deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-30 22:27:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Added images and update TOC

Browse Source
This commit is contained in:
schmurky 2021-02-03 14:44:27 +08:00
parent 53274a98d1
commit 28f4d016f4
3 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
windows/security/threat-protection/microsoft-defender-atp/images/device-timeline-filters.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 11 KiB

BIN
windows/security/threat-protection/microsoft-defender-atp/images/device-timeline-with-techniques.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 82 KiB

6
windows/security/threat-protection/microsoft-defender-atp/techniques-device-timeline.md
View File

@ -1,7 +1,7 @@
--- ---
title: Techniques in the device timeline title: Techniques in the device timeline
description: Understanding MITRE ATT&CK techniques grouping in the device timeline in Microsoft Defender for Endpoint description: Understanding MITRE ATT&CK techniques grouping in the device timeline in Microsoft Defender for Endpoint
keywords: device timeline, endpoint, MITRE, MITRE ATT&CK, techniques, tactices keywords: device timeline, endpoint, MITRE, MITRE ATT&CK, techniques, tactics
search.product: eADQiWindows 10XVcnh search.product: eADQiWindows 10XVcnh
search.appverid: met150 search.appverid: met150
ms.prod: m365-security ms.prod: m365-security
@ -35,7 +35,7 @@ This feature simplifies the investigation experience by helping analysts underst
For public preview customers, Techniques are available by default and are shown together with events when a device's timeline is viewed. For public preview customers, Techniques are available by default and are shown together with events when a device's timeline is viewed.
[TIMELINE screenshot] ![Techniques in device timeline screenshot](images/device-timeline-with-techniques.png)
Techniques are highlighted in bold text and appear with a blue icon on the left. The corresponding MITRE ATT&CK ID and technique name also appears as tags under Additional information. Techniques are highlighted in bold text and appear with a blue icon on the left. The corresponding MITRE ATT&CK ID and technique name also appears as tags under Additional information.
@ -47,7 +47,7 @@ Search and Export options are also available for Techniques.
To view only either events or techniques, select Filters from the device timeline and choose your preferred Data type to view. To view only either events or techniques, select Filters from the device timeline and choose your preferred Data type to view.
[FILTER screenshot] ![Filters screenshot](images/device-timeline-filters.png)
>[!IMPORTANT] >[!IMPORTANT]
>Event group filters do not affect Techniques, so when Techniques data type is selected, all techniques are shown. >Event group filters do not affect Techniques, so when Techniques data type is selected, all techniques are shown.