diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/remediationtype_swupdatefilter.png b/windows/security/threat-protection/microsoft-defender-atp/images/remediationtype_swupdatefilter.png new file mode 100644 index 0000000000..76dce431e1 Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/remediationtype_swupdatefilter.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/secrec_flyouteolsw.png b/windows/security/threat-protection/microsoft-defender-atp/images/secrec_flyouteolsw.png new file mode 100644 index 0000000000..5d1588dee2 Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/secrec_flyouteolsw.png differ diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md index e55608222d..4f71aff441 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md @@ -44,12 +44,21 @@ Each machine in the organization is scored based on three important factors: thr You can access the security recommendation from the Microsoft Defender ATP Threat & Vulnerability Management menu, dashboard, software page, and machine page, to give you the context that you need, as you require it. -From the menu, select **Security recommendations** to get an overview of the running list with its weaknesses, related components, application, operating system, network, accounts, and security controls, associated breach, threats, and recommendation insights, exposed machine trends, status, remediation type and activities. +*Security recommendations option from the left navigation menu* +1. Go to the Threat & Vulnerability Management navigation menu and select **Security recommendations** to open up the list of security recommendations for the threats and vulnerabilities found in your organization. It gives you an overview of the security recommendation context: weaknesses found, related components, the application and operating system where the threat or vulnerabilities were found, network, accounts, and security controls, associated breach, threats, and recommendation insights, exposed machine trends, status, remediation type and activities. ![Screenshot of Security recommendations page](images/tvm_securityrecommendation-graph.png) ->[!NOTE] -> The color of the **Exposed machines** graph changes as the trend changes. If the number of exposed machines is on the rise, the color changes into red. If there's a decrease in the amount of exposed machines, the color of the graph will change into green. This happens per change, which means an increase or decrease of even a single machine will change the graph's color. + >[!NOTE] + > The color of the **Exposed machines** graph changes as the trend changes. If the number of exposed machines is on the rise, the color changes into red. If there's a decrease in the amount of exposed machines, the color of the graph will change into green. This happens when the numbers on the right hand side is greater than what’s on the left, which means an increase or decrease at the end of even a single machine will change the graph's color. + + You can filter your view based on related components, status, and remediation type. If you want to see the remediation activities of software and software versions which have reached their end-of-life, select **Active**, then select **Software update** from the **Remediation Type** filter, and click **Apply**. +

![Screenshot of the remediation type filters for software update and uninstall](images/remediationtype_swupdatefilter.png) + +2. Select the security recommendation that you need to investigate or process. +

![Screenshot of the security recommendation page flyout for a software which reached its end-of-life](images/secrec_flyouteolsw.png) + + *Top security recommendations from the dashboard* In a given day as a Security Administrator, you can take a look at the dashboard to see your exposure score side-by-side with your configuration score. The goal is to lower down your organization's exposure from vulnerabilities, and increase your organization's security configuration to be more resilient against cybersecurity threat attacks. The top security recommendations list can help you achieve that goal.