deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-18 16:27:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

new section

Browse Source
This commit is contained in:
Beth Levin 2020-05-05 11:53:00 -07:00
parent a9fe3582bd
commit 016f4be8a1
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md
View File

@ -30,7 +30,7 @@ Event timeline also tells the story of your [exposure score](tvm-exposure-score.
You can access Event timeline mainly through three ways:
- In the Threat & Vulnerability Management navigation menu in the Microsoft Defender Security Center.
- In the Threat & Vulnerability Management navigation menu in the Microsoft Defender Security Center
- Top events card in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md). The highest impact events (for example, affect the most machines or critical vulnerabilities)
- Hovering over the Exposure Score graph in the [Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md)

10
windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
View File

@ -77,7 +77,7 @@ The color of the **Exposed machines** graph changes as the trend changes. If the
Useful icons also quickly calls your attention to: <ul><li> ![arrow hitting a target](images/tvm_alert_icon.png) possible active alerts</li><li>![red bug](images/tvm_bug_icon.png) associated public exploits</li><li>![light bulb](images/tvm_insight_icon.png) recommendation insights</li></ul><br>
### Investigate
### Explore security recommendation options
Select the security recommendation that you want to investigate or process.
@ -94,6 +94,14 @@ From the flyout, you can do any of the following:
>[!NOTE]
>When a change is made on a machine, it may take up to two hours for the data to be reflected in the Microsoft Defender Security Center.
### Investigate changes in machine exposure or impact
If there is a large jump in the number of exposed machines, or a sharp increase in the impact on your organization exposure score and configuration score, then that security recommendation is worth investigating.
1. Select the recommendation and **Open software page**
2. Select the **Event timeline** tab to view all the impactful events related to that software, such as new vulnerabilities or new public exploits. [Learn more about event timeline](threat-and-vuln-mgt-event-timeline.md)
3. Decide how to address the increase or your organization's exposure, such as submitting a remediation request
## Request remediation
The Threat & Vulnerability Management capability in Microsoft Defender ATP bridges the gap between Security and IT administrators through the remediation request workflow. Security admins like you can request for the IT Administrator to remediate a vulnerability from the **Security recommendation** pages to Intune.