deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-26 07:43:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update configure-automated-investigations-remediation.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT
2020-05-18 15:45:50 -07:00
parent 334c3d689d
commit 27237ebfc9
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md
View File

@ -51,6 +51,7 @@ To configure automated investigation and remediation, you turn the features on,
3. Create at least one device group, as follows:
- Specify a name and description for the device group.
- In the **Automation level list**, select a level, such as **Full remediate threats automatically**.
-
- In the **Members** section, you can use one or more conditions to identify and include devices.
- On the **User access** tab, select the [Azure Active Directory groups](https://docs.microsoft.com/azure/active-directory/fundamentals/active-directory-manage-groups?context=azure/active-directory/users-groups-roles/context/ugr-context) who should have access to the device group you're creating.
The automation level determines whether remediation actions are taken automatically, or only upon approval. To learn more, see [How threats are remediated](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations#how-threats-are-remediated).