From 1f6cc15648ace8539243b61d68909358c4d19b8b Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 20 May 2020 14:32:50 -0700 Subject: [PATCH] Update behavioral-blocking-containment.md --- .../microsoft-defender-atp/behavioral-blocking-containment.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md b/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md index b91d573d17..0e37eea1c4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md @@ -46,7 +46,7 @@ The following image shows an example of an alert that was triggered by behaviora :::image type="content" source="images/blocked-behav-alert.png" alt-text="Example of an alert through behavioral blocking and containment"::: -## Behavioral blocking and containment capabilities +## Components of behavioral blocking and containment - **On-client, policy-driven [attack surface reduction rules](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction)** Predefined common attack behaviors are prevented from executing, according to your attack surface reduction rules. When such behaviors attempt to execute, they can be seen in the Microsoft Defender Security Center [https://securitycenter.windows.com](https://securitycenter.windows.com) as informational alerts. (Attack surface reduction rules are not enabled by default; you configure your policies in the Microsoft Defender Security Center.)