From 32a5f088696039194d387c41e3a06408c2cc5719 Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Fri, 16 Feb 2018 13:32:42 -0800
Subject: [PATCH] threat analytics content and updated toc

---
 windows/security/threat-protection/TOC.md     |  1 +
 ...ows-defender-advanced-threat-protection.md | 31 +++++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 windows/security/threat-protection/windows-defender-atp/threat-analytics-windows-defender-advanced-threat-protection.md

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index fdfc93411b..b46b3690ec 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -40,6 +40,7 @@
 #### [Portal overview](windows-defender-atp\portal-overview-windows-defender-advanced-threat-protection.md)
 #### [View the Security operations dashboard](windows-defender-atp\dashboard-windows-defender-advanced-threat-protection.md)
 #### [View the Security analytics dashboard](windows-defender-atp\security-analytics-dashboard-windows-defender-advanced-threat-protection.md)
+#### [Threat analytics](windows-defender-atp\threat-analytics-dashboard-windows-defender-advanced-threat-protection.md)
 
 ###Investigate and remediate threats
 ####Alerts queue
diff --git a/windows/security/threat-protection/windows-defender-atp/threat-analytics-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/threat-analytics-windows-defender-advanced-threat-protection.md
new file mode 100644
index 0000000000..01dfdfbce7
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-atp/threat-analytics-windows-defender-advanced-threat-protection.md
@@ -0,0 +1,31 @@
+---
+title: Windows Defender Advanced Threat Protection Threat analytics
+description: .
+keywords: 
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: high
+ms.date: 11/01/2017
+---
+
+# Windows Defender ATP Threat analytics
+
+**Applies to:**
+
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
+In a volatile security landscape, it's imperative to have the most up-to-date information about threats. More importantly, it's critical to know if your organization is at risk, identify the endpoints that are, and know the steps to take to mitigate it.
+
+Windows Defender ATP Threat analytics is designed to deliver timely information about current security threats. It provides a tailored organizational risk evaluation and specific actionable steps you can take to address risks. 
+
+The dashboard shows tiles and the current status of the endpoints in your organization. The individual tiles show how many endpoints require attention based on the threat and helps you identify where you need to apply OS patches or firmware patches.
+
+## Access Threat analytics
+1. From the navigation pane, select **Dashboards** > **Threat analytics**.
+
+2. Take action based on the areas that have been identified to need attention.