deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 22:37:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merged PR 4439: Merge atp-typo to master

Browse Source
This commit is contained in:
Joey Caparas 2017-11-10 23:14:13 +00:00
commit 187177707b
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
windows/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md
View File

@ -20,6 +20,8 @@ ms.date: 11/08/2017
- Linux - Linux
- Windows Defender Advanced Threat Protection (Windows Defender ATP) - Windows Defender Advanced Threat Protection (Windows Defender ATP)
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-nonwindows-abovefoldlink)
[!include[Prerelease information](prerelease.md)] [!include[Prerelease information](prerelease.md)]
Windows Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in the Windows Defender ATP portal and better protect your organization's network. This experience leverages on a third-party security products sensor data. Windows Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in the Windows Defender ATP portal and better protect your organization's network. This experience leverages on a third-party security products sensor data.

4
windows/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md
View File

@ -124,7 +124,7 @@ In addition to the ability of containing an attack by stopping malicious process
>[!IMPORTANT] >[!IMPORTANT]
> - This action is available for machines on Windows 10, version 1709 or later. > - This action is available for machines on Windows 10, version 1709 or later.
> - This action needs to meet the Windows Defender Application Control code integrity policy formas and signing requirements. For more information, see [Code integrity policy formats and signing](https://docs.microsoft.com/en-us/windows/device-security/device-guard/requirements-and-deployment-planning-guidelines-for-device-guard#code-integrity-policy-formats-and-signing). > - This action needs to meet the Windows Defender Application Control code integrity policy formats and signing requirements. For more information, see [Code integrity policy formats and signing](https://docs.microsoft.com/en-us/windows/device-security/device-guard/requirements-and-deployment-planning-guidelines-for-device-guard#code-integrity-policy-formats-and-signing).
The action to restrict an application from running applies a code integrity policy that only allows running of files that are signed by a Microsoft issued certificate. This method of restriction can help prevent an attacker from controlling compromised machines and performing further malicious activities. The action to restrict an application from running applies a code integrity policy that only allows running of files that are signed by a Microsoft issued certificate. This method of restriction can help prevent an attacker from controlling compromised machines and performing further malicious activities.
@ -180,7 +180,7 @@ Depending on the severity of the attack and the sensitivity of the machine, you
>[!IMPORTANT] >[!IMPORTANT]
>- Full isolation is available for machines on Windows 10, version 1703. >- Full isolation is available for machines on Windows 10, version 1703.
>- Selective isolation is available for machines on Windows 10, version 1709 or later. >- Selective isolation is available for machines on Windows 10, version 1709 or later.
>-
This machine isolation feature disconnects the compromised machine from the network while retaining connectivity to the Windows Defender ATP service, which continues to monitor the machine. This machine isolation feature disconnects the compromised machine from the network while retaining connectivity to the Windows Defender ATP service, which continues to monitor the machine.