Merge branch 'master' into ft-onboarding

2025-06-22 13:53:39 +00:00 · 2020-08-06 10:04:36 -07:00
parent a55724450c 253c829310
commit 4f73068eda
6 changed files with 45 additions and 4 deletions
--- a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-software2.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-event-timeline-software2.png
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md
@ -25,7 +25,7 @@ ms.topic: conceptual

 ## Collecting diagnostic information

-If you can reproduce a problem, please increase the logging level, run the system for some time, and restore the logging level to the default.
+If you can reproduce a problem, increase the logging level, run the system for some time, and restore the logging level to the default.

 1. Increase logging level:

@ -63,7 +63,7 @@ The detailed log will be saved to `/Library/Logs/Microsoft/mdatp/install.log`. I

 ## Uninstalling

-There are several ways to uninstall Microsoft Defender ATP for Mac. Please note that while centrally managed uninstall is available on JAMF, it is not yet available for Microsoft Intune.
+There are several ways to uninstall Microsoft Defender ATP for Mac. Note that while centrally managed uninstall is available on JAMF, it is not yet available for Microsoft Intune.

 ### Interactive uninstallation

@ -100,6 +100,36 @@ Important tasks, such as controlling product settings and triggering on-demand s
 |EDR          |Add group tag to device. EDR tags are used for managing device groups. For more information, please visit https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine-groups |`mdatp --edr --set-tag GROUP [name]` |
 |EDR          |Remove group tag from device              |`mdatp --edr --remove-tag [name]`                                            |

+### How to enable autocompletion
+
+To enable autocompletion in `Bash`, run the following command and restart the Terminal session:
+
+```bash
+$ echo "source /Applications/Microsoft\ Defender\ ATP.app/Contents/Resources/Tools/mdatp_completion.bash" >> ~/.bash_profile
+```
+
+To enable autocompletion in `zsh`:
+
+- Check whether autocompletion is enabled on your device:
+
+   ```zsh
+   $ cat ~/.zshrc | grep autoload
+   ```
+
+- If the above command does not produce any output, you can enable autocompletion using the following command:
+
+   ```zsh
+   $ echo "autoload -Uz compinit && compinit" >> ~/.zshrc
+   ```
+
+- Run the following command to enable autocompletion for Microsoft Defender ATP for Mac and restart the Terminal session:
+
+   ```zsh
+   sudo mkdir -p /usr/local/share/zsh/site-functions
+
+   sudo ln -svf "/Applications/Microsoft Defender ATP.app/Contents/Resources/Tools/mdatp_completion.zsh" /usr/local/share/zsh/site-functions/_mdatp
+   ```
+
 ## Client Microsoft Defender ATP quarantine directory

 `/Library/Application Support/Microsoft/Defender/quarantine/` contains the files quarantined by `mdatp`. The files are named after the threat trackingId. The current trackingIds is shown with `mdatp --threat --list --pretty`.
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
@ -38,6 +38,12 @@ ms.topic: conceptual
 > 2. Refer to this documentation for detailed configuration information and instructions: [New configuration profiles for macOS Catalina and newer versions of macOS](mac-sysext-policies.md).
 > 3. Monitor this page for an announcement of the actual release of MDATP for Mac agent update.

+## 101.05.16
+
+- Improvements to quick scan logic to significantly reduce the number of scanned files
+- Added [autocompletion support](mac-resources.md#how-to-enable-autocompletion) for the command-line tool
+- Bug fixes
+
 ## 101.03.12

 - Performance improvements & bug fixes
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md
@ -75,6 +75,9 @@ The two large numbers at the top of the page show the number of new vulnerabilit

 ![Event timeline page](images/tvm-event-timeline-overview-mixed-type.png)

+>[!NOTE]
+>New configuration assessments are coming soon.
+
 ### Columns

 - **Date**: month, day, year
@ -114,7 +117,7 @@ To open a software page, select an event > select the hyperlinked software name

 A full page will appear with all the details of a specific software. Mouse over the graph to see the timeline of events for that specific software.

-![Software page with an Event timeline graph](images/tvm-event-timeline-software.png)
+![Software page with an Event timeline graph](images/tvm-event-timeline-software2.png)

 You can also navigate to the event timeline tab to view all the events related to that software, along with security recommendations, discovered vulnerabilities, installed machines, and version distribution.

--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@ -49,7 +49,7 @@ Before trying out this feature, make sure you have the following:
 - Windows 10 Enterprise E5 license
 - Access to Microsoft Defender Security Center portal
 - Devices running Windows 10 Anniversary Update (version 1607) or later with the latest MoCAMP update. 
-Note that if SmartScreen is not turned on, Network Protection will take over the blocking.
+Note that if SmartScreen is not turned on, Network Protection will take over the blocking. This requires enabling Network Protection [on the device](enable-network-protection.md).

 ## Data handling