From 337cbb8054eff5d3c219f832d669d61b695928d1 Mon Sep 17 00:00:00 2001
From: Louie Mayor <lomayor@microsoft.com>
Date: Fri, 4 Jan 2019 02:27:26 +0000
Subject: [PATCH] Updated
 threat-protection-reports-windows-defender-advanced-threat-protection.md

---
 ...ows-defender-advanced-threat-protection.md | 20 ++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-atp/threat-protection-reports-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/threat-protection-reports-windows-defender-advanced-threat-protection.md
index 6b35e49a5b..3498146a53 100644
--- a/windows/security/threat-protection/windows-defender-atp/threat-protection-reports-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/threat-protection-reports-windows-defender-advanced-threat-protection.md
@@ -13,6 +13,7 @@ ms.localizationpriority: medium
 ms.date: 11/07/2018
 ---
 
+DRAFT: IGNORE FORMATTING
 
 # Threat protection report in Windows Defender ATP
 
@@ -21,16 +22,12 @@ ms.date: 11/07/2018
 
 [!include[Prerelease information](prerelease.md)]
 
-The threat protection report provides high-level information about alerts generated in your organization. The report provides an overview the detection sources, categories, severity, status, classification, and determination of the alerts accross time over a period of  and a daily view.
+The threat protection report provides high-level information about alerts generated in your organization. The report is an overview of the detection sources, categories, severity, status, classification, and determination of these alerts accross time and the current day.
 
-In general, cards are segregated in a 30-day and daily view.
-[ya] you can also see 6 months backwoard. we should add something like "you can also see 6 months backwards info by using the "Start date for 30-day cards" filter".
-[ya] also, the data is updated to the same date at 1am. maybe it would be good to add this here, what do you think?
+The report provides the following information:
 
-[ya] another things we should add is a note, that the filters are applied for all tiles. and that we have a drill down exprience to the filtered alerts list, using all the marked filters once pressing relevant tiles- hope you understand what I was reffering too :)
 ## Alert detection sources
-This card provides a graphical representation of where alerts are coming from in a 30-day and daily view. Detection sources can include endpoint detection and response (EDR), antivirus, and others.
-
+The different sensors and technologies  alerts are coming from in a 30-day and daily view. Detection sources can include endpoint detection and response (EDR), antivirus, and others.
 
 ## Alerts by categories
 This shows the types of prevalent threats in your organization grouped by alert categories. You'll be able to see the kind of alerts that are most common in your organization and make decisions on where action is most needed. 
@@ -43,6 +40,15 @@ Identify how many alerts are categorized as high, medium, or low over a 30-day o
 You can apply the following filters to get a more focused view on the cards.
 [ya] just saw this, maybe we should add this on the top of the page?
 
+
+In general, cards are segregated in a 30-day and daily view.
+[ya] you can also see 6 months backwoard. we should add something like "you can also see 6 months backwards info by using the "Start date for 30-day cards" filter".
+[ya] also, the data is updated to the same date at 1am. maybe it would be good to add this here, what do you think?
+
+[ya] another things we should add is a note, that the filters are applied for all tiles. and that we have a drill down exprience to the filtered alerts list, using all the marked filters once pressing relevant tiles- hope you understand what I was reffering too :)
+
+
+
 ### Start date for 30-day cards
 Select the start date for the 30-day cards.