From 5d4c29a3838066517b4ac7b70d6dfc93d706adf3 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 8 Oct 2018 10:23:18 -0700 Subject: [PATCH] add incidents in preview topic --- .../preview-windows-defender-advanced-threat-protection.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md index 3eab3eda81..53f9b9de62 100644 --- a/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md @@ -41,6 +41,10 @@ The following features are included in the preview release: - [Threat analytics](threat-analytics.md)
Threat Analytics is a set of interactive reports published by the Windows Defender ATP research team as soon as emerging threats and outbreaks are identified. The reports help security operations teams assess impact on their environment and provides recommended actions to contain, increase organizational resilience, and prevent specific threats. +- [Incidents](incidents-queue.md)
+Windows Defender ATP applies correlation analytics and aggregates all related alerts and investigations into an incident. Doing so helps narrate a broader story of an attack, thus providing you with the right visuals (upgraded incident graph) and data representations to understand and deal with complex cross-entity threats to your organization's network. + + - [Custom detection](overview-custom-detections.md)
With custom detections, you can create custom queries to monitor events for any kind of behavior such as suspicious or emerging threats. This can be done by leveraging the power of Advanced hunting through the creation of custom detection rules.