diff --git a/windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md b/windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md index b6f5c0c088..d598f44125 100644 --- a/windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md @@ -17,7 +17,7 @@ author: mjcaparas [Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] -As a security operations team member, you can manage Windows Defender ATP alerts as part of your routine activities. Alerts will appear in the respective queues according to their current status. +As a security operations team member, you can manage Windows Defender Advanced Threat Protection alerts as part of your routine activities. Alerts will appear in the respective queues according to their current status. To see a list of alerts, click any of the queues under the **Alerts queue** option in the navigation pane. diff --git a/windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md b/windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md index e55f55d13f..0bc814cded 100644 --- a/windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md @@ -21,7 +21,7 @@ The **Dashboard** displays a snapshot of: - The latest active alerts on your network - Machines reporting - Top machines with active alerts -- The overall status of Windows Defender ATP for the past 30 days +- The overall status of Windows Defender Advanced Threat Protection for the past 30 days - Machines with active malware detections You can explore and investigate alerts and machines to quickly determine if, where, and when suspicious activities occurred in your network to help you understand the context they appeared in. diff --git a/windows/keep-secure/data-storage-privacy-windows-defender-advanced-threat-protection.md b/windows/keep-secure/data-storage-privacy-windows-defender-advanced-threat-protection.md index 36b6aa5b3f..5d49aaeb12 100644 --- a/windows/keep-secure/data-storage-privacy-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/data-storage-privacy-windows-defender-advanced-threat-protection.md @@ -18,7 +18,7 @@ ms.sitesec: library [Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] This section covers some of the most frequently asked questions regarding privacy and data handling for Windows Defender ATP. -> **Note**  This document covers the information specific to the Windows Defender ATP service. Other data shared and stored by Windows Defender and Windows 10 is covered under the [Microsoft Privacy Statement](https://privacy.microsoft.com/en-us/privacystatement). See the [Windows 10 privacy FAQ for more information](http://windows.microsoft.com/en-au/windows-10/windows-privacy-faq). +> **Note**  This document covers the information specific to the Windows Defender ATP service. Other data shared and stored by Windows Defender and Windows 10 is covered under the [Microsoft Privacy Statement](https://privacy.microsoft.com/en-us/privacystatement). See the [Windows 10 privacy FAQ for more information](http://windows.microsoft.com/en-au/windows-10/windows-privacy-faq). ## What data does Windows Defender ATP collect? diff --git a/windows/keep-secure/investigate-alerts-windows-defender-advanced-threat-protection.md b/windows/keep-secure/investigate-alerts-windows-defender-advanced-threat-protection.md index 43c25ad0dd..90719ac04e 100644 --- a/windows/keep-secure/investigate-alerts-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/investigate-alerts-windows-defender-advanced-threat-protection.md @@ -16,7 +16,7 @@ ms.sitesec: library [Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] -Alerts in Windows Defender ATP indicate possible security breaches on endpoints in your organization. +Alerts in Windows Defender Advanced Threat Protection indicate possible security breaches on endpoints in your organization. There are three alert severity levels, described in the following table. diff --git a/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md b/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md index 90383bc9b3..a4f830d411 100644 --- a/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md @@ -58,7 +58,7 @@ Results of deep analysis are matched against threat intelligence and any matches Use the deep analysis feature to investigate the details of any file, usually during an investigation of an alert or for any other reason where you suspect malicious behavior. This feature is available in the context of the file view. -In the file's page, **Submit for deep analysis** is enabled when the file is available in the Windows Defender ATP backend sample collection or if it was observed on a Windows 10 machine that supports submitting to deep analysis. +In the file's page, **Submit for deep analysis** is enabled when the file is available in the Windows Defender Advanced Threat Protection backend sample collection or if it was observed on a Windows 10 machine that supports submitting to deep analysis. > **Note**  Only files from Windows 10 can be automatically collected. diff --git a/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md b/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md index ccd4c5269f..b378be249e 100644 --- a/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md @@ -88,7 +88,7 @@ When you investigate a specific machine, you'll see: - **Alerts related to this machine** - **Machine timeline** -The machine details, IP, and reporting sections display some attributes of the machine such as its name, domain, OS, IP address, and how long it's been reporting telemetry to the Windows Defender ATP service. +The machine details, IP, and reporting sections display some attributes of the machine such as its name, domain, OS, IP address, and how long it's been reporting telemetry to the Windows Defender Advanced Threat Protection service. The **Alerts related to this machine** section provides a list of alerts that are associated with the machine. This list is a simplified version of the [Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md), and shows the date that the alert was detected, a short description of the alert, the alert's severity, the alert's threat category, and the alert's status in the queue. diff --git a/windows/keep-secure/manage-alerts-windows-defender-advanced-threat-protection.md b/windows/keep-secure/manage-alerts-windows-defender-advanced-threat-protection.md index 8be3991989..9030f5baf3 100644 --- a/windows/keep-secure/manage-alerts-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/manage-alerts-windows-defender-advanced-threat-protection.md @@ -16,7 +16,7 @@ ms.sitesec: library [Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] -Windows Defender ATP notifies you of detected, possible attacks or breaches through alerts. A summary of new alerts is displayed in the **Dashboard**, and you can access all alerts in the **Alerts queue** menu. +Windows Defender Advanced Threat Protection notifies you of detected, possible attacks or breaches through alerts. A summary of new alerts is displayed in the **Dashboard**, and you can access all alerts in the **Alerts queue** menu. See the [Investigate Windows Defender ATP alerts](investigate-alerts-windows-defender-advanced-threat-protection.md#investigate-windows-defender-advanced-threat-protection-alerts) topic for more details on how to investigate alerts. @@ -138,4 +138,3 @@ Changes are indicated by a clock icon (![The changes icon looks like an analog c - [Investigate a file associated with a Windows Defender ATP alert](investigate-files-windows-defender-advanced-threat-protection.md) - [Investigate an IP address associated with a Windows Defender ATP alert](investigate-ip-windows-defender-advanced-threat-protection.md) - [Investigate a domain associated with a Windows Defender ATP alert](investigate-domain-windows-defender-advanced-threat-protection.md) - diff --git a/windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md b/windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md index 0044cd4e74..994416c82c 100644 --- a/windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/minimum-requirements-windows-defender-advanced-threat-protection.md @@ -29,7 +29,7 @@ service onboarding to manage user-based access to the [Windows Defender ATP port or email [winatp@microsoft.com](mailto:winatp@microsoft.com).--> When you run the onboarding wizard for the first time, you must choose -where your Windows Defender ATP-related information is stored: in either +where your Windows Defender Advanced Threat Protection-related information is stored: in either a European or United States datacenter. > **Notes**   @@ -49,7 +49,7 @@ Server and mobile versions of Windows are not supported. Internet connectivity on endpoints is also required. See [Configure Windows Defender ATP endpoint proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md) - additional proxy configuration settings. + for additional proxy configuration settings. Before you configure endpoints, the telemetry and diagnostics service must be enabled. The service is enabled by default in Windows 10 TAP, but if it has been disabled you can turn it on by following the instructions in the [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) section. diff --git a/windows/keep-secure/monitor-onboarding-windows-defender-advanced-threat-protection.md b/windows/keep-secure/monitor-onboarding-windows-defender-advanced-threat-protection.md index d5367bfeee..cf392f9b76 100644 --- a/windows/keep-secure/monitor-onboarding-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/monitor-onboarding-windows-defender-advanced-threat-protection.md @@ -17,7 +17,7 @@ author: mjcaparas [Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] -You can monitor the onboarding of the Windows Defender ATP service to ensure your endpoints are correctly configured and are sending telemetry reports. +You can monitor the onboarding of the Windows Defender Advanced Threat Protection service to ensure your endpoints are correctly configured and are sending telemetry reports. You might need to monitor the onboarding if the package did not configure the registry correctly, or the reporting client did not start or execute correctly. diff --git a/windows/keep-secure/onboard-configure-windows-defender-advanced-threat-protection.md b/windows/keep-secure/onboard-configure-windows-defender-advanced-threat-protection.md index 09216ea210..408d36c2fe 100644 --- a/windows/keep-secure/onboard-configure-windows-defender-advanced-threat-protection.md +++ b/windows/keep-secure/onboard-configure-windows-defender-advanced-threat-protection.md @@ -2,14 +2,14 @@ title: Onboard endpoints and set up the Windows Defender ATP user access description: Set up user access in Azure Active Directory and use Group Policy or do manual registry changes to onboard endpoints to the service. keywords: onboarding, windows defender advanced threat protection onboarding, windows atp onboarding -search.product: eADQiWindows 10XVcnh +search.product: eADQiWindows 10XVcnh ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library author: iaanw --- -# Onboard and set up Windows Defender Advanced Threat Protection +# Onboard and set up Windows Defender Advanced Threat Protection **Applies to:** @@ -17,7 +17,7 @@ author: iaanw [Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] -You need to onboard to Windows Defender ATP before you can use the service. +You need to onboard to Windows Defender Advanced Threat Protection before you can use the service.