deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 21:03:42 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Updated threat-protection-reports-windows-defender-advanced-threat-protection.md

Browse Source
This commit is contained in:
Louie Mayor
2019-01-04 02:27:26 +00:00
parent 723583a15a
commit 337cbb8054
1 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
windows/security/threat-protection/windows-defender-atp/threat-protection-reports-windows-defender-advanced-threat-protection.md
View File

@ -13,6 +13,7 @@ ms.localizationpriority: medium
ms.date: 11/07/2018
---
DRAFT: IGNORE FORMATTING
# Threat protection report in Windows Defender ATP
@ -21,16 +22,12 @@ ms.date: 11/07/2018
[!include[Prerelease information](prerelease.md)]
The threat protection report provides high-level information about alerts generated in your organization. The report provides an overview the detection sources, categories, severity, status, classification, and determination of the alerts accross time over a period of and a daily view.
The threat protection report provides high-level information about alerts generated in your organization. The report is an overview of the detection sources, categories, severity, status, classification, and determination of these alerts accross time and the current day.
In general, cards are segregated in a 30-day and daily view.
[ya] you can also see 6 months backwoard. we should add something like "you can also see 6 months backwards info by using the "Start date for 30-day cards" filter".
[ya] also, the data is updated to the same date at 1am. maybe it would be good to add this here, what do you think?
The report provides the following information:
[ya] another things we should add is a note, that the filters are applied for all tiles. and that we have a drill down exprience to the filtered alerts list, using all the marked filters once pressing relevant tiles- hope you understand what I was reffering too :)
## Alert detection sources
This card provides a graphical representation of where alerts are coming from in a 30-day and daily view. Detection sources can include endpoint detection and response (EDR), antivirus, and others.
The different sensors and technologies alerts are coming from in a 30-day and daily view. Detection sources can include endpoint detection and response (EDR), antivirus, and others.
## Alerts by categories
This shows the types of prevalent threats in your organization grouped by alert categories. You'll be able to see the kind of alerts that are most common in your organization and make decisions on where action is most needed.
@ -43,6 +40,15 @@ Identify how many alerts are categorized as high, medium, or low over a 30-day o
You can apply the following filters to get a more focused view on the cards.
[ya] just saw this, maybe we should add this on the top of the page?
In general, cards are segregated in a 30-day and daily view.
[ya] you can also see 6 months backwoard. we should add something like "you can also see 6 months backwards info by using the "Start date for 30-day cards" filter".
[ya] also, the data is updated to the same date at 1am. maybe it would be good to add this here, what do you think?
[ya] another things we should add is a note, that the filters are applied for all tiles. and that we have a drill down exprience to the filtered alerts list, using all the marked filters once pressing relevant tiles- hope you understand what I was reffering too :)
### Start date for 30-day cards
Select the start date for the 30-day cards.