deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 10:53:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

update auto inv os support

Browse Source
This commit is contained in:
Joey Caparas
2018-05-02 12:56:06 -07:00
parent ce48d442c1
commit 34d4471168
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md
View File

@ -36,8 +36,10 @@ The Automated investigations list shows all the investigations that have been in
## Understand the Automated investigation flow
### How the Automated investigation starts
Entities are the starting point for Automated investigations. When an alert contains a supported entity for Automated investigation (for example, a file) that resides on a machine that has a *supported operating system for Automated investigation then an Automated investigation can start.
*Currently only Windows 10 version 1803 (spring creators update) and above are supported operating systems for Autoamted Investigation
Entities are the starting point for Automated investigations. When an alert contains a supported entity for Automated investigation (for example, a file) that resides on a machine that has a supported operating system for Automated investigation then an Automated investigation can start.
>[!NOTE]
>Currently, Automated investigation only supports Windows 10, version 1803 or later.
The alerts start by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view.