deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 05:13:40 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update controlled-folders.md

Browse Source 
Some customers opened support tickets wanting to know why CFA blocks did not create alerts in our portal... so I think we should add this note to avoid customer confusion...
This commit is contained in:
amirsc3
2021-02-03 17:55:27 +02:00
committed by GitHub
parent 7b63ea4212
commit 2beb86cdd0
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
View File

@ -35,6 +35,9 @@ Controlled folder access helps protect your valuable data from malicious apps an
Controlled folder access works best with [Microsoft Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into controlled folder access events and blocks as part of the usual [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md).
> [!NOTE]
> Controlled folder access blocks do not generate alerts in the [Alert queue](../microsoft-defender-atp/alerts-queue.md). However, they do provide valuable information that will appear in the [Device Timeline](../microsoft-defender-atp/investigate-machines.md), [Advanced Hunting](../microsoft-defender-atp/advanced-hunting-overview.md) or can be used when building [Custom Detections](../microsoft-defender-atp/custom-detection-rules.md).
## How does controlled folder access work?
Controlled folder access works by only allowing trusted apps to access protected folders. Protected folders are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, and so on, are included in the list of controlled folders.