diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 2dfa98c412..d8095c6843 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -1,6 +1,436 @@ { "redirections": [ { +"source_path": "windows/security/threat-protection/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/add-rules-for-packaged-apps-to-existing-applocker-rule-set", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/administer-applocker-using-mdm.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker-using-mdm", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/administer-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/applocker-architecture-and-components.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-architecture-and-components", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/applocker-functions.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-functions", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/applocker-overview.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/applocker-policies-deployment-guide.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/applocker-policies-design-guide.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-design-guide", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/applocker-policy-use-scenarios.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policy-use-scenarios", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/applocker-processes-and-interactions.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-processes-and-interactions", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/applocker-settings.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-settings", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/applocker-technical-reference.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-technical-reference", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/configure-an-applocker-policy-for-audit-only.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-audit-only", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/configure-an-applocker-policy-for-enforce-rules.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-an-applocker-policy-for-enforce-rules", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/configure-exceptions-for-an-applocker-rule.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-exceptions-for-an-applocker-rule", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/configure-the-application-identity-service.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-application-identity-service", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/configure-the-appLocker-reference-device.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/configure-the-appLocker-reference-device", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/create-a-rule-for-packaged-apps.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-for-packaged-apps", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/create-a-rule-that-uses-a-file-hash-condition.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-file-hash-condition", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/create-a-rule-that-uses-a-path-condition.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-path-condition", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/create-a-rule-that-uses-a-publisher-condition.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-a-rule-that-uses-a-publisher-condition", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/create-applocker-default-rules.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-applocker-default-rules", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/create-list-of-applications-deployed-to-each-business-group.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-list-of-applications-deployed-to-each-business-group", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/create-your-applocker-policies.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-policies", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/create-your-applocker-rules.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/create-your-applocker-rules", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/delete-an-applocker-rule.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/delete-an-applocker-rule", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-applocker-policies-by-using-the-enforce-rules-setting", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/deploy-the-applocker-policy-into-production.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/deploy-the-applocker-policy-into-production", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/determine-group-policy-structure-and-rule-enforcement.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/determine-group-policy-structure-and-rule-enforcement", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/determine-which-applications-are-digitally-signed-on-a-reference-computer", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/determine-your-application-control-objectives.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/determine-your-application-control-objectives", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/display-a-custom-url-message-when-users-try-to-run-a-blocked-application", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/dll-rules-in-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/dll-rules-in-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/document-group-policy-structure-and-applocker-rule-enforcement.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/document-group-policy-structure-and-applocker-rule-enforcement", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/document-your-application-list.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-application-list", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/document-your-applocker-rules.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/document-your-applocker-rules", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/edit-an-applocker-policy.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/edit-an-applocker-policy", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/edit-applocker-rules.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/edit-applocker-rules", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/enable-the-dll-rule-collection.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/enable-the-dll-rule-collection", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/enforce-applocker-rules.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/enforce-applocker-rules", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/executable-rules-in-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/executable-rules-in-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/export-an-applocker-policy-from-a-gpo.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-from-a-gpo", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/export-an-applocker-policy-to-an-xml-file.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/export-an-applocker-policy-to-an-xml-file", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/how-applocker-works-techref.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/how-applocker-works-techref", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/import-an-applocker-policy-from-another-computer.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-from-another-computer", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/import-an-applocker-policy-into-a-gpo.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/import-an-applocker-policy-into-a-gpo", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/maintain-applocker-policies.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/maintain-applocker-policies", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/manage-packaged-apps-with-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/manage-packaged-apps-with-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/merge-applocker-policies-by-using-set-applockerpolicy.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-by-using-set-applockerpolicy", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/merge-applocker-policies-manually.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/merge-applocker-policies-manually", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/monitor-application-usage-with-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/monitor-application-usage-with-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/optimize-applocker-performance.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/optimize-applocker-performance", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/packaged-apps-and-packaged-app-installer-rules-in-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/plan-for-applocker-policy-management.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/plan-for-applocker-policy-management", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/refresh-an-applocker-policy.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/refresh-an-applocker-policy", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/requirements-for-deploying-applocker-policies.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-for-deploying-applocker-policies", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/requirements-to-use-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/run-the-automatically-generate-rules-wizard.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/run-the-automatically-generate-rules-wizard", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/script-rules-in-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/script-rules-in-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/security-considerations-for-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/security-considerations-for-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/select-types-of-rules-to-create.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/select-types-of-rules-to-create", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/test-an-applocker-policy-by-using-test-applockerpolicy.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/test-an-applocker-policy-by-using-test-applockerpolicy", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/test-and-update-an-applocker-policy.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/test-and-update-an-applocker-policy", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/tools-to-use-with-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/tools-to-use-with-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understand-applocker-enforcement-settings.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-enforcement-settings", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understand-applocker-policy-design-decisions.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-policy-design-decisions", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-applocker-rules-and-enforcement-setting-inheritance-in-group-policy", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understand-the-applocker-policy-deployment-process.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understand-the-applocker-policy-deployment-process", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understanding-applocker-allow-and-deny-actions-on-rules.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-allow-and-deny-actions-on-rules", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understanding-applocker-default-rules.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-default-rules", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-behavior.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-behavior", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-collections.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-collections", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-condition-types.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-condition-types", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understanding-applocker-rule-exceptions.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-applocker-rule-exceptions", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understanding-the-file-hash-rule-condition-in-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-file-hash-rule-condition-in-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understanding-the-path-rule-condition-in-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-path-rule-condition-in-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/understanding-the-publisher-rule-condition-in-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/understanding-the-publisher-rule-condition-in-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/use-applocker-and-software-restriction-policies-in-the-same-domain", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/use-the-applocker-windows-powershell-cmdlets.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/use-the-applocker-windows-powershell-cmdlets", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/using-event-viewer-with-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/using-software-restriction-policies-and-applocker-policies.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/using-software-restriction-policies-and-applocker-policies", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/what-is-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/what-is-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/windows-installer-rules-in-applocker.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/windows-installer-rules-in-applocker", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/working-with-applocker-policies.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-policies", +"redirect_document_id": true +}, +{ +"source_path": "windows/security/threat-protection/applocker/working-with-applocker-rules.md", +"redirect_url": "/windows/security/threat-protection/windows-defender-application-control/applocker/working-with-applocker-rules", +"redirect_document_id": true +}, +{ "source_path": "windows/security/threat-protection/device-guard/requirements-and-deployment-planning-guidelines-for-device-guard.md", "redirect_url": "/windows/security/threat-protection/windows-defender-exploit-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity", "redirect_document_id": true diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md index 9b31c6322f..aa3591630f 100644 --- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md +++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md @@ -509,7 +509,7 @@ If you set this policy, the GroupID policy will be ignored. The options set in this policy only apply to Group (2) download mode. If Group (2) isn't set as Download mode, this policy will be ignored. -For option 4 - DHCP Option ID, the client will query DHCP Option ID 234 and use the returned GUID value as the Group ID. +For option 3 - DHCP Option ID, the client will query DHCP Option ID 234 and use the returned GUID value as the Group ID. diff --git a/windows/configuration/provisioning-packages/provisioning-how-it-works.md b/windows/configuration/provisioning-packages/provisioning-how-it-works.md index 1e514987ed..02b9e7e88b 100644 --- a/windows/configuration/provisioning-packages/provisioning-how-it-works.md +++ b/windows/configuration/provisioning-packages/provisioning-how-it-works.md @@ -53,7 +53,7 @@ When multiple provisioning packages are available for device provisioning, the c The valid value range of package rank level is 0 to 99. -When setting conflicts are encountered, the final values provisioned on the device are determined by the owner type precedence and the rank level of the packages containing the settings. For example, the value of a setting in a package with owner **System Integrator** and rank level **3** takes precedence over the same setting in a package with owner **OEM** and rank level **4**. This is because the System Integrator owner type has the higher precedence over the OEM owner type. For packages with the same owner type, the package rank level determines the package from which the setting values get provisioned on the device. +When setting conflicts are encountered, the final values provisioned on the device are determined by the owner type precedence and the rank level of the packages containing the settings. For packages with the same owner type, the package rank level determines the package from which the setting values get provisioned on the device. ## Windows provisioning XML diff --git a/windows/deployment/change-history-for-deploy-windows-10.md b/windows/deployment/change-history-for-deploy-windows-10.md index 5f48b4eb49..f189dd0f7c 100644 --- a/windows/deployment/change-history-for-deploy-windows-10.md +++ b/windows/deployment/change-history-for-deploy-windows-10.md @@ -12,6 +12,12 @@ ms.date: 11/08/2017 # Change history for Deploy Windows 10 This topic lists new and updated topics in the [Deploy Windows 10](https://docs.microsoft.com/en-us/windows/deployment) documentation for [Windows 10 and Windows 10 Mobile](/windows/windows-10). +## April 2018 + +New or changed topic | Description +--- | --- +[Install VAMT](volume-activation/install-vamt.md) | Updated the instructions and link for SQL Server Express. + ## November 2017 New or changed topic | Description diff --git a/windows/deployment/volume-activation/install-vamt.md b/windows/deployment/volume-activation/install-vamt.md index 1fb488e7ea..a6feddf84d 100644 --- a/windows/deployment/volume-activation/install-vamt.md +++ b/windows/deployment/volume-activation/install-vamt.md @@ -8,7 +8,7 @@ ms.sitesec: library ms.pagetype: activation author: jdeckerms ms.localizationpriority: high -ms.date: 07/27/2017 +ms.date: 04/25/2018 --- # Install VAMT @@ -19,23 +19,20 @@ This topic describes how to install the Volume Activation Management Tool (VAMT) You can install VAMT as part of the [Windows Assessment and Deployment Kit (ADK)](https://go.microsoft.com/fwlink/p/?LinkId=526740) for Windows 10. -**Important**   -VAMT requires local administrator privileges on all managed computers in order to deposit confirmation IDs (CIDs), get the client products’ license status, and install product keys. If VAMT is being used to manage products and product keys on the local host computer and you do not have administrator privileges, start VAMT with elevated privileges. For Active Directory-Based Activation use, for best results we recommend running VAMT while logged on as a domain administrator.  +>[!IMPORTANT]   +>VAMT requires local administrator privileges on all managed computers in order to deposit confirmation IDs (CIDs), get the client products’ license status, and install product keys. If VAMT is being used to manage products and product keys on the local host computer and you do not have administrator privileges, start VAMT with elevated privileges. For Active Directory-Based Activation use, for best results we recommend running VAMT while logged on as a domain administrator.  -**Note**   -The VAMT Microsoft Management Console snap-in ships as an x86 package. +>[!NOTE]   +>The VAMT Microsoft Management Console snap-in ships as an x86 package. -After you install VAMT, if you have a computer information list (CIL) that was created in a previous version of VAMT, you must import the list into a SQL database. If you do not have SQL installed, you can download a free copy of Microsoft SQL Server Express and create a new database into which you can import the CIL. To install SQL Server Express: +To install SQL Server Express: 1. Install the Windows ADK. -2. Ensure that **Volume Activation Management Tool** and **Microsoft® SQL Server® 2012 Express** are selected to be installed. +2. Ensure that **Volume Activation Management Tool** is selected to be installed. 3. Click **Install**. ## Select a Database -**Using a SQL database installed during ADK setup** -If SQL Server 2012 Express was installed during ADK setup, the default database name will be **ADK**.By default, VAMT is configure to use a SQL database that is installed on the local machine during ADK setup and displays the server name as **.\\ADK**. If the SQL database was installed on another machine, you must configure the database to allow remote connections and you must provide the corresponding server name. If a new VAMT database needs to be created, provide a name for the new database. - -**Using a SQL database installed outside of ADK setup** +VAMT requires a SQL database. After you install VAMT, if you have a computer information list (CIL) that was created in a previous version of VAMT, you must import the list into a SQL database. If you do not have SQL installed, you can [download a free copy of Microsoft SQL Server Express](https://www.microsoft.com/sql-server/sql-server-editions-express) and create a new database into which you can import the CIL. You must configure SQL installation to allow remote connections and you must provide the corresponding server name in the format: *Machine Name\\SQL Server Name*. If a new VAMT database needs to be created, provide a name for the new database. diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 4e889eb5ff..45f6882afe 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -189,6 +189,7 @@ ##### [Enable and create Power BI reports using Windows Defender ATP data](windows-defender-atp\powerbi-reports-windows-defender-advanced-threat-protection.md) ##### [Enable Secure score security controls](windows-defender-atp\enable-secure-score-windows-defender-advanced-threat-protection.md) ##### [Configure advanced features](windows-defender-atp\advanced-features-windows-defender-advanced-threat-protection.md) +##### [Protect data with conditional access](windows-defender-atp\conditional-access-windows-defender-advanced-threat-protection.md) ####Permissions ##### [Manage portal access using RBAC](windows-defender-atp\rbac-windows-defender-advanced-threat-protection.md) @@ -294,6 +295,9 @@ #### [Enable Exploit protection](windows-defender-exploit-guard\enable-exploit-protection.md) #### [Customize Exploit protection](windows-defender-exploit-guard\customize-exploit-protection.md) ##### [Import, export, and deploy Exploit protection configurations](windows-defender-exploit-guard\import-export-exploit-protection-emet-xml.md) +#### [Memory integrity](windows-defender-exploit-guard/memory-integrity.md) +##### [Requirements and deployment planning guidelines for virtualization-based protection of code integrity](windows-defender-exploit-guard/requirements-and-deployment-planning-guidelines-for-virtualization-based-protection-of-code-integrity.md) +##### [Enable virtualization-based protection of code integrity](windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md) ### [Attack surface reduction](windows-defender-exploit-guard\attack-surface-reduction-exploit-guard.md) #### [Evaluate Attack surface reduction](windows-defender-exploit-guard\evaluate-attack-surface-reduction.md) #### [Enable Attack surface reduction](windows-defender-exploit-guard\enable-attack-surface-reduction.md) diff --git a/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md b/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md index 6d1f3ebae2..4d96519ca3 100644 --- a/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md +++ b/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md @@ -38,13 +38,11 @@ But configurable CI carries no specific hardware or software requirements other Since the initial release of Windows 10, the world has witnessed numerous hacking and malware attacks where application control alone could have prevented the attack altogether. So we are promoting configurable CI within our security stack and giving it a name of its own: [Windows Defender Application Control](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control). We hope this branding change will help us better communicate options for adopting application control within an organization. -Does this mean Windows Defender Device Guard is going away? Not at all. Device Guard will continue to exist as a way to describe the fully locked down state achieved through the use of Windows Defender Application Control (WDAC), [HVCI](https://docs.microsoft.com/windows/security/threat-protection/enable-virtualization-based-protection-of-code-integrity), and hardware and firmware security features. It also allows us to work with our OEM partners to identify specifications for devices that are “Device Guard capable” so that our joint customers can easily purchase devices that meet all of the hardware and firmware requirements of the original Device Guard scenario. +Does this mean Windows Defender Device Guard is going away? Not at all. Device Guard will continue to exist as a way to describe the fully locked down state achieved through the use of Windows Defender Application Control (WDAC), HVCI, and hardware and firmware security features. It also allows us to work with our OEM partners to identify specifications for devices that are “Device Guard capable” so that our joint customers can easily purchase devices that meet all of the hardware and firmware requirements of the original Device Guard scenario. ## Related topics -- [Windows Defender Application Control](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control) - -- [HVCI](https://docs.microsoft.com/windows/security/threat-protection/enable-virtualization-based-protection-of-code-integrity) +[Windows Defender Application Control](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control) [Dropping the Hammer Down on Malware Threats with Windows 10’s Windows Defender Device Guard](https://channel9.msdn.com/Events/Ignite/2015/BRK2336) diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md index 836e7211f6..6644912c09 100644 --- a/windows/security/threat-protection/windows-defender-application-control/TOC.md +++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md @@ -29,8 +29,6 @@ #### [Signing WDAC policies with SignTool.exe](signing-policies-with-signtool.md) ### [Disable WDAC policies](disable-windows-defender-application-control-policies.md) -## [Windows Defender Application Control and AppLocker](windows-defender-application-control-and-applocker.md) - ## [AppLocker](applocker\applocker-overview.md) ### [Administer AppLocker](applocker\administer-applocker.md) #### [Maintain AppLocker policies](applocker\maintain-applocker-policies.md) diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-and-applocker.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-and-applocker.md deleted file mode 100644 index 241de1c37b..0000000000 --- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-and-applocker.md +++ /dev/null @@ -1,19 +0,0 @@ ---- -title: Windows Defender Application Control and AppLocker (Windows 10) -description: Windows Defender Application Control and AppLocker. -ms.assetid: 8d6e0474-c475-411b-b095-1c61adb2bdbb -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -author: jsuther1974 -ms.date: 01/24/2018 ---- - -# Windows Defender Application Control and AppLocker - -**Applies to:** - -- Windows 10 -- Windows Server 2016 - diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md index d14024b3df..c46a4ebe2d 100644 --- a/windows/security/threat-protection/windows-defender-atp/TOC.md +++ b/windows/security/threat-protection/windows-defender-atp/TOC.md @@ -1,173 +1,200 @@ # [Windows Defender Advanced Threat Protection](windows-defender-advanced-threat-protection.md) - ##Get started -## [Minimum requirements](minimum-requirements-windows-defender-advanced-threat-protection.md) -## [Validate licensing and complete setup](licensing-windows-defender-advanced-threat-protection.md) -## [Troubleshoot subscription and portal access issues](troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md) -## [Preview features](preview-windows-defender-advanced-threat-protection.md) -## [Data storage and privacy](data-storage-privacy-windows-defender-advanced-threat-protection.md) -## [Assign user access to the portal](assign-portal-access-windows-defender-advanced-threat-protection.md) -## [Onboard endpoints and set up access](onboard-configure-windows-defender-advanced-threat-protection.md) -## [Configure client endpoints](configure-endpoints-windows-defender-advanced-threat-protection.md) -### [Configure endpoints using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md) -### [Configure endpoints using System Center Configuration Manager](configure-endpoints-sccm-windows-defender-advanced-threat-protection.md) -### [Configure endpoints using Mobile Device Management tools](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md) -#### [Configure endpoints using Microsoft Intune](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md#configure-endpoints-using-microsoft-intune) -### [Configure endpoints using a local script](configure-endpoints-script-windows-defender-advanced-threat-protection.md) -### [Configure non-persistent virtual desktop infrastructure (VDI) machines](configure-endpoints-vdi-windows-defender-advanced-threat-protection.md) -## [Configure server endpoints](configure-server-endpoints-windows-defender-advanced-threat-protection.md) -## [Configure non-Windows endpoints](configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md) -## [Run a detection test on a newly onboarded endpoint](run-detection-test-windows-defender-advanced-threat-protection.md) -## [Configure proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md) -## [Troubleshoot onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) +### [Minimum requirements](minimum-requirements-windows-defender-advanced-threat-protection.md) +### [Validate licensing and complete setup](licensing-windows-defender-advanced-threat-protection.md) +### [Troubleshoot subscription and portal access issues](troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md) +### [Preview features](preview-windows-defender-advanced-threat-protection.md) +### [Data storage and privacy](data-storage-privacy-windows-defender-advanced-threat-protection.md) +### [Assign user access to the portal](assign-portal-access-windows-defender-advanced-threat-protection.md) +## [Onboard machines](onboard-configure-windows-defender-advanced-threat-protection.md) +### [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md) +#### [Onboard machines using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md) +#### [Onboard machines using System Center Configuration Manager](configure-endpoints-sccm-windows-defender-advanced-threat-protection.md) +#### [Onboard machines using Mobile Device Management tools](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md) +##### [Onboard machines using Microsoft Intune](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md#onboard-windows-10-machines-using-microsoft-intune) +#### [Onboard machines using a local script](configure-endpoints-script-windows-defender-advanced-threat-protection.md) +#### [Onboard non-persistent virtual desktop infrastructure (VDI) machines](configure-endpoints-vdi-windows-defender-advanced-threat-protection.md) +### [Onboard servers](configure-server-endpoints-windows-defender-advanced-threat-protection.md) +### [Onboard non-Windows machines](configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md) +### [Run a detection test on a newly onboarded machine](run-detection-test-windows-defender-advanced-threat-protection.md) +### [Run simulated attacks on machines](attack-simulations-windows-defender-advanced-threat-protection.md) +### [Configure proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md) +### [Troubleshoot onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) ## [Understand the Windows Defender ATP portal](use-windows-defender-advanced-threat-protection.md) -## [Portal overview](portal-overview-windows-defender-advanced-threat-protection.md) -## [View the Security operations dashboard](dashboard-windows-defender-advanced-threat-protection.md) -## [View the Security analytics dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md) +### [Portal overview](portal-overview-windows-defender-advanced-threat-protection.md) +### [View the Security operations dashboard](security-operations-dashboard-windows-defender-advanced-threat-protection.md) +### [View the Secure Score dashboard and improve your secure score](secure-score-dashboard-windows-defender-advanced-threat-protection.md) +### [View the Threat analytics dashboard and take recommended mitigation actions](threat-analytics-dashboard-windows-defender-advanced-threat-protection.md) ##Investigate and remediate threats -##Alerts queue -### [View and organize the Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md) -### [Manage alerts](manage-alerts-windows-defender-advanced-threat-protection.md) -### [Investigate alerts](investigate-alerts-windows-defender-advanced-threat-protection.md) -### [Investigate files](investigate-files-windows-defender-advanced-threat-protection.md) -### [Investigate machines](investigate-machines-windows-defender-advanced-threat-protection.md) -### [Investigate an IP address](investigate-ip-windows-defender-advanced-threat-protection.md) -### [Investigate a domain](investigate-domain-windows-defender-advanced-threat-protection.md) -### [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection.md) - -##Machines list -### [View and organize the Machines list](machines-view-overview-windows-defender-advanced-threat-protection.md) -### [Manage machine group and tags](investigate-machines-windows-defender-advanced-threat-protection.md#manage-machine-group-and-tags) -### [Alerts related to this machine](investigate-machines-windows-defender-advanced-threat-protection.md#alerts-related-to-this-machine) -### [Machine timeline](investigate-machines-windows-defender-advanced-threat-protection.md#machine-timeline) -#### [Search for specific events](investigate-machines-windows-defender-advanced-threat-protection.md#search-for-specific-events) -#### [Filter events from a specific date](investigate-machines-windows-defender-advanced-threat-protection.md#filter-events-from-a-specific-date) -#### [Export machine timeline events](investigate-machines-windows-defender-advanced-threat-protection.md#export-machine-timeline-events) -#### [Navigate between pages](investigate-machines-windows-defender-advanced-threat-protection.md#navigate-between-pages) +###Alerts queue +#### [View and organize the Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md) +#### [Manage alerts](manage-alerts-windows-defender-advanced-threat-protection.md) +#### [Investigate alerts](investigate-alerts-windows-defender-advanced-threat-protection.md) +#### [Investigate files](investigate-files-windows-defender-advanced-threat-protection.md) +#### [Investigate machines](investigate-machines-windows-defender-advanced-threat-protection.md) +#### [Investigate an IP address](investigate-ip-windows-defender-advanced-threat-protection.md) +#### [Investigate a domain](investigate-domain-windows-defender-advanced-threat-protection.md) +#### [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection.md) -## [Take response actions](response-actions-windows-defender-advanced-threat-protection.md) -### [Take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) -#### [Collect investigation package](respond-machine-alerts-windows-defender-advanced-threat-protection.md#collect-investigation-package-from-machines) -### [Run antivirus scan](respond-machine-alerts-windows-defender-advanced-threat-protection.md#run-windows-defender-antivirus-scan-on-machines) -### [Restrict app execution](respond-machine-alerts-windows-defender-advanced-threat-protection.md#restrict-app-execution) -### [Remove app restriction](respond-machine-alerts-windows-defender-advanced-threat-protection.md#remove-app-restriction) -### [Isolate machines from the network](respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network) -### [Release machine from isolation](respond-machine-alerts-windows-defender-advanced-threat-protection.md#release-machine-from-isolation) -### [Check activity details in Action center](respond-machine-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center) -### [Take response actions on a file](respond-file-alerts-windows-defender-advanced-threat-protection.md) -### [Stop and quarantine files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#stop-and-quarantine-files-in-your-network) -### [Remove file from quarantine](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-quarantine) -### [Block files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#block-files-in-your-network) -### [Remove file from blocked list](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-blocked-list) -### [Check activity details in Action center](respond-file-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center) -### [Deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#deep-analysis) -#### [Submit files for analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#submit-files-for-analysis) -#### [View deep analysis reports](respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports) -#### [Troubleshoot deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis) + + +###Machines list +#### [View and organize the Machines list](machines-view-overview-windows-defender-advanced-threat-protection.md) +#### [Manage machine group and tags](investigate-machines-windows-defender-advanced-threat-protection.md#manage-machine-group-and-tags) +#### [Alerts related to this machine](investigate-machines-windows-defender-advanced-threat-protection.md#alerts-related-to-this-machine) +#### [Machine timeline](investigate-machines-windows-defender-advanced-threat-protection.md#machine-timeline) +##### [Search for specific events](investigate-machines-windows-defender-advanced-threat-protection.md#search-for-specific-events) +##### [Filter events from a specific date](investigate-machines-windows-defender-advanced-threat-protection.md#filter-events-from-a-specific-date) +##### [Export machine timeline events](investigate-machines-windows-defender-advanced-threat-protection.md#export-machine-timeline-events) +##### [Navigate between pages](investigate-machines-windows-defender-advanced-threat-protection.md#navigate-between-pages) + + +### [Take response actions](response-actions-windows-defender-advanced-threat-protection.md) +#### [Take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) +##### [Collect investigation package](respond-machine-alerts-windows-defender-advanced-threat-protection.md#collect-investigation-package-from-machines) +##### [Run antivirus scan](respond-machine-alerts-windows-defender-advanced-threat-protection.md#run-windows-defender-antivirus-scan-on-machines) +##### [Restrict app execution](respond-machine-alerts-windows-defender-advanced-threat-protection.md#restrict-app-execution) +##### [Remove app restriction](respond-machine-alerts-windows-defender-advanced-threat-protection.md#remove-app-restriction) +##### [Isolate machines from the network](respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network) +##### [Release machine from isolation](respond-machine-alerts-windows-defender-advanced-threat-protection.md#release-machine-from-isolation) +##### [Check activity details in Action center](respond-machine-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center) +#### [Take response actions on a file](respond-file-alerts-windows-defender-advanced-threat-protection.md) +##### [Stop and quarantine files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#stop-and-quarantine-files-in-your-network) +##### [Remove file from quarantine](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-quarantine) +##### [Block files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#block-files-in-your-network) +##### [Remove file from blocked list](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-blocked-list) +##### [Check activity details in Action center](respond-file-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center) +##### [Deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#deep-analysis) +###### [Submit files for analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#submit-files-for-analysis) +###### [View deep analysis reports](respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports) +###### [Troubleshoot deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis) + +### [Use Automated investigation to investigate and remediate threats](automated-investigations-windows-defender-advanced-threat-protection.md) +### [Query data using Advanced hunting](advanced-hunting-windows-defender-advanced-threat-protection.md) +#### [Advanced hunting reference](advanced-hunting-reference-windows-defender-advanced-threat-protection.md) +#### [Advanced hunting query language best practices](advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md) ##API and SIEM support -## [Pull alerts to your SIEM tools](configure-siem-windows-defender-advanced-threat-protection.md) -### [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md) -### [Configure Splunk to pull alerts](configure-splunk-windows-defender-advanced-threat-protection.md) -### [Configure HP ArcSight to pull alerts](configure-arcsight-windows-defender-advanced-threat-protection.md) -### [Windows Defender ATP alert API fields](api-portal-mapping-windows-defender-advanced-threat-protection.md) -### [Pull alerts using REST API](pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md) -### [Troubleshoot SIEM tool integration issues](troubleshoot-siem-windows-defender-advanced-threat-protection.md) +### [Pull alerts to your SIEM tools](configure-siem-windows-defender-advanced-threat-protection.md) +#### [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md) +#### [Configure Splunk to pull alerts](configure-splunk-windows-defender-advanced-threat-protection.md) +#### [Configure HP ArcSight to pull alerts](configure-arcsight-windows-defender-advanced-threat-protection.md) +#### [Windows Defender ATP alert API fields](api-portal-mapping-windows-defender-advanced-threat-protection.md) +#### [Pull alerts using REST API](pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md) +#### [Troubleshoot SIEM tool integration issues](troubleshoot-siem-windows-defender-advanced-threat-protection.md) -## [Use the threat intelligence API to create custom alerts](use-custom-ti-windows-defender-advanced-threat-protection.md) -### [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md) -### [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md) -### [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md) -### [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md) -### [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md) -### [Experiment with custom threat intelligence alerts](experiment-custom-ti-windows-defender-advanced-threat-protection.md) -### [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md) -## [Use the Windows Defender ATP exposed APIs](exposed-apis-windows-defender-advanced-threat-protection.md) -### [Supported Windows Defender ATP APIs](supported-apis-windows-defender-advanced-threat-protection.md) -###Actor -#### [Get actor information](get-actor-information-windows-defender-advanced-threat-protection.md) -#### [Get actor related alerts](get-actor-related-alerts-windows-defender-advanced-threat-protection.md) -###Alerts -#### [Get alerts](get-alerts-windows-defender-advanced-threat-protection.md) -#### [Get alert information by ID](get-alert-info-by-id-windows-defender-advanced-threat-protection.md) -#### [Get alert related actor information](get-alert-related-actor-info-windows-defender-advanced-threat-protection.md) -#### [Get alert related domain information](get-alert-related-domain-info-windows-defender-advanced-threat-protection.md) -#### [Get alert related file information](get-alert-related-files-info-windows-defender-advanced-threat-protection.md) -#### [Get alert related IP information](get-alert-related-ip-info-windows-defender-advanced-threat-protection.md) -#### [Get alert related machine information](get-alert-related-machine-info-windows-defender-advanced-threat-protection.md) -###Domain -#### [Get domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection.md) -#### [Get domain related machines](get-domain-related-machines-windows-defender-advanced-threat-protection.md) -#### [Get domain statistics](get-domain-statistics-windows-defender-advanced-threat-protection.md) -#### [Is domain seen in organization](is-domain-seen-in-org-windows-defender-advanced-threat-protection.md) +### [Use the threat intelligence API to create custom alerts](use-custom-ti-windows-defender-advanced-threat-protection.md) +#### [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md) +#### [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md) +#### [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md) +#### [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md) +#### [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md) +#### [Experiment with custom threat intelligence alerts](experiment-custom-ti-windows-defender-advanced-threat-protection.md) +#### [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md) +### [Use the Windows Defender ATP exposed APIs](exposed-apis-windows-defender-advanced-threat-protection.md) +#### [Supported Windows Defender ATP APIs](supported-apis-windows-defender-advanced-threat-protection.md) +#####Actor +###### [Get actor information](get-actor-information-windows-defender-advanced-threat-protection.md) +###### [Get actor related alerts](get-actor-related-alerts-windows-defender-advanced-threat-protection.md) +#####Alerts +###### [Get alerts](get-alerts-windows-defender-advanced-threat-protection.md) +###### [Get alert information by ID](get-alert-info-by-id-windows-defender-advanced-threat-protection.md) +###### [Get alert related actor information](get-alert-related-actor-info-windows-defender-advanced-threat-protection.md) +###### [Get alert related domain information](get-alert-related-domain-info-windows-defender-advanced-threat-protection.md) +###### [Get alert related file information](get-alert-related-files-info-windows-defender-advanced-threat-protection.md) +###### [Get alert related IP information](get-alert-related-ip-info-windows-defender-advanced-threat-protection.md) +###### [Get alert related machine information](get-alert-related-machine-info-windows-defender-advanced-threat-protection.md) +#####Domain +###### [Get domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection.md) +###### [Get domain related machines](get-domain-related-machines-windows-defender-advanced-threat-protection.md) +###### [Get domain statistics](get-domain-statistics-windows-defender-advanced-threat-protection.md) +###### [Is domain seen in organization](is-domain-seen-in-org-windows-defender-advanced-threat-protection.md) -###File -#### [Block file API](block-file-windows-defender-advanced-threat-protection.md) -#### [Get file information](get-file-information-windows-defender-advanced-threat-protection.md) -#### [Get file related alerts](get-file-related-alerts-windows-defender-advanced-threat-protection.md) -#### [Get file related machines](get-file-related-machines-windows-defender-advanced-threat-protection.md) -#### [Get file statistics](get-file-statistics-windows-defender-advanced-threat-protection.md) -#### [Get FileActions collection API](get-fileactions-collection-windows-defender-advanced-threat-protection.md) -#### [Unblock file API](unblock-file-windows-defender-advanced-threat-protection.md) +#####File +###### [Block file API](block-file-windows-defender-advanced-threat-protection.md) +###### [Get file information](get-file-information-windows-defender-advanced-threat-protection.md) +###### [Get file related alerts](get-file-related-alerts-windows-defender-advanced-threat-protection.md) +###### [Get file related machines](get-file-related-machines-windows-defender-advanced-threat-protection.md) +###### [Get file statistics](get-file-statistics-windows-defender-advanced-threat-protection.md) +###### [Get FileActions collection API](get-fileactions-collection-windows-defender-advanced-threat-protection.md) +###### [Unblock file API](unblock-file-windows-defender-advanced-threat-protection.md) -###IP -#### [Get IP related alerts](get-ip-related-alerts-windows-defender-advanced-threat-protection.md) -#### [Get IP related machines](get-ip-related-machines-windows-defender-advanced-threat-protection.md) -#### [Get IP statistics](get-ip-statistics-windows-defender-advanced-threat-protection.md) -#### [Is IP seen in organization](is-ip-seen-org-windows-defender-advanced-threat-protection.md) -###Machines -#### [Collect investigation package API](collect-investigation-package-windows-defender-advanced-threat-protection.md) -#### [Find machine information by IP](find-machine-info-by-ip-windows-defender-advanced-threat-protection.md) -#### [Get machines](get-machines-windows-defender-advanced-threat-protection.md) -#### [Get FileMachineAction object API](get-filemachineaction-object-windows-defender-advanced-threat-protection.md) -#### [Get FileMachineActions collection API](get-filemachineactions-collection-windows-defender-advanced-threat-protection.md) -#### [Get machine by ID](get-machine-by-id-windows-defender-advanced-threat-protection.md) -#### [Get machine log on users](get-machine-log-on-users-windows-defender-advanced-threat-protection.md) -#### [Get machine related alerts](get-machine-related-alerts-windows-defender-advanced-threat-protection.md) -#### [Get MachineAction object API](get-machineaction-object-windows-defender-advanced-threat-protection.md) -#### [Get MachineActions collection API](get-machineactions-collection-windows-defender-advanced-threat-protection.md) -#### [Get machines](get-machines-windows-defender-advanced-threat-protection.md) -#### [Get package SAS URI API](get-package-sas-uri-windows-defender-advanced-threat-protection.md) -#### [Isolate machine API](isolate-machine-windows-defender-advanced-threat-protection.md) -#### [Release machine from isolation API](unisolate-machine-windows-defender-advanced-threat-protection.md) -#### [Remove app restriction API](unrestrict-code-execution-windows-defender-advanced-threat-protection.md) -#### [Request sample API](request-sample-windows-defender-advanced-threat-protection.md) -#### [Restrict app execution API](restrict-code-execution-windows-defender-advanced-threat-protection.md) -#### [Run antivirus scan API](run-av-scan-windows-defender-advanced-threat-protection.md) -#### [Stop and quarantine file API](stop-quarantine-file-windows-defender-advanced-threat-protection.md) +#####IP +###### [Get IP related alerts](get-ip-related-alerts-windows-defender-advanced-threat-protection.md) +###### [Get IP related machines](get-ip-related-machines-windows-defender-advanced-threat-protection.md) +###### [Get IP statistics](get-ip-statistics-windows-defender-advanced-threat-protection.md) +###### [Is IP seen in organization](is-ip-seen-org-windows-defender-advanced-threat-protection.md) +#####Machines +###### [Collect investigation package API](collect-investigation-package-windows-defender-advanced-threat-protection.md) +###### [Find machine information by IP](find-machine-info-by-ip-windows-defender-advanced-threat-protection.md) +###### [Get machines](get-machines-windows-defender-advanced-threat-protection.md) +###### [Get FileMachineAction object API](get-filemachineaction-object-windows-defender-advanced-threat-protection.md) +###### [Get FileMachineActions collection API](get-filemachineactions-collection-windows-defender-advanced-threat-protection.md) +###### [Get machine by ID](get-machine-by-id-windows-defender-advanced-threat-protection.md) +###### [Get machine log on users](get-machine-log-on-users-windows-defender-advanced-threat-protection.md) +###### [Get machine related alerts](get-machine-related-alerts-windows-defender-advanced-threat-protection.md) +###### [Get MachineAction object API](get-machineaction-object-windows-defender-advanced-threat-protection.md) +###### [Get MachineActions collection API](get-machineactions-collection-windows-defender-advanced-threat-protection.md) +###### [Get machines](get-machines-windows-defender-advanced-threat-protection.md) +###### [Get package SAS URI API](get-package-sas-uri-windows-defender-advanced-threat-protection.md) +###### [Isolate machine API](isolate-machine-windows-defender-advanced-threat-protection.md) +###### [Release machine from isolation API](unisolate-machine-windows-defender-advanced-threat-protection.md) +###### [Remove app restriction API](unrestrict-code-execution-windows-defender-advanced-threat-protection.md) +###### [Request sample API](request-sample-windows-defender-advanced-threat-protection.md) +###### [Restrict app execution API](restrict-code-execution-windows-defender-advanced-threat-protection.md) +###### [Run antivirus scan API](run-av-scan-windows-defender-advanced-threat-protection.md) +###### [Stop and quarantine file API](stop-quarantine-file-windows-defender-advanced-threat-protection.md) -###User -#### [Get alert related user information](get-alert-related-user-info-windows-defender-advanced-threat-protection.md) -#### [Get user information](get-user-information-windows-defender-advanced-threat-protection.md) -#### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection.md) -#### [Get user related machines](get-user-related-machines-windows-defender-advanced-threat-protection.md) +#####User +###### [Get alert related user information](get-alert-related-user-info-windows-defender-advanced-threat-protection.md) +###### [Get user information](get-user-information-windows-defender-advanced-threat-protection.md) +###### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection.md) +###### [Get user related machines](get-user-related-machines-windows-defender-advanced-threat-protection.md) ##Reporting -## [Create and build Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md) +### [Create and build Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md) ##Check service health and sensor state -## [Check sensor state](check-sensor-status-windows-defender-advanced-threat-protection.md) +### [Check sensor state](check-sensor-status-windows-defender-advanced-threat-protection.md) ### [Fix unhealthy sensors](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md) ### [Inactive machines](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#inactive-machines) ### [Misconfigured machines](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#misconfigured-machines) -## [Check service health](service-status-windows-defender-advanced-threat-protection.md) -## [Configure Windows Defender ATP preferences settings](preferences-setup-windows-defender-advanced-threat-protection.md) -## [Update general settings](general-settings-windows-defender-advanced-threat-protection.md) -## [Enable advanced features](advanced-features-windows-defender-advanced-threat-protection.md) -## [Enable preview experience](preview-settings-windows-defender-advanced-threat-protection.md) -## [Configure email notifications](configure-email-notifications-windows-defender-advanced-threat-protection.md) -## [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md) -## [Enable Threat intel API](enable-custom-ti-windows-defender-advanced-threat-protection.md) -## [Enable and create Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md) -## [Enable Security Analytics security controls](enable-security-analytics-windows-defender-advanced-threat-protection.md) +### [Check service health](service-status-windows-defender-advanced-threat-protection.md) +### [Configure Windows Defender ATP Settings](preferences-setup-windows-defender-advanced-threat-protection.md) + +###General +#### [Update data retention settings](data-retention-settings-windows-defender-advanced-threat-protection.md) +#### [Configure alert notifications](configure-email-notifications-windows-defender-advanced-threat-protection.md) +#### [Enable and create Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md) +#### [Enable Secure score security controls](enable-secure-score-windows-defender-advanced-threat-protection.md) +#### [Configure advanced features](advanced-features-windows-defender-advanced-threat-protection.md) +#### [Protect data with conditional access](conditional-access-windows-defender-advanced-threat-protection.md) + +###Permissions +#### [Manage portal access using RBAC](rbac-windows-defender-advanced-threat-protection.md) +#### [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md) + +###APIs +#### [Enable Threat intel](enable-custom-ti-windows-defender-advanced-threat-protection.md) +#### [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md) + +###Rules +#### [Manage suppression rules](manage-suppression-rules-windows-defender-advanced-threat-protection.md) +#### [Manage automation allowed/blocked](manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md) +#### [Manage automation file uploads](manage-automation-file-uploads-windows-defender-advanced-threat-protection.md) +#### [Manage automation folder exclusions](manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md) + +###Machine management +#### [Onboarding machines](onboard-configure-windows-defender-advanced-threat-protection.md) +#### [Offboarding machines](offboard-machines-windows-defender-advanced-threat-protection.md) + +## [Configure Windows Defender ATP time zone settings](time-settings-windows-defender-advanced-threat-protection.md) -## [Configure Windows Defender ATP time zone settings](settings-windows-defender-advanced-threat-protection.md) ## [Access the Windows Defender ATP Community Center](community-windows-defender-advanced-threat-protection.md) ## [Troubleshoot Windows Defender ATP](troubleshoot-windows-defender-advanced-threat-protection.md) -## [Review events and errors on endpoints with Event Viewer](event-error-codes-windows-defender-advanced-threat-protection.md) +### [Review events and errors on machines with Event Viewer](event-error-codes-windows-defender-advanced-threat-protection.md) ## [Windows Defender Antivirus compatibility with Windows Defender ATP](defender-compatibility-windows-defender-advanced-threat-protection.md) - diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md index 8b0591b338..d74d21d178 100644 --- a/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/advanced-features-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Configure advanced features in Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md index 49284ab1d1..f553f152fd 100644 --- a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Advanced hunting query best practices Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-reference-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-reference-windows-defender-advanced-threat-protection.md index e0ff5a7be1..77ffee9999 100644 --- a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-reference-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-reference-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Advanced hunting reference in Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md index f523b1c8d1..c5a0aa9147 100644 --- a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Query data using Advanced hunting in Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md index 26eef896ca..3955ce8269 100644 --- a/windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # View and organize the Windows Defender Advanced Threat Protection Alerts queue diff --git a/windows/security/threat-protection/windows-defender-atp/assign-portal-access-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/assign-portal-access-windows-defender-advanced-threat-protection.md index 4b947eec35..5acb334a86 100644 --- a/windows/security/threat-protection/windows-defender-atp/assign-portal-access-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/assign-portal-access-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Assign user access to the Windows Defender ATP portal diff --git a/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md index 6046993dba..760acda319 100644 --- a/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Use Automated investigations to investigate and remediate threats diff --git a/windows/security/threat-protection/windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection.md index 6a933ada64..968c448af5 100644 --- a/windows/security/threat-protection/windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Check sensor health state in Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/community-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/community-windows-defender-advanced-threat-protection.md index f56d8e3bae..d55f04fddc 100644 --- a/windows/security/threat-protection/windows-defender-atp/community-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/community-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- diff --git a/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md new file mode 100644 index 0000000000..5c7c425311 --- /dev/null +++ b/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection.md @@ -0,0 +1,157 @@ +--- +title: Enable conditional access to better protect users, devices, and data +description: Enable conditional access to prevent applications from running if a device is considered at risk and an application is determined to be non-compliant. +keywords: conditional access, block applications, security level, intune, +search.product: eADQiWindows 10XVcnh +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: high +ms.date: 04/24/2018 +--- + +# Enable conditional access to better protect users, devices, and data + +**Applies to:** + +- Windows 10 Enterprise +- Windows 10 Education +- Windows 10 Pro +- Windows 10 Pro Education +- Windows Defender Advanced Threat Protection (Windows Defender ATP) + +[!include[Prerelease information](prerelease.md)] + +>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-conditionalaccess-abovefoldlink) + +Conditional access is a capability that helps you better protect your users and enterprise information by making sure that only secure devices have access to applications. + +With conditional access, you can control access to enterprise information based on the risk level of a device. This helps keep trusted users on trusted devices using trusted applications. + +You can define security conditions under which devices and applications can run and access information from your network by enforcing policies to stop applications from running until a device returns to a compliant state. + +The implementation of conditional access in Windows Defender ATP is based on Microsoft Intune (Intune) device compliance policies and Azure Active Directory (Azure AD) conditional access policies. + +The compliance policy is used with conditional access to allow only devices that fulfill one or more device compliance policy rules to access applications. + +## Understand the conditional access flow +Conditional access is put in place so that when a threat is seen on a device, access to sensitive content is blocked until the threat is remediated. + +The flow begins with machines being seen to have a low, medium, or high risk. These risk determinations are then sent to Intune. + +Depending on how you configure policies in Intune, conditional access can be set up so that when certain conditions are met, the policy is applied. + +For example, you can configure Intune to apply conditional access on devices that have a high risk. + +In Intune, a device compliance policy is used in conjunction with Azure AD conditional access to block access to applications. In parallel, an automated investigation and remediation process is launched. + + A user can still use the device while the automated investigation and remediation is taking place, but access to enterprise data is blocked until the threat is fully remediated. + +To resolve the risk found on a device, you'll need to return the device to a compliant state. A device returns to a compliant state when there is no risk seen on it. + +There are three ways to address a risk: +1. Use Manual or automated remediation. +2. Resolve active alerts on the machine. This will remove the risk from the machine. +3. You can remove the machine from the active policies and consequently, conditional access will not be applied on the machine. + +Manual remediation requires a secops admin to investigate an alert and address the risk seen on the device. The automated remediation is configured through configuration settings provided in the following section, [Configure conditional access](#configure-conditional-access). + +When the risk is removed either through manual or automated remediation, the device returns to a compliant state and access to applications is granted. + +The following example sequence of events explains conditional access in action: + +1. A user opens a malicious file and Windows Defender ATP flags the device as high risk. +2. The high risk assessment is passed along to Intune. In parallel, an automated investigation is initiated to remediate the identified threat. A manual remediation can also be done to remediate the identified threat. +3. Based on the policy created in Intune, the device is marked as not compliant. The assessment is then communicated to Azure AD by the Intune conditional access policy. In Azure AD, the corresponding policy is applied to block access to applications. +4. The manual or automated investigation and remediation is completed and the threat is removed. Windows Defender ATP sees that there is no risk on the device and Intune assesses the device to be in a compliant state. Azure AD applies the policy which allows access to applications. +5. Users can now access applications. + + + + ## Configure conditional access +This section guides you through all the steps you need to take to properly implement conditional access. + +### Before you begin +>[!WARNING] +>It's important to note that Azure AD registered devices is not supported in this scenario.
+>Only Intune enrolled devices are supported. + +You need to make sure that all your devices are enrolled in Intune. You can use any of the following options to enroll devices in Intune: + + +- IT Admin: For more information on how to enabling auto-enrollment, see [Windows Enrollment](https://docs.microsoft.com/intune/windows-enroll#enable-windows-10-automatic-enrollment) +- End-user: For more information on how to enroll your Windows 10 device in Intune, see [Enroll your Windows 10 device in Intune](https://docs.microsoft.com/intune-user-help/enroll-your-w10-device-access-work-or-school) +- End-user alternative: For more information on joining an Azure AD domain, see [Set up Azure Active Directory joined devices](https://docs.microsoft.com/en-us/azure/active-directory/device-management-azuread-joined-devices-setup). + + + +There are steps you'll need to take in the Windows Defender ATP portal, the Intune portal, and Azure AD portal. + +> [!NOTE] +> You'll need a Microsoft Intune environment, with Intune managed and Azure AD joined Windows 10 devices. + +Take the following steps to enable conditional access: +- Step 1: Turn on the Microsoft Intune connection from the Windows Defender ATP portal +- Step 2: Turn on the Windows Defender ATP integration in Intune +- Step 3: Create the compliance policy in Intune +- Step 4: Assign the policy +- Step 5: Create an Azure AD conditional access policy + + +### Step 1: Turn on the Microsoft Intune connection +1. In the navigation pane, select **Settings** > **General** > **Advanced features** > **Microsoft Intune connection**. +2. Toggle the Microsoft Intune setting to **On**. +3. Click **Save preferences**. + + +### Step 2: Turn on the Windows Defender ATP integration in Intune +1. Sign in to the [Azure portal](https://portal.azure.com). +2. Select **Device compliance** > **Windows Defender ATP**. +3. Set **Connect Windows 10.0.15063+ devices to Windows Defender Advanced Threat Protection** to **On**. +4. Click **Save**. + + +### Step 3: Create the compliance policy in Intune +1. In the [Azure portal](https://portal.azure.com), select **All services**, filter on **Intune**, and select **Microsoft Intune**. +2. Select **Device compliance** > **Policies** > **Create policy**. +3. Enter a **Name** and **Description**. +4. In **Platform**, select **Windows 10 and later**. +5. In the **Device Health** settings, set **Require the device to be at or under the Device Threat Level** to your preferred level: + + - **Secured**: This level is the most secure. The device cannot have any existing threats and still access company resources. If any threats are found, the device is evaluated as noncompliant. + - **Low**: The device is compliant if only low-level threats exist. Devices with medium or high threat levels are not compliant. + - **Medium**: The device is compliant if the threats found on the device are low or medium. If high-level threats are detected, the device is determined as noncompliant. + - **High**: This level is the least secure, and allows all threat levels. So devices that with high, medium or low threat levels are considered compliant. + +6. Select **OK**, and **Create** to save your changes (and create the policy). + +### Step 4: Assign the policy +1. In the [Azure portal](https://portal.azure.com), select **All services**, filter on **Intune**, and select **Microsoft Intune**. +2. Select **Device compliance** > **Policies**> select your Windows Defender ATP compliance policy. +3. Select **Assignments**. +4. Include or exclude your Azure AD groups to assign them the policy. +5. To deploy the policy to the groups, select **Save**. The user devices targeted by the policy are evaluated for compliance. + +### Step 5: Create an Azure AD conditional access policy +1. In the [Azure portal](https://portal.azure.com), open **Azure Active Directory** > **Conditional access** > **New policy**. +2. Enter a policy **Name**, and select **Users and groups**. Use the Include or Exclude options to add your groups for the policy, and select **Done**. +3. Select **Cloud apps**, and choose which apps to protect. For example, choose **Select apps**, and select **Office 365 SharePoint Online** and **Office 365 Exchange Online**. Select **Done** to save your changes. + +4. Select **Conditions** > **Client apps** to apply the policy to apps and browsers. For example, select **Yes**, and then enable **Browser** and **Mobile apps and desktop clients**. Select **Done** to save your changes. + +5. Select **Grant** to apply conditional access based on device compliance. For example, select **Grant access** > **Require device to be marked as compliant**. Choose **Select** to save your changes. + +6. Select **Enable policy**, and then **Create** to save your changes. + +For more information, see [Enable Windows Defender ATP with conditional access in Intune](https://docs.microsoft.com/intune/advanced-threat-protection). + +>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-conditionalaccess-belowfoldlink) + +## Related topic +- [Configure advanced features in Windows Defender ATP](advanced-features-windows-defender-advanced-threat-protection.md) + + + diff --git a/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md index 6559e3e082..b35af2246b 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Configure alert notifications in Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-gp-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-gp-windows-defender-advanced-threat-protection.md index 20a25e6d96..e3b7fb8022 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-gp-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-gp-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Onboard Windows 10 machines using Group Policy diff --git a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-mdm-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-mdm-windows-defender-advanced-threat-protection.md index fc37a29fbc..c7774a5663 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-mdm-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-mdm-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Onboard Windows 10 machines using Mobile Device Management tools diff --git a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md index 60fdf52cf6..450371174d 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md @@ -9,7 +9,7 @@ ms.sitesec: library ms.pagetype: security author: mjcaparas localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Onboard non-Windows machines diff --git a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md index 1da2299153..ab8da7cafa 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-sccm-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Onboard Windows 10 machines using System Center Configuration Manager diff --git a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-script-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-script-windows-defender-advanced-threat-protection.md index 51910b2668..4dbf933ec5 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-script-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-script-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Onboard Windows 10 machines using a local script diff --git a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-vdi-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-vdi-windows-defender-advanced-threat-protection.md index 477529fa7d..3053183884 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-vdi-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-vdi-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Onboard non-persistent virtual desktop infrastructure (VDI) machines diff --git a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-windows-defender-advanced-threat-protection.md index e6d78d4bb0..dab99dbf01 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-endpoints-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-endpoints-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Onboard Windows 10 machines diff --git a/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md index c55f7851c0..62c3b16138 100644 --- a/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md @@ -9,7 +9,7 @@ ms.sitesec: library ms.pagetype: security author: mjcaparas localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Onboard servers to the Windows Defender ATP service @@ -18,7 +18,6 @@ ms.date: 04/17/2018 - Windows Server 2012 R2 - Windows Server 2016 -- Windows Server, version 1803 - Windows Defender Advanced Threat Protection (Windows Defender ATP) [!include[Prerelease information](prerelease.md)] @@ -30,7 +29,6 @@ Windows Defender ATP extends support to also include the Windows Server operatin Windows Defender ATP supports the onboarding of the following servers: - Windows Server 2012 R2 - Windows Server 2016 -- Windows Server, version 1803 ## Onboard Windows Server 2012 R2 and Windows Server 2016 @@ -82,31 +80,6 @@ Once completed, you should see onboarded servers in the portal within an hour. | winatp-gw-neu.microsoft.com | 443 | | winatp-gw-weu.microsoft.com | 443 | -## Onboard Windows Server, version 1803 -You’ll be able to onboard in the same method available for Windows 10 client machines. For more information, see [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md). Support for Windows Server, version 1803 provides deeper insight into activities happening on the server, coverage for kernel and memory attack detection, and enables response actions on Windows Server endpoint as well. - -1. Install the latest Windows Server Insider build on a machine. For more information, see [Windows Server Insider Preview](https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewserver). - -2. Configure Windows Defender ATP onboarding settings on the server. For more information, see [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md). - -3. If you’re running a third party antimalware solution, you'll need to apply the following Windows Defender AV passive mode settings and verify it was configured correctly: - - a. Set the following registry entry: - - Path: `HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection` - - Name: ForceDefenderPassiveMode - - Value: 1 - - b. Run the following PowerShell command to verify that the passive mode was configured: - ```Get-WinEvent -FilterHashtable @{ProviderName="Microsoft-Windows-Sense" ;ID=84}``` - - c. Confirm that a recent event containing the passive mode event is found: - ![Image of passive mode verification result](images/atp-verify-passive-mode.png) - -4. Run the following command to check if Windows Defender AV is installed: - ```sc query Windefend``` - - If the result is ‘The specified service does not exist as an installed service’, then you'll need to install Windows Defender AV. For more information, see [Windows Defender Antivirus in Windows 10](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10). - ## Offboard servers You have two options to offboard servers from the service: - Uninstall the MMA agent diff --git a/windows/security/threat-protection/windows-defender-atp/custom-ti-api-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/custom-ti-api-windows-defender-advanced-threat-protection.md index 8af91533b7..e06ccda51d 100644 --- a/windows/security/threat-protection/windows-defender-atp/custom-ti-api-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/custom-ti-api-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Create custom alerts using the threat intelligence (TI) application program interface (API) diff --git a/windows/security/threat-protection/windows-defender-atp/data-retention-settings-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/data-retention-settings-windows-defender-advanced-threat-protection.md index 2c31b1365d..2f1642def7 100644 --- a/windows/security/threat-protection/windows-defender-atp/data-retention-settings-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/data-retention-settings-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Update data retention settings for Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/defender-compatibility-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/defender-compatibility-windows-defender-advanced-threat-protection.md index 09ed79f526..035afaf190 100644 --- a/windows/security/threat-protection/windows-defender-atp/defender-compatibility-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/defender-compatibility-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Windows Defender Antivirus compatibility with Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/enable-custom-ti-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/enable-custom-ti-windows-defender-advanced-threat-protection.md index 4864c55ad8..babca11760 100644 --- a/windows/security/threat-protection/windows-defender-atp/enable-custom-ti-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/enable-custom-ti-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Enable the custom threat intelligence API in Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/enable-secure-score-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/enable-secure-score-windows-defender-advanced-threat-protection.md index 9e6c2f081b..da135efb65 100644 --- a/windows/security/threat-protection/windows-defender-atp/enable-secure-score-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/enable-secure-score-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Enable Secure Score security controls diff --git a/windows/security/threat-protection/windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection.md index 9b39935b31..183ecc286d 100644 --- a/windows/security/threat-protection/windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Enable SIEM integration in Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/event-error-codes-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/event-error-codes-windows-defender-advanced-threat-protection.md index 7dbc500f97..f4c7dd2bb3 100644 --- a/windows/security/threat-protection/windows-defender-atp/event-error-codes-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/event-error-codes-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- diff --git a/windows/security/threat-protection/windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md index 840ac36b91..c8df547c6b 100644 --- a/windows/security/threat-protection/windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Investigate Windows Defender Advanced Threat Protection alerts diff --git a/windows/security/threat-protection/windows-defender-atp/investigate-domain-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/investigate-domain-windows-defender-advanced-threat-protection.md index 9d2442bd7c..cf096a36d3 100644 --- a/windows/security/threat-protection/windows-defender-atp/investigate-domain-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/investigate-domain-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Investigate a domain associated with a Windows Defender ATP alert diff --git a/windows/security/threat-protection/windows-defender-atp/investigate-files-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/investigate-files-windows-defender-advanced-threat-protection.md index 8303abcda1..042216f1a6 100644 --- a/windows/security/threat-protection/windows-defender-atp/investigate-files-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/investigate-files-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Investigate a file associated with a Windows Defender ATP alert diff --git a/windows/security/threat-protection/windows-defender-atp/investigate-ip-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/investigate-ip-windows-defender-advanced-threat-protection.md index a22179f273..cd9eaa9b7c 100644 --- a/windows/security/threat-protection/windows-defender-atp/investigate-ip-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/investigate-ip-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Investigate an IP address associated with a Windows Defender ATP alert diff --git a/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md index 9fb3644bae..7f17822158 100644 --- a/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Investigate machines in the Windows Defender ATP Machines list diff --git a/windows/security/threat-protection/windows-defender-atp/investigate-user-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/investigate-user-windows-defender-advanced-threat-protection.md index 46a2f46c0e..fb5d06dfd4 100644 --- a/windows/security/threat-protection/windows-defender-atp/investigate-user-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/investigate-user-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Investigate a user account in Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md index 240d558937..a7c1630a56 100644 --- a/windows/security/threat-protection/windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/is-domain-seen-in-org-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Is domain seen in org diff --git a/windows/security/threat-protection/windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md index 454d1a3aec..221bfd7884 100644 --- a/windows/security/threat-protection/windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Create and manage machine groups in Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/machines-view-overview-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/machines-view-overview-windows-defender-advanced-threat-protection.md index 278725340f..c304f74048 100644 --- a/windows/security/threat-protection/windows-defender-atp/machines-view-overview-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/machines-view-overview-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # View and organize the Windows Defender ATP Machines list diff --git a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md index 5912acb1a8..54bc053ce4 100644 --- a/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/manage-alerts-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Manage Windows Defender Advanced Threat Protection alerts diff --git a/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md index 1f68016ea9..abe6240f77 100644 --- a/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Manage automation allowed/blocked lists diff --git a/windows/security/threat-protection/windows-defender-atp/manage-automation-file-uploads-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-automation-file-uploads-windows-defender-advanced-threat-protection.md index f6b88381ff..a418fca559 100644 --- a/windows/security/threat-protection/windows-defender-atp/manage-automation-file-uploads-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/manage-automation-file-uploads-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Manage automation file uploads diff --git a/windows/security/threat-protection/windows-defender-atp/manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md index c7d1e70c54..0388d3e0dd 100644 --- a/windows/security/threat-protection/windows-defender-atp/manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Manage automation folder exclusions diff --git a/windows/security/threat-protection/windows-defender-atp/manage-suppression-rules-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-suppression-rules-windows-defender-advanced-threat-protection.md index c06aea4230..afd498bd1b 100644 --- a/windows/security/threat-protection/windows-defender-atp/manage-suppression-rules-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/manage-suppression-rules-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Manage suppression rules diff --git a/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md index 3983d79af5..9afdfa86cb 100644 --- a/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Minimum requirements for Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/offboard-machines-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/offboard-machines-windows-defender-advanced-threat-protection.md index 78710989d2..5083d2feae 100644 --- a/windows/security/threat-protection/windows-defender-atp/offboard-machines-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/offboard-machines-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Offboard machines from the Windows Defender ATP service diff --git a/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md index 84c7cee481..e5ee209594 100644 --- a/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Onboard machines to the Windows Defender ATP service diff --git a/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md index ce444d924a..d8e518f47c 100644 --- a/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Windows Defender Advanced Threat Protection portal overview diff --git a/windows/security/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md index e92d59ee73..ecb07ccd1e 100644 --- a/windows/security/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md @@ -9,7 +9,7 @@ ms.sitesec: library ms.pagetype: security author: mjcaparas localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Create and build Power BI reports using Windows Defender ATP data diff --git a/windows/security/threat-protection/windows-defender-atp/powershell-example-code-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/powershell-example-code-windows-defender-advanced-threat-protection.md index 36e285cce8..f08533a767 100644 --- a/windows/security/threat-protection/windows-defender-atp/powershell-example-code-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/powershell-example-code-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # PowerShell code examples for the custom threat intelligence API diff --git a/windows/security/threat-protection/windows-defender-atp/preferences-setup-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/preferences-setup-windows-defender-advanced-threat-protection.md index 4d00c68de1..72dd86675c 100644 --- a/windows/security/threat-protection/windows-defender-atp/preferences-setup-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/preferences-setup-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Configure Windows Defender ATP settings diff --git a/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection.md index 6f65f14423..61315574f8 100644 --- a/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Turn on the preview experience in Windows Defender ATP diff --git a/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md index 4d92a145bd..af0f9887a7 100644 --- a/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Windows Defender ATP preview features @@ -47,7 +47,6 @@ The following features are included in the preview release: Windows Defender ATP supports the onboarding of the following servers: - Windows Server 2012 R2 - Windows Server 2016 - - Windows Server, version 1803 - [Create and build Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md)
Windows Defender ATP supports the use of Power BI data connectors to enable you to connect and access Windows Defender ATP data using Microsoft Graph. diff --git a/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md index d3de2bec95..441d1895d8 100644 --- a/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Pull Windows Defender ATP alerts using REST API diff --git a/windows/security/threat-protection/windows-defender-atp/python-example-code-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/python-example-code-windows-defender-advanced-threat-protection.md index 278e02f9bb..58abb6bddc 100644 --- a/windows/security/threat-protection/windows-defender-atp/python-example-code-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/python-example-code-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Python code examples for the custom threat intelligence API diff --git a/windows/security/threat-protection/windows-defender-atp/rbac-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/rbac-windows-defender-advanced-threat-protection.md index 8b7ad9f93e..fdb452e1ad 100644 --- a/windows/security/threat-protection/windows-defender-atp/rbac-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/rbac-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Manage portal access using role-based access control diff --git a/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md index 0e5f08d3d5..f3fa656be3 100644 --- a/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Take response actions on a file diff --git a/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md index 43e1cf6abb..c6c4102eb5 100644 --- a/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md @@ -9,7 +9,7 @@ ms.sitesec: library ms.pagetype: security author: mjcaparas localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # View the Windows Defender Advanced Threat Protection Secure score dashboard @@ -297,9 +297,6 @@ For more information, see [Windows Defender Firewall with Advanced Security](htt ### BitLocker optimization For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for BitLocker is fulfilled. ->[!IMPORTANT] ->This security control is only applicable for machines with Windows 10, version 1803 or later. - #### Minimum baseline configuration setting for BitLocker - Ensure all supported internal drives are encrypted - Ensure that all suspended protection on drives resume protection diff --git a/windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md index 7b4b053ce3..d3740aa25f 100644 --- a/windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # View the Windows Defender Advanced Threat Protection Security operations dashboard diff --git a/windows/security/threat-protection/windows-defender-atp/service-status-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/service-status-windows-defender-advanced-threat-protection.md index 0e0c2d60c4..488f25d704 100644 --- a/windows/security/threat-protection/windows-defender-atp/service-status-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/service-status-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Check the Windows Defender Advanced Threat Protection service health diff --git a/windows/security/threat-protection/windows-defender-atp/supported-apis-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/supported-apis-windows-defender-advanced-threat-protection.md index 6e4c10056a..9fa8d8f13a 100644 --- a/windows/security/threat-protection/windows-defender-atp/supported-apis-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/supported-apis-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Supported Windows Defender ATP query APIs diff --git a/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection.md index 3324909b34..160df53514 100644 --- a/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Understand threat intelligence concepts diff --git a/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md index 637bf8c04f..53bbce16ae 100644 --- a/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/troubleshoot-onboarding-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Troubleshoot Windows Defender Advanced Threat Protection onboarding issues diff --git a/windows/security/threat-protection/windows-defender-atp/use-custom-ti-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/use-custom-ti-windows-defender-advanced-threat-protection.md index 43d2792de3..fca8e3f3ee 100644 --- a/windows/security/threat-protection/windows-defender-atp/use-custom-ti-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/use-custom-ti-windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Use the threat intelligence API to create custom alerts diff --git a/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md index a3ae16d7dd..10373e6ddc 100644 --- a/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md @@ -10,7 +10,7 @@ ms.pagetype: security ms.author: macapara author: mjcaparas ms.localizationpriority: high -ms.date: 04/17/2018 +ms.date: 04/24/2018 --- # Windows Defender Advanced Threat Protection