From cc70d946eef0409ce3d4cc20143fa916e9aa55dc Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 10:26:01 -0700 Subject: [PATCH 01/12] line 81 to wdatp --- windows/security/index.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/index.yml b/windows/security/index.yml index d980430450..8378d23d14 100644 --- a/windows/security/index.yml +++ b/windows/security/index.yml @@ -78,7 +78,7 @@ sections: title: Information protection -- title: Security features built in to Windows 10 +- title: Windows Defender Advanced Threat Protection items: From 99f76fdb052f00d7f115e8d53945e8045ab52ffa Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 12:48:08 -0700 Subject: [PATCH 02/12] update wdatp short description --- windows/security/index.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/index.yml b/windows/security/index.yml index 95fc87c96b..fe7996c727 100644 --- a/windows/security/index.yml +++ b/windows/security/index.yml @@ -84,7 +84,7 @@ sections: - type: paragraph - text: 'Windows 10 enables critical security features to protect your device right from the start.' + text: 'Prevent, detect, investigate, and respond to advanced threats.' - type: list From 7a004bb8ffc6d8cd885d36cde1d5b07098cf89c3 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 13:57:55 -0700 Subject: [PATCH 03/12] add features under wdatp --- windows/security/index.yml | 174 ++++++++++++++++++------------------- 1 file changed, 87 insertions(+), 87 deletions(-) diff --git a/windows/security/index.yml b/windows/security/index.yml index fe7996c727..10a40938f2 100644 --- a/windows/security/index.yml +++ b/windows/security/index.yml @@ -34,49 +34,49 @@ sections: - type: markdown - text: Secure corporate data and manage risk. + text: Secure corporate data and manage risk. - items: - type: list - style: cards + style: cards - className: cardsM + className: cardsM - columns: 3 + columns: 3 - items: + items: - - href: \windows\security\identity-protection\ + - href: \windows\security\identity-protection\ - html:

Deploy secure enterprise-grade authentication and access control to protect accounts and data

+ html:

Deploy secure enterprise-grade authentication and access control to protect accounts and data

- image: + image: - src: https://docs.microsoft.com/media/common/i_identity-protection.svg + src: https://docs.microsoft.com/media/common/i_identity-protection.svg - title: Identity and access management + title: Identity and access management - - href: \windows\security\threat-protection\ + - href: \windows\security\threat-protection\ - html:

Stop cyberthreats and quickly identify and respond to breaches

+ html:

Stop cyberthreats and quickly identify and respond to breaches

- image: + image: - src: https://docs.microsoft.com/media/common/i_threat-protection.svg + src: https://docs.microsoft.com/media/common/i_threat-protection.svg - title: Threat protection + title: Threat protection - - href: \windows\security\information-protection\ + - href: \windows\security\information-protection\ - html:

Identify and secure critical data to prevent data loss

+ html:

Identify and secure critical data to prevent data loss

- image: + image: - src: https://docs.microsoft.com/media/common/i_information-protection.svg + src: https://docs.microsoft.com/media/common/i_information-protection.svg - title: Information protection + title: Information protection - title: Windows Defender Advanced Threat Protection @@ -84,77 +84,77 @@ sections: - type: paragraph - text: 'Prevent, detect, investigate, and respond to advanced threats.' + text: 'Prevent, detect, investigate, and respond to advanced threats.' - type: list - style: cards + style: cards - className: cardsM + className: cardsM - columns: 3 + columns: 3 - items: + items: - - href: \windows\security\hardware-protection\how-hardware-based-containers-help-protect-windows + - href: \windows\security\threat-protection\windows-defender-antivirus\windows-defender-antivirus-in-windows-10 - html:

Protect the boot process and maintain system integrity

+ html:

Protect against malware management using next-generation antivirus technologies

- image: + image: - src: https://docs.microsoft.com/media/common/i_identity-protection.svg - - title: Windows Defender System Guard + src: https://docs.microsoft.com/media/common/i_threat-protection.svg + + title: Windows Defender Antivirus - - href: \windows\security\threat-protection\windows-defender-antivirus\windows-defender-antivirus-in-windows-10 + - href: \windows\security\threat-protection\windows-defender-exploit-guard\windows-defender-exploit-guard - html:

Protect against malware management using next-generation antivirus technologies

+ html:

Manage and reduce the attack surface of apps

- image: + image: - src: https://docs.microsoft.com/media/common/i_threat-protection.svg - - title: Windows Defender Antivirus + src: https://docs.microsoft.com/media/common/i_threat-protection.svg + + title: Windows Defender Exploit Guard - - href: \windows\security\information-protection\bitlocker\bitlocker-overview + - href: \windows\security\threat-protection\windows-defender-application-control\windows-defender-application-control - html:

Prevent data theft from lost or stolen devices

+ html:

Lock down applications that run on a device

- image: + image: - src: https://docs.microsoft.com/media/common/i_information-protection.svg - - title: BitLocker + src: https://docs.microsoft.com/media/common/i_threat-protection.svg + + title: Windows Defender Application Control + + - href: \windows\security\threat-protection\windows-defender-application-guard\wd-app-guard-overview - - href: \windows\security\identity-protection\hello-for-business\hello-overview + html:

Isolate enterprise-defined untrusted sites

- html:

Give users a more personal and secure way to access their devices

+ image: - image: + src: https://docs.microsoft.com/media/common/i_threat-protection.svg + + title: Windows Defender Application Guard + + - href: \windows\security\threat-protection\windows-defender-smartscreen\windows-defender-smartscreen-overview - src: https://docs.microsoft.com/media/common/i_identity-protection.svg - - title: Windows Hello for Business - - - href: \windows\security\threat-protection\windows-defender-application-control\windows-defender-application-control + html:

Protect users from malicious sites

- html:

Lock down applications that run on a device

+ image: - image: + src: https://docs.microsoft.com/media/common/i_threat-protection.svg + + title: Windows Defender SmartScreen + + - href: \windows\security\information-protection\windows-information-protection\protect-enterprise-data-using-wip - src: https://docs.microsoft.com/media/common/i_threat-protection.svg - - title: Windows Defender Application Control + html:

Block unauthorized network traffic flowing into or out of a local device

- - href: \windows\security\information-protection\windows-information-protection\protect-enterprise-data-using-wip + image: - html:

Prevent accidental data leaks from enterprise devices

- - image: - - src: https://docs.microsoft.com/media/common/i_information-protection.svg - - title: Windows Information Protection + src: https://docs.microsoft.com/media/common/i_information-protection.svg + + title: Windows Defender Firewall - title: Videos @@ -162,49 +162,49 @@ sections: - type: markdown - text: ">[![VIDEO](images/next-generation-windows-security-vision.png)](https://www.youtube.com/watch?v=IvZySDNfNpo)" + text: ">[![VIDEO](images/next-generation-windows-security-vision.png)](https://www.youtube.com/watch?v=IvZySDNfNpo)" - type: markdown - text: ">[![VIDEO](images/fall-creators-update-next-gen-security.png)](https://www.youtube.com/watch?v=JDGMNFwyUg8)" - + text: ">[![VIDEO](images/fall-creators-update-next-gen-security.png)](https://www.youtube.com/watch?v=JDGMNFwyUg8)" + - title: Additional security features in Windows 10 items: - type: paragraph - text: 'These additional security features are also built in to Windows 10 Enterprise.' + text: 'These additional security features are also built in to Windows 10 Enterprise.' - type: list - style: unordered + style: unordered - items: + items: - - html: Windows Defender Firewall - - html: Windows Defender Exploit Guard - - html: Windows Defender Credential Guard - - html: Windows Defender Application Control - - html: Windows Defender Application Guard - - html: Windows Defender SmartScreen - - html: Windows Defender Security Center - + - html: Windows Defender Firewall + - html: Windows Defender Exploit Guard + - html: Windows Defender Credential Guard + - html: Windows Defender Application Control + - html: Windows Defender Application Guard + - html: Windows Defender SmartScreen + - html: Windows Defender Security Center + - title: Security Resources items: - type: list - style: unordered + style: unordered - items: + items: - - html: Windows Defender Security Intelligence - - html: Microsoft Secure blog - - html: Security Update blog - - html: Microsoft Security Response Center (MSRC) - - html: MSRC Blog - - html: Ransomware FAQ - + - html: Windows Defender Security Intelligence + - html: Microsoft Secure blog + - html: Security Update blog + - html: Microsoft Security Response Center (MSRC) + - html: MSRC Blog + - html: Ransomware FAQ + From c7fe739ecae473a7f1091716512aec6aef84f501 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 14:20:13 -0700 Subject: [PATCH 04/12] revert --- windows/security/index.yml | 174 ++++++++++++++++++------------------- 1 file changed, 87 insertions(+), 87 deletions(-) diff --git a/windows/security/index.yml b/windows/security/index.yml index 10a40938f2..95fc87c96b 100644 --- a/windows/security/index.yml +++ b/windows/security/index.yml @@ -34,49 +34,49 @@ sections: - type: markdown - text: Secure corporate data and manage risk. + text: Secure corporate data and manage risk. - items: - type: list - style: cards + style: cards - className: cardsM + className: cardsM - columns: 3 + columns: 3 - items: + items: - - href: \windows\security\identity-protection\ + - href: \windows\security\identity-protection\ - html:

Deploy secure enterprise-grade authentication and access control to protect accounts and data

+ html:

Deploy secure enterprise-grade authentication and access control to protect accounts and data

- image: + image: - src: https://docs.microsoft.com/media/common/i_identity-protection.svg + src: https://docs.microsoft.com/media/common/i_identity-protection.svg - title: Identity and access management + title: Identity and access management - - href: \windows\security\threat-protection\ + - href: \windows\security\threat-protection\ - html:

Stop cyberthreats and quickly identify and respond to breaches

+ html:

Stop cyberthreats and quickly identify and respond to breaches

- image: + image: - src: https://docs.microsoft.com/media/common/i_threat-protection.svg + src: https://docs.microsoft.com/media/common/i_threat-protection.svg - title: Threat protection + title: Threat protection - - href: \windows\security\information-protection\ + - href: \windows\security\information-protection\ - html:

Identify and secure critical data to prevent data loss

+ html:

Identify and secure critical data to prevent data loss

- image: + image: - src: https://docs.microsoft.com/media/common/i_information-protection.svg + src: https://docs.microsoft.com/media/common/i_information-protection.svg - title: Information protection + title: Information protection - title: Windows Defender Advanced Threat Protection @@ -84,77 +84,77 @@ sections: - type: paragraph - text: 'Prevent, detect, investigate, and respond to advanced threats.' + text: 'Windows 10 enables critical security features to protect your device right from the start.' - type: list - style: cards + style: cards - className: cardsM + className: cardsM - columns: 3 + columns: 3 - items: + items: - - href: \windows\security\threat-protection\windows-defender-antivirus\windows-defender-antivirus-in-windows-10 + - href: \windows\security\hardware-protection\how-hardware-based-containers-help-protect-windows - html:

Protect against malware management using next-generation antivirus technologies

+ html:

Protect the boot process and maintain system integrity

- image: + image: - src: https://docs.microsoft.com/media/common/i_threat-protection.svg - - title: Windows Defender Antivirus + src: https://docs.microsoft.com/media/common/i_identity-protection.svg + + title: Windows Defender System Guard - - href: \windows\security\threat-protection\windows-defender-exploit-guard\windows-defender-exploit-guard + - href: \windows\security\threat-protection\windows-defender-antivirus\windows-defender-antivirus-in-windows-10 - html:

Manage and reduce the attack surface of apps

+ html:

Protect against malware management using next-generation antivirus technologies

- image: + image: - src: https://docs.microsoft.com/media/common/i_threat-protection.svg - - title: Windows Defender Exploit Guard + src: https://docs.microsoft.com/media/common/i_threat-protection.svg + + title: Windows Defender Antivirus - - href: \windows\security\threat-protection\windows-defender-application-control\windows-defender-application-control + - href: \windows\security\information-protection\bitlocker\bitlocker-overview - html:

Lock down applications that run on a device

+ html:

Prevent data theft from lost or stolen devices

- image: + image: - src: https://docs.microsoft.com/media/common/i_threat-protection.svg - - title: Windows Defender Application Control - - - href: \windows\security\threat-protection\windows-defender-application-guard\wd-app-guard-overview + src: https://docs.microsoft.com/media/common/i_information-protection.svg + + title: BitLocker - html:

Isolate enterprise-defined untrusted sites

+ - href: \windows\security\identity-protection\hello-for-business\hello-overview - image: + html:

Give users a more personal and secure way to access their devices

- src: https://docs.microsoft.com/media/common/i_threat-protection.svg - - title: Windows Defender Application Guard - - - href: \windows\security\threat-protection\windows-defender-smartscreen\windows-defender-smartscreen-overview + image: - html:

Protect users from malicious sites

+ src: https://docs.microsoft.com/media/common/i_identity-protection.svg + + title: Windows Hello for Business + + - href: \windows\security\threat-protection\windows-defender-application-control\windows-defender-application-control - image: + html:

Lock down applications that run on a device

- src: https://docs.microsoft.com/media/common/i_threat-protection.svg - - title: Windows Defender SmartScreen - - - href: \windows\security\information-protection\windows-information-protection\protect-enterprise-data-using-wip + image: - html:

Block unauthorized network traffic flowing into or out of a local device

+ src: https://docs.microsoft.com/media/common/i_threat-protection.svg + + title: Windows Defender Application Control - image: + - href: \windows\security\information-protection\windows-information-protection\protect-enterprise-data-using-wip - src: https://docs.microsoft.com/media/common/i_information-protection.svg - - title: Windows Defender Firewall + html:

Prevent accidental data leaks from enterprise devices

+ + image: + + src: https://docs.microsoft.com/media/common/i_information-protection.svg + + title: Windows Information Protection - title: Videos @@ -162,49 +162,49 @@ sections: - type: markdown - text: ">[![VIDEO](images/next-generation-windows-security-vision.png)](https://www.youtube.com/watch?v=IvZySDNfNpo)" + text: ">[![VIDEO](images/next-generation-windows-security-vision.png)](https://www.youtube.com/watch?v=IvZySDNfNpo)" - type: markdown - text: ">[![VIDEO](images/fall-creators-update-next-gen-security.png)](https://www.youtube.com/watch?v=JDGMNFwyUg8)" - + text: ">[![VIDEO](images/fall-creators-update-next-gen-security.png)](https://www.youtube.com/watch?v=JDGMNFwyUg8)" + - title: Additional security features in Windows 10 items: - type: paragraph - text: 'These additional security features are also built in to Windows 10 Enterprise.' + text: 'These additional security features are also built in to Windows 10 Enterprise.' - type: list - style: unordered + style: unordered - items: + items: - - html: Windows Defender Firewall - - html: Windows Defender Exploit Guard - - html: Windows Defender Credential Guard - - html: Windows Defender Application Control - - html: Windows Defender Application Guard - - html: Windows Defender SmartScreen - - html: Windows Defender Security Center - + - html: Windows Defender Firewall + - html: Windows Defender Exploit Guard + - html: Windows Defender Credential Guard + - html: Windows Defender Application Control + - html: Windows Defender Application Guard + - html: Windows Defender SmartScreen + - html: Windows Defender Security Center + - title: Security Resources items: - type: list - style: unordered + style: unordered - items: + items: - - html: Windows Defender Security Intelligence - - html: Microsoft Secure blog - - html: Security Update blog - - html: Microsoft Security Response Center (MSRC) - - html: MSRC Blog - - html: Ransomware FAQ - + - html: Windows Defender Security Intelligence + - html: Microsoft Secure blog + - html: Security Update blog + - html: Microsoft Security Response Center (MSRC) + - html: MSRC Blog + - html: Ransomware FAQ + From 689b34a34831412aaeeb99f77809963860e8a8a3 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 14:20:41 -0700 Subject: [PATCH 05/12] push --- windows/security/index.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/index.yml b/windows/security/index.yml index 95fc87c96b..e28a82b4d7 100644 --- a/windows/security/index.yml +++ b/windows/security/index.yml @@ -134,7 +134,7 @@ sections: src: https://docs.microsoft.com/media/common/i_identity-protection.svg - title: Windows Hello for Business + title: Windows Hello - href: \windows\security\threat-protection\windows-defender-application-control\windows-defender-application-control From af4921c146b01c54724a85c9c46bb5ec22fa0054 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 14:37:24 -0700 Subject: [PATCH 06/12] change bitlocker to app g --- windows/security/index.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/index.yml b/windows/security/index.yml index e28a82b4d7..7b8def5aaa 100644 --- a/windows/security/index.yml +++ b/windows/security/index.yml @@ -124,7 +124,7 @@ sections: src: https://docs.microsoft.com/media/common/i_information-protection.svg - title: BitLocker + title: Windows Defender Application Guard - href: \windows\security\identity-protection\hello-for-business\hello-overview From 831c94d76c92a0df8f743158b05b242ac97c81bb Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 14:49:04 -0700 Subject: [PATCH 07/12] update product names only --- windows/security/index.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/windows/security/index.yml b/windows/security/index.yml index 7b8def5aaa..82199a4995 100644 --- a/windows/security/index.yml +++ b/windows/security/index.yml @@ -96,16 +96,6 @@ sections: items: - - href: \windows\security\hardware-protection\how-hardware-based-containers-help-protect-windows - - html:

Protect the boot process and maintain system integrity

- - image: - - src: https://docs.microsoft.com/media/common/i_identity-protection.svg - - title: Windows Defender System Guard - - href: \windows\security\threat-protection\windows-defender-antivirus\windows-defender-antivirus-in-windows-10 html:

Protect against malware management using next-generation antivirus technologies

@@ -116,6 +106,16 @@ sections: title: Windows Defender Antivirus + - href: \windows\security\hardware-protection\how-hardware-based-containers-help-protect-windows + + html:

Protect the boot process and maintain system integrity

+ + image: + + src: https://docs.microsoft.com/media/common/i_identity-protection.svg + + title: Windows Defender SmartScreen + - href: \windows\security\information-protection\bitlocker\bitlocker-overview html:

Prevent data theft from lost or stolen devices

@@ -134,7 +134,7 @@ sections: src: https://docs.microsoft.com/media/common/i_identity-protection.svg - title: Windows Hello + title: Windows Defender Firewall - href: \windows\security\threat-protection\windows-defender-application-control\windows-defender-application-control @@ -154,7 +154,7 @@ sections: src: https://docs.microsoft.com/media/common/i_information-protection.svg - title: Windows Information Protection + title: Windows Defender Exploit Guard - title: Videos From da464dcd57df7e4348ef5776fc945ad9498a99db Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 15:08:08 -0700 Subject: [PATCH 08/12] update wdatp blurb --- windows/security/index.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/index.yml b/windows/security/index.yml index 82199a4995..b953b6b14f 100644 --- a/windows/security/index.yml +++ b/windows/security/index.yml @@ -84,7 +84,7 @@ sections: - type: paragraph - text: 'Windows 10 enables critical security features to protect your device right from the start.' + text: 'Prevent, detect, investigate, and respond to advanced threats.' - type: list From a9b86e0d70de0d2625fbd9dc2d310c444e0c41f9 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 15:11:19 -0700 Subject: [PATCH 09/12] update wdatp landing page --- windows/security/wdatp/index.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/windows/security/wdatp/index.md b/windows/security/wdatp/index.md index 7a0ca592f1..2b05e374ae 100644 --- a/windows/security/wdatp/index.md +++ b/windows/security/wdatp/index.md @@ -13,14 +13,11 @@ ms.date: 06/04/2018 # Windows Defender Advanced Threat Protection -Windows Defender Advanced Threat Protection (Windows Defender ATP) is a unified endpoint security platform using built-in security technologies working together and powered by the cloud. +Windows Defender Advanced Threat Protection (Windows Defender ATP)is a unified platform for preventative protection, post-breach detection, automated investigation and response, employing intelligent protection to protect endpoints from cyber threats. -![Windows Defender ATP service components](images/WDATP-components.png) ![Windows Defender ATP components](images/wdatp-pillars.png) -Windows Defender ATP offers a comprehensive approach in securing enterprise networks by offerring an end-to-end stack of security capabilities. - The attack surface reduction set of capabilities provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitations. @@ -38,7 +35,7 @@ The following table can help you better understand how capabilities align within Attack surface reduction | Next generation protection | Endpoint detection and response | Auto investigation and remediation | Security posture :---|:---|:---|:---|:--- -[Windows Defender SmartScreen](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview) OTHER PRODUCTS??
OR
Hardware based isolation

Application control

Exploit protection

Network protection

Controlled folder access | [Windows Defender Antivirus](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)
OR
Web protection

Machine learning

Script and memory attack protection

Antivirus

Runtime emulator

Threat intelligence

URL/IP reputation

Sandbox service | Deep operating system recording sensor

Machine learning, behavioral and anomaly detection

Response containment

Realtime and historical threat hunting

Threat intelligence and custom detections | Forensic collection

Response orchestration

Historical endpoint data

Artificial intelligence reponse playbooks | Asset inventory
Operating system baseline compliance

Recommended improvement actions

Secure score

Threat analytics

Reporting and trends + Hardware based isolation

Application control

Exploit protection

Network protection

Controlled folder access | Web protection

Machine learning

Script and memory attack protection

Antivirus

Runtime emulator

Threat intelligence

URL/IP reputation

Sandbox service | Deep operating system recording sensor

Machine learning, behavioral and anomaly detection

Response containment

Realtime and historical threat hunting

Threat intelligence and custom detections | Forensic collection

Response orchestration

Historical endpoint data

Artificial intelligence reponse playbooks | Asset inventory
Operating system baseline compliance

Recommended improvement actions

Secure score

Threat analytics

Reporting and trends These capabilities are available across multiple products that make up the Windows Defender ATP platform. For more information on how to leverage all the Windows Defender ATP capabilities, see [Threat protection](https://docs.microsoft.com/en-us/windows/security/threat-protection/index). From df0526bc86849be11ce4f13062b49fb3a3ca7aac Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 15:14:04 -0700 Subject: [PATCH 10/12] add advanced hunting in wdatp landing page --- windows/security/wdatp/index.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/wdatp/index.md b/windows/security/wdatp/index.md index 2b05e374ae..57898fc7f1 100644 --- a/windows/security/wdatp/index.md +++ b/windows/security/wdatp/index.md @@ -29,6 +29,8 @@ In conjunction with being able to quickly respond to advanced attacks, Windows D Windows Defender ATP also provides a security posture capability to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security state of your network. +Advanced hunting gives you the flexibility of using a powerful search and query tool to proactively hunt for possible threats accross your organization. + The following table can help you better understand how capabilities align within the Windows Defender ATP offering: From 15359a7b2f031812dd1a402af41f34c5f289cd12 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 15:43:21 -0700 Subject: [PATCH 11/12] update toc to wdatp portal --- .../windows-defender-atp/TOC.md | 2 +- ...ows-defender-advanced-threat-protection.md | 55 ++----------------- 2 files changed, 7 insertions(+), 50 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md index e69658d82e..83795bb18c 100644 --- a/windows/security/threat-protection/windows-defender-atp/TOC.md +++ b/windows/security/threat-protection/windows-defender-atp/TOC.md @@ -1,4 +1,4 @@ -# [Windows Defender Advanced Threat Protection](windows-defender-advanced-threat-protection.md) +# [Windows Defender Advanced Threat Protection portal](windows-defender-advanced-threat-protection.md) ##Get started ### [Minimum requirements](minimum-requirements-windows-defender-advanced-threat-protection.md) ### [Validate licensing and complete setup](licensing-windows-defender-advanced-threat-protection.md) diff --git a/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md index ad7ca925bb..73687a0fb4 100644 --- a/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md @@ -1,6 +1,6 @@ --- -title: Windows Defender Advanced Threat Protection -description: Windows Defender Advanced Threat Protection is an enterprise security service that helps detect and respond to possible cybersecurity threats related to advanced persistent threats. +title: Windows Defender Advanced Threat Protection portal +description: The Windows Defender Advanced Threat Protection portal is teh gateway that helps secops to prevent, detect, investigate, and respond to possible cybersecurity threats related to advanced persistent threats. keywords: introduction to Windows Defender Advanced Threat Protection, introduction to Windows Defender ATP, cybersecurity, advanced persistent threat, enterprise security, machine behavioral sensor, cloud security, analytics, threat intelligence search.product: eADQiWindows 10XVcnh ms.prod: w10 @@ -13,7 +13,7 @@ ms.localizationpriority: high ms.date: 07/01/2018 --- -# Windows Defender Advanced Threat Protection +# Windows Defender Advanced Threat Protection portal **Applies to:** @@ -29,47 +29,13 @@ ms.date: 07/01/2018 > >For more info about Windows 10 Enterprise Edition features and functionality, see [Windows 10 Enterprise edition](https://www.microsoft.com/WindowsForBusiness/buy). +Windows Defender Advanced Threat Protection is a suite of capabilities designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. ---- - -# Windows Defender Advanced Threat Protection - -Windows Defender Advanced Threat Protection (Windows Defender ATP) is a unified endpoint security platform using built-in security technologies working together and powered by the cloud. - -![Windows Defender ATP service components](images/WDATP-components.png) - -Windows Defender ATP offers a comprehensive approach in securing enterprise networks by offerring an end-to-end stack of security capabilities. +To help you maximize the effectiveness of the security suite, you can configure individual capabilities that surface in the Windows Defender ATP portal. For more information about the Windows Defender ATP capabilities, see [Windows Defender Advanced Threat Protection](https://docs.microsoft.com/en-us/windows/security/wdatp). -The attack surface reduction set of capabilities provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitations. +The Windows Defender ATP portal is where all the capabilities that are available across multiple products come together in a single-pane of glass. -To further reinforce the security perimeter of your network, Windows Defender ATP uses next generation protection designed to catch all types of emerging threats. - -Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security security pillars. - -In conjunction with being able to quickly respond to advanced attacks, Windows Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale. - -Windows Defender ATP also provides a security posture capability to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security state of your network. - - -The following table can help you better understand how capabilities align within the Windows Defender ATP offering: - - - Attack surface reduction | Next generation protection | Endpoint detection and response | Auto investigation and remediation | Security posture -:---|:---|:---|:---|:--- -[Windows Defender SmartScreen](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview) OTHER PRODUCTS??
OR
Hardware based isolation

Application control

Exploit protection

Network protection

Controlled folder access | [Windows Defender Antivirus](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)
OR
Web protection

Machine learning

Script and memory attack protection

Antivirus

Runtime emulator

Threat intelligence

URL/IP reputation

Sandbox service | Deep operating system recording sensor

Machine learning, behavioral and anomaly detection

Response containment

Realtime and historical threat hunting

Threat intelligence and custom detections | Forensic collection

Response orchestration

Historical endpoint data

Artificial intelligence reponse playbooks | Asset inventory
Operating system baseline compliance

Recommended improvement actions

Secure score

Threat analytics

Reporting and trends - -These capabilities are available across multiple products that make up the Windows Defender ATP platform. For more information on how to leverage all the Windows Defender ATP capabilities, see [Threat protection](https://docs.microsoft.com/en-us/windows/security/threat-protection/index). - - - - - - - -====================================================================== - -Windows Defender Advanced Threat Protection (Windows Defender ATP) is a security service that enables enterprise customers to detect, investigate, and respond to advanced threats on their networks. Get a quick, but in-depth overview of Windows Defender ATP for Windows 10 and the new capabilities in Windows 10, version 1703 see [Windows Defender ATP for Windows 10 Creators Update](https://technet.microsoft.com/en-au/windows/mt782787). @@ -97,15 +63,6 @@ Windows Defender ATP uses the following combination of technology built into Win ![Windows Defender ATP service component](images/components.png) -Machine investigation capabilities in this service let you drill down -into security alerts and understand the scope and nature of a potential -breach. You can submit files for deep analysis and receive the results -without leaving the [Windows Defender ATP portal](https://securitycenter.windows.com). The automated investigation and remediation capability reduces the volume of alerts by leveraging various inspection algorithms to resolve breaches. - -Windows Defender ATP works with existing Windows security technologies -on machines, such as Windows Defender Antivirus, AppLocker, and Windows Defender Device Guard. It -can also work side-by-side with third-party security solutions and -antimalware products. Windows Defender ATP leverages Microsoft technology and expertise to detect sophisticated cyber-attacks, providing: From f4ac9773fd71d0ff69e0cbad908f99868151a6c3 Mon Sep 17 00:00:00 2001 From: jcaparas Date: Wed, 6 Jun 2018 15:43:53 -0700 Subject: [PATCH 12/12] revert yaml --- windows/security/index.yml | 294 +++++++++++-------------------------- 1 file changed, 84 insertions(+), 210 deletions(-) diff --git a/windows/security/index.yml b/windows/security/index.yml index b953b6b14f..3bd613a9fc 100644 --- a/windows/security/index.yml +++ b/windows/security/index.yml @@ -1,210 +1,84 @@ -### YamlMime:YamlDocument - -documentType: LandingData - -title: Windows 10 Enterprise Security - -metadata: - - document_id: - - title: Windows 10 Enterprise Security - - description: Learn about enterprise-grade security features for Windows 10. - - keywords: protect, company, data, Windows, device, app, management, Microsoft365, e5, e3 - - ms.localizationpriority: high - - author: brianlic-msft - - ms.author: brianlic - - manager: brianlic - - ms.date: 02/06/2018 - - ms.topic: article - - ms.devlang: na - -sections: - -- items: - - - type: markdown - - text: Secure corporate data and manage risk. - -- items: - - - type: list - - style: cards - - className: cardsM - - columns: 3 - - items: - - - href: \windows\security\identity-protection\ - - html:

Deploy secure enterprise-grade authentication and access control to protect accounts and data

- - image: - - src: https://docs.microsoft.com/media/common/i_identity-protection.svg - - title: Identity and access management - - - href: \windows\security\threat-protection\ - - html:

Stop cyberthreats and quickly identify and respond to breaches

- - image: - - src: https://docs.microsoft.com/media/common/i_threat-protection.svg - - title: Threat protection - - - href: \windows\security\information-protection\ - - html:

Identify and secure critical data to prevent data loss

- - image: - - src: https://docs.microsoft.com/media/common/i_information-protection.svg - - title: Information protection - -- title: Windows Defender Advanced Threat Protection - - items: - - - type: paragraph - - text: 'Prevent, detect, investigate, and respond to advanced threats.' - - - type: list - - style: cards - - className: cardsM - - columns: 3 - - items: - - - href: \windows\security\threat-protection\windows-defender-antivirus\windows-defender-antivirus-in-windows-10 - - html:

Protect against malware management using next-generation antivirus technologies

- - image: - - src: https://docs.microsoft.com/media/common/i_threat-protection.svg - - title: Windows Defender Antivirus - - - href: \windows\security\hardware-protection\how-hardware-based-containers-help-protect-windows - - html:

Protect the boot process and maintain system integrity

- - image: - - src: https://docs.microsoft.com/media/common/i_identity-protection.svg - - title: Windows Defender SmartScreen - - - href: \windows\security\information-protection\bitlocker\bitlocker-overview - - html:

Prevent data theft from lost or stolen devices

- - image: - - src: https://docs.microsoft.com/media/common/i_information-protection.svg - - title: Windows Defender Application Guard - - - href: \windows\security\identity-protection\hello-for-business\hello-overview - - html:

Give users a more personal and secure way to access their devices

- - image: - - src: https://docs.microsoft.com/media/common/i_identity-protection.svg - - title: Windows Defender Firewall - - - href: \windows\security\threat-protection\windows-defender-application-control\windows-defender-application-control - - html:

Lock down applications that run on a device

- - image: - - src: https://docs.microsoft.com/media/common/i_threat-protection.svg - - title: Windows Defender Application Control - - - href: \windows\security\information-protection\windows-information-protection\protect-enterprise-data-using-wip - - html:

Prevent accidental data leaks from enterprise devices

- - image: - - src: https://docs.microsoft.com/media/common/i_information-protection.svg - - title: Windows Defender Exploit Guard - -- title: Videos - - items: - - - type: markdown - - text: ">[![VIDEO](images/next-generation-windows-security-vision.png)](https://www.youtube.com/watch?v=IvZySDNfNpo)" - - - type: markdown - - text: ">[![VIDEO](images/fall-creators-update-next-gen-security.png)](https://www.youtube.com/watch?v=JDGMNFwyUg8)" - -- title: Additional security features in Windows 10 - - items: - - - type: paragraph - - text: 'These additional security features are also built in to Windows 10 Enterprise.' - - - type: list - - style: unordered - - items: - - - html: Windows Defender Firewall - - html: Windows Defender Exploit Guard - - html: Windows Defender Credential Guard - - html: Windows Defender Application Control - - html: Windows Defender Application Guard - - html: Windows Defender SmartScreen - - html: Windows Defender Security Center - -- title: Security Resources - - items: - - - type: list - - style: unordered - - items: - - - html: Windows Defender Security Intelligence - - html: Microsoft Secure blog - - html: Security Update blog - - html: Microsoft Security Response Center (MSRC) - - html: MSRC Blog - - html: Ransomware FAQ - - +### YamlMime:YamlDocument +documentType: LandingData +title: Windows 10 Enterprise Security +metadata: +  document_id:  +  title: Windows 10 Enterprise Security +  description: Learn about enterprise-grade security features for Windows 10. +  keywords: protect, company, data, Windows, device, app, management, Microsoft365, e5, e3   ms.localizationpriority: high   author: brianlic-msft +  ms.author: brianlic   manager: brianlic +  ms.date: 02/06/2018   ms.topic: article   ms.devlang: na sections: +- items: +  - type: markdown +    text: Secure corporate data and manage risk.  +- items: +  - type: list +    style: cards +    className: cardsM +    columns: 3 +    items: +    - href: \windows\security\identity-protection\ +      html: 

Deploy secure enterprise-grade authentication and access control to protect accounts and data

+      image: +        src: https://docs.microsoft.com/media/common/i_identity-protection.svg +      title: Identity and access management +    - href: \windows\security\threat-protection\ +      html: 

Stop cyberthreats and quickly identify and respond to breaches

+      image: +        src: https://docs.microsoft.com/media/common/i_threat-protection.svg +      title: Threat protection +    - href: \windows\security\information-protection\ +      html: 

Identify and secure critical data to prevent data loss

+      image: +        src: https://docs.microsoft.com/media/common/i_information-protection.svg +      title: Information protection +- title: Windows Defender Advanced Threat Protection  +  items: +  - type: paragraph +    text: 'Windows 10 enables critical security features to protect your device right from the start.' +  - type: list +    style: cards +    className: cardsM +    columns: 3 +    items: +    - href: \windows\security\hardware-protection\how-hardware-based-containers-help-protect-windows +      html: 

Protect the boot process and maintain system integrity

+      image: +        src: https://docs.microsoft.com/media/common/i_identity-protection.svg              title: Windows Defender System Guard +    - href: \windows\security\threat-protection\windows-defender-antivirus\windows-defender-antivirus-in-windows-10 +      html: 

Protect against malware management using next-generation antivirus technologies

+      image: +        src: https://docs.microsoft.com/media/common/i_threat-protection.svg              title: Windows Defender Antivirus +    - href: \windows\security\information-protection\bitlocker\bitlocker-overview +      html: 

Prevent data theft from lost or stolen devices

+      image: +        src: https://docs.microsoft.com/media/common/i_information-protection.svg              title: Windows Defender Application Guard +    - href: \windows\security\identity-protection\hello-for-business\hello-overview +      html: 

Give users a more personal and secure way to access their devices

+      image: +        src: https://docs.microsoft.com/media/common/i_identity-protection.svg              title: Windows Hello             - href: \windows\security\threat-protection\windows-defender-application-control\windows-defender-application-control +      html: 

Lock down applications that run on a device

+      image: +        src: https://docs.microsoft.com/media/common/i_threat-protection.svg              title: Windows Defender Application Control +    - href: \windows\security\information-protection\windows-information-protection\protect-enterprise-data-using-wip +      html: 

Prevent accidental data leaks from enterprise devices

+      image: +        src: https://docs.microsoft.com/media/common/i_information-protection.svg              title: Windows Information Protection  +- title: Videos +  items: +  - type: markdown +    text: ">[![VIDEO](images/next-generation-windows-security-vision.png)](https://www.youtube.com/watch?v=IvZySDNfNpo)" +  - type: markdown +    text: ">[![VIDEO](images/fall-creators-update-next-gen-security.png)](https://www.youtube.com/watch?v=JDGMNFwyUg8)"      - title: Additional security features in Windows 10  +  items: +  - type: paragraph +    text: 'These additional security features are also built in to Windows 10 Enterprise.' +  - type: list +    style: unordered +    items: +    - html: Windows Defender Firewall     - html: Windows Defender Exploit Guard     - html: Windows Defender Credential Guard     - html: Windows Defender Application Control       - html: Windows Defender Application Guard     - html: Windows Defender SmartScreen       - html: Windows Defender Security Center        - title: Security Resources +  items: +  - type: list +    style: unordered +    items: +    - html: Windows Defender Security Intelligence     - html: Microsoft Secure blog     - html: Security Update blog     - html: Microsoft Security Response Center (MSRC)     - html: MSRC Blog     - html: Ransomware FAQ