deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 14:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Updated tvm-dashboard-insights.md

Browse Source
This commit is contained in:
Dolcita Montemayor 2019-04-10 21:41:08 +00:00
parent 24925a4c72
commit 1d8538dc13
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
windows/security/threat-protection/windows-defender-atp/tvm-dashboard-insights.md
View File

@ -35,7 +35,7 @@ You can use [Windows Defender Security Center](https://securitycenter.windows.co
## Windows Defender Security Center ## Windows Defender Security Center
When you open the portal, youll see the main areas of the application: When you open the portal, youll see the main areas of the application:
![Microsoft Defender Advanced Threat Protection portal](images/dashboard.png) ![Microsoft Defender Advanced Threat Protection portal](images/tvm_dashboard.png)
- (1) Menu in the navigation pane - (1) Menu in the navigation pane
- (2) Threat & Vulnerability Management icon - (2) Threat & Vulnerability Management icon
@ -55,14 +55,14 @@ Area | Description
**Remediation** | See the remediation activity, related component, remediation type, status, due date, option to export the remediation progress data to CSV, exceptions, and its corresponding details. **Remediation** | See the remediation activity, related component, remediation type, status, due date, option to export the remediation progress data to CSV, exceptions, and its corresponding details.
**Software inventory** | See the list of applications, versions, weaknesses, whether theres an exploit found on the application, prevalence in the organization, how many were installed, how many exposed devices are there, and the numerical value of the impact. You can select each item in the list and opt to open the software page which shows the vulnerabilities and misconfigurations associated and its machine and version distribution details. **Software inventory** | See the list of applications, versions, weaknesses, whether theres an exploit found on the application, prevalence in the organization, how many were installed, how many exposed devices are there, and the numerical value of the impact. You can select each item in the list and opt to open the software page which shows the vulnerabilities and misconfigurations associated and its machine and version distribution details.
(3) Threat & Vulnerability Management dashboard | Access the **Exposure score**, **Configuration score**, **Exposure distribution**, **Top security recommendations**, **Top vulnerable software**, **Top remediation activities**, **Top exposed machines**, and **Threat campaigns**. (3) Threat & Vulnerability Management dashboard | Access the **Exposure score**, **Configuration score**, **Exposure distribution**, **Top security recommendations**, **Top vulnerable software**, **Top remediation activities**, **Top exposed machines**, and **Threat campaigns**.
**Organization Exposure score** | Shows the current state of your organizations device exposure to threats and vulnerabilities. Several factors affect your organizations exposure score: weaknesses discovered in your devices, likelihood of your devices to be breached, value of the devices to your organization, and relevant alerts discovered with your devices. The goal is to lower down your organizations exposure score to be more secure. **Organization Exposure score** | See the current state of your organizations device exposure to threats and vulnerabilities. Several factors affect your organizations exposure score: weaknesses discovered in your devices, likelihood of your devices to be breached, value of the devices to your organization, and relevant alerts discovered with your devices. The goal is to lower down your organizations exposure score to be more secure.
**MDATP Configuration score** | Shows the security posture of your organizations operating system, applications, network, accounts and security controls. The goal is to increase your configuration score by remediating the related security configuration issues. You can click the bars and it will take you to the **Security reccommendation** page for details. **MDATP Configuration score** | See the security posture of your organizations operating system, applications, network, accounts and security controls. The goal is to increase your configuration score by remediating the related security configuration issues. You can click the bars and it will take you to the **Security reccommendation** page for details.
**Machine exposure distribution** | Shows how many machines are exposed based on their exposure level. You can click the sections in the doughnut chart and it will take you to the **Machines list page** where you'll see the affected machine names, exposure level side by side with risk level, among other details such as domain, OS platform, its health state, when it was last seen, and its tags. **Machine exposure distribution** | See how many machines are exposed based on their exposure level. You can click the sections in the doughnut chart and it will take you to the **Machines list** page where you'll see the affected machine names, exposure level side by side with risk level, among other details such as domain, OS platform, its health state, when it was last seen, and its tags.
**Top security recommendations** | See the collated security recommendations which are sorted and prioritized based on your organizations risk exposure. You can drill down on the security recommendation to see the potential risks, list of exposed machines, and read the insights. Thus, providing you with an informed decision to either proceed with a remediation request or create an exception. The actionable remediation recommendations that it contains can then be pushed into the IT task queue through the integrations with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM). **Top security recommendations** | See the collated security recommendations which are sorted and prioritized based on your organizations risk exposure. You can drill down on the security recommendation to see the potential risks, list of exposed machines, and read the insights. Thus, providing you with an informed decision to either proceed with a remediation request or create an exception. The actionable remediation recommendations that it contains can then be pushed into the IT task queue through the integrations with Microsoft Intune and Microsoft System Center Configuration Manager (SCCM).
**Top vulnerable software** | Provides real-time visibility into the organizational Software Inventory, with stack-ranked list of vulnerable software installed on your networks devices and how they impact on your organizational exposure score. **Top vulnerable software** | Get real-time visibility into the organizational software inventory, with stack-ranked list of vulnerable software installed on your networks devices and how they impact on your organizational exposure score.
**Top remediation activities** | Track the remediation activities generated from the security recommendations. You can click each item on the list and it will take you to the **Remediation** page where you'll see remediation and exception activity details. **Top remediation activities** | Track the remediation activities generated from the security recommendations. You can click each item on the list and it will take you to the **Remediation** page where you'll see remediation and exception activity details.
**Top exposed machines** | Shows the exposed machine names and their exposure level. You can click the machine name and it will take you to the machine page where you can view the alerts, risks, incidents, security recommendations, installed software, discovered vulnerabilities associated with the exposed machines. You can also do other EDR-related tasks in it, such as: manage tags, initiate automated investigations, initiate a live response session, collect an investigation package, run antivirus scan, restrict app execution, and isolate machine. **Top exposed machines** | See the exposed machine names and their exposure level. You can click the machine name and it will take you to the machine page where you can view the alerts, risks, incidents, security recommendations, installed software, discovered vulnerabilities associated with the exposed machines. You can also do other EDR-related tasks in it, such as: manage tags, initiate automated investigations, initiate a live response session, collect an investigation package, run antivirus scan, restrict app execution, and isolate machine.
**Threat campaigns** | xxx. **Threat campaigns** | [to be filled out when the widget gets updated, right now it's blank].
See [Microsoft Defender ATP icons](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection#windows-defender-atp-icons) to provide the information on the icons used throughout the portal. See [Microsoft Defender ATP icons](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection#windows-defender-atp-icons) to provide the information on the icons used throughout the portal.