From 5258956e7e294fe08a3d4bbb32f6c7dbd9a9d0b2 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 10 Sep 2019 15:30:33 -0700
Subject: [PATCH] Updated with MTE EOD option

---
 .../microsoft-defender-atp/investigate-machines.md               | 1 +
 1 file changed, 1 insertion(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
index c79fa83c94..5faa671548 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
@@ -60,6 +60,7 @@ Response actions run along the top of a specific machine page and include:
 - Run antivirus scan
 - Restrict app execution
 - Isolate machine
+- Consult a threat expert
 - Action center
 
 You can take response actions in the Action center, in a specific machine page, or in a specific file page.