From 53274a98d182bcf3f4d67998e628e2e6a1d66a3d Mon Sep 17 00:00:00 2001 From: schmurky Date: Wed, 3 Feb 2021 14:34:49 +0800 Subject: [PATCH] Update new techniques page --- .../microsoft-defender-atp/techniques-device-timeline.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/techniques-device-timeline.md b/windows/security/threat-protection/microsoft-defender-atp/techniques-device-timeline.md index 231ba89d71..885af37be7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/techniques-device-timeline.md +++ b/windows/security/threat-protection/microsoft-defender-atp/techniques-device-timeline.md @@ -24,6 +24,9 @@ ms.technology: mde **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +>[!IMPORTANT] +>Some information relates to a prereleased product feature in public preview which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. + In Microsoft Defender for Endpoint, **Techniques** are a grouping of events that when taken together indicate activity associated with certain [MITRE ATT&CK](https://attack.mitre.org/) techniques or sub-techniques. This feature simplifies the investigation experience by helping analysts understand at a glance whether suspicious activities happened on or affected a device and whether those activities indicate a need for closer investigation. @@ -46,7 +49,8 @@ To view only either events or techniques, select Filters from the device timelin [FILTER screenshot] -IMPORTANT: Event group filters do not affect Techniques, so when Techniques data type is selected, all techniques are shown. +>[!IMPORTANT] +>Event group filters do not affect Techniques, so when Techniques data type is selected, all techniques are shown. To view File events only without Techniques, select Events data type and File events event group.