deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 04:43:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

AH-cust-det

Browse Source
This commit is contained in:
lomayor
2019-09-26 14:49:14 -07:00
parent cf06fae5d2
commit 1528c8d644
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
View File

@ -116,3 +116,5 @@ You can also take the following actions on the rule from this page:
## Related topic
- [Custom detections overview](overview-custom-detections.md)
- [Advanced hunting overview](overview-hunting.md)
- [Learn the Advanced hunting query language](advanced-hunting.md)

5
windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md
View File

@ -28,11 +28,12 @@ With custom detections, you can proactively monitor for and respond to various e
Custom detections work with [Advanced hunting](overview-hunting.md), which provides a powerful, flexible query language that covers a broad set of event and system information from your network. The queries run every 24 hours, generating alerts and taking response actions whenever there are matches.
Custom detections provide:
- Alerts from rule-based detections built from Advanced hunting queries
- Alerts for rule-based detections built from Advanced hunting queries
- Automatic response actions that apply to files and machines
>[!NOTE]
>To create and manage custom detections, [your role](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) needs to have the **manage security settings** permission.
## Related topic
- [Create and manage custom detection rules](custom-detection-rules.md)
- [Create and manage custom detection rules](custom-detection-rules.md)
- [Advanced hunting overview](overview-hunting.md)