diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 3c051adf05..3b530dd325 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -190,12 +190,17 @@ ####Permissions ##### [Manage portal access using RBAC](windows-defender-atp\rbac-windows-defender-advanced-threat-protection.md) ##### [Create machine groups](windows-defender-atp\machine-groups-windows-defender-advanced-threat-protection.md) + ####APIs ##### [Enable Threat intel](windows-defender-atp\enable-custom-ti-windows-defender-advanced-threat-protection.md) ##### [Enable SIEM integration](windows-defender-atp\enable-siem-integration-windows-defender-advanced-threat-protection.md) + ####Rules -[Manage suppression rules](windows-defender-atp\manage-suppression-rules-windows-defender-advanced-threat-protection.md) -[Manage automation exclusion lists](windows-defender-atp\manage-automation-exclusion-list-windows-defender-advanced-threat-protection.md) +##### [Manage suppression rules](windows-defender-atp\manage-suppression-rules-windows-defender-advanced-threat-protection.md) +##### [Manage automation exclusion lists](windows-defender-atp\manage-automation-exclusion-list-windows-defender-advanced-threat-protection.md) +##### [Manage automation file uploads](windows-defender-atp\manage-automation-file-uploads-windows-defender-advanced-threat-protection.md) + +####Machine management #### [Configure Windows Defender ATP time zone settings](windows-defender-atp\settings-windows-defender-advanced-threat-protection.md) diff --git a/windows/security/threat-protection/windows-defender-atp/manage-automation-file-uploads-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/manage-automation-file-uploads-windows-defender-advanced-threat-protection.md new file mode 100644 index 0000000000..e803e9bb77 --- /dev/null +++ b/windows/security/threat-protection/windows-defender-atp/manage-automation-file-uploads-windows-defender-advanced-threat-protection.md @@ -0,0 +1,44 @@ +--- +title: Manage automation file uploads +description: Enable content analysis and configure the file extension and email attachment extensions that will be sumitted for analysis +keywords: automation, file, uploads, content, analysis, file, extension, email, attachment +search.product: eADQiWindows 10XVcnh +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: macapara +author: mjcaparas +ms.localizationpriority: high +ms.date: 04/16/2018 +--- + +# Manage automation file uploads + +**Applies to:** + +- Windows 10 Enterprise +- Windows 10 Education +- Windows 10 Pro +- Windows 10 Pro Education +- Windows Defender Advanced Threat Protection (Windows Defender ATP) + +[!include[Prerelease information](prerelease.md)] + +>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationefileuploads-abovefoldlink) + +You can submit suspicious files identified by automated investigation to the cloud for additional inspection by enabling content analysis. + +1. In the navigation pane, select **Settings** > **Rules** > **Automation file uploads**. + +2. Toggle the content analysis setting between **On** and **Off**. + +3. Configure the following extension names and separate extension names with a comma: + - **File extension names** - Suspicious files except email attachments will be submitted for additional inspection + - **Attachment extension names** - Suspicious email attachments with these extension names will be submitted for additional inspection + + + +## Related topics +- Automation allowed/blocked lists +- Automation folder exclusions \ No newline at end of file