From 58317c8045bbc29eebff211ab84d23b1e4526b30 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 8 Jun 2017 14:13:02 -0700 Subject: [PATCH 1/7] add show user details and skype integration --- ...nced-features-windows-defender-advanced-threat-protection.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index e32f2b9d8d..f9f9f7c868 100644 --- a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -34,6 +34,8 @@ This feature is only available if you have an active Office 365 E5 or the Threat When you enable this feature, you'll be able to incorporate data from Office 365 Advanced Threat Protection into the Windows Defender ATP portal to conduct a holistic security investigation across Office 365 mailboxes and Windows machines. +You have the option of enabling displaying of user details and Skype for Business integration. + 1. In the navigation pane, select **Preferences setup** > **Advanced features**. 2. Select the advanced feature you want to configure and toggle the setting between **On** and **Off**. From e3c105aba96e4a690bb20a0155758496a6008c9d Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 8 Jun 2017 14:20:32 -0700 Subject: [PATCH 2/7] add information on user details and skype for b --- ...ced-features-windows-defender-advanced-threat-protection.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index f9f9f7c868..ad4f24a441 100644 --- a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -34,9 +34,10 @@ This feature is only available if you have an active Office 365 E5 or the Threat When you enable this feature, you'll be able to incorporate data from Office 365 Advanced Threat Protection into the Windows Defender ATP portal to conduct a holistic security investigation across Office 365 mailboxes and Windows machines. -You have the option of enabling displaying of user details and Skype for Business integration. +You have the option of enabling displaying of user details and Skype for Business integration. When you enable displaying of user details, you'll be able to see user details such as: picture, name, title, and department information stored in Azure Active Directory (AAD). Enabling the Skype for Business integration gives you the ability to communicate with users using Skype for Business, email, or phone. +## Enable advanced features 1. In the navigation pane, select **Preferences setup** > **Advanced features**. 2. Select the advanced feature you want to configure and toggle the setting between **On** and **Off**. 3. Click **Save preferences**. From 17dd1249c8e44ba599ff37171b9a3ab766e98377 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 8 Jun 2017 14:28:12 -0700 Subject: [PATCH 3/7] udpates --- ...-features-windows-defender-advanced-threat-protection.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index ad4f24a441..5fdf5d8795 100644 --- a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -34,7 +34,11 @@ This feature is only available if you have an active Office 365 E5 or the Threat When you enable this feature, you'll be able to incorporate data from Office 365 Advanced Threat Protection into the Windows Defender ATP portal to conduct a holistic security investigation across Office 365 mailboxes and Windows machines. -You have the option of enabling displaying of user details and Skype for Business integration. When you enable displaying of user details, you'll be able to see user details such as: picture, name, title, and department information stored in Azure Active Directory (AAD). Enabling the Skype for Business integration gives you the ability to communicate with users using Skype for Business, email, or phone. +## Show user details +When you enable this feature, you'll be able to see user details such as: picture, name, title, and department information stored in Azure Active Directory (AAD). These information will be available from the user account details view when investigating user accounts. + +## Skype for Business integration +Enabling the Skype for Business integration gives you the ability to communicate with users using Skype for Business, email, or phone. This can be handy when you need to communicate with the user and mitigate risks. ## Enable advanced features From 446e687cf5b4ed0d4b4142771df3bf4f0c3e3fae Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 8 Jun 2017 15:40:14 -0700 Subject: [PATCH 4/7] updates --- ...ed-features-windows-defender-advanced-threat-protection.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index 5fdf5d8795..83244c7754 100644 --- a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -34,8 +34,8 @@ This feature is only available if you have an active Office 365 E5 or the Threat When you enable this feature, you'll be able to incorporate data from Office 365 Advanced Threat Protection into the Windows Defender ATP portal to conduct a holistic security investigation across Office 365 mailboxes and Windows machines. -## Show user details -When you enable this feature, you'll be able to see user details such as: picture, name, title, and department information stored in Azure Active Directory (AAD). These information will be available from the user account details view when investigating user accounts. +## Azure Active Directory details +When you enable this feature, you'll be able to see user details from Azure Active Directory (AAD) including name, photo, title, and department information. These information will be available from the user account details view when investigating user accounts. ## Skype for Business integration Enabling the Skype for Business integration gives you the ability to communicate with users using Skype for Business, email, or phone. This can be handy when you need to communicate with the user and mitigate risks. From 483243a5643e73e3c9732195372b9fb33a58a896 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 13 Jun 2017 14:40:28 -0700 Subject: [PATCH 5/7] edit based on tomer feedback and updated rel topic --- ...atures-windows-defender-advanced-threat-protection.md | 9 ++++++++- ...ations-windows-defender-advanced-threat-protection.md | 2 ++ ...ttings-windows-defender-advanced-threat-protection.md | 4 +++- ...ttings-windows-defender-advanced-threat-protection.md | 2 ++ 4 files changed, 15 insertions(+), 2 deletions(-) diff --git a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index 83244c7754..a13e3a95dd 100644 --- a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -35,7 +35,12 @@ This feature is only available if you have an active Office 365 E5 or the Threat When you enable this feature, you'll be able to incorporate data from Office 365 Advanced Threat Protection into the Windows Defender ATP portal to conduct a holistic security investigation across Office 365 mailboxes and Windows machines. ## Azure Active Directory details -When you enable this feature, you'll be able to see user details from Azure Active Directory (AAD) including name, photo, title, and department information. These information will be available from the user account details view when investigating user accounts. +When you enable this feature, you'll be able to see user details including name, photo, title, and department information when investigating user account entities. You can find user account information in the following views: +- Dashboard +- Alert queue +- Machine details page + +For more information, see [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection). ## Skype for Business integration Enabling the Skype for Business integration gives you the ability to communicate with users using Skype for Business, email, or phone. This can be handy when you need to communicate with the user and mitigate risks. @@ -50,3 +55,5 @@ Enabling the Skype for Business integration gives you the ability to communicate - [Update general settings in Windows Defender ATP](general-settings-windows-defender-advanced-threat-protection.md) - [Turn on the preview experience in Windows Defender ATP](preview-settings-windows-defender-advanced-threat-protection.md) - [Configure email notifications in Windows Defender ATP](configure-email-notifications-windows-defender-advanced-threat-protection.md) +- [Enable SIEM integration in Windows Defender ATP](enable-siem-integration-windows-defender-advanced-threat-protection.md) +- [Enable the custom threat intelligence API in Windows Defender ATP](enable-custom-ti-windows-defender-advanced-threat-protection.md) diff --git a/windows/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md index 494eb84889..99d2f5b51f 100644 --- a/windows/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md @@ -71,3 +71,5 @@ This section lists various issues that you may encounter when using email notifi - [Update general settings in Windows Defender ATP](general-settings-windows-defender-advanced-threat-protection.md) - [Turn on advanced features in Windows Defender ATP](advanced-features-windows-defender-advanced-threat-protection.md) - [Turn on the preview experience in Windows Defender ATP](preview-settings-windows-defender-advanced-threat-protection.md) +- [Enable SIEM integration in Windows Defender ATP](enable-siem-integration-windows-defender-advanced-threat-protection.md) +- [Enable the custom threat intelligence API in Windows Defender ATP](enable-custom-ti-windows-defender-advanced-threat-protection.md) diff --git a/windows/threat-protection/windows-defender-atp/general-settings-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/general-settings-windows-defender-advanced-threat-protection.md index aca26a9b12..fa66ca420f 100644 --- a/windows/threat-protection/windows-defender-atp/general-settings-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/general-settings-windows-defender-advanced-threat-protection.md @@ -34,5 +34,7 @@ During the onboarding process, a wizard takes you through the general settings o ## Related topics - [Turn on advanced features in Windows Defender ATP](advanced-features-windows-defender-advanced-threat-protection.md) -- [Turn on the preview experience in Windows Defender ATP ](preview-settings-windows-defender-advanced-threat-protection.md) +- [Turn on the preview experience in Windows Defender ATP](preview-settings-windows-defender-advanced-threat-protection.md) - [Configure email notifications in Windows Defender ATP](configure-email-notifications-windows-defender-advanced-threat-protection.md) +- [Enable SIEM integration in Windows Defender ATP](enable-siem-integration-windows-defender-advanced-threat-protection.md) +- [Enable the custom threat intelligence API in Windows Defender ATP](enable-custom-ti-windows-defender-advanced-threat-protection.md) diff --git a/windows/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection.md index 8ae02a81bb..1c4dcb2648 100644 --- a/windows/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection.md @@ -29,3 +29,5 @@ Turn on the preview experience setting to be among the first to try upcoming fea - [Update general settings in Windows Defender ATP](general-settings-windows-defender-advanced-threat-protection.md) - [Turn on advanced features in Windows Defender ATP](advanced-features-windows-defender-advanced-threat-protection.md) - [Configure email notifications in Windows Defender ATP](configure-email-notifications-windows-defender-advanced-threat-protection.md) +- [Enable SIEM integration in Windows Defender ATP](enable-siem-integration-windows-defender-advanced-threat-protection.md) +- [Enable the custom threat intelligence API in Windows Defender ATP](enable-custom-ti-windows-defender-advanced-threat-protection.md) From e20c8898e73f51f83bf07fb017cfb515d392376e Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 5 Jul 2017 12:29:38 -0700 Subject: [PATCH 6/7] update advanced features topics --- ...windows-defender-advanced-threat-protection.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index a13e3a95dd..701b634c7b 100644 --- a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -27,15 +27,10 @@ Turn on the following advanced features to get better protected from potentially ## Block file This feature is only available if your organization uses Windows Defender Antivirus as the active antimalware solution and that the cloud-based protection feature is enabled. -If your organization satisfies this condition, the feature is enabled by default. This feature enables you to block potentially malicious files in your network. This operation will prevent it from being read, written, or executed on machines in your organization. +If your organization satisfies these conditions, the feature is enabled by default. This feature enables you to block potentially malicious files in your network. This operation will prevent it from being read, written, or executed on machines in your organization. -## Office 365 Security Center integration -This feature is only available if you have an active Office 365 E5 or the Threat Intelligence add-on. For more information, see the Office 365 Enterprise E5 product page. - -When you enable this feature, you'll be able to incorporate data from Office 365 Advanced Threat Protection into the Windows Defender ATP portal to conduct a holistic security investigation across Office 365 mailboxes and Windows machines. - -## Azure Active Directory details -When you enable this feature, you'll be able to see user details including name, photo, title, and department information when investigating user account entities. You can find user account information in the following views: +## Show user details +When you enable this feature, you'll be able to see user details stored in Azure Active Directory including a user's picture, name, title, and department information when investigating user account entities. You can find user account information in the following views: - Dashboard - Alert queue - Machine details page @@ -45,6 +40,10 @@ For more information, see [Investigate a user account](investigate-user-windows- ## Skype for Business integration Enabling the Skype for Business integration gives you the ability to communicate with users using Skype for Business, email, or phone. This can be handy when you need to communicate with the user and mitigate risks. +## Office 365 Threat Intelligence connection +This feature is only available if you have an active Office 365 E5 or the Threat Intelligence add-on. For more information, see the Office 365 Enterprise E5 product page. + +When you enable this feature, you'll be able to incorporate data from Office 365 Advanced Threat Protection into the Windows Defender ATP portal to conduct a holistic security investigation across Office 365 mailboxes and Windows machines. ## Enable advanced features 1. In the navigation pane, select **Preferences setup** > **Advanced features**. From 48e65c253a57de716f79a70742d93398af833b3f Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 5 Jul 2017 12:33:05 -0700 Subject: [PATCH 7/7] fix link --- ...nced-features-windows-defender-advanced-threat-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index 701b634c7b..81691de5b0 100644 --- a/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -35,7 +35,7 @@ When you enable this feature, you'll be able to see user details stored in Azure - Alert queue - Machine details page -For more information, see [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection). +For more information, see [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection.md). ## Skype for Business integration Enabling the Skype for Business integration gives you the ability to communicate with users using Skype for Business, email, or phone. This can be handy when you need to communicate with the user and mitigate risks.