorized persons signed into a corporate host de This section provides step-by-step guidance for the following tasks: -1. Install [**Surface UEFI Configurator**](https://www.microsoft.com/en-us/download/details.aspx?id=46703). +1. Install [**Surface UEFI Configurator**](https://www.microsoft.com/download/details.aspx?id=46703). 1. Create or obtain public key certificates. 1. Create an .MSI configuration package. 1. Add your certificates. From 4fd793c680f5219bd2c217c24c4bcd1a7cbf9d40 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Wed, 10 Jun 2020 14:19:23 -0700 Subject: [PATCH 3/3] simplifying story --- .../tvm-exposure-score.md | 21 +------------------ .../tvm-security-recommendation.md | 2 +- 2 files changed, 2 insertions(+), 21 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md index 0305625c65..023e88ad09 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md @@ -49,26 +49,7 @@ You can remediate the issues based on prioritized [security recommendations](tvm ## Reduce your threat and vulnerability exposure -To lower your threat and vulnerability exposure, follow these steps. - -1. Review the **Top security recommendations** from your [**Threat & Vulnerability Management dashboard**](tvm-dashboard-insights.md) and select an item on the list. - - ![Example of Top security recommendations card, with four security recommendations.](images/top-security-recommendations350.png) - - Always prioritize recommendations that are associated with ongoing threats: - - - ![Red bug](images/tvm_bug_icon.png) Threat insight icon - - ![Arrow hitting a target](images/tvm_alert_icon.png) Active alert icon - -2. The **Security recommendations** page will open, and a flyout for the recommendation you selected will open. The flyout panel will display a description of what you need to remediate, number of vulnerabilities, associated exploits in machines, number of exposed machines and their machine names, business impact, and a list of CVEs. Select **Open software page** option from the flyout panel. ![Example of security recommendations page with the flyout "Update Windows Server 2019" open.](images/tvm_security_recommendations_page.png) - -3. Select **Installed machines** and then the affected machine from the list. A flyout panel will open with the relevant machine details, exposure and risk levels, alert and incident activities. ![Example of the software page for Git, and a flyout open for a selected machine.](images/tvm_software_page_details.png) - -4. Click **Open machine page** to connect to the machine and apply the selected recommendation. See [Investigate machines in the Microsoft Defender ATP Machines list](investigate-machines.md) for details. ![Example of a machine page.](images/tvm_machine_page_details.png) - -5. Allow a few hours for the changes to propagate in the system. - -6. Review the machine **Security recommendation** tab again. The recommendation you've chosen to remediate is removed from the security recommendation list, and the exposure score decreases. +Lower your threat and vulnerability exposure by remediating [security recommendations](tvm-security-recommendation.md). Make the most impact to your exposure score by remediating the top security recommendations, which can be viewed in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md). ## Related topics diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md index c3e900103b..16f53d738f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md @@ -85,7 +85,7 @@ Select the security recommendation that you want to investigate or process. From the flyout, you can do any of the following: -- **Open software page** - Open the software page to get more context of the software details, prevalence in the organization, weaknesses discovered, version distribution, software or software version end-of-support, and charts of the exposure trend over time. +- **Open software page** - Open the software page to get more context on the software and how it is distributed. The information can include threat context, associated recommendations, weaknesses discovered, number of exposed devices, discovered vulnerabilities, names and detailed of devices with the software installed, and version distribution. - **Remediation options** - Submit a remediation request to open a ticket in Microsoft Intune for your IT Administrator to pick up and address.