From 610012340c343b1d0037c6932a8489356a8d5180 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 21 May 2019 16:56:17 -0700 Subject: [PATCH] Update threat-and-vuln-mgt-scenarios.md --- .../threat-and-vuln-mgt-scenarios.md | 24 ++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md index c496298c21..62ff9c35d1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md @@ -117,10 +117,32 @@ This capability allows you, the Security Administrator, to request for the IT Ad 4. Go to the **Remediation** page to view the status of your remediation request. - >[!NOTE] >If your request involves remediating more than 10,000 machines, we will only send 10,000 machines for remediation to Intune at a time. Create another remediation request for the remaining machines up to 10,000. +## File for exception +With Threat & Vulnerability Management, you can create exceptions for recommendations, as an alternative to requesting for remediation. + +There are many reasons why organizations might want to create exceptions for a recommendation. For example, if there's a business justification that prevents the company from applying the recommendation, the existence of a compensating or alternative control that provides the same level of protection that the recommendation would, a false positive, among other reasons. + +Exceptions can be created for both *Security update* and *Configuration change* recommendations. + +When an exception is created for a recommendation, the recommendation is no longer active. The recommendation state changes to **Exception**, and it no longer shows up in the security recommendations list. + + +1. Navigate to the **Security recommendations** page under the **Threat & Vulnerability Management** section menu. + +2. Click the top-most recommendation. A fly-in panel will open with the recommendation details. + +3. Click **Exception options**. + +4. Select your justification for filing an exception instead of remediating the security recommendation in question. Fill out the justification context, then set the exception duration. + +5. Click Submit. A confirmation message at the top of the page will indicate that the exception has been created + +6. View all your exceptions (current + past) by navigating to the **Remediation** page under the **Threat & Vulnerability Management** menu and clicking on the **Exceptions** tab. + + ## Related topics - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)