From 6f6182584669199a98daf91ff8b3859f369b6dea Mon Sep 17 00:00:00 2001 From: Benny Shilpa Date: Mon, 15 Feb 2021 16:25:33 +0530 Subject: [PATCH 1/3] Removing invalid links --- windows/security/threat-protection/TOC.md | 247 +++++++++++----------- 1 file changed, 129 insertions(+), 118 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index b7ed73f187..4c0b19508a 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -1,82 +1,93 @@ # [Threat protection](index.md) -## [Evaluate capabilities](microsoft-defender-atp/evaluation-lab.md) -## [Plan deployment](microsoft-defender-atp/deployment-strategy.md) -## [Deployment guide]() -### [Deployment phases](microsoft-defender-atp/deployment-phases.md) -### [Phase 1: Prepare](microsoft-defender-atp/prepare-deployment.md) -### [Phase 2: Set up](microsoft-defender-atp/production-deployment.md) -### [Phase 3: Onboard]() -#### [Onboarding overview](microsoft-defender-atp/onboarding.md) -#### [Deployment rings](microsoft-defender-atp/deployment-rings.md) -#### [Onboarding using Microsoft Endpoint Configuration Manager](microsoft-defender-atp/onboarding-endpoint-configuration-manager.md) -#### [Onboarding using Microsoft Endpoint Manager](microsoft-defender-atp/onboarding-endpoint-manager.md) -#### [Onboard supported devices](microsoft-defender-atp/onboard-configure.md) -## [Migration guides](microsoft-defender-atp/migration-guides.md) -### [Switch from McAfee to Microsoft Defender for Endpoint]() -#### [Overview of migration](microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md) -#### [Phase 1: Prepare](microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md) -#### [Phase 2: Setup](microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md) -#### [Phase 3: Onboard](microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md) -### [Switch from Symantec to Microsoft Defender for Endpoint]() -#### [Overview of migration](microsoft-defender-atp/symantec-to-microsoft-defender-atp-migration.md) -#### [Phase 1: Prepare](microsoft-defender-atp/symantec-to-microsoft-defender-atp-prepare.md) -#### [Phase 2: Setup](microsoft-defender-atp/symantec-to-microsoft-defender-atp-setup.md) -#### [Phase 3: Onboard](microsoft-defender-atp/symantec-to-microsoft-defender-atp-onboard.md) -### [Switch from your non-Microsoft endpoint security solution to Microsoft Defender for Endpoint]() -#### [Overview of migration](microsoft-defender-atp/switch-to-microsoft-defender-migration.md) -#### [Phase 1: Prepare](microsoft-defender-atp/switch-to-microsoft-defender-prepare.md) -#### [Phase 2: Setup](microsoft-defender-atp/switch-to-microsoft-defender-setup.md) -#### [Phase 3: Onboard](microsoft-defender-atp/switch-to-microsoft-defender-onboard.md) -### [Manage Microsoft Defender for Endpoint after migration]() -#### [Overview of managing Microsoft Defender for Endpoint](microsoft-defender-atp/manage-atp-post-migration.md) -#### [Intune (recommended)](microsoft-defender-atp/manage-atp-post-migration-intune.md) -#### [Configuration Manager](microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md) -#### [Group Policy Objects](microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md) -#### [PowerShell, WMI, and MPCmdRun.exe](microsoft-defender-atp/manage-atp-post-migration-other-tools.md) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ## [Security administration]() -### [Threat & vulnerability management]() -#### [Overview](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md) -#### [Get started]() -##### [Permissions & prerequisites](microsoft-defender-atp/tvm-prerequisites.md) -##### [Supported operating systems and platforms](microsoft-defender-atp/tvm-supported-os.md) -##### [Assign device value](microsoft-defender-atp/tvm-assign-device-value.md) -#### [Assess your security posture]() -##### [Dashboard insights](microsoft-defender-atp/tvm-dashboard-insights.md) -##### [Exposure score](microsoft-defender-atp/tvm-exposure-score.md) -##### [Microsoft Secure Score for Devices](microsoft-defender-atp/tvm-microsoft-secure-score-devices.md) -#### [Improve your security posture & reduce risk]() -##### [Address security recommendations](microsoft-defender-atp/tvm-security-recommendation.md) -##### [Remediate vulnerabilities](microsoft-defender-atp/tvm-remediation.md) -##### [Exceptions for security recommendations](microsoft-defender-atp/tvm-exception.md) -##### [Plan for end-of-support software](microsoft-defender-atp/tvm-end-of-support-software.md) -##### [Mitigate zero-day vulnerabilities](microsoft-defender-atp/tvm-zero-day-vulnerabilities.md) -#### [Understand vulnerabilities on your devices]() -##### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md) -##### [Vulnerabilities in my organization](microsoft-defender-atp/tvm-weaknesses.md) -##### [Event timeline](microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md) -##### [Vulnerable devices report](microsoft-defender-atp/tvm-vulnerable-devices-report.md) -##### [Hunt for exposed devices](microsoft-defender-atp/tvm-hunt-exposed-devices.md) -### [Attack surface reduction]() -#### [Overview of attack surface reduction](microsoft-defender-atp/overview-attack-surface-reduction.md) -#### [Evaluate attack surface reduction rules](microsoft-defender-atp/evaluate-attack-surface-reduction.md) -#### [Attack surface reduction configuration settings](microsoft-defender-atp/configure-attack-surface-reduction.md) -#### [Attack surface reduction FAQ](microsoft-defender-atp/attack-surface-reduction-faq.md) -#### [Attack surface reduction controls]() -##### [Attack surface reduction rules](microsoft-defender-atp/attack-surface-reduction.md) -##### [Enable attack surface reduction rules](microsoft-defender-atp/enable-attack-surface-reduction.md) -##### [Customize attack surface reduction rules](microsoft-defender-atp/customize-attack-surface-reduction.md) -##### [View attack surface reduction events](microsoft-defender-atp/event-views.md) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + #### [Hardware-based isolation]() -##### [Hardware-based isolation in Windows 10](microsoft-defender-atp/overview-hardware-based-isolation.md) + ##### [Hardware-based isolation evaluation](microsoft-defender-application-guard/test-scenarios-md-app-guard.md) ##### [Application isolation]() @@ -97,33 +108,33 @@ ##### [Control USB devices](device-control/control-usb-devices-using-intune.md) ##### [Device control report](device-control/device-control-report.md) -#### [Exploit protection]() -##### [Protect devices from exploits](microsoft-defender-atp/exploit-protection.md) -##### [Exploit protection evaluation](microsoft-defender-atp/evaluate-exploit-protection.md) -##### [Enable exploit protection](microsoft-defender-atp/enable-exploit-protection.md) -##### [Customize exploit protection](microsoft-defender-atp/customize-exploit-protection.md) -##### [Import, export, and deploy exploit protection configurations](microsoft-defender-atp/import-export-exploit-protection-emet-xml.md) -##### [Troubleshoot exploit protection mitigations](microsoft-defender-atp/troubleshoot-exploit-protection-mitigations.md) -##### [Exploit protection reference](microsoft-defender-atp/exploit-protection-reference.md ) -#### [Network protection]() -##### [Protect your network](microsoft-defender-atp/network-protection.md) -##### [Evaluate network protection](microsoft-defender-atp/evaluate-network-protection.md) -##### [Turn on network protection](microsoft-defender-atp/enable-network-protection.md) + + + + + + + + + + + + -#### [Web protection]() -##### [Web protection overview](microsoft-defender-atp/web-protection-overview.md) -##### [Web threat protection]() -###### [Web threat protection overview](microsoft-defender-atp/web-threat-protection.md) -###### [Monitor web security](microsoft-defender-atp/web-protection-monitoring.md) -###### [Respond to web threats](microsoft-defender-atp/web-protection-response.md) -##### [Web content filtering](microsoft-defender-atp/web-content-filtering.md) + + + + + + + -#### [Controlled folder access]() -##### [Protect folders](microsoft-defender-atp/controlled-folders.md) -##### [Evaluate controlled folder access](microsoft-defender-atp/evaluate-controlled-folder-access.md) -##### [Enable controlled folder access](microsoft-defender-atp/enable-controlled-folders.md) -##### [Customize controlled folder access](microsoft-defender-atp/customize-controlled-folders.md) + + + + + @@ -221,43 +232,43 @@ #### [Better together: Microsoft Defender Antivirus and Office 365](microsoft-defender-antivirus/office-365-microsoft-defender-antivirus.md) -### [Microsoft Defender for Endpoint for Mac]() -#### [Overview of Microsoft Defender for Endpoint for Mac](microsoft-defender-atp/microsoft-defender-atp-mac.md) -#### [What's New](microsoft-defender-atp/mac-whatsnew.md) -#### [Deploy]() -##### [Microsoft Intune-based deployment](microsoft-defender-atp/mac-install-with-intune.md) -##### [JAMF Pro-based deployment]() -###### [Deploying Microsoft Defender for Endpoint for macOS using Jamf Pro](microsoft-defender-atp/mac-install-with-jamf.md) -###### [Login to Jamf Pro](microsoft-defender-atp/mac-install-jamfpro-login.md) -###### [Set up device groups](microsoft-defender-atp/mac-jamfpro-device-groups.md) -###### [Set up policies](microsoft-defender-atp/mac-jamfpro-policies.md) -###### [Enroll devices](microsoft-defender-atp/mac-jamfpro-enroll-devices.md) -##### [Deployment with a different Mobile Device Management (MDM) system](microsoft-defender-atp/mac-install-with-other-mdm.md) -##### [Manual deployment](microsoft-defender-atp/mac-install-manually.md) -#### [Update](microsoft-defender-atp/mac-updates.md) -#### [Configure]() -##### [Configure and validate exclusions](microsoft-defender-atp/mac-exclusions.md) -##### [Set preferences](microsoft-defender-atp/mac-preferences.md) -##### [Detect and block Potentially Unwanted Applications](microsoft-defender-atp/mac-pua.md) -##### [Schedule scans](microsoft-defender-atp/mac-schedule-scan-atp.md) -#### [Troubleshoot]() -##### [Troubleshoot installation issues](microsoft-defender-atp/mac-support-install.md) -##### [Troubleshoot performance issues](microsoft-defender-atp/mac-support-perf.md) -##### [Troubleshoot kernel extension issues](microsoft-defender-atp/mac-support-kext.md) -##### [Troubleshoot license issues](microsoft-defender-atp/mac-support-license.md) -#### [Privacy](microsoft-defender-atp/mac-privacy.md) -#### [Resources](microsoft-defender-atp/mac-resources.md) + + + + + + + + + + + + + + + + + + + + + + + + + + ### [Microsoft Defender for Endpoint for iOS]() -#### [Overview of Microsoft Defender for Endpoint for iOS](microsoft-defender-atp/microsoft-defender-atp-ios.md) + #### [Deploy]() ##### [Deploy Microsoft Defender for Endpoint for iOS via Intune](microsoft-defender-atp/ios-install.md) From f13f598e0802852de277e9b784956147c1eb5194 Mon Sep 17 00:00:00 2001 From: Benny Shilpa Date: Tue, 16 Feb 2021 15:18:35 +0530 Subject: [PATCH 2/3] Update TOC.md --- windows/security/threat-protection/TOC.md | 812 +++++++++++----------- 1 file changed, 406 insertions(+), 406 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 4c0b19508a..b853b75f69 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -63,7 +63,7 @@ - +### [Attack surface reduction]() @@ -267,461 +267,461 @@ -### [Microsoft Defender for Endpoint for iOS]() -#### [Deploy]() -##### [Deploy Microsoft Defender for Endpoint for iOS via Intune](microsoft-defender-atp/ios-install.md) - -#### [Configure]() -##### [Configure iOS features](microsoft-defender-atp/ios-configure-features.md) -#### [Privacy](microsoft-defender-atp/ios-privacy.md) -### [Microsoft Defender for Endpoint for Linux]() -#### [Overview of Microsoft Defender for Endpoint for Linux](microsoft-defender-atp/microsoft-defender-atp-linux.md) -#### [What's New](microsoft-defender-atp/linux-whatsnew.md) -#### [Deploy]() -##### [Manual deployment](microsoft-defender-atp/linux-install-manually.md) -##### [Puppet based deployment](microsoft-defender-atp/linux-install-with-puppet.md) -##### [Ansible based deployment](microsoft-defender-atp/linux-install-with-ansible.md) - -#### [Update](microsoft-defender-atp/linux-updates.md) -#### [Configure]() -##### [Configure and validate exclusions](microsoft-defender-atp/linux-exclusions.md) -##### [Static proxy configuration](microsoft-defender-atp/linux-static-proxy-configuration.md) -##### [Set preferences](microsoft-defender-atp/linux-preferences.md) -##### [Detect and block Potentially Unwanted Applications](microsoft-defender-atp/linux-pua.md) -##### [Schedule scans with Microsoft Defender for Endpoint for Linux](microsoft-defender-atp/linux-schedule-scan-atp.md) -##### [Schedule an update of the Microsoft Defender for Endpoint (Linux)](microsoft-defender-atp/linux-update-MDE-Linux.md) - -#### [Troubleshoot]() -##### [Troubleshoot installation issues](microsoft-defender-atp/linux-support-install.md) -##### [Troubleshoot cloud connectivity issues](microsoft-defender-atp/linux-support-connectivity.md) -##### [Troubleshoot performance issues](microsoft-defender-atp/linux-support-perf.md) -##### [Troubleshoot missing events issues](microsoft-defender-atp/linux-support-events.md) -#### [Privacy](microsoft-defender-atp/linux-privacy.md) -#### [Resources](microsoft-defender-atp/linux-resources.md) -### [Microsoft Defender for Endpoint for Android]() -#### [Overview of Microsoft Defender for Endpoint for Android](microsoft-defender-atp/microsoft-defender-atp-android.md) - -#### [Deploy]() -##### [Deploy Microsoft Defender for Endpoint for Android with Microsoft Intune](microsoft-defender-atp/android-intune.md) - -#### [Configure]() -##### [Configure Microsoft Defender for Endpoint for Android features](microsoft-defender-atp/android-configure.md) - -#### [Privacy]() -##### [Microsoft Defender for Endpoint for Android - Privacy information](microsoft-defender-atp/android-privacy.md) - -#### [Troubleshoot]() -##### [Troubleshoot issues](microsoft-defender-atp/android-support-signin.md) -### [Configure and manage Microsoft Threat Experts capabilities](microsoft-defender-atp/configure-microsoft-threat-experts.md) -## [Security operations]() -### [Endpoint detection and response]() -#### [Endpoint detection and response overview](microsoft-defender-atp/overview-endpoint-detection-response.md) -#### [Security operations dashboard](microsoft-defender-atp/security-operations-dashboard.md) -#### [Incidents queue]() -##### [View and organize the Incidents queue](microsoft-defender-atp/view-incidents-queue.md) -##### [Manage incidents](microsoft-defender-atp/manage-incidents.md) -##### [Investigate incidents](microsoft-defender-atp/investigate-incidents.md) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -#### [Alerts queue]() -##### [View and organize the Alerts queue](microsoft-defender-atp/alerts-queue.md) -##### [Review alerts](microsoft-defender-atp/review-alerts.md) -##### [Manage alerts](microsoft-defender-atp/manage-alerts.md) -##### [Investigate alerts](microsoft-defender-atp/investigate-alerts.md) -##### [Investigate files](microsoft-defender-atp/investigate-files.md) -##### [Investigate devices](microsoft-defender-atp/investigate-machines.md) -##### [Investigate an IP address](microsoft-defender-atp/investigate-ip.md) -##### [Investigate a domain](microsoft-defender-atp/investigate-domain.md) -###### [Investigate connection events that occur behind forward proxies](microsoft-defender-atp/investigate-behind-proxy.md) -##### [Investigate a user account](microsoft-defender-atp/investigate-user.md) + + + + + + + + + + + -#### [Devices list]() -##### [View and organize the Devices list](microsoft-defender-atp/machines-view-overview.md) -##### [Device timeline event flags](microsoft-defender-atp/device-timeline-event-flag.md) -##### [Manage device group and tags](microsoft-defender-atp/machine-tags.md) + + + + -#### [Take response actions]() -##### [Take response actions on a device]() -###### [Response actions on devices](microsoft-defender-atp/respond-machine-alerts.md) -###### [Manage tags](microsoft-defender-atp/respond-machine-alerts.md#manage-tags) -###### [Start an automated investigation](microsoft-defender-atp/respond-machine-alerts.md#initiate-automated-investigation) -###### [Start a Live Response session](microsoft-defender-atp/respond-machine-alerts.md#initiate-live-response-session) -###### [Collect investigation package](microsoft-defender-atp/respond-machine-alerts.md#collect-investigation-package-from-devices) -###### [Run antivirus scan](microsoft-defender-atp/respond-machine-alerts.md#run-microsoft-defender-antivirus-scan-on-devices) -###### [Restrict app execution](microsoft-defender-atp/respond-machine-alerts.md#restrict-app-execution) -###### [Isolate devices from the network](microsoft-defender-atp/respond-machine-alerts.md#isolate-devices-from-the-network) -###### [Consult a threat expert](microsoft-defender-atp/respond-machine-alerts.md#consult-a-threat-expert) -###### [Check activity details in Action center](microsoft-defender-atp/respond-machine-alerts.md#check-activity-details-in-action-center) + + + + + + + + + + + + -##### [Take response actions on a file]() -###### [Response actions on files](microsoft-defender-atp/respond-file-alerts.md) -###### [Stop and quarantine files in your network](microsoft-defender-atp/respond-file-alerts.md#stop-and-quarantine-files-in-your-network) -###### [Restore file from quarantine](microsoft-defender-atp/respond-file-alerts.md#restore-file-from-quarantine) -###### [Add indicators to block or allow a file](microsoft-defender-atp/respond-file-alerts.md#add-indicator-to-block-or-allow-a-file) -###### [Download or collect file](microsoft-defender-atp/respond-file-alerts.md#download-or-collect-file) -###### [Consult a threat expert](microsoft-defender-atp/respond-file-alerts.md#consult-a-threat-expert) -###### [Check activity details in Action center](microsoft-defender-atp/respond-file-alerts.md#check-activity-details-in-action-center) -###### [Deep analysis](microsoft-defender-atp/respond-file-alerts.md#deep-analysis) - -#### [Visit the Action center to see remediation actions](microsoft-defender-atp/auto-investigation-action-center.md) -##### [View and approve pending actions](microsoft-defender-atp/manage-auto-investigation.md) -##### [Details and results of an automated investigation](microsoft-defender-atp/autoir-investigation-results.md) - -#### [Investigate entities using Live response]() -##### [Investigate entities on devices](microsoft-defender-atp/live-response.md) -##### [Live response command examples](microsoft-defender-atp/live-response-command-examples.md) -#### [Use sensitivity labels to prioritize incident response](microsoft-defender-atp/information-protection-investigation.md) - -#### [Reporting]() -##### [Power BI - How to use API - Samples](microsoft-defender-atp/api-power-bi.md) -##### [Threat protection reports](microsoft-defender-atp/threat-protection-reports.md) -#### [Device health and compliance reports](microsoft-defender-atp/machine-reports.md) - -### [Behavioral blocking and containment]() -#### [Behavioral blocking and containment](microsoft-defender-atp/behavioral-blocking-containment.md) -#### [Client behavioral blocking](microsoft-defender-atp/client-behavioral-blocking.md) -#### [Feedback-loop blocking](microsoft-defender-atp/feedback-loop-blocking.md) -#### [EDR in block mode](microsoft-defender-atp/edr-in-block-mode.md) - -### [Automated investigation and response (AIR)]() -#### [Overview of AIR](microsoft-defender-atp/automated-investigations.md) -#### [Automation levels in AIR](microsoft-defender-atp/automation-levels.md) -#### [Configure AIR capabilities](microsoft-defender-atp/configure-automated-investigations-remediation.md) - -### [Advanced hunting]() -#### [Advanced hunting overview](microsoft-defender-atp/advanced-hunting-overview.md) -#### [Learn, train, & get examples]() -##### [Learn the query language](microsoft-defender-atp/advanced-hunting-query-language.md) -##### [Use shared queries](microsoft-defender-atp/advanced-hunting-shared-queries.md) -#### [Work with query results](microsoft-defender-atp/advanced-hunting-query-results.md) -#### [Optimize & handle errors]() -##### [Apply query best practices](microsoft-defender-atp/advanced-hunting-best-practices.md) -##### [Handle errors](microsoft-defender-atp/advanced-hunting-errors.md) -##### [Service limits](microsoft-defender-atp/advanced-hunting-limits.md) -#### [Data schema]() -##### [Understand the schema](microsoft-defender-atp/advanced-hunting-schema-reference.md) -##### [DeviceAlertEvents](microsoft-defender-atp/advanced-hunting-devicealertevents-table.md) -##### [DeviceFileEvents](microsoft-defender-atp/advanced-hunting-devicefileevents-table.md) -##### [DeviceImageLoadEvents](microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md) -##### [DeviceLogonEvents](microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md) -##### [DeviceInfo](microsoft-defender-atp/advanced-hunting-deviceinfo-table.md) -##### [DeviceNetworkInfo](microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md) -##### [DeviceEvents](microsoft-defender-atp/advanced-hunting-deviceevents-table.md) -##### [DeviceFileCertificateInfo](microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md) -##### [DeviceNetworkEvents](microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md) -##### [DeviceProcessEvents](microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md) -##### [DeviceRegistryEvents](microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md) -##### [DeviceTvmSoftwareInventoryVulnerabilities](microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md) -##### [DeviceTvmSoftwareVulnerabilitiesKB](microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md) -##### [DeviceTvmSecureConfigurationAssessment](microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md) -##### [DeviceTvmSecureConfigurationAssessmentKB](microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md) -#### [Custom detections]() -##### [Custom detections overview](microsoft-defender-atp/overview-custom-detections.md) -##### [Create detection rules](microsoft-defender-atp/custom-detection-rules.md) -##### [View & manage detection rules](microsoft-defender-atp/custom-detections-manage.md) - -### [Microsoft Threat Experts](microsoft-defender-atp/microsoft-threat-experts.md) - -### [Threat analytics overview](microsoft-defender-atp/threat-analytics.md) -#### [Read the analyst report](microsoft-defender-atp/threat-analytics-analyst-reports.md) -## [How-to]() -### [Onboard devices to the service]() -#### [Onboard devices to Microsoft Defender for Endpoint](microsoft-defender-atp/onboard-configure.md) -#### [Onboard previous versions of Windows](microsoft-defender-atp/onboard-downlevel.md) -#### [Onboard Windows 10 devices]() -##### [Onboarding tools and methods](microsoft-defender-atp/configure-endpoints.md) -##### [Onboard devices using Group Policy](microsoft-defender-atp/configure-endpoints-gp.md) -##### [Onboard devices using Microsoft Endpoint Configuration Manager](microsoft-defender-atp/configure-endpoints-sccm.md) -##### [Onboard devices using Mobile Device Management tools](microsoft-defender-atp/configure-endpoints-mdm.md) -##### [Onboard devices using a local script](microsoft-defender-atp/configure-endpoints-script.md) -##### [Onboard non-persistent virtual desktop infrastructure (VDI) devices](microsoft-defender-atp/configure-endpoints-vdi.md) -##### [Onboard Windows 10 multi-session devices in Windows Virtual Desktop](microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + -#### [Onboard Windows servers](microsoft-defender-atp/configure-server-endpoints.md) -#### [Onboard non-Windows devices](microsoft-defender-atp/configure-endpoints-non-windows.md) -#### [Onboard devices without Internet access](microsoft-defender-atp/onboard-offline-machines.md) -#### [Run a detection test on a newly onboarded device](microsoft-defender-atp/run-detection-test.md) -#### [Run simulated attacks on devices](microsoft-defender-atp/attack-simulations.md) -#### [Configure proxy and Internet connectivity settings](microsoft-defender-atp/configure-proxy-internet.md) -#### [Create an onboarding or offboarding notification rule](microsoft-defender-atp/onboarding-notification.md) + + + + + + + -#### [Troubleshoot onboarding issues]() -##### [Troubleshoot issues during onboarding](microsoft-defender-atp/troubleshoot-onboarding.md) -##### [Troubleshoot subscription and portal access issues](microsoft-defender-atp/troubleshoot-onboarding-error-messages.md) - -### [Manage device configuration]() -#### [Ensure your devices are configured properly](microsoft-defender-atp/configure-machines.md) -#### [Monitor and increase device onboarding](microsoft-defender-atp/configure-machines-onboarding.md) -#### [Increase compliance to the security baseline](microsoft-defender-atp/configure-machines-security-baseline.md) -#### [Optimize attack surface reduction rule deployment and detections](microsoft-defender-atp/configure-machines-asr.md) - -### [Configure portal settings]() -#### [Set up preferences](microsoft-defender-atp/preferences-setup.md) -#### [General]() -##### [Verify data storage location and update data retention settings](microsoft-defender-atp/data-retention-settings.md) -##### [Configure alert notifications](microsoft-defender-atp/configure-email-notifications.md) -##### [Configure vulnerability notifications](microsoft-defender-atp/configure-vulnerability-email-notifications.md) -##### [Configure advanced features](microsoft-defender-atp/advanced-features.md) - -#### [Permissions]() -##### [Use basic permissions to access the portal](microsoft-defender-atp/basic-permissions.md) -##### [Manage portal access using RBAC](microsoft-defender-atp/rbac.md) -###### [Create and manage roles](microsoft-defender-atp/user-roles.md) -###### [Create and manage device groups](microsoft-defender-atp/machine-groups.md) -###### [Create and manage device tags](microsoft-defender-atp/machine-tags.md) -#### [Rules]() -##### [Manage suppression rules](microsoft-defender-atp/manage-suppression-rules.md) -##### [Create indicators](microsoft-defender-atp/manage-indicators.md) -###### [Create indicators for files](microsoft-defender-atp/indicator-file.md) -###### [Create indicators for IPs and URLs/domains](microsoft-defender-atp/indicator-ip-domain.md) -###### [Create indicators for certificates](microsoft-defender-atp/indicator-certificates.md) -###### [Manage indicators](microsoft-defender-atp/indicator-manage.md) -##### [Manage automation file uploads](microsoft-defender-atp/manage-automation-file-uploads.md) -##### [Manage automation folder exclusions](microsoft-defender-atp/manage-automation-folder-exclusions.md) -#### [Device management]() -##### [Onboarding devices](microsoft-defender-atp/onboard-configure.md) -##### [Offboarding devices](microsoft-defender-atp/offboard-machines.md) -#### [Configure Microsoft Defender Security Center time zone settings](microsoft-defender-atp/time-settings.md) -### [Configure integration with other Microsoft solutions]() -#### [Configure conditional access](microsoft-defender-atp/configure-conditional-access.md) -#### [Configure Microsoft Cloud App Security integration](microsoft-defender-atp/microsoft-cloud-app-security-config.md) -### [Address false positives/negatives in Microsoft Defender for Endpoint](microsoft-defender-atp/defender-endpoint-false-positives-negatives.md) -### [Use audit mode](microsoft-defender-atp/audit-windows-defender.md) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ## Reference -### [Management and APIs]() -#### [Overview of management and APIs](microsoft-defender-atp/management-apis.md) -#### [Microsoft Defender for Endpoint API]() -##### [Get started]() -###### [Microsoft Defender for Endpoint API license and terms](microsoft-defender-atp/api-terms-of-use.md) -###### [Access the Microsoft Defender for Endpoint APIs](microsoft-defender-atp/apis-intro.md) -###### [Hello World](microsoft-defender-atp/api-hello-world.md) -###### [Get access with application context](microsoft-defender-atp/exposed-apis-create-app-webapp.md) -###### [Get access with user context](microsoft-defender-atp/exposed-apis-create-app-nativeapp.md) -###### [Get partner application access](microsoft-defender-atp/exposed-apis-create-app-partners.md) - -##### [Microsoft Defender for Endpoint APIs Schema]() -###### [Supported Microsoft Defender for Endpoint APIs](microsoft-defender-atp/exposed-apis-list.md) -###### [Release Notes](microsoft-defender-atp/api-release-notes.md) -###### [Common REST API error codes](microsoft-defender-atp/common-errors.md) -###### [Advanced Hunting](microsoft-defender-atp/run-advanced-query-api.md) - -###### [Alert]() -####### [Alert methods and properties](microsoft-defender-atp/alerts.md) -####### [List alerts](microsoft-defender-atp/get-alerts.md) -####### [Create alert](microsoft-defender-atp/create-alert-by-reference.md) -####### [Update alert](microsoft-defender-atp/update-alert.md) -####### [Batch update alert](microsoft-defender-atp/batch-update-alerts.md) -####### [Get alert information by ID](microsoft-defender-atp/get-alert-info-by-id.md) -####### [Get alert related domains information](microsoft-defender-atp/get-alert-related-domain-info.md) -####### [Get alert related file information](microsoft-defender-atp/get-alert-related-files-info.md) -####### [Get alert related IPs information](microsoft-defender-atp/get-alert-related-ip-info.md) -####### [Get alert related device information](microsoft-defender-atp/get-alert-related-machine-info.md) -####### [Get alert related user information](microsoft-defender-atp/get-alert-related-user-info.md) - -###### [Machine]() -####### [Machine methods and properties](microsoft-defender-atp/machine.md) -####### [List machines](microsoft-defender-atp/get-machines.md) -####### [Get machine by ID](microsoft-defender-atp/get-machine-by-id.md) -####### [Get machine log on users](microsoft-defender-atp/get-machine-log-on-users.md) -####### [Get machine related alerts](microsoft-defender-atp/get-machine-related-alerts.md) -####### [Get installed software](microsoft-defender-atp/get-installed-software.md) -####### [Get discovered vulnerabilities](microsoft-defender-atp/get-discovered-vulnerabilities.md) -####### [Get security recommendations](microsoft-defender-atp/get-security-recommendations.md) -####### [Add or Remove machine tags](microsoft-defender-atp/add-or-remove-machine-tags.md) -####### [Find machines by IP](microsoft-defender-atp/find-machines-by-ip.md) -####### [Find machines by tag](microsoft-defender-atp/find-machines-by-tag.md) -####### [Get missing KBs](microsoft-defender-atp/get-missing-kbs-machine.md) -####### [Set device value](microsoft-defender-atp/set-device-value.md) - -###### [Machine Action]() -####### [Machine Action methods and properties](microsoft-defender-atp/machineaction.md) -####### [List Machine Actions](microsoft-defender-atp/get-machineactions-collection.md) -####### [Get Machine Action](microsoft-defender-atp/get-machineaction-object.md) -####### [Collect investigation package](microsoft-defender-atp/collect-investigation-package.md) -####### [Get investigation package SAS URI](microsoft-defender-atp/get-package-sas-uri.md) -####### [Isolate machine](microsoft-defender-atp/isolate-machine.md) -####### [Release machine from isolation](microsoft-defender-atp/unisolate-machine.md) -####### [Restrict app execution](microsoft-defender-atp/restrict-code-execution.md) -####### [Remove app restriction](microsoft-defender-atp/unrestrict-code-execution.md) -####### [Run antivirus scan](microsoft-defender-atp/run-av-scan.md) -####### [Offboard machine](microsoft-defender-atp/offboard-machine-api.md) -####### [Stop and quarantine file](microsoft-defender-atp/stop-and-quarantine-file.md) - -###### [Automated Investigation]() -####### [Investigation methods and properties](microsoft-defender-atp/investigation.md) -####### [List Investigation](microsoft-defender-atp/get-investigation-collection.md) -####### [Get Investigation](microsoft-defender-atp/get-investigation-object.md) -####### [Start Investigation](microsoft-defender-atp/initiate-autoir-investigation.md) - -###### [Indicators]() -####### [Indicators methods and properties](microsoft-defender-atp/ti-indicator.md) -####### [Submit Indicator](microsoft-defender-atp/post-ti-indicator.md) -####### [Import Indicators](microsoft-defender-atp/import-ti-indicators.md) -####### [List Indicators](microsoft-defender-atp/get-ti-indicators-collection.md) -####### [Delete Indicator](microsoft-defender-atp/delete-ti-indicator-by-id.md) - -###### [Domain]() -####### [Get domain related alerts](microsoft-defender-atp/get-domain-related-alerts.md) -####### [Get domain related machines](microsoft-defender-atp/get-domain-related-machines.md) -####### [Get domain statistics](microsoft-defender-atp/get-domain-statistics.md) - -###### [File]() -####### [File methods and properties](microsoft-defender-atp/files.md) -####### [Get file information](microsoft-defender-atp/get-file-information.md) -####### [Get file related alerts](microsoft-defender-atp/get-file-related-alerts.md) -####### [Get file related machines](microsoft-defender-atp/get-file-related-machines.md) -####### [Get file statistics](microsoft-defender-atp/get-file-statistics.md) - -###### [IP]() -####### [Get IP related alerts](microsoft-defender-atp/get-ip-related-alerts.md) -####### [Get IP statistics](microsoft-defender-atp/get-ip-statistics.md) - -###### [User]() -####### [User methods](microsoft-defender-atp/user.md) -####### [Get user related alerts](microsoft-defender-atp/get-user-related-alerts.md) -####### [Get user related machines](microsoft-defender-atp/get-user-related-machines.md) - -###### [Score]() -####### [Score methods and properties](microsoft-defender-atp/score.md) -####### [List exposure score by machine group](microsoft-defender-atp/get-machine-group-exposure-score.md) -####### [Get exposure score](microsoft-defender-atp/get-exposure-score.md) -####### [Get device secure score](microsoft-defender-atp/get-device-secure-score.md) - -###### [Software]() -####### [Software methods and properties](microsoft-defender-atp/software.md) -####### [List software](microsoft-defender-atp/get-software.md) -####### [Get software by Id](microsoft-defender-atp/get-software-by-id.md) -####### [List software version distribution](microsoft-defender-atp/get-software-ver-distribution.md) -####### [List machines by software](microsoft-defender-atp/get-machines-by-software.md) -####### [List vulnerabilities by software](microsoft-defender-atp/get-vuln-by-software.md) -####### [Get missing KBs](microsoft-defender-atp/get-missing-kbs-software.md) - -###### [Vulnerability]() -####### [Vulnerability methods and properties](microsoft-defender-atp/vulnerability.md) -####### [List vulnerabilities](microsoft-defender-atp/get-all-vulnerabilities.md) -####### [List vulnerabilities by machine and software](microsoft-defender-atp/get-all-vulnerabilities-by-machines.md) -####### [Get vulnerability by Id](microsoft-defender-atp/get-vulnerability-by-id.md) -####### [List machines by vulnerability](microsoft-defender-atp/get-machines-by-vulnerability.md) - -###### [Recommendation]() -####### [Recommendation methods and properties](microsoft-defender-atp/recommendation.md) -####### [List all recommendations](microsoft-defender-atp/get-all-recommendations.md) -####### [Get recommendation by Id](microsoft-defender-atp/get-recommendation-by-id.md) -####### [Get recommendation by software](microsoft-defender-atp/get-recommendation-software.md) -####### [List machines by recommendation](microsoft-defender-atp/get-recommendation-machines.md) -####### [List vulnerabilities by recommendation](microsoft-defender-atp/get-recommendation-vulnerabilities.md) - -##### [How to use APIs - Samples]() -###### [Microsoft Flow](microsoft-defender-atp/api-microsoft-flow.md) -###### [Power BI](microsoft-defender-atp/api-power-bi.md) -###### [Advanced Hunting using Python](microsoft-defender-atp/run-advanced-query-sample-python.md) -###### [Advanced Hunting using PowerShell](microsoft-defender-atp/run-advanced-query-sample-powershell.md) -###### [Using OData Queries](microsoft-defender-atp/exposed-apis-odata-samples.md) - -#### [Raw data streaming API]() -##### [Raw data streaming](microsoft-defender-atp/raw-data-export.md) -##### [Stream advanced hunting events to Azure Events hub](microsoft-defender-atp/raw-data-export-event-hub.md) -##### [Stream advanced hunting events to your storage account](microsoft-defender-atp/raw-data-export-storage.md) - -#### [SIEM integration]() -##### [Understand threat intelligence concepts](microsoft-defender-atp/threat-indicator-concepts.md) -##### [Learn about different ways to pull detections](microsoft-defender-atp/configure-siem.md) -##### [Enable SIEM integration](microsoft-defender-atp/enable-siem-integration.md) -##### [Configure Micro Focus ArcSight to pull detections](microsoft-defender-atp/configure-arcsight.md) -##### [Microsoft Defender for Endpoint detection fields](microsoft-defender-atp/api-portal-mapping.md) -##### [Pull detections using SIEM REST API](microsoft-defender-atp/pull-alerts-using-rest-api.md) -##### [Fetch alerts from customer tenant](microsoft-defender-atp/fetch-alerts-mssp.md) -##### [Troubleshoot SIEM tool integration issues](microsoft-defender-atp/troubleshoot-siem.md) - -#### [Partners & APIs]() -##### [Partner applications](microsoft-defender-atp/partner-applications.md) -##### [Connected applications](microsoft-defender-atp/connected-applications.md) -##### [API explorer](microsoft-defender-atp/api-explorer.md) - -#### [Role-based access control]() -##### [Manage portal access using RBAC](microsoft-defender-atp/rbac.md) -##### [Create and manage roles](microsoft-defender-atp/user-roles.md) -##### [Create and manage device groups]() -###### [Using device groups](microsoft-defender-atp/machine-groups.md) -###### [Create and manage device tags](microsoft-defender-atp/machine-tags.md) - -#### [Managed security service provider (MSSP) integration]() -##### [Configure managed security service provider integration](microsoft-defender-atp/configure-mssp-support.md) -##### [Supported managed security service providers](microsoft-defender-atp/mssp-list.md) -##### [Grant MSSP access to the portal](microsoft-defender-atp/grant-mssp-access.md) -##### [Access the MSSP customer portal](microsoft-defender-atp/access-mssp-portal.md) -##### [Configure alert notifications](microsoft-defender-atp/configure-mssp-notifications.md) -##### [Get partner application access](microsoft-defender-atp/exposed-apis-create-app-partners.md) - -### [Partner integration scenarios]() -#### [Technical partner opportunities](microsoft-defender-atp/partner-integration.md) -#### [Managed security service provider opportunity](microsoft-defender-atp/mssp-support.md) -#### [Become a Microsoft Defender for Endpoint partner](microsoft-defender-atp/get-started-partner-integration.md) -### [Integrations]() -#### [Microsoft Defender for Endpoint integrations](microsoft-defender-atp/threat-protection-integration.md) -#### [Protect users, data, and devices with conditional access](microsoft-defender-atp/conditional-access.md) -#### [Microsoft Cloud App Security integration overview](microsoft-defender-atp/microsoft-cloud-app-security-integration.md) -### [Information protection in Windows overview]() -#### [Windows integration](microsoft-defender-atp/information-protection-in-windows-overview.md) -### [Access the Microsoft Defender for Endpoint Community Center](microsoft-defender-atp/community.md) -### [Helpful resources](microsoft-defender-atp/helpful-resources.md) + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ### [Troubleshoot Microsoft Defender for Endpoint]() -#### [Troubleshoot sensor state]() -##### [Check sensor state](microsoft-defender-atp/check-sensor-status.md) -##### [Fix unhealthy sensors](microsoft-defender-atp/fix-unhealthy-sensors.md) -##### [Inactive devices](microsoft-defender-atp/fix-unhealthy-sensors.md#inactive-devices) -##### [Misconfigured devices](microsoft-defender-atp/fix-unhealthy-sensors.md#misconfigured-devices) -##### [Review sensor events and errors on machines with Event Viewer](microsoft-defender-atp/event-error-codes.md) + + + + + + -#### [Troubleshoot Microsoft Defender for Endpoint service issues]() -##### [Troubleshoot service issues](microsoft-defender-atp/troubleshoot-mdatp.md) -##### [Check service health](microsoft-defender-atp/service-status.md) -##### [Contact Microsoft Defender for Endpoint support](microsoft-defender-atp/contact-support.md) -#### [Troubleshoot live response issues](microsoft-defender-atp/troubleshoot-live-response.md) -#### [Collect support logs using LiveAnalyzer ](microsoft-defender-atp/troubleshoot-collect-support-log.md) + + + + + + -#### [Troubleshoot attack surface reduction issues]() -##### [Network protection](microsoft-defender-atp/troubleshoot-np.md) -##### [Attack surface reduction rules](microsoft-defender-atp/troubleshoot-asr.md) + + + #### [Troubleshoot next-generation protection](microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md) #### [Troubleshoot migration issues](microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md) From 86433cb6bd70f16cefb66381b9182b9e03934511 Mon Sep 17 00:00:00 2001 From: Benny Shilpa Date: Tue, 16 Feb 2021 15:24:34 +0530 Subject: [PATCH 3/3] Update TOC.md --- windows/security/threat-protection/TOC.md | 604 ---------------------- 1 file changed, 604 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index b853b75f69..2a7f121400 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -1,91 +1,9 @@ # [Threat protection](index.md) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ## [Security administration]() - - - - - - - - - - - - ### [Attack surface reduction]() - - - - - - - - - - - - - - - - - - - - - #### [Hardware-based isolation]() ##### [Hardware-based isolation evaluation](microsoft-defender-application-guard/test-scenarios-md-app-guard.md) @@ -108,41 +26,10 @@ ##### [Control USB devices](device-control/control-usb-devices-using-intune.md) ##### [Device control report](device-control/device-control-report.md) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - #### [Network firewall]() ##### [Network firewall overview](windows-firewall/windows-firewall-with-advanced-security.md) ##### [Network firewall evaluation](windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md) - ### [Next-generation protection]() #### [Next-generation protection overview](microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md) #### [Evaluate next-generation protection](microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md) @@ -232,505 +119,14 @@ #### [Better together: Microsoft Defender Antivirus and Office 365](microsoft-defender-antivirus/office-365-microsoft-defender-antivirus.md) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ## Reference - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ### [Troubleshoot Microsoft Defender for Endpoint]() - - - - - - - - - - - - - - - - - - - - #### [Troubleshoot next-generation protection](microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md) #### [Troubleshoot migration issues](microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md) - - - - ## [Security intelligence](intelligence/index.md) ### [Understand malware & other threats](intelligence/understanding-malware.md) #### [Prevent malware infection](intelligence/prevent-malware-infection.md)