mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-21 13:23:36 +00:00
Merge pull request #1099 from MicrosoftDocs/MTE-EOD-PublicPreview
MTE EOD public preview
This commit is contained in:
Rebecca Agiewich
GitHub
@ -26,8 +26,6 @@ ms.topic: article
|
|||||||
[!include[Prerelease information](prerelease.md)]
|
[!include[Prerelease information](prerelease.md)]
|
||||||
|
|
||||||
## Before you begin
|
## Before you begin
|
||||||
To experience the full Microsoft Threat Experts targeted attack notification capability in Microsoft Defender ATP, or try the the experts-on-demand capability, you need to have a valid Premier customer service and support account. Premier charges are not incurred during for the capability in trial, but for the generally available capability, there will be charges.
|
|
||||||
|
|
||||||
Ensure that you have Microsoft Defender ATP deployed in your environment with machines enrolled, and not just on a laboratory set-up.
|
Ensure that you have Microsoft Defender ATP deployed in your environment with machines enrolled, and not just on a laboratory set-up.
|
||||||
|
|
||||||
## Register to Microsoft Threat Experts managed threat hunting service
|
## Register to Microsoft Threat Experts managed threat hunting service
|
||||||
@ -36,13 +34,13 @@ If you're already a Microsoft Defender ATP customer, you can apply through the M
|
|||||||
1. From the navigation pane, go to **Settings > General > Advanced features > Microsoft Threat Experts**.
|
1. From the navigation pane, go to **Settings > General > Advanced features > Microsoft Threat Experts**.
|
||||||
|
|
||||||
2. Click **Apply**.
|
2. Click **Apply**.
|
||||||
|
|
||||||
|
|
||||||
3. Enter your name and email address so that Microsoft can get back to you on your application.
|
3. Enter your name and email address so that Microsoft can get back to you on your application.
|
||||||
|
|
||||||
|
|
||||||
4. Read the privacy statement, then click **Submit** when you're done. You will receive a welcome email once your application is approved.
|
4. Read the privacy statement, then click **Submit** when you're done. You will receive a welcome email once your application is approved.
|
||||||
|
|
||||||
|
|
||||||
6. From the navigation pane, go to **Settings** > **General** > **Advanced features** to turn the **Threat Experts** toggle on. Click **Save preferences**.
|
6. From the navigation pane, go to **Settings** > **General** > **Advanced features** to turn the **Threat Experts** toggle on. Click **Save preferences**.
|
||||||
|
|
||||||
@ -77,11 +75,11 @@ You can partner with Microsoft Threat Experts who can be engaged directly from w
|
|||||||
|
|
||||||
2. From the upper right-hand menu, click **?**. Then, select **Consult a threat expert**.
|
2. From the upper right-hand menu, click **?**. Then, select **Consult a threat expert**.
|
||||||
|
|
||||||
>
|
>
|
||||||
|
|
||||||
>A flyout screen opens.
|
>A flyout screen opens.
|
||||||
|
|
||||||
>
|
>
|
||||||
|
|
||||||
>The **Inquiry topic** field is pre-populated with the link to the relevant page for your investigation request. For example, a link to the incident, alert, or machine details page that you were at when you made the request.
|
>The **Inquiry topic** field is pre-populated with the link to the relevant page for your investigation request. For example, a link to the incident, alert, or machine details page that you were at when you made the request.
|
||||||
|
|
||||||
|
|||||||
Binary file not shown.
|
After Width: | Height: | Size: 7.6 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 8.9 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 11 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 14 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 32 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 31 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 12 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 43 KiB |
@ -49,16 +49,16 @@ Customers can engage our security experts directly from within Microsoft Defende
|
|||||||
The option to **Consult a threat expert** is available in several places in the portal so you can engage with experts in the context of your investigation:
|
The option to **Consult a threat expert** is available in several places in the portal so you can engage with experts in the context of your investigation:
|
||||||
|
|
||||||
- <i>**Help and support menu**</i><BR>
|
- <i>**Help and support menu**</i><BR>
|
||||||
|
|
||||||
|
|
||||||
- <i>**Machine page actions menu**</i><BR>
|
- <i>**Machine page actions menu**</i><BR>
|
||||||
|
|
||||||
|
|
||||||
- <i>**Alerts page Actions menu**</i><BR>
|
- <i>**Alerts page actions menu**</i><BR>
|
||||||
|
|
||||||
|
|
||||||
- <i>**File page actions menu**</i><BR>
|
- <i>**File page actions menu**</i><BR>
|
||||||
|
|
||||||
|
|
||||||
## Related topic
|
## Related topic
|
||||||
- [Configure Microsoft Threat Experts capabilities](configure-microsoft-threat-experts.md)
|
- [Configure Microsoft Threat Experts capabilities](configure-microsoft-threat-experts.md)
|
||||||
|
|||||||
@ -36,6 +36,7 @@ Response actions run along the top of the file page, and include:
|
|||||||
- Stop and Quarantine File
|
- Stop and Quarantine File
|
||||||
- Add Indicator
|
- Add Indicator
|
||||||
- Download file
|
- Download file
|
||||||
|
- Consult a threat expert
|
||||||
- Action center
|
- Action center
|
||||||
|
|
||||||
You can also submit files for deep analysis, to run the file in a secure cloud sandbox. When the analysis is complete, you'll get a detailed report that provides information about the behavior of the file. You can submit files for deep analysis and read past reports by selecting the **Deep analysis** tab. It's located below the file information cards.
|
You can also submit files for deep analysis, to run the file in a secure cloud sandbox. When the analysis is complete, you'll get a detailed report that provides information about the behavior of the file. You can submit files for deep analysis and read past reports by selecting the **Deep analysis** tab. It's located below the file information cards.
|
||||||
@ -173,7 +174,7 @@ If a file is not already stored by Microsoft Defender ATP, you cannot download i
|
|||||||
|
|
||||||
You can consult a Microsoft threat expert for more insights regarding a potentially compromised machine or already compromised ones. Microsoft Threat Experts can be engaged directly from within the Microsoft Defender Security Center for timely and accurate response. Experts provide insights not just regarding a potentially compromised machine, but also to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, or a threat intelligence context that you see on your portal dashboard.
|
You can consult a Microsoft threat expert for more insights regarding a potentially compromised machine or already compromised ones. Microsoft Threat Experts can be engaged directly from within the Microsoft Defender Security Center for timely and accurate response. Experts provide insights not just regarding a potentially compromised machine, but also to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, or a threat intelligence context that you see on your portal dashboard.
|
||||||
|
|
||||||
See [Consult a Microsoft Threat Expert](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#consult-a-microsoft-threat-expert-about-suspicious-cybersecurity-activities-in-your-organization) for details.
|
See [Consult a Microsoft Threat Expert](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#consult-a-microsoft-threat-expert-about-suspicious-cybersecurity-activities-in-your-organization) for details.
|
||||||
|
|
||||||
## Check activity details in Action center
|
## Check activity details in Action center
|
||||||
|
|
||||||
|
|||||||
@ -178,7 +178,7 @@ When a machine is being isolated, the following notification is displayed to inf
|
|||||||
|
|
||||||
You can consult a Microsoft threat expert for more insights regarding a potentially compromised machine or already compromised ones. Microsoft Threat Experts can be engaged directly from within the Microsoft Defender Security Center for timely and accurate response. Experts provide insights not just regarding a potentially compromised machine, but also to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, or a threat intelligence context that you see on your portal dashboard.
|
You can consult a Microsoft threat expert for more insights regarding a potentially compromised machine or already compromised ones. Microsoft Threat Experts can be engaged directly from within the Microsoft Defender Security Center for timely and accurate response. Experts provide insights not just regarding a potentially compromised machine, but also to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, or a threat intelligence context that you see on your portal dashboard.
|
||||||
|
|
||||||
See [Consult a Microsoft Threat Expert](https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#consult-a-microsoft-threat-expert-about-suspicious-cybersecurity-activities-in-your-organization) for details.
|
See [Consult a Microsoft Threat Expert](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#consult-a-microsoft-threat-expert-about-suspicious-cybersecurity-activities-in-your-organization) for details.
|
||||||
|
|
||||||
|
|
||||||
## Check activity details in Action center
|
## Check activity details in Action center
|
||||||
|
|||||||
Reference in New Issue
Block a user