From 0ffaae4be566479e8a4b0ccd0e2ff6066a0f1bdc Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Thu, 10 Dec 2020 17:24:54 -0800 Subject: [PATCH 01/93] enterprise only --- windows/security/threat-protection/intelligence/criteria.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/intelligence/criteria.md b/windows/security/threat-protection/intelligence/criteria.md index 77a3c4e33d..277e105a69 100644 --- a/windows/security/threat-protection/intelligence/criteria.md +++ b/windows/security/threat-protection/intelligence/criteria.md @@ -171,7 +171,7 @@ Microsoft uses specific categories and the category definitions to classify soft * **Advertising software:** Software that displays advertisements or promotions, or prompts you to complete surveys for other products or services in software other than itself. This includes software that inserts advertisements to webpages. -* **Torrent software:** Software that is used to create or download torrents or other files specifically used with peer-to-peer file-sharing technologies. +* **Torrent software (Enterprise only):** Software that is used to create or download torrents or other files specifically used with peer-to-peer file-sharing technologies. * **Cryptomining software:** Software that uses your device resources to mine cryptocurrencies. From 7608b62532913aef122d6082c143891a53a48e9c Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Mon, 14 Dec 2020 13:14:01 +0530 Subject: [PATCH 02/93] updated-4620497-batch4 updated --- .../behavioral-blocking-containment.md | 2 +- .../microsoft-defender-atp/check-sensor-status.md | 2 +- .../microsoft-defender-atp/client-behavioral-blocking.md | 2 +- .../microsoft-defender-atp/collect-investigation-package.md | 4 +++- .../threat-protection/microsoft-defender-atp/community.md | 1 + .../microsoft-defender-atp/conditional-access.md | 3 +-- .../microsoft-defender-atp/configure-arcsight.md | 3 +-- .../configure-attack-surface-reduction.md | 3 +++ .../configure-automated-investigations-remediation.md | 5 ++--- .../microsoft-defender-atp/configure-conditional-access.md | 1 + .../microsoft-defender-atp/configure-email-notifications.md | 2 +- .../microsoft-defender-atp/configure-endpoints-gp.md | 2 +- .../microsoft-defender-atp/configure-endpoints-mdm.md | 3 +-- .../configure-endpoints-non-windows.md | 1 + .../microsoft-defender-atp/configure-endpoints-sccm.md | 1 + .../microsoft-defender-atp/configure-endpoints-script.md | 5 +---- .../microsoft-defender-atp/configure-endpoints-vdi.md | 3 ++- .../microsoft-defender-atp/configure-endpoints.md | 4 +--- .../microsoft-defender-atp/configure-machines-asr.md | 5 ++--- .../microsoft-defender-atp/configure-machines-onboarding.md | 2 +- .../configure-machines-security-baseline.md | 2 +- .../microsoft-defender-atp/configure-machines.md | 4 ++-- .../configure-microsoft-threat-experts.md | 2 +- .../microsoft-defender-atp/configure-mssp-notifications.md | 3 +-- .../microsoft-defender-atp/configure-mssp-support.md | 3 +-- 25 files changed, 33 insertions(+), 35 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md b/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md index 05ec75c8d0..b9812f96f1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md @@ -26,8 +26,8 @@ ms.collection: **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Overview diff --git a/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md b/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md index bbff2e68b9..8805dc3930 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md +++ b/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md @@ -22,9 +22,9 @@ ms.date: 04/24/2018 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-checksensor-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md b/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md index ef5d153836..bc4df2fd36 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md +++ b/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md @@ -26,8 +26,8 @@ ms.collection: **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Overview diff --git a/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md b/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md index 0d6949ea0b..7353a6bf79 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md +++ b/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md @@ -22,7 +22,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/community.md b/windows/security/threat-protection/microsoft-defender-atp/community.md index f68dcdeab3..133d2cab9b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/community.md +++ b/windows/security/threat-protection/microsoft-defender-atp/community.md @@ -26,6 +26,7 @@ ms.date: 04/24/2018 **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md index a0ace30f14..2547e77520 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md +++ b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md @@ -24,8 +24,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-conditionalaccess-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md index aca0be0b19..026974fa1b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md @@ -21,10 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md index 736ab0b846..c19655f2e1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md @@ -21,6 +21,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) You can configure attack surface reduction with a number of tools, including: diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md index f8d91cd3e1..572a80986e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md @@ -24,10 +24,9 @@ ms.reviewer: ramarom, evaldm, isco, mabraitm, chriggs [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to** - +**Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) If your organization is using [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/) (Defender for Endpoint), [automated investigation and remediation capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations) can save your security operations team time and effort. As outlined in [this blog post](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/enhance-your-soc-with-microsoft-defender-atp-automatic/ba-p/848946), these capabilities mimic the ideal steps that a security analyst takes to investigate and remediate threats. [Learn more about automated investigation and remediation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations). diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md index 206e5721b3..179220a82c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md @@ -23,6 +23,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This section guides you through all the steps you need to take to properly implement Conditional Access. diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md index f7ccfe871b..359e660d49 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md @@ -21,9 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-emailconfig-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md index 5360517315..2f52e87c77 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md @@ -26,8 +26,8 @@ ms.date: 04/24/2018 **Applies to:** - Group Policy - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md index 0a97fbf1e3..7f93a3b0d0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md @@ -23,9 +23,8 @@ ms.topic: article **Applies to:** - - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointsmdm-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md index ba65815551..695326a404 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md @@ -27,6 +27,7 @@ ms.topic: article - macOS - Linux - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-nonwindows-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md index 38ec7959c3..4f17253970 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md @@ -26,6 +26,7 @@ ms.date: 02/07/2020 **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Microsoft Endpoint Configuration Manager current branch - System Center 2012 R2 Configuration Manager diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md index acfdb668c7..d063e91f81 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md @@ -22,10 +22,7 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] -**Applies to:** - - -- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md index fc7c7e1d3c..c2143a8c0d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md @@ -24,7 +24,8 @@ ms.date: 04/16/2020 **Applies to:** -- Virtual desktop infrastructure (VDI) devices +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >[!WARNING] > Microsoft Defender for Endpoint support for Windows Virtual Desktop multi-user scenarios is currently in Preview and limited up to 25 concurrent sessions per host/VM. However single session scenarios on Windows Virtual Desktop are fully supported. diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md index 00ee7a17a2..e11efc3916 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md @@ -21,11 +21,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - [Microsoft 365 Endpoint data loss prevention (DLP)](/microsoft-365/compliance/endpoint-dlp-learn-about) Devices in your organization must be configured so that the Defender for Endpoint service can get sensor data from them. There are various methods and deployment tools that you can use to configure the devices in your organization. diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md index 17e8cb3039..d5d5d57342 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md @@ -21,10 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - -* [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) > Want to experience Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink). diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md index b207e1fb84..d5c84321a6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md @@ -21,9 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md index e110a3d518..c5ac3b1e85 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md @@ -21,9 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md index 9b830a3988..9f4ad2ec51 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md @@ -21,9 +21,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** -- [Microsoft Defender for Endpoint ](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md index 3ce240d781..c3033e6e9b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md @@ -25,8 +25,8 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Before you begin > [!NOTE] diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md index e75588efda..20f4727023 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md @@ -21,10 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md index dde5d47ec5..69475ea801 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md @@ -21,10 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink) From 4e57cd34aad3413e52cf3b6491d747ed768929c1 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Mon, 14 Dec 2020 15:53:02 +0530 Subject: [PATCH 03/93] updated-4620497 updated --- .../microsoft-defender-atp/configure-proxy-internet.md | 5 ++--- .../microsoft-defender-atp/configure-server-endpoints.md | 1 + .../microsoft-defender-atp/configure-siem.md | 3 +-- .../microsoft-defender-atp/connected-applications.md | 1 + .../microsoft-defender-atp/contact-support.md | 3 ++- .../microsoft-defender-atp/controlled-folders.md | 3 +-- .../microsoft-defender-atp/create-alert-by-reference.md | 4 +++- .../microsoft-defender-atp/custom-detection-rules.md | 2 +- .../microsoft-defender-atp/custom-detections-manage.md | 1 + .../customize-attack-surface-reduction.md | 4 ++-- .../microsoft-defender-atp/customize-controlled-folders.md | 4 ++-- .../microsoft-defender-atp/customize-exploit-protection.md | 4 ++-- .../microsoft-defender-atp/data-retention-settings.md | 3 +-- .../microsoft-defender-atp/data-storage-privacy.md | 3 ++- .../microsoft-defender-atp/defender-compatibility.md | 7 ++----- .../microsoft-defender-atp/delete-ti-indicator-by-id.md | 5 +++-- .../microsoft-defender-atp/deployment-phases.md | 2 +- .../microsoft-defender-atp/deployment-rings.md | 2 ++ .../microsoft-defender-atp/deployment-strategy.md | 1 + .../microsoft-defender-atp/device-timeline-event-flag.md | 4 +++- .../microsoft-defender-atp/edr-in-block-mode.md | 3 +-- .../enable-attack-surface-reduction.md | 3 +++ .../microsoft-defender-atp/enable-controlled-folders.md | 4 ++-- .../microsoft-defender-atp/enable-exploit-protection.md | 5 ++--- .../microsoft-defender-atp/enable-network-protection.md | 5 ++--- 25 files changed, 44 insertions(+), 38 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md index 48fd0bee7d..29d8a51496 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md @@ -23,10 +23,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - -- [Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configureendpointsscript-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md index 6c6a1ea7cc..18fcfe65b1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md @@ -31,6 +31,7 @@ ms.topic: article - Windows Server 2019 and later - Windows Server 2019 core edition - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configserver-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md index 62e2e5f5b1..02df3a13d3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md @@ -21,10 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md index 99a86d51e7..6744927292 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md +++ b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md @@ -24,6 +24,7 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Connected applications integrates with the Defender for Endpoint platform using APIs. diff --git a/windows/security/threat-protection/microsoft-defender-atp/contact-support.md b/windows/security/threat-protection/microsoft-defender-atp/contact-support.md index b8af068443..b323d8069b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/contact-support.md +++ b/windows/security/threat-protection/microsoft-defender-atp/contact-support.md @@ -23,7 +23,8 @@ ms.topic: conceptual **Applies to:** -- [Microsoft Defender for Endpoint](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Defender for Endpoint has recently upgraded the support process to offer a more modern and advanced support experience. diff --git a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md index 272d1480ec..bdd720eab1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md @@ -21,10 +21,9 @@ ms.custom: asr [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## What is controlled folder access? diff --git a/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md b/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md index a5c286ef37..bf6f406639 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md +++ b/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md @@ -21,7 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md index 17e23e40fc..f47b66c90f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md +++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md @@ -24,8 +24,8 @@ ms.date: 09/20/2020 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Custom detection rules built from [advanced hunting](advanced-hunting-overview.md) queries let you proactively monitor various events and system states, including suspected breach activity and misconfigured devices. You can set them to run at regular intervals, generating alerts and taking response actions whenever there are matches. diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md index ef5088e134..cd17efa6b8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md +++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md @@ -25,6 +25,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Manage your existing [custom detection rules](custom-detection-rules.md) to ensure they are effectively finding threats and taking actions. Explore how to view the list of rules, check their previous runs, and review the alerts they have triggered. You can also run a rule on demand and modify it. diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md index 81ede44b00..03a274b066 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md @@ -20,8 +20,8 @@ manager: dansimp **Applies to:** - -* [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) > [!IMPORTANT] > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md index 39b6cd2158..b6570ffae3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md @@ -20,8 +20,8 @@ manager: dansimp **Applies to:** - -* [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Controlled folder access helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is supported on Windows Server 2019 and Windows 10 clients. diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md index 964158b256..fa16ddf58a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md @@ -20,8 +20,8 @@ manager: dansimp **Applies to:** - -* [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Exploit protection automatically applies a number of exploit mitigation techniques on both the operating system processes and on individual apps. diff --git a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md index 7932cfb153..df983743ae 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md +++ b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md @@ -22,9 +22,8 @@ ms.topic: conceptual **Applies to:** - - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-gensettings-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md index 953b74c139..0b69d38538 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md @@ -23,7 +23,8 @@ ms.topic: conceptual **Applies to:** -- [Microsoft Defender for Endpoint](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md index f84762a3a0..28d34ad383 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md +++ b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md @@ -24,12 +24,9 @@ ms.date: 04/24/2018 **Applies to:** - - -- Windows Defender - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +- Windows Defender >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-defendercompat-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md index 123ce4959e..4d1f037200 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md +++ b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md index 16e39faf4d..2c443f3d9e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md +++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md @@ -25,7 +25,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Learn how to deploy Microsoft Defender for Endpoint so that your enterprise can take advantage of preventative protection, post-breach detection, automated investigation, and response. diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md index 8ad96f8300..1c6eaca4d0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md +++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md @@ -25,6 +25,8 @@ ms.topic: article **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Deploying Microsoft Defender ATP can be done using a ring-based deployment approach. diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md index fad489826a..0cb703372f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md @@ -22,6 +22,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-secopsdashboard-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md b/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md index 8ab3495d50..67c3961a98 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md +++ b/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md @@ -20,7 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Event flags in the Defender for Endpoint device timeline help you filter and organize specific events when you're investigate potential attacks. diff --git a/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md b/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md index 0372ef6ab9..f190d344a8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md +++ b/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md @@ -25,10 +25,9 @@ ms.collection: [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## What is EDR in block mode? diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md index 603f751bdd..9464fb22dd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md @@ -19,6 +19,9 @@ manager: dansimp [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [Attack surface reduction rules](attack-surface-reduction.md) (ASR rules) help prevent actions that malware often abuses to compromise devices and networks. You can set ASR rules for devices running any of the following editions and versions of Windows: - Windows 10 Pro, [version 1709](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1709) or later diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md index 8af897f9a0..1e040286f7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md @@ -21,8 +21,8 @@ manager: dansimp **Applies to:** - -* [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [Controlled folder access](controlled-folders.md) helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is included with Windows 10 and Windows Server 2019. diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md index 7b1c044a64..2e4c2b5cb0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md @@ -18,10 +18,9 @@ manager: dansimp [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - -* [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [Exploit protection](exploit-protection.md) helps protect against malware that uses exploits to infect devices and spread. Exploit protection consists of a number of mitigations that can be applied to either the operating system or individual apps. diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md index 4f9ad6dff7..41c19a2a84 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md @@ -18,10 +18,9 @@ manager: dansimp [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - -* [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [Network protection](network-protection.md) helps to prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the internet. You can [audit network protection](evaluate-network-protection.md) in a test environment to view which apps would be blocked before you enable it. From fcbc401f6ee75012e0045557fdab71507940c84f Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Tue, 15 Dec 2020 11:10:51 +0530 Subject: [PATCH 04/93] updated-4620497 updated --- .../microsoft-defender-atp/get-alert-related-files-info.md | 4 +++- .../microsoft-defender-atp/get-alert-related-ip-info.md | 5 +++-- .../microsoft-defender-atp/get-alert-related-machine-info.md | 4 +++- .../microsoft-defender-atp/get-alert-related-user-info.md | 4 +++- .../threat-protection/microsoft-defender-atp/get-alerts.md | 5 +++-- .../microsoft-defender-atp/get-all-recommendations.md | 1 + .../get-all-vulnerabilities-by-machines.md | 5 +++-- .../microsoft-defender-atp/get-all-vulnerabilities.md | 1 + .../microsoft-defender-atp/get-cvekbmap-collection.md | 2 +- .../microsoft-defender-atp/get-device-secure-score.md | 5 +++-- .../microsoft-defender-atp/get-discovered-vulnerabilities.md | 2 +- .../microsoft-defender-atp/get-domain-related-alerts.md | 5 +++-- .../microsoft-defender-atp/get-domain-related-machines.md | 5 +++-- .../microsoft-defender-atp/get-domain-statistics.md | 5 +++-- .../microsoft-defender-atp/get-exposure-score.md | 5 +++-- .../microsoft-defender-atp/get-file-information.md | 5 +++-- .../microsoft-defender-atp/get-file-related-alerts.md | 5 +++-- .../microsoft-defender-atp/get-file-related-machines.md | 5 +++-- .../microsoft-defender-atp/get-file-statistics.md | 5 +++-- .../microsoft-defender-atp/get-installed-software.md | 1 + .../microsoft-defender-atp/get-investigation-collection.md | 5 +++-- .../microsoft-defender-atp/get-investigation-object.md | 5 +++-- .../microsoft-defender-atp/get-ip-related-alerts.md | 5 +++-- .../microsoft-defender-atp/get-ip-statistics.md | 5 +++-- .../microsoft-defender-atp/get-kbinfo-collection.md | 3 +-- 25 files changed, 63 insertions(+), 39 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md index 6e61e17504..651b49212d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md @@ -21,7 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] -**Applies to:** [Microsoft Defender for Endpoint ](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md index 62db50d08a..7825b85156 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md index 98f64ac8d1..03708c1020 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md @@ -21,7 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md index 3e96ce7383..72be8a0c42 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md @@ -21,7 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md index a7c825d739..f101a9d602 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md index a5cde6e4a0..0c2616e9e7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md @@ -22,6 +22,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [!include[Prerelease information](../../includes/prerelease.md)] diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md index f2de05191d..f2da7275b6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Retrieves a list of all the vulnerabilities affecting the organization per [machine](machine.md) and [software](software.md). - If the vulnerability has a fixing KB, it will appear in the response. diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md index 9847c928d4..a3e95d9c16 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md @@ -22,6 +22,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [!include[Prerelease information](../../includes/prerelease.md)] diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md index 7a5a5aacb3..385c421a26 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md @@ -24,8 +24,8 @@ ROBOTS: NOINDEX **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Retrieves a map of CVE's to KB's and CVE details. diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md index e14a6859a7..4f9e92ddcc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint(https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md index 5b16a71cfc..7f222bc4a9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md @@ -20,9 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Retrieves a collection of discovered vulnerabilities related to a given device ID. diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md index 26fdbad6f4..d9b0b32483 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md index 5bf5182ede..1c2d3fb2bd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint(https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md index cb49efb465..95f80888b4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md index 43d7ac20e9..1b198b2bdb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md index 61ab343580..1767867907 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md index d1c53228ac..b391f38bdf 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md index c60f272c69..8b7bb61eb7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md index 59f525f594..df341da739 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md index 293d458f27..4d1867d87d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md @@ -22,6 +22,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [!include[Prerelease information](../../includes/prerelease.md)] diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md index 296f7c81ce..75c7209471 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md index 6953ccabba..ea31977cd3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md index 6d078cbf15..80e7f081b7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md index b58fd359e9..3d541b25a8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md index e7ac39a93c..26b4ec47c1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md @@ -22,10 +22,9 @@ ROBOTS: NOINDEX [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Retrieves a collection of KB's and KB details. From a40b8a23a8bd7d1e9827a45ffbd7ccba810ad70c Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Tue, 15 Dec 2020 21:31:32 +0530 Subject: [PATCH 05/93] updated-4620497 updated --- .../microsoft-defender-atp/get-user-related-alerts.md | 5 +++-- .../microsoft-defender-atp/get-user-related-machines.md | 5 +++-- .../microsoft-defender-atp/get-vuln-by-software.md | 3 +-- .../microsoft-defender-atp/get-vulnerability-by-id.md | 1 + .../security/threat-protection/microsoft-defender-atp/gov.md | 1 + .../microsoft-defender-atp/grant-mssp-access.md | 3 +-- .../microsoft-defender-atp/helpful-resources.md | 1 + .../import-export-exploit-protection-emet-xml.md | 4 ++-- .../microsoft-defender-atp/indicator-certificates.md | 1 + .../microsoft-defender-atp/indicator-file.md | 1 + .../microsoft-defender-atp/indicator-ip-domain.md | 2 +- .../microsoft-defender-atp/indicator-manage.md | 1 + .../information-protection-in-windows-overview.md | 2 +- .../information-protection-investigation.md | 2 +- .../microsoft-defender-atp/initiate-autoir-investigation.md | 5 +++-- .../microsoft-defender-atp/investigate-alerts.md | 2 +- .../microsoft-defender-atp/investigate-behind-proxy.md | 2 +- .../microsoft-defender-atp/investigate-domain.md | 3 +-- .../microsoft-defender-atp/investigate-files.md | 2 +- .../microsoft-defender-atp/investigate-incidents.md | 1 + .../microsoft-defender-atp/investigate-ip.md | 2 +- .../microsoft-defender-atp/investigate-machines.md | 2 +- .../microsoft-defender-atp/investigate-user.md | 2 +- .../microsoft-defender-atp/investigation.md | 5 +++-- .../microsoft-defender-atp/ios-configure-features.md | 4 ++++ 25 files changed, 37 insertions(+), 25 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md index b6282b18f3..c33872be0e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md index 33fbf7f79a..55c5367cdf 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md index ac266cf40f..1b88d6ba58 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md @@ -20,10 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [!include[Prerelease information](../../includes/prerelease.md)] diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md index 3e66207db5..ddfe9b7613 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md @@ -22,6 +22,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [!include[Prerelease information](../../includes/prerelease.md)] diff --git a/windows/security/threat-protection/microsoft-defender-atp/gov.md b/windows/security/threat-protection/microsoft-defender-atp/gov.md index af348b95bc..ddeee9fffc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/gov.md +++ b/windows/security/threat-protection/microsoft-defender-atp/gov.md @@ -24,6 +24,7 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Microsoft Defender for Endpoint for US Government Community Cloud High (GCC High) customers, built in the US Azure Government environment, uses the same underlying technologies as Defender for Endpoint in Azure Commercial. diff --git a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md index f62c3b418f..131b074f3b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md +++ b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md @@ -21,10 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md b/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md index adc3dd0a3b..e25dc5ca9d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md +++ b/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md @@ -24,6 +24,7 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Access helpful resources such as links to blogs and other resources related to Microsoft Defender for Endpoint. diff --git a/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md b/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md index f496d2d153..8647909960 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md +++ b/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md @@ -21,8 +21,8 @@ manager: dansimp **Applies to:** - -* [Microsoft Defender for Endpoint](microsoft-defender-advanced-threat-protection.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Exploit protection helps protect devices from malware that use exploits to spread and infect. It consists of a number of mitigations that can be applied at either the operating system level, or at the individual app level. diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md index f0439ebf7f..71da3d2842 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md +++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md @@ -25,6 +25,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md index 3e7b8c855d..ec6a1043c3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md +++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md @@ -25,6 +25,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md index 800f2e0f16..3639845fad 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md +++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md @@ -22,9 +22,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md index 569a727336..81c7f458a4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md +++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md @@ -25,6 +25,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md index 74f53cc04c..31dcd3c313 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md @@ -23,8 +23,8 @@ ms.topic: conceptual **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [!include[Prerelease information](../../includes/prerelease.md)] diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md index 30a7574c30..4c4156700e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md @@ -22,8 +22,8 @@ ms.topic: article **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) A typical advanced persistent threat lifecycle involves data exfiltration. In a security incident, it's important to have the ability to prioritize investigations where sensitive files may be jeopardy so that corporate data and information are protected. diff --git a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md index 683be6e6bf..dbc21b4bd8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md index e9ad5814eb..c4e01d5884 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md @@ -26,8 +26,8 @@ ms.date: 04/24/2018 **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md index 42e6837413..33186852c6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md @@ -25,8 +25,8 @@ ms.topic: article **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md index bee61aaabc..a8dfc081a7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md @@ -25,9 +25,8 @@ ms.date: 04/24/2018 **Applies to:** - - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md index a9e415015a..3ca7969948 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md @@ -26,8 +26,8 @@ ms.date: 04/24/2018 **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatefiles-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md index 003cb02227..1eb70e5f19 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md @@ -26,6 +26,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Investigate incidents that affect your network, understand what they mean, and collate evidence to resolve them. diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md index 3647ff20ed..0bdd9fb21d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md @@ -26,8 +26,8 @@ ms.date: 04/24/2018 **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md index c08d0c02f2..a7c48aa610 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md @@ -25,8 +25,8 @@ ms.topic: article **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md index 292ee98eec..f2bfd13fa8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md @@ -25,8 +25,8 @@ ms.date: 04/24/2018 **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatgeuser-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigation.md b/windows/security/threat-protection/microsoft-defender-atp/investigation.md index 9a079ca9cb..aff16dc0e4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigation.md @@ -22,8 +22,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md b/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md index 6c50645b1f..daef5c685b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md @@ -24,6 +24,10 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) + > [!NOTE] > Defender for Endpoint for iOS would use a VPN in order to provide the Web Protection feature. This is not a regular VPN and is a local/self-looping VPN that does not take traffic outside the device. From 7dbd48b899e1df8e4472527359c78e53ccd21da5 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Tue, 15 Dec 2020 22:21:52 +0530 Subject: [PATCH 06/93] updated-4620497 updated --- .../threat-protection/microsoft-defender-atp/ios-install.md | 4 ++++ .../threat-protection/microsoft-defender-atp/ios-privacy.md | 4 ++-- .../threat-protection/microsoft-defender-atp/ios-terms.md | 4 ++++ .../microsoft-defender-atp/isolate-machine.md | 4 +++- .../microsoft-defender-atp/linux-exclusions.md | 4 ++-- .../microsoft-defender-atp/linux-install-manually.md | 4 ++-- .../microsoft-defender-atp/linux-install-with-ansible.md | 4 ++-- .../microsoft-defender-atp/linux-install-with-puppet.md | 4 ++-- .../microsoft-defender-atp/linux-preferences.md | 4 ++-- .../microsoft-defender-atp/linux-privacy.md | 4 ++-- .../threat-protection/microsoft-defender-atp/linux-pua.md | 4 ++-- .../microsoft-defender-atp/linux-resources.md | 4 ++-- .../linux-static-proxy-configuration.md | 4 ++-- .../microsoft-defender-atp/linux-support-connectivity.md | 4 ++-- .../microsoft-defender-atp/linux-support-install.md | 4 ++-- .../microsoft-defender-atp/linux-support-perf.md | 4 ++-- .../microsoft-defender-atp/linux-updates.md | 4 ++-- .../microsoft-defender-atp/live-response-command-examples.md | 3 ++- .../microsoft-defender-atp/live-response.md | 3 +-- .../microsoft-defender-atp/mac-exclusions.md | 4 ++-- .../microsoft-defender-atp/mac-install-jamfpro-login.md | 5 ++--- .../microsoft-defender-atp/mac-install-manually.md | 4 ++-- .../microsoft-defender-atp/mac-install-with-jamf.md | 4 ++-- .../microsoft-defender-atp/mac-install-with-other-mdm.md | 4 ++-- .../microsoft-defender-atp/mac-jamfpro-device-groups.md | 5 ++--- .../microsoft-defender-atp/mac-jamfpro-enroll-devices.md | 4 ++-- 26 files changed, 56 insertions(+), 48 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md index 6f0005e8b9..855be33f20 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md @@ -24,6 +24,10 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) + This topic describes deploying Defender for Endpoint for iOS on Intune Company Portal enrolled devices. For more information about Intune device enrollment, see [Enroll iOS/iPadOS devices in Intune](https://docs.microsoft.com/mem/intune/enrollment/ios-enroll). ## Before you begin diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md index 361ee24da1..bea4f8b740 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md @@ -23,8 +23,8 @@ ms.topic: conceptual # Privacy information - Microsoft Defender for Endpoint for iOS **Applies to:** - -- [Microsoft Defender for Endpoint](microsoft-defender-atp-ios.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) > [!NOTE] > Defender for Endpoint for iOS uses a VPN to provide the Web Protection feature. This is not a regular VPN and is a local or self-looping VPN that does not take traffic outside the device. **Microsoft or your organization, does not see your browsing activity.** diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md index 997e5ed226..99c2a1585c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md @@ -25,6 +25,10 @@ hideEdit: true [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) + ## MICROSOFT APPLICATION LICENSE TERMS: MICROSOFT DEFENDER FOR ENDPOINT diff --git a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md index 98cfaa0d40..b6bf991bcf 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md +++ b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md @@ -21,7 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md index e1e14ad345..2a939b7865 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md @@ -25,8 +25,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This article provides information on how to define exclusions that apply to on-demand scans, and real-time protection and monitoring. diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md index 0b7026d467..31cdf4d0ee 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md @@ -26,8 +26,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This article describes how to deploy Microsoft Defender for Endpoint for Linux manually. A successful deployment requires the completion of all of the following tasks: diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md index 35fe0795ab..d20dbb61df 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md @@ -26,8 +26,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This article describes how to deploy Defender for Endpoint for Linux using Ansible. A successful deployment requires the completion of all of the following tasks: diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md index 46100ac983..131154d289 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md @@ -26,8 +26,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This article describes how to deploy Defender for Endpoint for Linux using Puppet. A successful deployment requires the completion of all of the following tasks: diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md index 2ec4ae0d08..ec07346a41 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md @@ -26,8 +26,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >[!IMPORTANT] >This topic contains instructions for how to set preferences for Defender for Endpoint for Linux in enterprise environments. If you are interested in configuring the product on a device from the command-line, see [Resources](linux-resources.md#configure-from-the-command-line). diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md index 28afe2d32b..c07a3578a6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md @@ -23,8 +23,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Microsoft is committed to providing you with the information and controls you need to make choices about how your data is collected and used when you’re using Defender for Endpoint for Linux. diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md b/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md index ff2da099a2..68e7f23b4e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md @@ -25,8 +25,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) The potentially unwanted application (PUA) protection feature in Defender for Endpoint for Linux can detect and block PUA files on endpoints in your network. diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md b/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md index 3b12f36855..73987788c9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md @@ -26,8 +26,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Collect diagnostic information diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md b/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md index 6f0bf1667a..5c05635456 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md @@ -26,8 +26,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Microsoft Defender ATP can discover a proxy server using the ```HTTPS_PROXY``` environment variable. This setting must be configured **both** at installation time and after the product has been installed. diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md index 74db615cdb..7ddf65b664 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md @@ -26,8 +26,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Run the connectivity test diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md index 9a2bf09a0d..31e67a513e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md @@ -26,8 +26,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Verify if installation succeeded diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md index e6585fc97f..cc909e9afa 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md @@ -25,8 +25,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This article provides some general steps that can be used to narrow down performance issues related to Defender for Endpoint for Linux. diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md b/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md index 7c9fe1e51e..de5f4532b8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md @@ -26,8 +26,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md index 7c5bb16771..db9749d0f9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md +++ b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md @@ -23,7 +23,8 @@ ms.topic: article **Applies to:** -- [Microsoft Defender for Endpoint](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Learn about common commands used in live response and see examples on how they are typically used. diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response.md b/windows/security/threat-protection/microsoft-defender-atp/live-response.md index 312550fb3f..0b5318d4af 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/live-response.md +++ b/windows/security/threat-protection/microsoft-defender-atp/live-response.md @@ -21,10 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Live response gives security operations teams instantaneous access to a device (also referred to as a machine) using a remote shell connection. This gives you the power to do in-depth investigative work and take immediate response actions to promptly contain identified threats—in real time. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md index 2e17fbc6fd..1a5a15f330 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md @@ -25,8 +25,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This article provides information on how to define exclusions that apply to on-demand scans, and real-time protection and monitoring. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md index d1f6337306..27de5d44de 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md @@ -23,10 +23,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - -- [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) 1. Enter your credentials. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md index 7f15b5ad73..064657b978 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md @@ -25,8 +25,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for macOS](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This topic describes how to deploy Microsoft Defender for Endpoint for macOS manually. A successful deployment requires the completion of all of the following steps: - [Download installation and onboarding packages](#download-installation-and-onboarding-packages) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md index fccf7ab83a..4d8f5b0a59 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md @@ -25,8 +25,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Learn how to deploy Microsoft Defender for Endpoint for macOS with Jamf Pro. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md index 509a722b64..044e4550e7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md @@ -25,8 +25,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Prerequisites and system requirements diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md index d0bde6a3d1..327ec51d6f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md @@ -23,10 +23,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - -- [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Set up the device groups similar to Group policy organizational unite (OUs), Microsoft Endpoint Configuration Manager's device collection, and Intune's device groups. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md index d6954e0d90..7e2a462130 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md @@ -25,8 +25,8 @@ ms.topic: conceptual **Applies to:** - -- [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Enroll macOS devices From 9491ceb753d93ad0bd2ef2d64b400f363d79d469 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 16 Dec 2020 11:46:41 +0530 Subject: [PATCH 07/93] updated-4620497 updated --- .../threat-protection/microsoft-defender-atp/mac-privacy.md | 5 ++--- .../threat-protection/microsoft-defender-atp/mac-pua.md | 5 ++--- .../microsoft-defender-atp/mac-resources.md | 5 ++--- .../microsoft-defender-atp/mac-schedule-scan-atp.md | 3 +++ .../microsoft-defender-atp/mac-support-install.md | 2 ++ .../microsoft-defender-atp/mac-support-kext.md | 2 ++ .../microsoft-defender-atp/mac-support-license.md | 2 ++ .../microsoft-defender-atp/mac-support-perf.md | 2 ++ .../microsoft-defender-atp/mac-sysext-policies.md | 3 +++ .../microsoft-defender-atp/mac-sysext-preview.md | 3 +++ .../threat-protection/microsoft-defender-atp/mac-updates.md | 2 ++ .../microsoft-defender-atp/mac-whatsnew.md | 4 ++++ .../microsoft-defender-atp/machine-groups.md | 1 + .../microsoft-defender-atp/machine-reports.md | 1 + .../microsoft-defender-atp/machine-tags.md | 3 +++ .../threat-protection/microsoft-defender-atp/machine.md | 5 +++-- .../microsoft-defender-atp/machineaction.md | 5 +++-- .../microsoft-defender-atp/machines-view-overview.md | 4 ++-- .../microsoft-defender-atp/manage-alerts.md | 2 +- .../manage-atp-post-migration-configuration-manager.md | 2 +- .../manage-atp-post-migration-group-policy-objects.md | 2 +- .../manage-atp-post-migration-intune.md | 2 +- .../manage-atp-post-migration-other-tools.md | 2 +- .../microsoft-defender-atp/manage-atp-post-migration.md | 1 + .../manage-automation-file-uploads.md | 6 +----- .../manage-automation-folder-exclusions.md | 5 +---- .../threat-protection/microsoft-defender-atp/manage-edr.md | 3 +++ 27 files changed, 53 insertions(+), 29 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md index 2bf5eaf608..4b2485bada 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md @@ -23,10 +23,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - -- [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Microsoft is committed to providing you with the information and controls you need to make choices about how your data is collected and used when you’re using Microsoft Defender for Endpoint for Mac. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md b/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md index 7668c4bfd0..4820f1a240 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md @@ -23,10 +23,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - -- [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) The potentially unwanted application (PUA) protection feature in Microsoft Defender for Endpoint for Mac can detect and block PUA files on endpoints in your network. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md index 11549d3a62..938a071c86 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md @@ -23,10 +23,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - -- [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Collecting diagnostic information diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md b/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md index 98d0151efc..93a06cb500 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md @@ -23,6 +23,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) While you can start a threat scan at any time with Microsoft Defender for Endpoint, your enterprise might benefit from scheduled or timed scans. For example, you can schedule a scan to run at the beginning of every workday or week. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md index 4df09099cf..49ab358c4d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md @@ -27,6 +27,8 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Installation failed diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md index 9241a56fdf..2ca36a4873 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md @@ -27,6 +27,8 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This article provides information on how to troubleshoot issues with the kernel extension that is installed as part of Microsoft Defender for Endpoint for Mac. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md index f93f41004d..35e4ec10cd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md @@ -27,6 +27,8 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) While you are going through [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) and [Manual deployment](mac-install-manually.md) testing or a Proof Of Concept (PoC), you might get the following error: diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md index 40e8240cbf..40bf88fbb5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md @@ -27,6 +27,8 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This topic provides some general steps that can be used to narrow down performance issues related to Microsoft Defender for Endpoint for Mac. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md index 73bb94faf9..b8632b1ff3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md @@ -24,6 +24,9 @@ ROBOTS: noindex,nofollow [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) In alignment with macOS evolution, we are preparing a Microsoft Defender for Endpoint for Mac update that leverages system extensions instead of kernel extensions. This update will only be applicable to macOS Catalina (10.15.4) and newer versions of macOS. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md index 9eacf9f1c6..4e180f97ac 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md @@ -24,6 +24,9 @@ ROBOTS: noindex,nofollow [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) In alignment with macOS evolution, we are preparing a Defender for Endpoint for Mac update that leverages system extensions instead of kernel extensions. This update will only be applicable to macOS Catalina (10.15.4) and newer versions of macOS. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md b/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md index 7db11e8873..dbecac6a22 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md @@ -27,6 +27,8 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index 692a50914e..1aac2f2e9f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -23,6 +23,10 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) + > [!IMPORTANT] > On macOS 11 (Big Sur), Microsoft Defender for Endpoint requires additional configuration profiles. If you are an existing customer upgrading from earlier versions of macOS, make sure to deploy the additional configuration profiles listed on [this page](mac-sysext-policies.md). diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md index 3b19a5d4f9..1988df1790 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md @@ -27,6 +27,7 @@ ms.topic: article - Azure Active Directory - Office 365 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) In an enterprise scenario, security operation teams are typically assigned a set of devices. These devices are grouped together based on a set of attributes such as their domains, computer names, or designated tags. diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md index 45864dd1d6..e5db586297 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md @@ -24,6 +24,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) The devices status report provides high-level information about the devices in your organization. The report includes trending information showing the sensor health state, antivirus status, OS platforms, and Windows 10 versions. diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md index 73940895f1..768e8270b7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md @@ -21,6 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Add tags on devices to create a logical group affiliation. Device tags support proper mapping of the network, enabling you to attach different tags to capture context and to enable dynamic list creation as part of an incident. Tags can be used as a filter in **Devices list** view, or to group devices. For more information on device grouping, see [Create and manage device groups](machine-groups.md). diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md index 817ecce65b..42d8efa0dd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machineaction.md b/windows/security/threat-protection/microsoft-defender-atp/machineaction.md index 94f6a0a86b..c85800023a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machineaction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machineaction.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md index fae0dfc00e..3f7d9f6290 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md @@ -23,8 +23,8 @@ ms.topic: article **Applies to:** - -- [Microsoft Defender for Endpoint)](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-machinesview-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md index 92810d1d1f..8862ac7822 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md @@ -21,9 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-managealerts-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md index a0a93f2dc7..38dceefad0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md @@ -26,9 +26,9 @@ ms.reviewer: chventou [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) We recommend using We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem), which includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) (Intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction) (Configuration Manager) to manage your organization's threat protection features for devices (also referred to as endpoints). - [Learn more about Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md index c9fe3f4c85..9d8b3a42b1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md @@ -26,9 +26,9 @@ ms.reviewer: chventou [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) > [!NOTE] > We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem) to manage your organization's threat protection features for devices (also referred to as endpoints). Endpoint Manager includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction). **[Learn more about Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview)**. diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md index 94a77a1007..e919ae28a4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md @@ -26,9 +26,9 @@ ms.reviewer: chventou [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem), which includes Microsoft Intune (Intune) to manage your organization's threat protection features for devices (also referred to as endpoints). [Learn more about Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview). diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md index 339857a351..cdd5938c30 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md @@ -26,9 +26,9 @@ ms.reviewer: chventou [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) > [!NOTE] > We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem) to manage your organization's threat protection features for devices (also referred to as endpoints). Endpoint Manager includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction). diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md index 7d186a373a..ed982d2bab 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md @@ -29,6 +29,7 @@ ms.reviewer: chventou **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) After you have moved from your previous endpoint protection and antivirus solution to Microsoft Defender for Endpoint, your next step is to manage your features and capabilities. We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview), which includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction), to manage your organization's devices and security settings. However, you can use other tools/methods, such as [Group Policy Objects in Azure Active Directory Domain Services](https://docs.microsoft.com/azure/active-directory-domain-services/manage-group-policy). diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md index a82c4c98cc..ef23f1447a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md @@ -21,13 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automationefileuploads-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md index c60093cd86..4be4861255 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md @@ -23,11 +23,8 @@ ms.topic: article **Applies to:** - - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automationexclusionfolder-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md index 458c0798ce..bafeede5a8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md @@ -24,6 +24,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Manage the alerts queue, investigate devices in the devices list, take response actions, and hunt for possible threats in your organization using advanced hunting. From e8bbccb49cda9f43a0b8640630d01f5ad606644c Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 16 Dec 2020 13:09:28 +0530 Subject: [PATCH 08/93] updated-4620497 updated --- .../threat-protection/microsoft-defender-atp/manage-edr.md | 3 +++ .../microsoft-defender-atp/manage-incidents.md | 1 + .../microsoft-defender-atp/manage-indicators.md | 3 +-- .../microsoft-defender-atp/manage-suppression-rules.md | 2 +- .../microsoft-defender-atp/management-apis.md | 2 +- .../mcafee-to-microsoft-defender-migration.md | 3 +++ .../mcafee-to-microsoft-defender-onboard.md | 3 +++ .../mcafee-to-microsoft-defender-prepare.md | 4 ++++ .../mcafee-to-microsoft-defender-setup.md | 3 +++ .../microsoft-cloud-app-security-config.md | 3 +-- .../microsoft-cloud-app-security-integration.md | 5 +++-- .../microsoft-defender-advanced-threat-protection.md | 3 +++ .../microsoft-defender-atp/microsoft-defender-atp-android.md | 3 +++ .../microsoft-defender-atp/microsoft-defender-atp-ios.md | 4 ++++ .../microsoft-defender-atp/microsoft-defender-atp-linux.md | 3 +++ .../microsoft-defender-atp/microsoft-defender-atp-mac.md | 3 +++ .../microsoft-defender-security-center.md | 3 +++ .../microsoft-defender-atp/microsoft-threat-experts.md | 1 + .../microsoft-defender-atp/migration-guides.md | 3 +++ .../microsoft-defender-atp/minimum-requirements.md | 2 +- .../threat-protection/microsoft-defender-atp/mssp-list.md | 2 +- .../threat-protection/microsoft-defender-atp/mssp-support.md | 2 +- .../microsoft-defender-atp/network-protection.md | 3 +-- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 2 +- .../threat-protection/microsoft-defender-atp/non-windows.md | 2 +- 25 files changed, 53 insertions(+), 15 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md index 458c0798ce..bafeede5a8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md @@ -24,6 +24,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Manage the alerts queue, investigate devices in the devices list, take response actions, and hunt for possible threats in your organization using advanced hunting. diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md b/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md index 4fa8c2f463..493023678c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md @@ -26,6 +26,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Managing incidents is an important part of every cybersecurity operation. You can manage incidents by selecting an incident from the **Incidents queue** or the **Incidents management pane**. diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md index e13c8bff5c..4a8307b45f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md @@ -22,10 +22,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md b/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md index bf6e43d5b2..067864deb3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md @@ -23,8 +23,8 @@ ms.topic: article **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) There might be scenarios where you need to suppress alerts from appearing in the portal. You can create suppression rules for specific alerts that are known to be innocuous such as known tools or processes in your organization. For more information on how to suppress alerts, see [Suppress alerts](manage-alerts.md). diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md index 4be39cf3be..b854f14c18 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md +++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md @@ -22,9 +22,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mgt-apis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md index efb438eb60..c0a76d0fa8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md @@ -28,6 +28,9 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) If you are planning to switch from McAfee Endpoint Security (McAfee) to [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection) (Microsoft Defender for Endpoint), you're in the right place. Use this article as a guide to plan your migration. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md index d38a5977e8..a0e94b3305 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md @@ -28,6 +28,9 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) |[![Phase 1: Prepare](images/prepare.png)](mcafee-to-microsoft-defender-prepare.md)
[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |[![Phase 2: Set up](images/setup.png)](mcafee-to-microsoft-defender-setup.md)
[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |![Phase 3: Onboard](images/onboard.png)
Phase 3: Onboard | |--|--|--| diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md index 3dd9c47fba..31abf8eea2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md @@ -28,6 +28,10 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) + |![Phase 1: Prepare](images/prepare.png)
Phase 1: Prepare |[![Phase 2: Set up](images/setup.png)](mcafee-to-microsoft-defender-setup.md)
[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |[![Phase 3: Onboard](images/onboard.png)](mcafee-to-microsoft-defender-onboard.md)
[Phase 3: Onboard](mcafee-to-microsoft-defender-onboard.md) | |--|--|--| diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md index bbd1030800..8338f70288 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md @@ -28,6 +28,9 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) |[![Phase 1: Prepare](images/prepare.png)](mcafee-to-microsoft-defender-prepare.md)
[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |![Phase 2: Set up](images/setup.png)
Phase 2: Set up |[![Phase 3: Onboard](images/onboard.png)](mcafee-to-microsoft-defender-onboard.md)
[Phase 3: Onboard](mcafee-to-microsoft-defender-onboard.md) | |--|--|--| diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md index a05d99d1d6..f97c289ff3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md @@ -22,10 +22,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) To benefit from Microsoft Defender for Endpoint cloud app discovery signals, turn on Microsoft Cloud App Security integration. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md index 87814b1b25..6fb50d90da 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md @@ -23,10 +23,11 @@ ms.date: 10/18/2018 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +[!include[Prerelease information](../../includes/prerelease.md)] + **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - -[!include[Prerelease information](../../includes/prerelease.md)] +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Microsoft Cloud App Security (Cloud App Security) is a comprehensive solution that gives visibility into cloud apps and services by allowing you to control and limit access to cloud apps, while enforcing compliance requirements on data stored in the cloud. For more information, see [Cloud App Security](https://docs.microsoft.com/cloud-app-security/what-is-cloud-app-security). diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index fc37668b46..085f783ff2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -21,6 +21,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) > For more info about Windows 10 Enterprise Edition features and functionality, see [Windows 10 Enterprise edition](https://www.microsoft.com/WindowsForBusiness/buy). diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md index 8fe16c9e8d..889f565e87 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md @@ -24,6 +24,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This topic describes how to install, configure, update, and use Defender for Endpoint for Android. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md index 7aa02ac093..5594be464c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md @@ -24,6 +24,10 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) + **Microsoft Defender for Endpoint for iOS** will offer protection against phishing and unsafe network connections from websites, emails, and apps. All alerts will be available through a single pane of glass in the Microsoft Defender Security Center. The portal gives security teams a centralized view of threats on iOS devices along with other platforms. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index 87dd24a90d..44e62a283e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -24,6 +24,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This topic describes how to install, configure, update, and use Microsoft Defender for Endpoint for Linux. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md index 0ec7a8050c..d0d840d6d0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md @@ -24,6 +24,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This topic describes how to install, configure, update, and use Defender for Endpoint for Mac. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md index b9fff07022..5f28deb01e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md @@ -23,6 +23,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Microsoft Defender Security Center is the portal where you can access Microsoft Defender for Endpoint capabilities. It gives enterprise security operations teams a single pane of glass experience to help secure networks. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md index d73aa55b7b..59ccfffccb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md @@ -26,6 +26,7 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Microsoft Threat Experts is a managed threat hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed. diff --git a/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md b/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md index 24527c0a89..ceb8db05a3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md +++ b/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md @@ -22,6 +22,9 @@ ms.date: 09/24/2020 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ## Migration guides diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md index 98cb4690dd..5d5a31488c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md +++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md @@ -21,9 +21,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) There are some minimum requirements for onboarding devices to the service. Learn about the licensing, hardware and software requirements, and other configuration settings to onboard devices to the service. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md index 0bf437cb62..29c657c86e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md @@ -20,8 +20,8 @@ ms.topic: article # Supported managed security service providers **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Logo |Partner name | Description :---|:---|:--- diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md index e6d53ec221..730662b970 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md @@ -21,9 +21,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md index 0b6737027d..cf325c653b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md @@ -22,10 +22,9 @@ ms.custom: asr [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Network protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet. diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index d0317cd1ba..b14ee0271d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -22,8 +22,8 @@ ms.topic: overview [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/non-windows.md b/windows/security/threat-protection/microsoft-defender-atp/non-windows.md index 0cce3c728b..6c6358a9b5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/non-windows.md +++ b/windows/security/threat-protection/microsoft-defender-atp/non-windows.md @@ -24,7 +24,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Microsoft has been on a journey to extend its industry leading endpoint security capabilities beyond Windows and Windows Server to macOS, Linux, Android, and From 02e5e9c53dc9205d0b34e2338d90a260435f63e6 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 16 Dec 2020 15:00:55 +0530 Subject: [PATCH 09/93] updated-24620497 updated --- .../Onboard-Windows-10-multi-session-device.md | 3 +++ .../microsoft-defender-atp/offboard-machine-api.md | 5 +++-- .../microsoft-defender-atp/offboard-machines.md | 1 + .../microsoft-defender-atp/onboard-configure.md | 2 +- .../microsoft-defender-atp/onboard-downlevel.md | 1 + .../microsoft-defender-atp/onboard-offline-machines.md | 1 + .../threat-protection/microsoft-defender-atp/onboard.md | 2 +- .../onboarding-endpoint-configuration-manager.md | 1 + .../microsoft-defender-atp/onboarding-endpoint-manager.md | 2 +- .../microsoft-defender-atp/onboarding-notification.md | 2 +- .../threat-protection/microsoft-defender-atp/onboarding.md | 2 +- .../overview-attack-surface-reduction.md | 5 ++--- .../microsoft-defender-atp/overview-custom-detections.md | 1 + .../overview-endpoint-detection-response.md | 2 +- .../overview-hardware-based-isolation.md | 5 +++-- .../microsoft-defender-atp/partner-applications.md | 2 +- .../microsoft-defender-atp/partner-integration.md | 3 ++- .../microsoft-defender-atp/portal-overview.md | 1 + .../microsoft-defender-atp/post-ti-indicator.md | 5 +++-- .../microsoft-defender-atp/preferences-setup.md | 2 ++ .../microsoft-defender-atp/prepare-deployment.md | 3 +-- .../microsoft-defender-atp/preview-settings.md | 2 +- .../threat-protection/microsoft-defender-atp/preview.md | 1 + .../microsoft-defender-atp/production-deployment.md | 1 + .../microsoft-defender-atp/pull-alerts-using-rest-api.md | 1 + 25 files changed, 36 insertions(+), 20 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md b/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md index 928df9d3fd..37ffe71d5e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md +++ b/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md @@ -23,6 +23,9 @@ manager: dansimp Applies to: - Windows 10 multi-session running on Windows Virtual Desktop (WVD) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) + > [!IMPORTANT] > Welcome to Microsoft Defender for Endpoint, the new name for Microsoft Defender for Endpoint. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future. diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md index 8cc6f7bed9..41a63e43bb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md +++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md index 3eb9642bf4..204d6c9c0f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md @@ -28,6 +28,7 @@ ms.topic: conceptual - Windows Server 2012 R2 - Windows Server 2016 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-offboarddevices-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md index 1a625303aa..ca25d5a1ad 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md @@ -21,9 +21,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) [!include[Prerelease information](../../includes/prerelease.md)] diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md index f99a9fbab3..815a6139dd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md @@ -29,6 +29,7 @@ ms.topic: article - Windows 8.1 Pro - Windows 8.1 Enterprise - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-downlevel-abovefoldlink). diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md index e3aea210fc..fe2804290e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md @@ -25,6 +25,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) To onboard devices without Internet access, you'll need to take the following general steps: diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard.md b/windows/security/threat-protection/microsoft-defender-atp/onboard.md index d35f1668f8..87831075d7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboard.md @@ -23,8 +23,8 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Configure and manage all the Defender for Endpoint capabilities to get the best security protection for your organization. diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md index 87b9afcb05..1e788eab51 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md @@ -25,6 +25,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) This article is part of the Deployment guide and acts as an example onboarding method that guides users in: - Step 1: Onboarding Windows devices to the service diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md index 1c87de1aa1..69308b1069 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md @@ -25,7 +25,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md index ff6119eee4..b598e8b95d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md @@ -21,9 +21,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Create a notification rule so that when a local onboarding or offboardiing script is used, you'll be notified. diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding.md index f79266bf23..41626f31a2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding.md @@ -25,7 +25,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Deploying Defender for Endpoint is a three-phase process: diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md index 6f7a10acf3..c560286379 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md @@ -23,10 +23,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - -* [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Help reduce your attack surfaces, by minimizing the places where your organization is vulnerable to cyberthreats and attacks. Use the following resources to configure protection for the devices and applications in your organization. diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md index 9135f4ebe0..af438b69b1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md @@ -24,6 +24,7 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) With custom detections, you can proactively monitor for and respond to various events and system states, including suspected breach activity and misconfigured devices. You can do this with customizable detection rules that automatically trigger alerts and response actions. diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md b/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md index f79f0792f3..caff10f756 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md @@ -24,8 +24,8 @@ ms.topic: conceptual **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Defender for Endpoint endpoint detection and response capabilities provide advanced attack detections that are near real-time and actionable. Security analysts can prioritize alerts effectively, gain visibility into the full scope of a breach, and take response actions to remediate threats. diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md b/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md index c1705995b8..882adef417 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md @@ -21,8 +21,9 @@ ms.date: 09/07/2018 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Hardware-based isolation helps protect system integrity in Windows 10 and is integrated with Microsoft Defender for Endpoint. diff --git a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md index af671e6890..0576b900d9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md +++ b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md @@ -23,8 +23,8 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] **Applies to:** - - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Defender for Endpoint supports third-party applications to help enhance the detection, investigation, and threat intelligence capabilities of the platform. diff --git a/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md b/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md index 349dc8d30d..1643e00f0b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md @@ -23,8 +23,9 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] -**Applies to:** +**Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md index e4679370bb..fcf3f127d0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md @@ -24,6 +24,7 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md index ab2b412ae2..13472618b4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md +++ b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md @@ -20,8 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - -**Applies to:** [Microsoft Defender for Endpoint]https://go.microsoft.com/fwlink/p/?linkid=2146631) +**Applies to:** +- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md b/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md index 335e716372..5425f45098 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md +++ b/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md @@ -24,6 +24,8 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) + >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-prefsettings-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md index fdec9e6465..96825f43c6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md @@ -24,10 +24,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md b/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md index 8c1f70f474..295e6f17f8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md +++ b/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md @@ -20,9 +20,9 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-previewsettings-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md index ef3c2f75b8..ee0c75f426 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md @@ -28,6 +28,7 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) The Defender for Endpoint service is constantly being updated to include new feature enhancements and capabilities. diff --git a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md index 516c64e1b5..9d6c7b65fd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md @@ -27,6 +27,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) Deploying Defender for Endpoint is a three-phase process: diff --git a/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md b/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md index d656f995c8..765b46c8d4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md +++ b/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md @@ -24,6 +24,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) From a2a852831943588906769b1c671c4de4f10440cb Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Mon, 4 Jan 2021 12:31:06 +0530 Subject: [PATCH 10/93] updated to fix warnings --- .../microsoft-defender-atp/behavioral-blocking-containment.md | 3 ++- .../microsoft-defender-atp/client-behavioral-blocking.md | 3 ++- .../microsoft-defender-atp/collect-investigation-package.md | 1 - .../threat-protection/microsoft-defender-atp/common-errors.md | 2 ++ .../threat-protection/microsoft-defender-atp/community.md | 3 +-- .../microsoft-defender-atp/conditional-access.md | 1 - .../microsoft-defender-atp/configure-arcsight.md | 2 -- .../configure-attack-surface-reduction.md | 2 ++ .../configure-automated-investigations-remediation.md | 2 ++ .../microsoft-defender-atp/configure-conditional-access.md | 2 ++ .../microsoft-defender-atp/configure-email-notifications.md | 1 - .../microsoft-defender-atp/configure-endpoints-gp.md | 4 ---- .../microsoft-defender-atp/configure-endpoints-mdm.md | 1 - .../microsoft-defender-atp/configure-endpoints-sccm.md | 2 -- .../microsoft-defender-atp/configure-endpoints-script.md | 4 ---- .../microsoft-defender-atp/configure-endpoints-vdi.md | 3 ++- .../microsoft-defender-atp/configure-endpoints.md | 2 ++ .../configure-microsoft-threat-experts.md | 2 ++ .../microsoft-defender-atp/configure-mssp-support.md | 1 - 19 files changed, 19 insertions(+), 22 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md b/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md index b9812f96f1..3ec246620e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md @@ -24,11 +24,12 @@ ms.collection: [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + ## Overview Today’s threat landscape is overrun by [fileless malware](https://docs.microsoft.com/windows/security/threat-protection/intelligence/fileless-threats) and that lives off the land, highly polymorphic threats that mutate faster than traditional solutions can keep up with, and human-operated attacks that adapt to what adversaries find on compromised devices. Traditional security solutions are not sufficient to stop such attacks; you need artificial intelligence (AI) and device learning (ML) backed capabilities, such as behavioral blocking and containment, included in [Defender for Endpoint](https://docs.microsoft.com/windows/security). diff --git a/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md b/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md index bc4df2fd36..966a58cfa5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md +++ b/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md @@ -24,11 +24,12 @@ ms.collection: [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + ## Overview Client behavioral blocking is a component of [behavioral blocking and containment capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment) in Defender for Endpoint. As suspicious behaviors are detected on devices (also referred to as clients or endpoints), artifacts (such as files or applications) are blocked, checked, and remediated automatically. diff --git a/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md b/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md index 7353a6bf79..c9e7d04727 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md +++ b/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md @@ -21,7 +21,6 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md index c43240cb86..a6b9f38340 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md +++ b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md @@ -20,6 +20,8 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + * The error codes listed in the following table may be returned by an operation on any of Microsoft Defender for Endpoint APIs. * Note that in addition to the error code, every error response contains an error message which can help resolving the problem. * Note that the message is a free text that can be changed. diff --git a/windows/security/threat-protection/microsoft-defender-atp/community.md b/windows/security/threat-protection/microsoft-defender-atp/community.md index 133d2cab9b..aca63dbec7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/community.md +++ b/windows/security/threat-protection/microsoft-defender-atp/community.md @@ -23,12 +23,11 @@ ms.date: 04/24/2018 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) The Defender for Endpoint Community Center is a place where community members can learn, collaborate, and share experiences about the product. diff --git a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md index 2547e77520..3c7616a751 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md +++ b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md @@ -21,7 +21,6 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md index 026974fa1b..337283c16d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md @@ -25,8 +25,6 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - - >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configurearcsight-abovefoldlink) You'll need to install and configure some files and tools to use Micro Focus ArcSight so that it can pull Defender for Endpoint detections. diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md index c19655f2e1..7c88e93210 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md @@ -25,6 +25,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + You can configure attack surface reduction with a number of tools, including: * Microsoft Intune diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md index 572a80986e..b44f840a87 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md @@ -28,6 +28,8 @@ ms.reviewer: ramarom, evaldm, isco, mabraitm, chriggs - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + If your organization is using [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/) (Defender for Endpoint), [automated investigation and remediation capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations) can save your security operations team time and effort. As outlined in [this blog post](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/enhance-your-soc-with-microsoft-defender-atp-automatic/ba-p/848946), these capabilities mimic the ideal steps that a security analyst takes to investigate and remediate threats. [Learn more about automated investigation and remediation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations). To configure automated investigation and remediation, [turn on the features](#turn-on-automated-investigation-and-remediation), and then [set up device groups](#set-up-device-groups). diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md index 179220a82c..8bfd92faee 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md @@ -25,6 +25,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + This section guides you through all the steps you need to take to properly implement Conditional Access. ### Before you begin diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md index 359e660d49..b8dd4d9e71 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md @@ -25,7 +25,6 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-emailconfig-abovefoldlink) You can configure Defender for Endpoint to send email notifications to specified recipients for new alerts. This feature enables you to identify a group of individuals who will immediately be informed and can act on alerts based on their severity. diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md index 2f52e87c77..3df6762609 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md @@ -22,16 +22,12 @@ ms.date: 04/24/2018 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - Group Policy - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - - - >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointsgp-abovefoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md index 7f93a3b0d0..0bd6a48334 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md @@ -21,7 +21,6 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md index 4f17253970..90afcaf90c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md @@ -22,7 +22,6 @@ ms.date: 02/07/2020 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) @@ -53,7 +52,6 @@ Starting in Configuration Manager version 2002, you can onboard the following op ### Onboard devices using System Center Configuration Manager - [![Image of the PDF showing the various deployment paths](images/onboard-config-mgr.png)](images/onboard-config-mgr.png#lightbox) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md index d063e91f81..8b0a6e9847 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md @@ -21,12 +21,8 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - - - >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointsscript-abovefoldlink) You can also manually onboard individual devices to Defender for Endpoint. You might want to do this first when testing the service before you commit to onboarding all devices in your network. diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md index c2143a8c0d..ad52218ac7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md @@ -22,11 +22,12 @@ ms.date: 04/16/2020 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + >[!WARNING] > Microsoft Defender for Endpoint support for Windows Virtual Desktop multi-user scenarios is currently in Preview and limited up to 25 concurrent sessions per host/VM. However single session scenarios on Windows Virtual Desktop are fully supported. diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md index e11efc3916..5b7651cff2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md @@ -26,6 +26,8 @@ ms.topic: conceptual - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - [Microsoft 365 Endpoint data loss prevention (DLP)](/microsoft-365/compliance/endpoint-dlp-learn-about) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + Devices in your organization must be configured so that the Defender for Endpoint service can get sensor data from them. There are various methods and deployment tools that you can use to configure the devices in your organization. The following deployment tools and methods are supported: diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md index c3033e6e9b..8fb0ce1dd0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md @@ -28,6 +28,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + ## Before you begin > [!NOTE] > Discuss the eligibility requirements with your Microsoft Technical Service provider and account team before you apply to the managed threat hunting service. diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md index 69475ea801..f82c9abd56 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md @@ -27,7 +27,6 @@ ms.topic: article >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink) - [!include[Prerelease information](../../includes/prerelease.md)] You'll need to take the following configuration steps to enable the managed security service provider (MSSP) integration. From b8b2fe81654cc59043366341b1a1148f713a1294 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Mon, 4 Jan 2021 13:02:31 +0530 Subject: [PATCH 11/93] updated updated warnings --- .../microsoft-defender-atp/connected-applications.md | 1 + .../microsoft-defender-atp/contact-support.md | 2 ++ .../microsoft-defender-atp/controlled-folders.md | 2 ++ .../microsoft-defender-atp/custom-detection-rules.md | 2 ++ .../microsoft-defender-atp/custom-detections-manage.md | 2 ++ .../customize-attack-surface-reduction.md | 2 ++ .../microsoft-defender-atp/customize-controlled-folders.md | 2 ++ .../microsoft-defender-atp/customize-exploit-protection.md | 2 ++ .../microsoft-defender-atp/data-retention-settings.md | 1 - .../microsoft-defender-atp/data-storage-privacy.md | 3 +-- .../microsoft-defender-atp/defender-compatibility.md | 1 - .../microsoft-defender-atp/delete-ti-indicator-by-id.md | 2 +- .../microsoft-defender-atp/deployment-phases.md | 2 ++ .../microsoft-defender-atp/deployment-rings.md | 1 + .../microsoft-defender-atp/device-timeline-event-flag.md | 2 ++ .../microsoft-defender-atp/edr-in-block-mode.md | 2 ++ .../microsoft-defender-atp/enable-attack-surface-reduction.md | 2 ++ .../microsoft-defender-atp/enable-controlled-folders.md | 3 ++- .../microsoft-defender-atp/enable-exploit-protection.md | 2 ++ .../microsoft-defender-atp/enable-network-protection.md | 2 ++ 20 files changed, 32 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md index 6744927292..4f45c8ee82 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md +++ b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md @@ -26,6 +26,7 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) Connected applications integrates with the Defender for Endpoint platform using APIs. diff --git a/windows/security/threat-protection/microsoft-defender-atp/contact-support.md b/windows/security/threat-protection/microsoft-defender-atp/contact-support.md index b323d8069b..618866e723 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/contact-support.md +++ b/windows/security/threat-protection/microsoft-defender-atp/contact-support.md @@ -26,6 +26,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + Defender for Endpoint has recently upgraded the support process to offer a more modern and advanced support experience. The new widget allows customers to: diff --git a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md index bdd720eab1..0b7135bc43 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md @@ -25,6 +25,8 @@ ms.custom: asr - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + ## What is controlled folder access? Controlled folder access helps you protect your valuable data from malicious apps and threats, like ransomware. Controlled folder access protects your data by checking apps against a list of known, trusted apps. Supported on Windows Server 2019 and Windows 10 clients, controlled folder access can be turned on using the Windows Security App or in Microsoft Endpoint Configuration Manager and Intune (for managed devices). diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md index f47b66c90f..1a12b9f774 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md +++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md @@ -27,6 +27,8 @@ ms.date: 09/20/2020 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + Custom detection rules built from [advanced hunting](advanced-hunting-overview.md) queries let you proactively monitor various events and system states, including suspected breach activity and misconfigured devices. You can set them to run at regular intervals, generating alerts and taking response actions whenever there are matches. Read this article to learn how to create new custom detection rules. Or [see viewing and managing existing rules](custom-detections-manage.md). diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md index cd17efa6b8..8472b9d407 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md +++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md @@ -27,6 +27,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + Manage your existing [custom detection rules](custom-detection-rules.md) to ensure they are effectively finding threats and taking actions. Explore how to view the list of rules, check their previous runs, and review the alerts they have triggered. You can also run a rule on demand and modify it. ## Required permissions diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md index 03a274b066..c78ae8bbdd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md @@ -23,6 +23,8 @@ manager: dansimp - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + > [!IMPORTANT] > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md index b6570ffae3..6aaa3cb25f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md @@ -23,6 +23,8 @@ manager: dansimp - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + Controlled folder access helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is supported on Windows Server 2019 and Windows 10 clients. This article describes how to customize the following settings of the controlled folder access feature with the Windows Security app, Group Policy, PowerShell, and mobile device management (MDM) configuration service providers (CSPs). diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md index fa16ddf58a..3074177f5c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md @@ -23,6 +23,8 @@ manager: dansimp - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + Exploit protection automatically applies a number of exploit mitigation techniques on both the operating system processes and on individual apps. Configure these settings using the Windows Security app on an individual device. Then, export the configuration as an XML file so you can deploy to other devices. Use Group Policy to distribute the XML file to multiple devices at once. You can also configure the mitigations with PowerShell. diff --git a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md index df983743ae..7e08211b85 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md +++ b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md @@ -25,7 +25,6 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-gensettings-abovefoldlink) During the onboarding process, a wizard takes you through the data storage and retention settings of Defender for Endpoint. diff --git a/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md index 0b69d38538..c034eccfee 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md @@ -21,12 +21,11 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) This section covers some of the most frequently asked questions regarding privacy and data handling for Defender for Endpoint. > [!NOTE] diff --git a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md index 28d34ad383..133552f4d9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md +++ b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md @@ -22,7 +22,6 @@ ms.date: 04/24/2018 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md index 4d1f037200..f2b626b001 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md +++ b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md index 2c443f3d9e..8a3d50c989 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md +++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md @@ -27,6 +27,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + Learn how to deploy Microsoft Defender for Endpoint so that your enterprise can take advantage of preventative protection, post-breach detection, automated investigation, and response. diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md index 1c6eaca4d0..e6c3efe84f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md +++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md @@ -28,6 +28,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) Deploying Microsoft Defender ATP can be done using a ring-based deployment approach. diff --git a/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md b/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md index 67c3961a98..c63c41272e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md +++ b/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md @@ -24,6 +24,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + Event flags in the Defender for Endpoint device timeline help you filter and organize specific events when you're investigate potential attacks. The Defender for Endpoint device timeline provides a chronological view of the events and associated alerts observed on a device. This list of events provides full visibility into any events, files, and IP addresses observed on the device. The list can sometimes be lengthy. Device timeline event flags help you track events that could be related. diff --git a/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md b/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md index f190d344a8..02d9b7bad3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md +++ b/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md @@ -29,6 +29,8 @@ ms.collection: - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + ## What is EDR in block mode? When [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) (EDR) in block mode is turned on, Defender for Endpoint blocks malicious artifacts or behaviors that are observed through post-breach protection. EDR in block mode works behind the scenes to remediate malicious artifacts that are detected, post breach. diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md index 9464fb22dd..efb01ac27a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md @@ -23,6 +23,8 @@ manager: dansimp - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + [Attack surface reduction rules](attack-surface-reduction.md) (ASR rules) help prevent actions that malware often abuses to compromise devices and networks. You can set ASR rules for devices running any of the following editions and versions of Windows: - Windows 10 Pro, [version 1709](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1709) or later - Windows 10 Enterprise, [version 1709](https://docs.microsoft.com/windows/whats-new/whats-new-windows-10-version-1709) or later diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md index 1e040286f7..17267c1aba 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md @@ -19,11 +19,12 @@ manager: dansimp [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + [Controlled folder access](controlled-folders.md) helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is included with Windows 10 and Windows Server 2019. You can enable controlled folder access by using any of these methods: diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md index 2e4c2b5cb0..8656a725ca 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md @@ -22,6 +22,8 @@ manager: dansimp - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + [Exploit protection](exploit-protection.md) helps protect against malware that uses exploits to infect devices and spread. Exploit protection consists of a number of mitigations that can be applied to either the operating system or individual apps. > [!IMPORTANT] diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md index 41c19a2a84..f9243e9746 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md @@ -22,6 +22,8 @@ manager: dansimp - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) + [Network protection](network-protection.md) helps to prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the internet. You can [audit network protection](evaluate-network-protection.md) in a test environment to view which apps would be blocked before you enable it. [Learn more about network filtering configuration options](https://docs.microsoft.com/mem/intune/protect/endpoint-protection-windows-10#network-filtering) From be0916e9e6037b96a59d06282e18d79cbbe217f8 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Mon, 4 Jan 2021 13:19:41 +0530 Subject: [PATCH 12/93] update updates to fix issues --- .../threat-protection/microsoft-defender-atp/contact-support.md | 2 +- .../microsoft-defender-atp/delete-ti-indicator-by-id.md | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/contact-support.md b/windows/security/threat-protection/microsoft-defender-atp/contact-support.md index 618866e723..e7d04897b7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/contact-support.md +++ b/windows/security/threat-protection/microsoft-defender-atp/contact-support.md @@ -42,7 +42,7 @@ At a minimum, you must have a Service Support Administrator **OR** Helpdesk Admi For more information on which roles have permission see, [Security Administrator permissions](https://docs.microsoft.com/azure/active-directory/users-groups-roles/directory-assign-admin-roles#security-administrator-permissions). Roles that include the action `microsoft.office365.supportTickets/allEntities/allTasks` can submit a case. -For general information on admin roles, see [About admin roles](https://docs.microsoft.com/microsoft-365/admin/add-users/about-admin-roles?view=o365-worldwide). +For general information on admin roles, see [About admin roles](https://docs.microsoft.com/microsoft-365/admin/add-users/about-admin-roles?view=o365-worldwide&preserve-view=true). ## Access the widget diff --git a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md index f2b626b001..3420215a33 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md +++ b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md @@ -51,7 +51,6 @@ Delete https://api.securitycenter.windows.com/api/indicators/{id} [!include[Improve request performance](../../includes/improve-request-performance.md)] - ## Request headers Name | Type | Description From c51ad422e519863f8945a51d48bde6a90276e7dd Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Mon, 4 Jan 2021 16:19:15 +0530 Subject: [PATCH 13/93] updated review comments updated --- .../microsoft-defender-atp/get-alert-related-files-info.md | 4 ++-- .../microsoft-defender-atp/get-alert-related-ip-info.md | 2 +- .../microsoft-defender-atp/get-alert-related-machine-info.md | 2 +- .../microsoft-defender-atp/get-alert-related-user-info.md | 2 +- .../threat-protection/microsoft-defender-atp/get-alerts.md | 2 +- .../microsoft-defender-atp/get-all-recommendations.md | 3 +++ .../get-all-vulnerabilities-by-machines.md | 3 +++ .../microsoft-defender-atp/get-all-vulnerabilities.md | 3 +++ .../microsoft-defender-atp/get-cvekbmap-collection.md | 3 ++- .../microsoft-defender-atp/get-device-secure-score.md | 2 +- .../microsoft-defender-atp/get-discovered-vulnerabilities.md | 3 +++ .../microsoft-defender-atp/get-domain-related-alerts.md | 2 +- .../microsoft-defender-atp/get-domain-related-machines.md | 2 +- .../microsoft-defender-atp/get-domain-statistics.md | 2 +- .../microsoft-defender-atp/get-exposure-score.md | 2 +- .../microsoft-defender-atp/get-file-information.md | 2 +- .../microsoft-defender-atp/get-file-related-alerts.md | 2 +- .../microsoft-defender-atp/get-file-related-machines.md | 2 +- .../microsoft-defender-atp/get-file-statistics.md | 2 +- .../microsoft-defender-atp/get-installed-software.md | 2 ++ .../microsoft-defender-atp/get-investigation-collection.md | 2 +- .../microsoft-defender-atp/get-investigation-object.md | 2 +- .../microsoft-defender-atp/get-ip-related-alerts.md | 2 +- .../microsoft-defender-atp/get-ip-statistics.md | 2 +- .../microsoft-defender-atp/get-kbinfo-collection.md | 3 +++ 25 files changed, 38 insertions(+), 20 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md index 651b49212d..c84b4f72e8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md @@ -24,8 +24,8 @@ ms.topic: article **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + +> Want to experience Microsoft Defender for Endpoint? [Sign up for free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md index 7825b85156..86acb73e1f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md index 03708c1020..aed30c163e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md @@ -25,7 +25,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md index 72be8a0c42..ec527cf9d3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md @@ -25,7 +25,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md index f101a9d602..4e566679d8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md index 0c2616e9e7..9983a33d59 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md @@ -24,6 +24,9 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + [!include[Prerelease information](../../includes/prerelease.md)] Retrieves a list of all security recommendations affecting the organization. diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md index f2da7275b6..73fbd9c797 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md @@ -24,6 +24,9 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + Retrieves a list of all the vulnerabilities affecting the organization per [machine](machine.md) and [software](software.md). - If the vulnerability has a fixing KB, it will appear in the response. - Supports [OData V4 queries](https://www.odata.org/documentation/). diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md index a3e95d9c16..a2b35a5dda 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md @@ -24,6 +24,9 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + [!include[Prerelease information](../../includes/prerelease.md)] Retrieves a list of all the vulnerabilities affecting the organization. diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md index 385c421a26..63ebdce99a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md @@ -22,11 +22,12 @@ ROBOTS: NOINDEX [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Retrieves a map of CVE's to KB's and CVE details. ## Permissions diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md index 4f9e92ddcc..24031fc7c8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) Retrieves your [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md). A higher Microsoft Secure Score for Devices means your endpoints are more resilient from cybersecurity threat attacks. diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md index 7f222bc4a9..6f99fc2bec 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md @@ -24,6 +24,9 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + Retrieves a collection of discovered vulnerabilities related to a given device ID. ## Permissions diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md index d9b0b32483..f2c63eeee7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md index 1c2d3fb2bd..1c0b314a7f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md index 95f80888b4..0ea5095ff5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md index 1b198b2bdb..cf1aacea0e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) [!include[Prerelease information](../../includes/prerelease.md)] diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md index 1767867907..4bc51624cd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md index b391f38bdf..3c0f6ca8ca 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md index 8b7bb61eb7..2ff321941e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md index df341da739..bfb47c1dfb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md index 4d1867d87d..d50d399f7b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md @@ -24,6 +24,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + [!include[Prerelease information](../../includes/prerelease.md)] Retrieves a collection of installed software related to a given device ID. diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md index 75c7209471..b5b4aa29c1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md index ea31977cd3..fc8e613a43 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description Retrieves specific [Investigation](investigation.md) by its ID. diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md index 80e7f081b7..267b0717ff 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md index 3d541b25a8..5168bb0e32 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md index 26b4ec47c1..36f5d4301a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md @@ -26,6 +26,9 @@ ROBOTS: NOINDEX - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + Retrieves a collection of KB's and KB details. ## Permissions From 95c9a36129df2dfdb3bc5836bdb91f083056b0a7 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Mon, 4 Jan 2021 07:24:55 -0800 Subject: [PATCH 14/93] Update Onboard-Windows-10-multi-session-device.md --- .../Onboard-Windows-10-multi-session-device.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md b/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md index 37ffe71d5e..bd53013020 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md +++ b/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md @@ -26,9 +26,6 @@ Applies to: - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -> [!IMPORTANT] -> Welcome to Microsoft Defender for Endpoint, the new name for Microsoft Defender for Endpoint. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future. - > [!WARNING] > Microsoft Defender for Endpoint support for Windows Virtual Desktop multi-session scenarios is currently in Preview and limited up to 25 concurrent sessions per host/VM. However, single session scenarios on Windows Virtual Desktop are fully supported. From f3c395e8717d482df82c4fcdb733dfa521d54320 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Tue, 5 Jan 2021 10:24:37 +0530 Subject: [PATCH 15/93] update updated review comments --- .../microsoft-defender-atp/get-user-related-alerts.md | 2 +- .../microsoft-defender-atp/get-user-related-machines.md | 2 +- .../microsoft-defender-atp/get-vuln-by-software.md | 2 ++ .../microsoft-defender-atp/get-vulnerability-by-id.md | 2 ++ .../security/threat-protection/microsoft-defender-atp/gov.md | 4 +++- .../microsoft-defender-atp/helpful-resources.md | 3 +++ .../import-export-exploit-protection-emet-xml.md | 3 +++ .../microsoft-defender-atp/indicator-certificates.md | 1 - .../information-protection-in-windows-overview.md | 4 +++- .../information-protection-investigation.md | 3 ++- .../microsoft-defender-atp/initiate-autoir-investigation.md | 2 +- .../microsoft-defender-atp/investigate-alerts.md | 3 --- .../microsoft-defender-atp/investigate-behind-proxy.md | 3 +-- .../microsoft-defender-atp/investigate-domain.md | 2 -- .../microsoft-defender-atp/investigate-files.md | 2 -- .../microsoft-defender-atp/investigate-incidents.md | 2 -- .../microsoft-defender-atp/investigate-user.md | 1 - .../threat-protection/microsoft-defender-atp/investigation.md | 2 +- .../microsoft-defender-atp/ios-configure-features.md | 2 ++ 19 files changed, 25 insertions(+), 20 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md index c33872be0e..58d18995b4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md index 55c5367cdf..3ccf556196 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md index 1b88d6ba58..ea02b86a98 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md @@ -24,6 +24,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + [!include[Prerelease information](../../includes/prerelease.md)] Retrieve a list of vulnerabilities in the installed software. diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md index ddfe9b7613..862097dae5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md @@ -24,6 +24,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + [!include[Prerelease information](../../includes/prerelease.md)] Retrieves vulnerability information by its ID. diff --git a/windows/security/threat-protection/microsoft-defender-atp/gov.md b/windows/security/threat-protection/microsoft-defender-atp/gov.md index ddeee9fffc..3ea91ca854 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/gov.md +++ b/windows/security/threat-protection/microsoft-defender-atp/gov.md @@ -21,11 +21,13 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + Microsoft Defender for Endpoint for US Government Community Cloud High (GCC High) customers, built in the US Azure Government environment, uses the same underlying technologies as Defender for Endpoint in Azure Commercial. This offering is currently available to US Office 365 GCC High customers and is based on the same prevention, detection, investigation, and remediation as the commercial version. However, there are some key differences in the availability of capabilities for this offering. diff --git a/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md b/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md index e25dc5ca9d..708b747a1f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md +++ b/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md @@ -26,6 +26,9 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + Access helpful resources such as links to blogs and other resources related to Microsoft Defender for Endpoint. ## Endpoint protection platform diff --git a/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md b/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md index 8647909960..15c4791c20 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md +++ b/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md @@ -24,6 +24,9 @@ manager: dansimp - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + Exploit protection helps protect devices from malware that use exploits to spread and infect. It consists of a number of mitigations that can be applied at either the operating system level, or at the individual app level. You use the Windows Security app or PowerShell to create a set of mitigations (known as a configuration). You can then export this configuration as an XML file and share it with multiple devices on your network. Then, they all have the same set of mitigation settings. diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md index 71da3d2842..0f9d3c4068 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md +++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md @@ -27,7 +27,6 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink) You can create indicators for certificates. Some common use cases include: diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md index 31dcd3c313..2ea94a2abc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md @@ -21,11 +21,13 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + [!include[Prerelease information](../../includes/prerelease.md)] Information protection is an integral part of Microsoft 365 Enterprise suite, providing intelligent protection to keep sensitive data secure while enabling productivity in the workplace. diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md index 4c4156700e..3764eae6a9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md @@ -20,11 +20,12 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + A typical advanced persistent threat lifecycle involves data exfiltration. In a security incident, it's important to have the ability to prioritize investigations where sensitive files may be jeopardy so that corporate data and information are protected. Defender for Endpoint helps to make the prioritization of security incidents much simpler with the use of sensitivity labels. Sensitivity labels quickly identify incidents that may involve devices with sensitive information such as confidential information. diff --git a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md index dbc21b4bd8..9b262ecab7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md index c4e01d5884..141c3a7389 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md @@ -24,13 +24,10 @@ ms.date: 04/24/2018 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - - >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatealerts-abovefoldlink) Investigate alerts that are affecting your network, understand what they mean, and how to resolve them. diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md index 33186852c6..8cafe4809a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md @@ -23,12 +23,11 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ->Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink) Defender for Endpoint supports network connection monitoring from different levels of the network stack. A challenging case is when the network uses a forward proxy as a gateway to the Internet. diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md index a8dfc081a7..20c5de9c96 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md @@ -28,8 +28,6 @@ ms.date: 04/24/2018 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - - >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatedomain-abovefoldlink) Investigate a domain to see if devices and servers in your enterprise network have been communicating with a known malicious domain. diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md index 3ca7969948..cf2e78566d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md @@ -24,12 +24,10 @@ ms.date: 04/24/2018 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatefiles-abovefoldlink) Investigate the details of a file associated with a specific alert, behavior, or event to help determine if the file exhibits malicious activities, identify the attack motivation, and understand the potential scope of the breach. diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md index 1eb70e5f19..58b08c56a8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md @@ -23,12 +23,10 @@ ms.topic: article [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - Investigate incidents that affect your network, understand what they mean, and collate evidence to resolve them. When you investigate an incident, you'll see: diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md index f2bfd13fa8..3850381258 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md @@ -23,7 +23,6 @@ ms.date: 04/24/2018 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigation.md b/windows/security/threat-protection/microsoft-defender-atp/investigation.md index aff16dc0e4..2369330a21 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigation.md @@ -26,7 +26,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) Represent an Automated Investigation entity in Defender for Endpoint.
See [Overview of automated investigations](automated-investigations.md) for more information. diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md b/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md index daef5c685b..f48b14c45b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + > [!NOTE] > Defender for Endpoint for iOS would use a VPN in order to provide the Web Protection feature. This is not a regular VPN and is a local/self-looping VPN that does not take traffic outside the device. From 2ecaf98d63d284fb283a5382f3115a761b20ffb0 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Tue, 5 Jan 2021 11:59:50 +0530 Subject: [PATCH 16/93] updated updated with review comments --- .../threat-protection/microsoft-defender-atp/ios-install.md | 2 ++ .../threat-protection/microsoft-defender-atp/ios-privacy.md | 2 ++ .../threat-protection/microsoft-defender-atp/ios-terms.md | 1 + .../microsoft-defender-atp/isolate-machine.md | 2 +- .../microsoft-defender-atp/linux-exclusions.md | 2 ++ .../microsoft-defender-atp/linux-install-manually.md | 2 ++ .../microsoft-defender-atp/linux-install-with-ansible.md | 2 ++ .../microsoft-defender-atp/linux-install-with-puppet.md | 2 ++ .../microsoft-defender-atp/linux-preferences.md | 2 ++ .../threat-protection/microsoft-defender-atp/linux-privacy.md | 3 ++- .../threat-protection/microsoft-defender-atp/linux-pua.md | 2 ++ .../microsoft-defender-atp/linux-resources.md | 2 ++ .../microsoft-defender-atp/linux-static-proxy-configuration.md | 2 ++ .../microsoft-defender-atp/linux-support-connectivity.md | 3 ++- .../microsoft-defender-atp/linux-support-install.md | 2 ++ .../microsoft-defender-atp/linux-support-perf.md | 2 +- .../threat-protection/microsoft-defender-atp/linux-updates.md | 2 ++ .../microsoft-defender-atp/live-response-command-examples.md | 1 + .../threat-protection/microsoft-defender-atp/live-response.md | 2 ++ .../threat-protection/microsoft-defender-atp/mac-exclusions.md | 2 ++ .../microsoft-defender-atp/mac-install-jamfpro-login.md | 2 ++ .../microsoft-defender-atp/mac-install-manually.md | 3 ++- .../microsoft-defender-atp/mac-install-with-jamf.md | 2 ++ .../microsoft-defender-atp/mac-install-with-other-mdm.md | 2 ++ .../microsoft-defender-atp/mac-jamfpro-device-groups.md | 2 ++ .../microsoft-defender-atp/mac-jamfpro-enroll-devices.md | 2 ++ 26 files changed, 48 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md index 855be33f20..9388ff4180 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + This topic describes deploying Defender for Endpoint for iOS on Intune Company Portal enrolled devices. For more information about Intune device enrollment, see [Enroll iOS/iPadOS devices in Intune](https://docs.microsoft.com/mem/intune/enrollment/ios-enroll). ## Before you begin diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md index bea4f8b740..34c65130f6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md @@ -26,6 +26,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + > [!NOTE] > Defender for Endpoint for iOS uses a VPN to provide the Web Protection feature. This is not a regular VPN and is a local or self-looping VPN that does not take traffic outside the device. **Microsoft or your organization, does not see your browsing activity.** diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md index 99c2a1585c..6b8e7708c1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md @@ -29,6 +29,7 @@ hideEdit: true - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) ## MICROSOFT APPLICATION LICENSE TERMS: MICROSOFT DEFENDER FOR ENDPOINT diff --git a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md index b6bf991bcf..095dee7934 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md +++ b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md @@ -25,7 +25,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md index 2a939b7865..4fe2444889 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + This article provides information on how to define exclusions that apply to on-demand scans, and real-time protection and monitoring. > [!IMPORTANT] diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md index 31cdf4d0ee..da32e270cb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md @@ -29,6 +29,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + This article describes how to deploy Microsoft Defender for Endpoint for Linux manually. A successful deployment requires the completion of all of the following tasks: - [Configure the Linux software repository](#configure-the-linux-software-repository) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md index d20dbb61df..d117554ce3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md @@ -29,6 +29,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + This article describes how to deploy Defender for Endpoint for Linux using Ansible. A successful deployment requires the completion of all of the following tasks: - [Download the onboarding package](#download-the-onboarding-package) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md index 131154d289..6b66fa8f75 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md @@ -29,6 +29,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + This article describes how to deploy Defender for Endpoint for Linux using Puppet. A successful deployment requires the completion of all of the following tasks: - [Download the onboarding package](#download-the-onboarding-package) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md index ec07346a41..f63acb5d9d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md @@ -29,6 +29,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + >[!IMPORTANT] >This topic contains instructions for how to set preferences for Defender for Endpoint for Linux in enterprise environments. If you are interested in configuring the product on a device from the command-line, see [Resources](linux-resources.md#configure-from-the-command-line). diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md index c07a3578a6..a1933b9926 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md @@ -21,11 +21,12 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + Microsoft is committed to providing you with the information and controls you need to make choices about how your data is collected and used when you’re using Defender for Endpoint for Linux. This topic describes the privacy controls available within the product, how to manage these controls with policy settings and more details on the data events that are collected. diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md b/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md index 68e7f23b4e..d79ecb9600 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + The potentially unwanted application (PUA) protection feature in Defender for Endpoint for Linux can detect and block PUA files on endpoints in your network. These applications are not considered viruses, malware, or other types of threats, but might perform actions on endpoints that adversely affect their performance or use. PUA can also refer to applications that are considered to have poor reputation. diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md b/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md index 73987788c9..05ed526260 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md @@ -29,6 +29,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + ## Collect diagnostic information If you can reproduce a problem, first increase the logging level, run the system for some time, and then restore the logging level to the default. diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md b/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md index 5c05635456..ca045ff430 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md @@ -29,6 +29,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + Microsoft Defender ATP can discover a proxy server using the ```HTTPS_PROXY``` environment variable. This setting must be configured **both** at installation time and after the product has been installed. ## Installation time configuration diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md index 7ddf65b664..234df1548c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md @@ -24,11 +24,12 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + ## Run the connectivity test To test if Defender for Endpoint for Linux can communicate to the cloud with the current network settings, run a connectivity test from the command line: diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md index 31e67a513e..d04d723402 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md @@ -29,6 +29,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + ## Verify if installation succeeded An error in installation may or may not result in a meaningful error message by the package manager. To verify if the installation succeeded, obtain and check the installation logs using: diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md index cc909e9afa..498a5638d7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md @@ -23,10 +23,10 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) This article provides some general steps that can be used to narrow down performance issues related to Defender for Endpoint for Linux. diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md b/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md index de5f4532b8..6dd62d7da1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md @@ -29,6 +29,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. > [!WARNING] diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md index db9749d0f9..7883f6a03b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md +++ b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md @@ -26,6 +26,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) Learn about common commands used in live response and see examples on how they are typically used. diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response.md b/windows/security/threat-protection/microsoft-defender-atp/live-response.md index 0b5318d4af..7bfb93e10c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/live-response.md +++ b/windows/security/threat-protection/microsoft-defender-atp/live-response.md @@ -25,6 +25,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + Live response gives security operations teams instantaneous access to a device (also referred to as a machine) using a remote shell connection. This gives you the power to do in-depth investigative work and take immediate response actions to promptly contain identified threats—in real time. Live response is designed to enhance investigations by enabling your security operations team to collect forensic data, run scripts, send suspicious entities for analysis, remediate threats, and proactively hunt for emerging threats.

diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md index 1a5a15f330..0d02fbc860 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + This article provides information on how to define exclusions that apply to on-demand scans, and real-time protection and monitoring. >[!IMPORTANT] diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md index 27de5d44de..02768f9c9e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md @@ -27,6 +27,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + 1. Enter your credentials. ![Image of Jamf Pro dashboard](images/jamf-pro-portal1.png) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md index 064657b978..f61fab3284 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md @@ -23,11 +23,12 @@ ms.topic: conceptual [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + This topic describes how to deploy Microsoft Defender for Endpoint for macOS manually. A successful deployment requires the completion of all of the following steps: - [Download installation and onboarding packages](#download-installation-and-onboarding-packages) - [Application installation (macOS 10.15 and older versions)](#application-installation-macos-1015-and-older-versions) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md index 4d8f5b0a59..9c62c93686 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + Learn how to deploy Microsoft Defender for Endpoint for macOS with Jamf Pro. > [!NOTE] diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md index 044e4550e7..1f89b974af 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md @@ -27,6 +27,8 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) + +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) ## Prerequisites and system requirements diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md index 327ec51d6f..65d3c7e838 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md @@ -27,6 +27,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + Set up the device groups similar to Group policy organizational unite (OUs), Microsoft Endpoint Configuration Manager's device collection, and Intune's device groups. 1. Navigate to **Static Computer Groups**. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md index 7e2a462130..ef622f9f2e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) + ## Enroll macOS devices There are multiple methods of getting enrolled to JamF. From 83eb56f674c1ad41f9a73840f8c6fc7e7f71eb27 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Tue, 5 Jan 2021 12:50:22 +0530 Subject: [PATCH 17/93] updated updated comments --- .../threat-protection/microsoft-defender-atp/mac-privacy.md | 3 +++ .../threat-protection/microsoft-defender-atp/mac-pua.md | 3 +++ .../threat-protection/microsoft-defender-atp/mac-resources.md | 2 ++ .../microsoft-defender-atp/mac-schedule-scan-atp.md | 2 ++ .../microsoft-defender-atp/mac-support-install.md | 2 ++ .../microsoft-defender-atp/mac-support-kext.md | 2 ++ .../microsoft-defender-atp/mac-support-license.md | 2 ++ .../microsoft-defender-atp/mac-support-perf.md | 2 ++ .../microsoft-defender-atp/mac-sysext-policies.md | 2 ++ .../microsoft-defender-atp/mac-sysext-preview.md | 2 ++ .../threat-protection/microsoft-defender-atp/mac-updates.md | 2 ++ .../threat-protection/microsoft-defender-atp/mac-whatsnew.md | 2 ++ .../threat-protection/microsoft-defender-atp/machine-groups.md | 2 ++ .../microsoft-defender-atp/machine-reports.md | 1 + .../threat-protection/microsoft-defender-atp/machine-tags.md | 2 ++ .../threat-protection/microsoft-defender-atp/machine.md | 2 +- .../threat-protection/microsoft-defender-atp/machineaction.md | 2 +- .../microsoft-defender-atp/machines-view-overview.md | 2 +- .../threat-protection/microsoft-defender-atp/manage-alerts.md | 2 +- .../manage-atp-post-migration-configuration-manager.md | 2 ++ .../manage-atp-post-migration-group-policy-objects.md | 2 ++ .../microsoft-defender-atp/manage-atp-post-migration-intune.md | 2 ++ .../manage-atp-post-migration-other-tools.md | 2 ++ .../microsoft-defender-atp/manage-atp-post-migration.md | 3 ++- .../threat-protection/microsoft-defender-atp/manage-edr.md | 2 ++ 25 files changed, 47 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md index 4b2485bada..b67c9fcc9e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md @@ -27,6 +27,9 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + Microsoft is committed to providing you with the information and controls you need to make choices about how your data is collected and used when you’re using Microsoft Defender for Endpoint for Mac. This topic describes the privacy controls available within the product, how to manage these controls with policy settings and more details on the data events that are collected. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md b/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md index 4820f1a240..ad94d3aff5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md @@ -27,6 +27,9 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + + The potentially unwanted application (PUA) protection feature in Microsoft Defender for Endpoint for Mac can detect and block PUA files on endpoints in your network. These applications are not considered viruses, malware, or other types of threats, but might perform actions on endpoints that adversely affect their performance or use. PUA can also refer to applications that are considered to have poor reputation. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md index 938a071c86..665138b0b4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md @@ -27,6 +27,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + ## Collecting diagnostic information If you can reproduce a problem, increase the logging level, run the system for some time, and restore the logging level to the default. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md b/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md index 93a06cb500..b6b4991852 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md @@ -27,6 +27,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + While you can start a threat scan at any time with Microsoft Defender for Endpoint, your enterprise might benefit from scheduled or timed scans. For example, you can schedule a scan to run at the beginning of every workday or week. ## Schedule a scan with *launchd* diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md index 49ab358c4d..b830d15718 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md @@ -30,6 +30,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + ## Installation failed For manual installation, the Summary page of the installation wizard says, "An error occurred during installation. The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance." For MDM deployments, it displays as a generic installation failure as well. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md index 2ca36a4873..5f6bd98b50 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md @@ -30,6 +30,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + This article provides information on how to troubleshoot issues with the kernel extension that is installed as part of Microsoft Defender for Endpoint for Mac. Starting with macOS High Sierra (10.13), macOS requires all kernel extensions to be explicitly approved before they are allowed to run on the device. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md index 35e4ec10cd..3f67b0782d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md @@ -30,6 +30,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + While you are going through [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md) and [Manual deployment](mac-install-manually.md) testing or a Proof Of Concept (PoC), you might get the following error: ![Image of license error](images/no-license-found.png) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md index 40bf88fbb5..1f0033d256 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md @@ -30,6 +30,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + This topic provides some general steps that can be used to narrow down performance issues related to Microsoft Defender for Endpoint for Mac. Real-time protection (RTP) is a feature of Microsoft Defender for Endpoint for Mac that continuously monitors and protects your device against threats. It consists of file and process monitoring and other heuristics. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md index b8632b1ff3..449e6487b8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md @@ -28,6 +28,8 @@ ROBOTS: noindex,nofollow - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + In alignment with macOS evolution, we are preparing a Microsoft Defender for Endpoint for Mac update that leverages system extensions instead of kernel extensions. This update will only be applicable to macOS Catalina (10.15.4) and newer versions of macOS. If you have deployed Microsoft Defender for Endpoint for Mac in a managed environment (through JAMF, Intune, or another MDM solution), you must deploy new configuration profiles. Failure to do these steps will result in users getting approval prompts to run these new components. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md index 4e180f97ac..b4ce23f830 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md @@ -28,6 +28,8 @@ ROBOTS: noindex,nofollow - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + In alignment with macOS evolution, we are preparing a Defender for Endpoint for Mac update that leverages system extensions instead of kernel extensions. This update will only be applicable to macOS Catalina (10.15.4) and newer versions of macOS. This functionality is currently in public preview. This article contains instructions for enabling this functionality on your device. You can choose to try out this feature locally on your own device or configure it remotely through a management tool. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md b/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md index dbecac6a22..504daace35 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md @@ -30,6 +30,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender for Endpoint for Mac, a program named Microsoft AutoUpdate (MAU) is used. By default, MAU automatically checks for updates daily, but you can change that to weekly, monthly, or manually. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index 1aac2f2e9f..557ee4075f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -27,6 +27,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + > [!IMPORTANT] > On macOS 11 (Big Sur), Microsoft Defender for Endpoint requires additional configuration profiles. If you are an existing customer upgrading from earlier versions of macOS, make sure to deploy the additional configuration profiles listed on [this page](mac-sysext-policies.md). diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md index 1988df1790..688797c09c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md @@ -29,6 +29,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + In an enterprise scenario, security operation teams are typically assigned a set of devices. These devices are grouped together based on a set of attributes such as their domains, computer names, or designated tags. In Microsoft Defender for Endpoint, you can create device groups and use them to: diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md index e5db586297..026045721d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md @@ -26,6 +26,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) The devices status report provides high-level information about the devices in your organization. The report includes trending information showing the sensor health state, antivirus status, OS platforms, and Windows 10 versions. diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md index 768e8270b7..02aa043452 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md @@ -25,6 +25,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Add tags on devices to create a logical group affiliation. Device tags support proper mapping of the network, enabling you to attach different tags to capture context and to enable dynamic list creation as part of an incident. Tags can be used as a filter in **Devices list** view, or to group devices. For more information on device grouping, see [Create and manage device groups](machine-groups.md). You can add tags on devices using the following ways: diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md index 42d8efa0dd..d0d1da18c1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) [!include[Prerelease information](../../includes/prerelease.md)] diff --git a/windows/security/threat-protection/microsoft-defender-atp/machineaction.md b/windows/security/threat-protection/microsoft-defender-atp/machineaction.md index c85800023a..9f8d118589 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machineaction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machineaction.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) - For more information, see [Response Actions](respond-machine-alerts.md). diff --git a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md index 3f7d9f6290..8478340b7a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md @@ -26,7 +26,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ->Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-machinesview-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-machinesview-abovefoldlink) The **Devices list** shows a list of the devices in your network where alerts were generated. By default, the queue displays devices with alerts seen in the last 30 days. diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md index 8862ac7822..6a7ac0dacc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md @@ -25,7 +25,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ->Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-managealerts-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-managealerts-abovefoldlink) Defender for Endpoint notifies you of possible malicious events, attributes, and contextual information through alerts. A summary of new alerts is displayed in the **Security operations dashboard**, and you can access all alerts in the **Alerts queue**. diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md index 38dceefad0..9e117a0a1e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md @@ -30,6 +30,8 @@ ms.reviewer: chventou - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + We recommend using We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem), which includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) (Intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction) (Configuration Manager) to manage your organization's threat protection features for devices (also referred to as endpoints). - [Learn more about Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview) - [Co-manage Microsoft Defender for Endpoint on Windows 10 devices with Configuration Manager and Intune](manage-atp-post-migration-intune.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md index 9d8b3a42b1..c3f3f92a68 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md @@ -30,6 +30,8 @@ ms.reviewer: chventou - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + > [!NOTE] > We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem) to manage your organization's threat protection features for devices (also referred to as endpoints). Endpoint Manager includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction). **[Learn more about Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview)**. diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md index e919ae28a4..ce4a7c06e9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md @@ -30,6 +30,8 @@ ms.reviewer: chventou - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem), which includes Microsoft Intune (Intune) to manage your organization's threat protection features for devices (also referred to as endpoints). [Learn more about Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview). This article describes how to find your Microsoft Defender for Endpoint settings in Intune, and lists various tasks you can perform. diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md index cdd5938c30..86f55eff6e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md @@ -30,6 +30,8 @@ ms.reviewer: chventou - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + > [!NOTE] > We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem) to manage your organization's threat protection features for devices (also referred to as endpoints). Endpoint Manager includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction). > - [Learn more about Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md index ed982d2bab..3e3d490b63 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md @@ -26,11 +26,12 @@ ms.reviewer: chventou [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + After you have moved from your previous endpoint protection and antivirus solution to Microsoft Defender for Endpoint, your next step is to manage your features and capabilities. We recommend using [Microsoft Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview), which includes [Microsoft Intune](https://docs.microsoft.com/mem/intune/fundamentals/what-is-intune) and [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/understand/introduction), to manage your organization's devices and security settings. However, you can use other tools/methods, such as [Group Policy Objects in Azure Active Directory Domain Services](https://docs.microsoft.com/azure/active-directory-domain-services/manage-group-policy). The following table lists various tools/methods you can use, with links to learn more. diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md index bafeede5a8..ff1e7c09c9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Manage the alerts queue, investigate devices in the devices list, take response actions, and hunt for possible threats in your organization using advanced hunting. From ca5a6480013ee3ce55eba5a30c825c6f4fe60c4b Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Tue, 5 Jan 2021 14:02:48 +0530 Subject: [PATCH 18/93] updated updated review comments --- .../threat-protection/microsoft-defender-atp/manage-edr.md | 2 ++ .../microsoft-defender-atp/manage-incidents.md | 2 ++ .../microsoft-defender-atp/manage-indicators.md | 2 +- .../microsoft-defender-atp/manage-suppression-rules.md | 2 ++ .../threat-protection/microsoft-defender-atp/management-apis.md | 2 +- .../mcafee-to-microsoft-defender-migration.md | 2 ++ .../mcafee-to-microsoft-defender-onboard.md | 2 ++ .../mcafee-to-microsoft-defender-prepare.md | 1 + .../mcafee-to-microsoft-defender-setup.md | 2 ++ .../microsoft-cloud-app-security-config.md | 2 ++ .../microsoft-cloud-app-security-integration.md | 2 ++ .../microsoft-defender-advanced-threat-protection.md | 2 ++ .../microsoft-defender-atp/microsoft-defender-atp-android.md | 2 ++ .../microsoft-defender-atp/microsoft-defender-atp-ios.md | 2 ++ .../microsoft-defender-atp/microsoft-defender-atp-linux.md | 2 ++ .../microsoft-defender-atp/microsoft-defender-atp-mac.md | 2 ++ .../microsoft-defender-security-center.md | 2 ++ .../microsoft-defender-atp/microsoft-threat-experts.md | 2 ++ .../microsoft-defender-atp/migration-guides.md | 2 ++ .../microsoft-defender-atp/minimum-requirements.md | 2 ++ .../threat-protection/microsoft-defender-atp/mssp-list.md | 2 ++ .../threat-protection/microsoft-defender-atp/mssp-support.md | 2 +- .../microsoft-defender-atp/network-protection.md | 2 ++ .../threat-protection/microsoft-defender-atp/non-windows.md | 2 ++ 24 files changed, 44 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md index bafeede5a8..ff1e7c09c9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Manage the alerts queue, investigate devices in the devices list, take response actions, and hunt for possible threats in your organization using advanced hunting. diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md b/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md index 493023678c..4b3437ca47 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md @@ -28,6 +28,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Managing incidents is an important part of every cybersecurity operation. You can manage incidents by selecting an incident from the **Incidents queue** or the **Incidents management pane**. diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md index 4a8307b45f..e23756713d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md @@ -26,7 +26,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ->Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automationexclusionlist-abovefoldlink) Indicator of compromise (IoCs) matching is an essential feature in every endpoint protection solution. This capability gives SecOps the ability to set a list of indicators for detection and for blocking (prevention and response). diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md b/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md index 067864deb3..714cdb8a1f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md @@ -26,6 +26,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + There might be scenarios where you need to suppress alerts from appearing in the portal. You can create suppression rules for specific alerts that are known to be innocuous such as known tools or processes in your organization. For more information on how to suppress alerts, see [Suppress alerts](manage-alerts.md). You can view a list of all the suppression rules and manage them in one place. You can also turn an alert suppression rule on or off. diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md index b854f14c18..a3b3f5ca07 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md +++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md @@ -26,7 +26,7 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ->Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mgt-apis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mgt-apis-abovefoldlink) Defender for Endpoint supports a wide variety of options to ensure that customers can easily adopt the platform. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md index c0a76d0fa8..3051bd12d8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md @@ -32,6 +32,8 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + If you are planning to switch from McAfee Endpoint Security (McAfee) to [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection) (Microsoft Defender for Endpoint), you're in the right place. Use this article as a guide to plan your migration. ## The migration process diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md index a0e94b3305..20d55fd9fc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md @@ -32,6 +32,8 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + |[![Phase 1: Prepare](images/prepare.png)](mcafee-to-microsoft-defender-prepare.md)
[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |[![Phase 2: Set up](images/setup.png)](mcafee-to-microsoft-defender-setup.md)
[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |![Phase 3: Onboard](images/onboard.png)
Phase 3: Onboard | |--|--|--| || |*You are here!* | diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md index 31abf8eea2..48193f7027 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md @@ -32,6 +32,7 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) |![Phase 1: Prepare](images/prepare.png)
Phase 1: Prepare |[![Phase 2: Set up](images/setup.png)](mcafee-to-microsoft-defender-setup.md)
[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |[![Phase 3: Onboard](images/onboard.png)](mcafee-to-microsoft-defender-onboard.md)
[Phase 3: Onboard](mcafee-to-microsoft-defender-onboard.md) | |--|--|--| diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md index 8338f70288..13f21d5b7a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md @@ -32,6 +32,8 @@ ms.reviewer: jesquive, chventou, jonix, chriggs, owtho - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + |[![Phase 1: Prepare](images/prepare.png)](mcafee-to-microsoft-defender-prepare.md)
[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |![Phase 2: Set up](images/setup.png)
Phase 2: Set up |[![Phase 3: Onboard](images/onboard.png)](mcafee-to-microsoft-defender-onboard.md)
[Phase 3: Onboard](mcafee-to-microsoft-defender-onboard.md) | |--|--|--| ||*You are here!* | | diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md index f97c289ff3..9cde2624e5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md @@ -26,6 +26,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + To benefit from Microsoft Defender for Endpoint cloud app discovery signals, turn on Microsoft Cloud App Security integration. >[!NOTE] diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md index 6fb50d90da..ffdc84efeb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md @@ -29,6 +29,8 @@ ms.date: 10/18/2018 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Microsoft Cloud App Security (Cloud App Security) is a comprehensive solution that gives visibility into cloud apps and services by allowing you to control and limit access to cloud apps, while enforcing compliance requirements on data stored in the cloud. For more information, see [Cloud App Security](https://docs.microsoft.com/cloud-app-security/what-is-cloud-app-security). >[!NOTE] diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index 085f783ff2..42d406d343 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -25,6 +25,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + > For more info about Windows 10 Enterprise Edition features and functionality, see [Windows 10 Enterprise edition](https://www.microsoft.com/WindowsForBusiness/buy). Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md index 889f565e87..8834fc6995 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + This topic describes how to install, configure, update, and use Defender for Endpoint for Android. > [!CAUTION] diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md index 5594be464c..3bd32ceab7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + **Microsoft Defender for Endpoint for iOS** will offer protection against phishing and unsafe network connections from websites, emails, and apps. All alerts will be available through a single pane of glass in the Microsoft Defender Security Center. The portal gives security teams a centralized view of threats on iOS devices along with other platforms. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index 44e62a283e..9ab6662080 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + This topic describes how to install, configure, update, and use Microsoft Defender for Endpoint for Linux. > [!CAUTION] diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md index d0d840d6d0..a57f5c0d1c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + This topic describes how to install, configure, update, and use Defender for Endpoint for Mac. > [!CAUTION] diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md index 5f28deb01e..2df20f71bb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md @@ -27,6 +27,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Microsoft Defender Security Center is the portal where you can access Microsoft Defender for Endpoint capabilities. It gives enterprise security operations teams a single pane of glass experience to help secure networks. ## In this section diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md index 59ccfffccb..a8058b2da0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md @@ -28,6 +28,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Microsoft Threat Experts is a managed threat hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed. This new capability provides expert-driven insights and data through targeted attack notification and access to experts on demand. diff --git a/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md b/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md index ceb8db05a3..953a9e9023 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md +++ b/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md @@ -26,6 +26,8 @@ ms.date: 09/24/2020 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + ## Migration guides If you're considering switching from a non-Microsoft threat protection solution to Microsoft Defender for Endpoint with Microsoft Defender Antivirus, check out our migration guidance. Select the scenario that best represents where you are in your deployment process, and see the guidance. diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md index 5d5a31488c..a9c0b56140 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md +++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md @@ -25,6 +25,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + There are some minimum requirements for onboarding devices to the service. Learn about the licensing, hardware and software requirements, and other configuration settings to onboard devices to the service. > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-minreqs-abovefoldlink). diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md index 29c657c86e..ad2b608553 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md @@ -23,6 +23,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Logo |Partner name | Description :---|:---|:--- ![Image of BDO Digital logo](images/bdo-logo.png)| [BDO Digital](https://go.microsoft.com/fwlink/?linkid=2090394) | BDO Digital's Managed Defense leverages best practice tools, AI, and in-house security experts for 24/7/365 identity protection diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md index 730662b970..71d66a2dbe 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md @@ -25,7 +25,7 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) ->Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink) Security is recognized as a key component in running an enterprise, however some organizations might not have the capacity or expertise to have a dedicated security operations team to manage the security of their endpoints and network, others may want to have a second set of eyes to review alerts in their network. diff --git a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md index cf325c653b..1e0aac4020 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md @@ -26,6 +26,8 @@ ms.custom: asr - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Network protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection expands the scope of [Microsoft Defender SmartScreen](../microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) to block all outbound HTTP(s) traffic that attempts to connect to low-reputation sources (based on the domain or hostname). diff --git a/windows/security/threat-protection/microsoft-defender-atp/non-windows.md b/windows/security/threat-protection/microsoft-defender-atp/non-windows.md index 6c6358a9b5..79f4ce74d7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/non-windows.md +++ b/windows/security/threat-protection/microsoft-defender-atp/non-windows.md @@ -26,6 +26,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Microsoft has been on a journey to extend its industry leading endpoint security capabilities beyond Windows and Windows Server to macOS, Linux, Android, and soon iOS. From 85bfb8ec71a7ea7014250077c8448826f80309da Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Tue, 5 Jan 2021 14:25:03 +0530 Subject: [PATCH 19/93] updated updated review comments --- .../Onboard-Windows-10-multi-session-device.md | 2 ++ .../microsoft-defender-atp/offboard-machine-api.md | 2 +- .../microsoft-defender-atp/onboard-downlevel.md | 1 - .../microsoft-defender-atp/onboard-offline-machines.md | 2 ++ .../threat-protection/microsoft-defender-atp/onboard.md | 2 ++ .../onboarding-endpoint-configuration-manager.md | 2 ++ .../microsoft-defender-atp/onboarding-endpoint-manager.md | 2 +- .../microsoft-defender-atp/onboarding-notification.md | 2 ++ .../threat-protection/microsoft-defender-atp/onboarding.md | 2 ++ .../microsoft-defender-atp/overview-attack-surface-reduction.md | 2 ++ .../microsoft-defender-atp/overview-custom-detections.md | 2 ++ .../overview-endpoint-detection-response.md | 2 ++ .../microsoft-defender-atp/overview-hardware-based-isolation.md | 2 ++ .../microsoft-defender-atp/partner-applications.md | 1 + .../microsoft-defender-atp/post-ti-indicator.md | 2 +- .../microsoft-defender-atp/prepare-deployment.md | 2 +- .../threat-protection/microsoft-defender-atp/preview.md | 2 ++ 17 files changed, 27 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md b/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md index 37ffe71d5e..f5581264d4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md +++ b/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md @@ -26,6 +26,8 @@ Applies to: - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + > [!IMPORTANT] > Welcome to Microsoft Defender for Endpoint, the new name for Microsoft Defender for Endpoint. Read more about this and other updates here. We'll be updating names in products and in the docs in the near future. diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md index 41a63e43bb..cc0927755b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md +++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md index 815a6139dd..c7c9163e32 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md @@ -31,7 +31,6 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - >Want to experience Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-downlevel-abovefoldlink). Defender for Endpoint extends support to include down-level operating systems, providing advanced attack detection and investigation capabilities on supported Windows versions. diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md index fe2804290e..199fdba3ea 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md @@ -27,6 +27,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + To onboard devices without Internet access, you'll need to take the following general steps: > [!IMPORTANT] diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard.md b/windows/security/threat-protection/microsoft-defender-atp/onboard.md index 87831075d7..260a39fc37 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboard.md @@ -26,6 +26,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Configure and manage all the Defender for Endpoint capabilities to get the best security protection for your organization. diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md index 1e788eab51..3a0c5a024b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md @@ -27,6 +27,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + This article is part of the Deployment guide and acts as an example onboarding method that guides users in: - Step 1: Onboarding Windows devices to the service - Step 2: Configuring Defender for Endpoint capabilities diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md index 69308b1069..6a93ffde91 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md @@ -27,7 +27,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) This article is part of the Deployment guide and acts as an example onboarding method that guides users in: - Step 1: Onboarding devices to the service by creating a group in Microsoft Endpoint Manager (MEM) to assign configurations on diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md index b598e8b95d..0f2411ad67 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md @@ -25,6 +25,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Create a notification rule so that when a local onboarding or offboardiing script is used, you'll be notified. ## Before you begin diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding.md index 41626f31a2..072ce22415 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding.md @@ -27,6 +27,8 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Deploying Defender for Endpoint is a three-phase process:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md index c560286379..e9e892404c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md @@ -27,6 +27,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Help reduce your attack surfaces, by minimizing the places where your organization is vulnerable to cyberthreats and attacks. Use the following resources to configure protection for the devices and applications in your organization. diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md index af438b69b1..3e0ed6cb27 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md @@ -26,6 +26,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + With custom detections, you can proactively monitor for and respond to various events and system states, including suspected breach activity and misconfigured devices. You can do this with customizable detection rules that automatically trigger alerts and response actions. Custom detections work with [advanced hunting](advanced-hunting-overview.md), which provides a powerful, flexible query language that covers a broad set of event and system information from your network. You can set them to run at regular intervals, generating alerts and taking response actions whenever there are matches. diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md b/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md index caff10f756..c24f798860 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md @@ -27,6 +27,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Defender for Endpoint endpoint detection and response capabilities provide advanced attack detections that are near real-time and actionable. Security analysts can prioritize alerts effectively, gain visibility into the full scope of a breach, and take response actions to remediate threats. When a threat is detected, alerts are created in the system for an analyst to investigate. Alerts with the same attack techniques or attributed to the same attacker are aggregated into an entity called an _incident_. Aggregating alerts in this manner makes it easy for analysts to collectively investigate and respond to threats. diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md b/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md index 882adef417..4d201bf98a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md @@ -25,6 +25,8 @@ ms.date: 09/07/2018 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + Hardware-based isolation helps protect system integrity in Windows 10 and is integrated with Microsoft Defender for Endpoint. | Feature | Description | diff --git a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md index 0576b900d9..4080cc791a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md +++ b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md @@ -26,6 +26,7 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) Defender for Endpoint supports third-party applications to help enhance the detection, investigation, and threat intelligence capabilities of the platform. diff --git a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md index 13472618b4..e543c1c541 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md +++ b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md @@ -24,7 +24,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) ## API description diff --git a/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md index 96825f43c6..3aafb8ab2e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md @@ -28,7 +28,7 @@ ms.topic: article - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) Deploying Defender for Endpoint is a three-phase process: diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md index ee0c75f426..769ca23c89 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md @@ -30,6 +30,8 @@ ms.topic: conceptual - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) + The Defender for Endpoint service is constantly being updated to include new feature enhancements and capabilities. > [!TIP] From 76da8e0c1dae6e5c1bd4e704450d7ed8c7a7114d Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 6 Jan 2021 14:28:34 +0530 Subject: [PATCH 20/93] updated to fix build issue --- .../microsoft-defender-atp/initiate-autoir-investigation.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md index 9b1af94e9e..0b1e10aa01 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md @@ -1,4 +1,4 @@ ---- +``--- title: Start Investigation API description: Use this API to start investigation on a device. keywords: apis, graph api, supported apis, investigation @@ -84,7 +84,7 @@ If successful, this method returns 201 - Created response code and [Investigatio Here is an example of the request. -``` +`` POST https://api.securitycenter.microsoft.com/api/machines/1e5bc9d7e413ddd7902c2932e418702b84d0cc07/startInvestigation Content-type: application/json { From cee4e4c66a323a53ea836fae3a12cd7bf8322051 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 6 Jan 2021 14:45:53 +0530 Subject: [PATCH 21/93] updated update --- .../microsoft-defender-atp/live-response-command-examples.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md index 7883f6a03b..af4511c386 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md +++ b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md @@ -109,7 +109,7 @@ getfile c:\Users\user\Desktop\work.txt -auto > * Empty files > * Virtual files, or files that are not fully present locally > -> These file types **are** supported by [PowerShell](/powershell/scripting/overview?view=powershell-6/). +> These file types **are** supported by [PowerShell](/powershell/scripting/overview?view=powershell-6/?&preserve-view=true). > > Use PowerShell as an alternative, if you have problems using this command from within Live Response. From 3aaab802b03bb60311db8241f634e4c4f039d43d Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 13 Jan 2021 15:02:19 +0530 Subject: [PATCH 22/93] Fix suggestions To fix suggestions --- .../microsoft-defender-atp/grant-mssp-access.md | 2 +- .../microsoft-defender-atp/indicator-file.md | 2 +- .../microsoft-defender-atp/indicator-ip-domain.md | 2 +- .../microsoft-defender-atp/investigate-incidents.md | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md index 131b074f3b..c40e358467 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md +++ b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md @@ -1,6 +1,6 @@ --- title: Grant access to managed security service provider (MSSP) -description: Take the necessary steps to configure the MSSP integration with Microsoft Defender ATP +description: Steps to configure the MSSP integration with Microsoft Defender ATP keywords: managed security service provider, mssp, configure, integration search.product: eADQiWindows 10XVcnh search.appverid: met150 diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md index ec6a1043c3..a1b3238ad2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md +++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md @@ -2,7 +2,7 @@ title: Create indicators for files ms.reviewer: description: Create indicators for a file hash that define the detection, prevention, and exclusion of entities. -keywords: file, hash, manage, allowed, blocked, whitelist, blacklist, block, clean, malicious, file hash, ip address, urls, domain +keywords: file, hash, manage, allowed, blocked, block, clean, malicious, file hash, ip address, urls, domain search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md index 3639845fad..2b78474a59 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md +++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md @@ -2,7 +2,7 @@ title: Create indicators for IPs and URLs/domains ms.reviewer: description: Create indicators for IPs and URLs/domains that define the detection, prevention, and exclusion of entities. -keywords: ip, url, domain, manage, allowed, blocked, whitelist, blacklist, block, clean, malicious, file hash, ip address, urls, domain +keywords: ip, url, domain, manage, allowed, blocked, block, clean, malicious, file hash, ip address, urls, domain search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md index 58b08c56a8..f53cd5ce37 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md @@ -40,7 +40,7 @@ When you investigate an incident, you'll see: ## Analyze incident details Click an incident to see the **Incident pane**. Select **Open incident page** to see the incident details and related information (alerts, devices, investigations, evidence, graph). -![Image of incident details](images/atp-incident-details.png) +![Image of incident details1](images/atp-incident-details.png) ### Alerts You can investigate the alerts and see how they were linked together in an incident. @@ -83,7 +83,7 @@ The **Graph** tells the story of the cybersecurity attack. For example, it shows You can click the circles on the incident graph to view the details of the malicious files, associated file detections, how many instances have there been worldwide, whether it’s been observed in your organization, if so, how many instances. -![Image of incident details](images/atp-incident-graph-details.png) +![Image of incident details2](images/atp-incident-graph-details.png) ## Related topics - [Incidents queue](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue) From 471b3f1d8ab617e669ec1eee491644010a88ebd2 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 13 Jan 2021 15:11:31 +0530 Subject: [PATCH 23/93] Update initiate-autoir-investigation.md to fix warnings --- .../microsoft-defender-atp/initiate-autoir-investigation.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md index 0b1e10aa01..b5ad0513a8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md @@ -1,4 +1,4 @@ -``--- +--- title: Start Investigation API description: Use this API to start investigation on a device. keywords: apis, graph api, supported apis, investigation @@ -15,7 +15,6 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: article --- - # Start Investigation API [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] From a6cd98cd97285f51c7b88adc6565380f8391f079 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 13 Jan 2021 15:42:48 +0530 Subject: [PATCH 24/93] fix-suggestions to fix suggestions --- .../microsoft-defender-atp/ios-install.md | 14 ++++----- .../mac-install-jamfpro-login.md | 6 ++-- .../mac-install-manually.md | 12 ++++---- .../mac-jamfpro-device-groups.md | 6 ++-- .../mac-jamfpro-enroll-devices.md | 30 +++++++++---------- 5 files changed, 34 insertions(+), 34 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md index 9388ff4180..fc8e5d2833 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md @@ -50,7 +50,7 @@ Deploy Defender for Endpoint for iOS via Intune Company Portal. 1. In [Microsoft Endpoint manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Apps** -> **iOS/iPadOS** -> **Add** -> **iOS store app** and click **Select**. > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center](images/ios-deploy-1.png) + ![Image of Microsoft Endpoint Manager Admin Center1](images/ios-deploy-1.png) 1. On the Add app page, click on **Search the App Store** and type **Microsoft Defender ATP** in the search bar. In the search results section, click on *Microsoft Defender ATP* and click **Select**. @@ -62,14 +62,14 @@ Deploy Defender for Endpoint for iOS via Intune Company Portal. > The selected user group should consist of Intune enrolled users. > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center](images/ios-deploy-2.png) + ![Image of Microsoft Endpoint Manager Admin Center2](images/ios-deploy-2.png) 1. In the *Review + Create* section, verify that all the information entered is correct and then select **Create**. In a few moments, the Defender for Endpoint app should be created successfully, and a notification should show up at the top-right corner of the page. 1. In the app information page that is displayed, in the **Monitor** section, select **Device install status** to verify that the device installation has completed successfully. > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center](images/ios-deploy-3.png) + ![Image of Microsoft Endpoint Manager Admin Center3](images/ios-deploy-3.png) ## Complete onboarding and check status @@ -99,7 +99,7 @@ Intune allows you to configure the Defender for iOS app through an App Configura 1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) and go to **Apps** > **App configuration policies** > **Add**. Click on **Managed devices**. > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center](images/ios-deploy-4.png) + ![Image of Microsoft Endpoint Manager Admin Center4](images/ios-deploy-4.png) 1. In the *Create app configuration policy* page, provide the following information: - Policy Name @@ -107,7 +107,7 @@ Intune allows you to configure the Defender for iOS app through an App Configura - Targeted app: Select **Microsoft Defender ATP** from the list > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center](images/ios-deploy-5.png) + ![Image of Microsoft Endpoint Manager Admin Center5](images/ios-deploy-5.png) 1. In the next screen, select **Use configuration designer** as the format. Specify the following property: - Configuration Key: issupervised @@ -115,7 +115,7 @@ Intune allows you to configure the Defender for iOS app through an App Configura - Configuration Value: {{issupervised}} > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center](images/ios-deploy-6.png) + ![Image of Microsoft Endpoint Manager Admin Center6](images/ios-deploy-6.png) 1. Click **Next** to open the **Scope tags** page. Scope tags are optional. Click **Next** to continue. @@ -132,7 +132,7 @@ Intune allows you to configure the Defender for iOS app through an App Configura - Navigate to **Devices** -> **iOS/iPadOS** -> **Configuration profiles** -> **Create Profile** > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center](images/ios-deploy-7.png) + ![Image of Microsoft Endpoint Manager Admin Center7](images/ios-deploy-7.png) - Provide a name of the profile. When prompted to import a Configuration profile file, select the one downloaded above. - In the **Assignment** section, select the device group to which you want to apply this profile. As a best practice, this should be applied to all managed iOS devices. Click **Next**. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md index 02768f9c9e..a824b0a844 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md @@ -31,15 +31,15 @@ ms.topic: conceptual 1. Enter your credentials. - ![Image of Jamf Pro dashboard](images/jamf-pro-portal1.png) + ![Image of Jamf Pro dashboard1](images/jamf-pro-portal1.png) 2. Select **Computers**. - ![Image of Jamf Pro dashboard](images/jamf-pro-dashboard.png) + ![Image of Jamf Pro dashboard2](images/jamf-pro-dashboard.png) 3. You will see the settings that are available. - ![Image of Jamf Pro dashboard](images/jamfpro-settings.png) + ![Image of Jamf Pro dashboard3](images/jamfpro-settings.png) ## Next step diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md index f61fab3284..79b637dd2f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md @@ -58,16 +58,16 @@ To complete this process, you must have admin privileges on the device. 1. Navigate to the downloaded wdav.pkg in Finder and open it. - ![App install screenshot](../microsoft-defender-antivirus/images/MDATP-28-AppInstall.png) + ![App install screenshot1](../microsoft-defender-antivirus/images/MDATP-28-AppInstall.png) 2. Select **Continue**, agree with the License terms, and enter the password when prompted. - ![App install screenshot](../microsoft-defender-antivirus/images/MDATP-29-AppInstallLogin.png) + ![App install screenshot2](../microsoft-defender-antivirus/images/MDATP-29-AppInstallLogin.png) > [!IMPORTANT] > You will be prompted to allow a driver from Microsoft to be installed (either "System Extension Blocked" or "Installation is on hold" or both. The driver must be allowed to be installed. - ![App install screenshot](../microsoft-defender-antivirus/images/MDATP-30-SystemExtension.png) + ![App install screenshot3](../microsoft-defender-antivirus/images/MDATP-30-SystemExtension.png) 3. Select **Open Security Preferences** or **Open System Preferences > Security & Privacy**. Select **Allow**: @@ -87,7 +87,7 @@ To complete this process, you must have admin privileges on the device. 1. Navigate to the downloaded wdav.pkg in Finder and open it. - ![App install screenshot](images/big-sur-install-1.png) + ![App install screenshot4](images/big-sur-install-1.png) 2. Select **Continue**, agree with the License terms, and enter the password when prompted. @@ -97,13 +97,13 @@ To complete this process, you must have admin privileges on the device. 4. From the **Security & Privacy** window, select **Allow**. - ![System extension security preferences](images/big-sur-install-3.png) + ![System extension security preferences1](images/big-sur-install-3.png) 5. Repeat steps 3 & 4 for all system extensions distributed with Microsoft Defender for Endpoint for Mac. 6. As part of the Endpoint Detection and Response capabilities, Microsoft Defender for Endpoint for Mac inspects socket traffic and reports this information to the Microsoft Defender Security Center portal. When prompted to grant Microsoft Defender for Endpoint permissions to filter network traffic, select **Allow**. - ![System extension security preferences](images/big-sur-install-4.png) + ![System extension security preferences2](images/big-sur-install-4.png) 7. Open **System Preferences** > **Security & Privacy** and navigate to the **Privacy** tab. Grant **Full Disk Access** permission to **Microsoft Defender ATP** and **Microsoft Defender ATP Endpoint Security Extension**. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md index 65d3c7e838..d9fe83e432 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md @@ -35,15 +35,15 @@ Set up the device groups similar to Group policy organizational unite (OUs), Mi 2. Select **New**. - ![Image of Jamf Pro](images/jamf-pro-static-group.png) + ![Image of Jamf Pro1](images/jamf-pro-static-group.png) 3. Provide a display name and select **Save**. - ![Image of Jamf Pro](images/jamfpro-machine-group.png) + ![Image of Jamf Pro2](images/jamfpro-machine-group.png) 4. Now you will see the **Contoso's Machine Group** under **Static Computer Groups**. - ![Image of Jamf Pro](images/contoso-machine-group.png) + ![Image of Jamf Pro3](images/contoso-machine-group.png) ## Next step - [Set up Microsoft Defender for Endpoint for macOS policies in Jamf Pro](mac-jamfpro-policies.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md index ef622f9f2e..82d81d192f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md @@ -46,7 +46,7 @@ For a complete list, see [About Computer Enrollment](https://docs.jamf.com/9.9/c 1. In the Jamf Pro dashboard, navigate to **Enrollment invitations**. - ![Image of configuration settings](images/a347307458d6a9bbfa88df7dbe15398f.png) + ![Image of configuration settings1](images/a347307458d6a9bbfa88df7dbe15398f.png) 2. Select **+ New**. @@ -54,29 +54,29 @@ For a complete list, see [About Computer Enrollment](https://docs.jamf.com/9.9/c 3. In **Specify Recipients for the Invitation** > under **Email Addresses** enter the e-mail address(es) of the recipients. - ![Image of configuration settings](images/718b9d609f9f77c8b13ba88c4c0abe5d.png) + ![Image of configuration settings2](images/718b9d609f9f77c8b13ba88c4c0abe5d.png) - ![Image of configuration settings](images/ae3597247b6bc7c5347cf56ab1e820c0.png) + ![Image of configuration settings3](images/ae3597247b6bc7c5347cf56ab1e820c0.png) For example: janedoe@contoso.com - ![Image of configuration settings](images/4922c0fcdde4c7f73242b13bf5e35c19.png) + ![Image of configuration settings4](images/4922c0fcdde4c7f73242b13bf5e35c19.png) 4. Configure the message for the invitation. - ![Image of configuration settings](images/ce580aec080512d44a37ff8e82e5c2ac.png) + ![Image of configuration settings5](images/ce580aec080512d44a37ff8e82e5c2ac.png) - ![Image of configuration settings](images/5856b765a6ce677caacb130ca36b1a62.png) + ![Image of configuration settings6](images/5856b765a6ce677caacb130ca36b1a62.png) - ![Image of configuration settings](images/3ced5383a6be788486d89d407d042f28.png) + ![Image of configuration settings7](images/3ced5383a6be788486d89d407d042f28.png) - ![Image of configuration settings](images/54be9c6ed5b24cebe628dc3cd9ca4089.png) + ![Image of configuration settings8](images/54be9c6ed5b24cebe628dc3cd9ca4089.png) ## Enrollment Method 2: Prestage Enrollments 1. In the Jamf Pro dashboard, navigate to **Prestage enrollments**. - ![Image of configuration settings](images/6fd0cb2bbb0e60a623829c91fd0826ab.png) + ![Image of configuration settings9](images/6fd0cb2bbb0e60a623829c91fd0826ab.png) 2. Follow the instructions in [Computer PreStage Enrollments](https://docs.jamf.com/9.9/casper-suite/administrator-guide/Computer_PreStage_Enrollments.html). @@ -84,24 +84,24 @@ For a complete list, see [About Computer Enrollment](https://docs.jamf.com/9.9/c 1. Select **Continue** and install the CA certificate from a **System Preferences** window. - ![Image of Jamf Pro enrollment](images/jamfpro-ca-certificate.png) + ![Image of Jamf Pro enrollment1](images/jamfpro-ca-certificate.png) 2. Once CA certificate is installed, return to the browser window and select **Continue** and install the MDM profile. - ![Image of Jamf Pro enrollment](images/jamfpro-install-mdm-profile.png) + ![Image of Jamf Pro enrollment2](images/jamfpro-install-mdm-profile.png) 3. Select **Allow** to downloads from JAMF. - ![Image of Jamf Pro enrollment](images/jamfpro-download.png) + ![Image of Jamf Pro enrollment3](images/jamfpro-download.png) 4. Select **Continue** to proceed with the MDM Profile installation. - ![Image of Jamf Pro enrollment](images/jamfpro-install-mdm.png) + ![Image of Jamf Pro enrollment4](images/jamfpro-install-mdm.png) 5. Select **Continue** to install the MDM Profile. - ![Image of Jamf Pro enrollment](images/jamfpro-mdm-unverified.png) + ![Image of Jamf Pro enrollment5](images/jamfpro-mdm-unverified.png) 6. Select **Continue** to complete the configuration. - ![Image of Jamf Pro enrollment](images/jamfpro-mdm-profile.png) + ![Image of Jamf Pro enrollment6](images/jamfpro-mdm-profile.png) From ca3e990dd46286cec93a813098b21dfdd564d368 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 13 Jan 2021 16:56:06 +0530 Subject: [PATCH 25/93] Fix-suggestions To fix suggestions --- .../threat-protection/microsoft-defender-atp/machine-tags.md | 4 ++-- .../threat-protection/microsoft-defender-atp/manage-edr.md | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md index 02aa043452..b7085ea30c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md @@ -56,7 +56,7 @@ To add device tags using API, see [Add or remove device tags API](add-or-remove- 3. Type to find or create tags - ![Image of adding tags on a device](images/new-tags.png) + ![Image of adding tags on a device1](images/new-tags.png) Tags are added to the device view and will also be reflected on the **Devices list** view. You can then use the **Tags** filter to see the relevant list of devices. @@ -65,7 +65,7 @@ Tags are added to the device view and will also be reflected on the **Devices li You can also delete tags from this view. -![Image of adding tags on a device](images/more-manage-tags.png) +![Image of adding tags on a device2](images/more-manage-tags.png) ## Add device tags by setting a registry key value diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md index ff1e7c09c9..cdf46b37a9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md @@ -1,5 +1,6 @@ --- title: Manage endpoint detection and response capabilities +description: Manage endpoint detection and response capabilities ms.reviewer: description: keywords: From 21828d645cd3fa425872253a0fd4d1d7cbfbf2b4 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 13 Jan 2021 17:30:38 +0530 Subject: [PATCH 26/93] fix-suggestions To fix suggestions --- .../microsoft-defender-atp/manage-edr.md | 2 +- ...microsoft-defender-advanced-threat-protection.md | 13 ++++++------- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md index ff1e7c09c9..14a84e3d6f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md @@ -1,7 +1,7 @@ --- title: Manage endpoint detection and response capabilities ms.reviewer: -description: +description: Manage endpoint detection and response capabilities keywords: search.product: eADQiWindows 10XVcnh search.appverid: met150 diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index 42d406d343..73322f89c6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -51,16 +51,15 @@ Defender for Endpoint uses the following combination of technology built into Wi tools, techniques, and procedures, and generate alerts when they are observed in collected sensor data. -

Microsoft Defender for Endpoint

- - - - - - + + + + + +

Threat & Vulnerability Management

Attack surface reduction

Next-generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts

Threat & Vulnerability Management

Attack surface reduction

Next-generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
From b1ff74d359883d866f352818cde1151211c849c4 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Wed, 13 Jan 2021 17:52:16 +0530 Subject: [PATCH 27/93] fix-suggestions To fix suggestions --- ...boarding-endpoint-configuration-manager.md | 78 ++++++++-------- .../onboarding-endpoint-manager.md | 90 +++++++++---------- .../onboarding-notification.md | 4 +- .../microsoft-defender-atp/portal-overview.md | 4 +- 4 files changed, 88 insertions(+), 88 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md index 3a0c5a024b..bb86535c49 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md @@ -66,39 +66,39 @@ Follow the steps below to onboard endpoints using Microsoft Endpoint Configurati 1. In Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Device Collections**. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-device-collections.png) + ![Image of Microsoft Endpoint Configuration Manager wizard1](images/configmgr-device-collections.png) 2. Right Click **Device Collection** and select **Create Device Collection**. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-create-device-collection.png) + ![Image of Microsoft Endpoint Configuration Manager wizard2](images/configmgr-create-device-collection.png) 3. Provide a **Name** and **Limiting Collection**, then select **Next**. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-limiting-collection.png) + ![Image of Microsoft Endpoint Configuration Manager wizard3](images/configmgr-limiting-collection.png) 4. Select **Add Rule** and choose **Query Rule**. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-query-rule.png) + ![Image of Microsoft Endpoint Configuration Manager wizard4](images/configmgr-query-rule.png) 5. Click **Next** on the **Direct Membership Wizard** and click on **Edit Query Statement**. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-direct-membership.png) + ![Image of Microsoft Endpoint Configuration Manager wizard5](images/configmgr-direct-membership.png) 6. Select **Criteria** and then choose the star icon. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-criteria.png) + ![Image of Microsoft Endpoint Configuration Manager wizard6](images/configmgr-criteria.png) 7. Keep criterion type as **simple value**, choose where as **Operating System - build number**, operator as **is greater than or equal to** and value **14393** and click on **OK**. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-simple-value.png) + ![Image of Microsoft Endpoint Configuration Manager wizard7](images/configmgr-simple-value.png) 8. Select **Next** and **Close**. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-membership-rules.png) + ![Image of Microsoft Endpoint Configuration Manager wizard8](images/configmgr-membership-rules.png) 9. Select **Next**. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-confirm.png) + ![Image of Microsoft Endpoint Configuration Manager wizard9](images/configmgr-confirm.png) After completing this task, you now have a device collection with all the Windows 10 endpoints in the environment. @@ -123,22 +123,22 @@ Manager and deploy that policy to Windows 10 devices. 2. Under Deployment method select the supported version of **Microsoft Endpoint Configuration Manager**. - ![Image of Microsoft Defender for Endpoint onboarding wizard](images/mdatp-onboarding-wizard.png) + ![Image of Microsoft Defender for Endpoint onboarding wizard10](images/mdatp-onboarding-wizard.png) 3. Select **Download package**. - ![Image of Microsoft Defender for Endpoint onboarding wizard](images/mdatp-download-package.png) + ![Image of Microsoft Defender for Endpoint onboarding wizard11](images/mdatp-download-package.png) 4. Save the package to an accessible location. 5. In Microsoft Endpoint Configuration Manager, navigate to: **Assets and Compliance > Overview > Endpoint Protection > Microsoft Defender ATP Policies**. 6. Right-click **Microsoft Defender ATP Policies** and select **Create Microsoft Defender ATP Policy**. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-create-policy.png) + ![Image of Microsoft Endpoint Configuration Manager wizard12](images/configmgr-create-policy.png) 7. Enter the name and description, verify **Onboarding** is selected, then select **Next**. - ![Image of Microsoft Endpoint Configuration Manager wizard](images/configmgr-policy-name.png) + ![Image of Microsoft Endpoint Configuration Manager wizard13](images/configmgr-policy-name.png) 8. Click **Browse**. @@ -147,25 +147,25 @@ Manager and deploy that policy to Windows 10 devices. 10. Click **Next**. 11. Configure the Agent with the appropriate samples (**None** or **All file types**). - ![Image of configuration settings](images/configmgr-config-settings.png) + ![Image of configuration settings1](images/configmgr-config-settings.png) 12. Select the appropriate telemetry (**Normal** or **Expedited**) then click **Next**. - ![Image of configuration settings](images/configmgr-telemetry.png) + ![Image of configuration settings2](images/configmgr-telemetry.png) 14. Verify the configuration, then click **Next**. - ![Image of configuration settings](images/configmgr-verify-configuration.png) + ![Image of configuration settings3](images/configmgr-verify-configuration.png) 15. Click **Close** when the Wizard completes. 16. In the Microsoft Endpoint Configuration Manager console, right-click the Defender for Endpoint policy you just created and select **Deploy**. - ![Image of configuration settings](images/configmgr-deploy.png) + ![Image of configuration settings4](images/configmgr-deploy.png) 17. On the right panel, select the previously created collection and click **OK**. - ![Image of configuration settings](images/configmgr-select-collection.png) + ![Image of configuration settings5](images/configmgr-select-collection.png) #### Previous versions of Windows Client (Windows 7 and Windows 8.1) @@ -257,11 +257,11 @@ needs on how Antivirus is configured. 3. Right-click on the newly created antimalware policy and select **Deploy**. - ![Image of next generation protection pane](images/f5508317cd8c7870627cb4726acd5f3d.png) + ![Image of next generation protection pane1](images/f5508317cd8c7870627cb4726acd5f3d.png) 4. Target the new antimalware policy to your Windows 10 collection and click **OK**. - ![Image of next generation protection pane](images/configmgr-select-collection.png) + ![Image of next generation protection pane2](images/configmgr-select-collection.png) After completing this task, you now have successfully configured Windows Defender Antivirus. @@ -284,26 +284,26 @@ To set ASR rules in Audit mode: 3. Set rules to **Audit** and click **Next**. - ![Image of Microsoft Endpoint Configuration Manager console](images/d18e40c9e60aecf1f9a93065cb7567bd.png) + ![Image of Microsoft Endpoint Configuration Manager console1](images/d18e40c9e60aecf1f9a93065cb7567bd.png) 4. Confirm the new Exploit Guard policy by clicking on **Next**. - ![Image of Microsoft Endpoint Configuration Manager console](images/0a6536f2c4024c08709cac8fcf800060.png) + ![Image of Microsoft Endpoint Configuration Manager console2](images/0a6536f2c4024c08709cac8fcf800060.png) 5. Once the policy is created click **Close**. - ![Image of Microsoft Endpoint Configuration Manager console](images/95d23a07c2c8bc79176788f28cef7557.png) + ![Image of Microsoft Endpoint Configuration Manager console3](images/95d23a07c2c8bc79176788f28cef7557.png) 6. Right-click on the newly created policy and choose **Deploy**. - ![Image of Microsoft Endpoint Configuration Manager console](images/8999dd697e3b495c04eb911f8b68a1ef.png) + ![Image of Microsoft Endpoint Configuration Manager console4](images/8999dd697e3b495c04eb911f8b68a1ef.png) 7. Target the policy to the newly created Windows 10 collection and click **OK**. - ![Image of Microsoft Endpoint Configuration Manager console](images/0ccfe3e803be4b56c668b220b51da7f7.png) + ![Image of Microsoft Endpoint Configuration Manager console5](images/0ccfe3e803be4b56c668b220b51da7f7.png) After completing this task, you now have successfully configured ASR rules in audit mode. @@ -321,11 +321,11 @@ endpoints. (This may take few minutes) 4. Click **Configuration** tab in Attack surface reduction rules reports. It shows ASR rules configuration overview and ASR rules status on each devices. - ![A screenshot of attack surface reduction rules reports](images/f91f406e6e0aae197a947d3b0e8b2d0d.png) + ![A screenshot of attack surface reduction rules reports1](images/f91f406e6e0aae197a947d3b0e8b2d0d.png) 5. Click each device shows configuration details of ASR rules. - ![A screenshot of attack surface reduction rules reports](images/24bfb16ed561cbb468bd8ce51130ca9d.png) + ![A screenshot of attack surface reduction rules reports2](images/24bfb16ed561cbb468bd8ce51130ca9d.png) See [Optimize ASR rule deployment and detections](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr) for more details. @@ -334,29 +334,29 @@ detections](https://docs.microsoft.com/windows/security/threat-protection/micros #### Set Network Protection rules in Audit mode: 1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**. - ![A screenshot System Center Configuration Manager](images/728c10ef26042bbdbcd270b6343f1a8a.png) + ![A screenshot System Center Configuration Manager1](images/728c10ef26042bbdbcd270b6343f1a8a.png) 2. Select **Network protection**. 3. Set the setting to **Audit** and click **Next**. - ![A screenshot System Center Confirugatiom Manager](images/c039b2e05dba1ade6fb4512456380c9f.png) + ![A screenshot System Center Confirugatiom Manager2](images/c039b2e05dba1ade6fb4512456380c9f.png) 4. Confirm the new Exploit Guard Policy by clicking **Next**. - ![A screenshot Exploit GUard policy](images/0a6536f2c4024c08709cac8fcf800060.png) + ![A screenshot Exploit GUard policy1](images/0a6536f2c4024c08709cac8fcf800060.png) 5. Once the policy is created click on **Close**. - ![A screenshot Exploit GUard policy](images/95d23a07c2c8bc79176788f28cef7557.png) + ![A screenshot Exploit GUard policy2](images/95d23a07c2c8bc79176788f28cef7557.png) 6. Right-click on the newly created policy and choose **Deploy**. - ![A screenshot Microsoft Endpoint Configuration Manager ](images/8999dd697e3b495c04eb911f8b68a1ef.png) + ![A screenshot Microsoft Endpoint Configuration Manager1](images/8999dd697e3b495c04eb911f8b68a1ef.png) 7. Select the policy to the newly created Windows 10 collection and choose **OK**. - ![A screenshot Microsoft Endpoint Configuration Manager ](images/0ccfe3e803be4b56c668b220b51da7f7.png) + ![A screenshot Microsoft Endpoint Configuration Manager2](images/0ccfe3e803be4b56c668b220b51da7f7.png) After completing this task, you now have successfully configured Network Protection in audit mode. @@ -365,29 +365,29 @@ Protection in audit mode. 1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**. - ![A screenshot of Microsoft Endpoint Configuration Manager ](images/728c10ef26042bbdbcd270b6343f1a8a.png) + ![A screenshot of Microsoft Endpoint Configuration Manager3](images/728c10ef26042bbdbcd270b6343f1a8a.png) 2. Select **Controlled folder access**. 3. Set the configuration to **Audit** and click **Next**. - ![A screenshot of Microsoft Endpoint Configuration Manager ](images/a8b934dab2dbba289cf64fe30e0e8aa4.png) + ![A screenshot of Microsoft Endpoint Configuration Manager4](images/a8b934dab2dbba289cf64fe30e0e8aa4.png) 4. Confirm the new Exploit Guard Policy by clicking on **Next**. - ![A screenshot of Microsoft Endpoint Configuration Manager ](images/0a6536f2c4024c08709cac8fcf800060.png) + ![A screenshot of Microsoft Endpoint Configuration Manager5](images/0a6536f2c4024c08709cac8fcf800060.png) 5. Once the policy is created click on **Close**. - ![A screenshot of Microsoft Endpoint Configuration Manager ](images/95d23a07c2c8bc79176788f28cef7557.png) + ![A screenshot of Microsoft Endpoint Configuration Manager6](images/95d23a07c2c8bc79176788f28cef7557.png) 6. Right-click on the newly created policy and choose **Deploy**. - ![A screenshot of Microsoft Endpoint Configuration Manager ](images/8999dd697e3b495c04eb911f8b68a1ef.png) + ![A screenshot of Microsoft Endpoint Configuration Manager7](images/8999dd697e3b495c04eb911f8b68a1ef.png) 7. Target the policy to the newly created Windows 10 collection and click **OK**. - ![A screenshot of Microsoft Endpoint Configuration Manager ](images/0ccfe3e803be4b56c668b220b51da7f7.png) + ![A screenshot of Microsoft Endpoint Configuration Manager8](images/0ccfe3e803be4b56c668b220b51da7f7.png) You have now successfully configured Controlled folder access in audit mode. diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md index 6a93ffde91..aa5a567499 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md @@ -80,12 +80,12 @@ needs.
2. Open **Groups > New Group**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/66f724598d9c3319cba27f79dd4617a4.png) + > ![Image of Microsoft Endpoint Manager portal1](images/66f724598d9c3319cba27f79dd4617a4.png) 3. Enter details and create a new group. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/b1e0206d675ad07db218b63cd9b9abc3.png) + > ![Image of Microsoft Endpoint Manager portal2](images/b1e0206d675ad07db218b63cd9b9abc3.png) 4. Add your test user or device. @@ -96,7 +96,7 @@ needs.
7. Find your test user or device and select it. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/149cbfdf221cdbde8159d0ab72644cd0.png) + > ![Image of Microsoft Endpoint Manager portal3](images/149cbfdf221cdbde8159d0ab72644cd0.png) 8. Your testing group now has a member to test. @@ -122,7 +122,7 @@ different types of endpoint security policies: on **Create Profile**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/58dcd48811147feb4ddc17212b7fe840.png) + > ![Image of Microsoft Endpoint Manager portal4](images/58dcd48811147feb4ddc17212b7fe840.png) 3. Under **Platform, select Windows 10 and Later, Profile - Endpoint detection and response > Create**. @@ -130,39 +130,39 @@ different types of endpoint security policies: 4. Enter a name and description, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/a5b2d23bdd50b160fef4afd25dda28d4.png) + > ![Image of Microsoft Endpoint Manager portal5](images/a5b2d23bdd50b160fef4afd25dda28d4.png) 5. Select settings as required, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/cea7e288b5d42a9baf1aef0754ade910.png) + > ![Image of Microsoft Endpoint Manager portal6](images/cea7e288b5d42a9baf1aef0754ade910.png) > [!NOTE] > In this instance, this has been auto populated as Defender for Endpoint has already been integrated with Intune. For more information on the integration, see [Enable Microsoft Defender for Endpoint in Intune](https://docs.microsoft.com/mem/intune/protect/advanced-threat-protection-configure#to-enable-microsoft-defender-atp). > > The following image is an example of what you'll see when Microsoft Defender for Endpoint is NOT integrated with Intune: > - > ![Image of Microsoft Endpoint Manager portal](images/2466460812371ffae2d19a10c347d6f4.png) + > ![Image of Microsoft Endpoint Manager portal7](images/2466460812371ffae2d19a10c347d6f4.png) 6. Add scope tags if necessary, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/ef844f52ec2c0d737ce793f68b5e8408.png) + > ![Image of Microsoft Endpoint Manager portal8](images/ef844f52ec2c0d737ce793f68b5e8408.png) 7. Add test group by clicking on **Select groups to include** and choose your group, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/fc3525e20752da026ec9f46ab4fec64f.png) + > ![Image of Microsoft Endpoint Manager portal9](images/fc3525e20752da026ec9f46ab4fec64f.png) 8. Review and accept, then select **Create**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/289172dbd7bd34d55d24810d9d4d8158.png) + > ![Image of Microsoft Endpoint Manager portal10](images/289172dbd7bd34d55d24810d9d4d8158.png) 9. You can view your completed policy. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/5a568b6878be8243ea2b9d82d41ed297.png) + > ![Image of Microsoft Endpoint Manager portal11](images/5a568b6878be8243ea2b9d82d41ed297.png) ### Next-generation protection @@ -171,7 +171,7 @@ different types of endpoint security policies: 2. Navigate to **Endpoint security > Antivirus > Create Policy**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/6b728d6e0d71108d768e368b416ff8ba.png) + > ![Image of Microsoft Endpoint Manager portal12](images/6b728d6e0d71108d768e368b416ff8ba.png) 3. Select **Platform - Windows 10 and Later - Windows and Profile – Microsoft Defender Antivirus > Create**. @@ -179,34 +179,34 @@ different types of endpoint security policies: 4. Enter name and description, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/a7d738dd4509d65407b7d12beaa3e917.png) + > ![Image of Microsoft Endpoint Manager portal13](images/a7d738dd4509d65407b7d12beaa3e917.png) 5. In the **Configuration settings page**: Set the configurations you require for Microsoft Defender Antivirus (Cloud Protection, Exclusions, Real-Time Protection, and Remediation). > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/3840b1576d6f79a1d72eb14760ef5e8c.png) + > ![Image of Microsoft Endpoint Manager portal14](images/3840b1576d6f79a1d72eb14760ef5e8c.png) 6. Add scope tags if necessary, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/2055e4f9b9141525c0eb681e7ba19381.png) + > ![Image of Microsoft Endpoint Manager portal15](images/2055e4f9b9141525c0eb681e7ba19381.png) 7. Select groups to include, assign to your test group, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/48318a51adee06bff3908e8ad4944dc9.png) + > ![Image of Microsoft Endpoint Manager portal16](images/48318a51adee06bff3908e8ad4944dc9.png) 8. Review and create, then select **Create**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/dfdadab79112d61bd3693d957084b0ec.png) + > ![Image of Microsoft Endpoint Manager portal17](images/dfdadab79112d61bd3693d957084b0ec.png) 9. You'll see the configuration policy you created. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/38180219e632d6e4ec7bd25a46398da8.png) + > ![Image of Microsoft Endpoint Manager portal18](images/38180219e632d6e4ec7bd25a46398da8.png) ### Attack Surface Reduction – Attack surface reduction rules @@ -220,12 +220,12 @@ different types of endpoint security policies: rules > Create**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/522d9bb4288dc9c1a957392b51384fdd.png) + > ![Image of Microsoft Endpoint Manager portal19](images/522d9bb4288dc9c1a957392b51384fdd.png) 5. Enter a name and description, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/a5a71fd73ec389f3cdce6d1a6bd1ff31.png) + > ![Image of Microsoft Endpoint Manager portal20](images/a5a71fd73ec389f3cdce6d1a6bd1ff31.png) 6. In the **Configuration settings page**: Set the configurations you require for Attack surface reduction rules, then select **Next**. @@ -236,27 +236,27 @@ different types of endpoint security policies: > For more information, see [Attack surface reduction rules](attack-surface-reduction.md). > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/dd0c00efe615a64a4a368f54257777d0.png) + > ![Image of Microsoft Endpoint Manager portal21](images/dd0c00efe615a64a4a368f54257777d0.png) 7. Add Scope Tags as required, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/6daa8d347c98fe94a0d9c22797ff6f28.png) + > ![Image of Microsoft Endpoint Manager portal22](images/6daa8d347c98fe94a0d9c22797ff6f28.png) 8. Select groups to include and assign to test group, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/45cefc8e4e474321b4d47b4626346597.png) + > ![Image of Microsoft Endpoint Manager portal23](images/45cefc8e4e474321b4d47b4626346597.png) 9. Review the details, then select **Create**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/2c2e87c5fedc87eba17be0cdeffdb17f.png) + > ![Image of Microsoft Endpoint Manager portal24](images/2c2e87c5fedc87eba17be0cdeffdb17f.png) 10. View the policy. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/7a631d17cc42500dacad4e995823ffef.png) + > ![Image of Microsoft Endpoint Manager portal25](images/7a631d17cc42500dacad4e995823ffef.png) ### Attack Surface Reduction – Web Protection @@ -269,12 +269,12 @@ different types of endpoint security policies: 4. Select **Windows 10 and Later – Web protection > Create**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/cd7b5a1cbc16cc05f878cdc99ba4c27f.png) + > ![Image of Microsoft Endpoint Manager portal26](images/cd7b5a1cbc16cc05f878cdc99ba4c27f.png) 5. Enter a name and description, then select **Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/5be573a60cd4fa56a86a6668b62dd808.png) + > ![Image of Microsoft Endpoint Manager portal27](images/5be573a60cd4fa56a86a6668b62dd808.png) 6. In the **Configuration settings page**: Set the configurations you require for Web Protection, then select **Next**. @@ -285,27 +285,27 @@ different types of endpoint security policies: > For more information, see [Web Protection](web-protection-overview.md). > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/6104aa33a56fab750cf30ecabef9f5b6.png) + > ![Image of Microsoft Endpoint Manager portal28](images/6104aa33a56fab750cf30ecabef9f5b6.png) 7. Add **Scope Tags as required > Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/6daa8d347c98fe94a0d9c22797ff6f28.png) + > ![Image of Microsoft Endpoint Manager portal29](images/6daa8d347c98fe94a0d9c22797ff6f28.png) 8. Select **Assign to test group > Next**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/45cefc8e4e474321b4d47b4626346597.png) + > ![Image of Microsoft Endpoint Manager portal30](images/45cefc8e4e474321b4d47b4626346597.png) 9. Select **Review and Create > Create**. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/8ee0405f1a96c23d2eb6f737f11c1ae5.png) + > ![Image of Microsoft Endpoint Manager portal31](images/8ee0405f1a96c23d2eb6f737f11c1ae5.png) 10. View the policy. > [!div class="mx-imgBorder"] - > ![Image of Microsoft Endpoint Manager portal](images/e74f6f6c150d017a286e6ed3dffb7757.png) + > ![Image of Microsoft Endpoint Manager portal32](images/e74f6f6c150d017a286e6ed3dffb7757.png) ## Validate configuration settings @@ -323,22 +323,22 @@ To confirm that the configuration policy has been applied to your test device, f steps above. The following example shows the next generation protection settings. > [!div class="mx-imgBorder"] - > [ ![Image of Microsoft Endpoint Manager portal](images/43ab6aa74471ee2977e154a4a5ef2d39.png) ](images/43ab6aa74471ee2977e154a4a5ef2d39.png#lightbox) + > [ ![Image of Microsoft Endpoint Manager portal33](images/43ab6aa74471ee2977e154a4a5ef2d39.png) ](images/43ab6aa74471ee2977e154a4a5ef2d39.png#lightbox) 2. Select the **Configuration Policy** to view the policy status. > [!div class="mx-imgBorder"] - > [ ![Image of Microsoft Endpoint Manager portal](images/55ecaca0e4a022f0e29d45aeed724e6c.png) ](images/55ecaca0e4a022f0e29d45aeed724e6c.png#lightbox) + > [ ![Image of Microsoft Endpoint Manager portal34](images/55ecaca0e4a022f0e29d45aeed724e6c.png) ](images/55ecaca0e4a022f0e29d45aeed724e6c.png#lightbox) 3. Select **Device Status** to see the status. > [!div class="mx-imgBorder"] - > [ ![Image of Microsoft Endpoint Manager portal](images/18a50df62cc38749000dbfb48e9a4c9b.png) ](images/18a50df62cc38749000dbfb48e9a4c9b.png#lightbox) + > [ ![Image of Microsoft Endpoint Manager portal35](images/18a50df62cc38749000dbfb48e9a4c9b.png) ](images/18a50df62cc38749000dbfb48e9a4c9b.png#lightbox) 4. Select **User Status** to see the status. > [!div class="mx-imgBorder"] - > [ ![Image of Microsoft Endpoint Manager portal](images/4e965749ff71178af8873bc91f9fe525.png) ](images/4e965749ff71178af8873bc91f9fe525.png#lightbox) + > [ ![Image of Microsoft Endpoint Manager portal36](images/4e965749ff71178af8873bc91f9fe525.png) ](images/4e965749ff71178af8873bc91f9fe525.png#lightbox) 5. Select **Per-setting status** to see the status. @@ -346,7 +346,7 @@ To confirm that the configuration policy has been applied to your test device, f >This view is very useful to identify any settings that conflict with another policy. > [!div class="mx-imgBorder"] - > [ ![Image of Microsoft Endpoint Manager portal](images/42acc69d0128ed09804010bdbdf0a43c.png) ](images/42acc69d0128ed09804010bdbdf0a43c.png#lightbox) + > [ ![Image of Microsoft Endpoint Manager portal37](images/42acc69d0128ed09804010bdbdf0a43c.png) ](images/42acc69d0128ed09804010bdbdf0a43c.png#lightbox) ### Endpoint detection and response @@ -355,13 +355,13 @@ To confirm that the configuration policy has been applied to your test device, f Protection service should not be started. > [!div class="mx-imgBorder"] - > [ ![Image of Services panel](images/b418a232a12b3d0a65fc98248dbb0e31.png) ](images/b418a232a12b3d0a65fc98248dbb0e31.png#lightbox) + > [ ![Image of Services panel1](images/b418a232a12b3d0a65fc98248dbb0e31.png) ](images/b418a232a12b3d0a65fc98248dbb0e31.png#lightbox) 2. After the configuration has been applied, the Defender for Endpoint Protection Service should be started. > [!div class="mx-imgBorder"] - > [ ![Image of Services panel](images/a621b699899f1b41db211170074ea59e.png) ](images/a621b699899f1b41db211170074ea59e.png#lightbox) + > [ ![Image of Services panel2](images/a621b699899f1b41db211170074ea59e.png) ](images/a621b699899f1b41db211170074ea59e.png#lightbox) 3. After the services are running on the device, the device appears in Microsoft Defender Security Center. @@ -375,7 +375,7 @@ To confirm that the configuration policy has been applied to your test device, f manage the settings as shown below. > [!div class="mx-imgBorder"] - > ![Image of setting page](images/88efb4c3710493a53f2840c3eac3e3d3.png) + > ![Image of setting page1](images/88efb4c3710493a53f2840c3eac3e3d3.png) 2. After the policy has been applied, you should not be able to manually manage the settings. @@ -385,7 +385,7 @@ To confirm that the configuration policy has been applied to your test device, f > **Turn on real-time protection** are being shown as managed. > [!div class="mx-imgBorder"] - > ![Image of setting page](images/9341428b2d3164ca63d7d4eaa5cff642.png) + > ![Image of setting page2](images/9341428b2d3164ca63d7d4eaa5cff642.png) ### Attack Surface Reduction – Attack surface reduction rules @@ -400,13 +400,13 @@ To confirm that the configuration policy has been applied to your test device, f > > AttackSurfaceReductionRules_Ids: - ![Image of command line](images/cb0260d4b2636814e37eee427211fe71.png) + ![Image of command line1](images/cb0260d4b2636814e37eee427211fe71.png) 3. After applying the policy on a test device, open a PowerShell Windows and type `Get-MpPreference`. 4. This should respond with the following lines with content as shown below: - ![Image of command line](images/619fb877791b1fc8bc7dfae1a579043d.png) + ![Image of command line2](images/619fb877791b1fc8bc7dfae1a579043d.png) ### Attack Surface Reduction – Web Protection @@ -415,11 +415,11 @@ To confirm that the configuration policy has been applied to your test device, f 2. This should respond with a 0 as shown below. - ![Image of command line](images/196a8e194ac99d84221f405d0f684f8c.png) + ![Image of command line3](images/196a8e194ac99d84221f405d0f684f8c.png) 3. After applying the policy, open a PowerShell Windows and type `(Get-MpPreference).EnableNetworkProtection`. 4. This should respond with a 1 as shown below. - ![Image of command line](images/c06fa3bbc2f70d59dfe1e106cd9a4683.png) + ![Image of command line4](images/c06fa3bbc2f70d59dfe1e106cd9a4683.png) diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md index af1d86243f..5ace4fefd0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md @@ -181,8 +181,8 @@ You'll need to have access to: 11. Under **Condition**, add the following expression: "length(body('Get_items')?['value'])" and set the condition to equal to 0. ![Image of apply to each condition](images/apply-to-each-value.png) - ![Image of condition](images/conditions-2.png) - ![Image of condition](images/condition3.png) + ![Image of condition1](images/conditions-2.png) + ![Image of condition2](images/condition3.png) ![Image of send email](images/send-email.png) ## Alert notification diff --git a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md index fcf3f127d0..5719fa1a32 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md @@ -81,7 +81,7 @@ Icon | Description ![Alert icon](images/alert-icon.png)| Alert – Indication of an activity correlated with advanced attacks. ![Detection icon](images/detection-icon.png)| Detection – Indication of a malware threat detection. ![Active threat icon](images/active-threat-icon.png)| Active threat – Threats actively executing at the time of detection. -![Remediated icon](images/remediated-icon.png)| Remediated – Threat removed from the device. +![Remediated icon1](images/remediated-icon.png)| Remediated – Threat removed from the device. ![Not remediated icon](images/not-remediated-icon.png)| Not remediated – Threat not removed from the device. ![Thunderbolt icon](images/atp-thunderbolt-icon.png)| Indicates events that triggered an alert in the **Alert process tree**. ![Device icon](images/atp-machine-icon.png)| Device icon @@ -116,7 +116,7 @@ Icon | Description ![Terminated by system](images/terminated-by-system.png) | Automated investigation - terminated by system ![Pending icon](images/pending.png) | Automated investigation - pending ![Running icon](images/running.png) | Automated investigation - running -![Remediated icon](images/remediated.png) | Automated investigation - remediated +![Remediated icon2](images/remediated.png) | Automated investigation - remediated ![Partially investigated icon](images/partially_remediated.png) | Automated investigation - partially remediated ![Threat insights icon](images/tvm_bug_icon.png) | Threat & Vulnerability Management - threat insights ![Possible active alert icon](images/tvm_alert_icon.png) | Threat & Vulnerability Management - possible active alert From 87f5b4b8ea81235dd56b6217d5ff5886def4119c Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Fri, 15 Jan 2021 11:35:11 +0530 Subject: [PATCH 28/93] fix-suggestions To fix suggestions --- ...boarding-endpoint-configuration-manager.md | 23 +++++++++---------- 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md index bb86535c49..c471aa800c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md @@ -228,7 +228,7 @@ Microsoft Defender Antivirus is a built-in antimalware solution that provides ne 2. Select **Scheduled scans**, **Scan settings**, **Default actions**, **Real-time protection**, **Exclusion settings**, **Advanced**, **Threat overrides**, **Cloud Protection Service** and **Security intelligence updates** and choose **OK**. - ![Image of next generation protection pane](images/1566ad81bae3d714cc9e0d47575a8cbd.png) + ![Image of next generation protection pane1](images/1566ad81bae3d714cc9e0d47575a8cbd.png) In certain industries or some select enterprise customers might have specific needs on how Antivirus is configured. @@ -238,30 +238,29 @@ needs on how Antivirus is configured. For more details, see [Windows Security configuration framework](https://docs.microsoft.com/windows/security/threat-protection/windows-security-configuration-framework/windows-security-configuration-framework) - - ![Image of next generation protection pane](images/cd7daeb392ad5a36f2d3a15d650f1e96.png) + ![Image of next generation protection pane2](images/cd7daeb392ad5a36f2d3a15d650f1e96.png) - ![Image of next generation protection pane](images/36c7c2ed737f2f4b54918a4f20791d4b.png) + ![Image of next generation protection pane3](images/36c7c2ed737f2f4b54918a4f20791d4b.png) - ![Image of next generation protection pane](images/a28afc02c1940d5220b233640364970c.png) + ![Image of next generation protection pane4](images/a28afc02c1940d5220b233640364970c.png) - ![Image of next generation protection pane](images/5420a8790c550f39f189830775a6d4c9.png) + ![Image of next generation protection pane5](images/5420a8790c550f39f189830775a6d4c9.png) - ![Image of next generation protection pane](images/33f08a38f2f4dd12a364f8eac95e8c6b.png) + ![Image of next generation protection pane6](images/33f08a38f2f4dd12a364f8eac95e8c6b.png) - ![Image of next generation protection pane](images/41b9a023bc96364062c2041a8f5c344e.png) + ![Image of next generation protection pane7](images/41b9a023bc96364062c2041a8f5c344e.png) - ![Image of next generation protection pane](images/945c9c5d66797037c3caeaa5c19f135c.png) + ![Image of next generation protection pane8](images/945c9c5d66797037c3caeaa5c19f135c.png) - ![Image of next generation protection pane](images/3876ca687391bfc0ce215d221c683970.png) + ![Image of next generation protection pane9](images/3876ca687391bfc0ce215d221c683970.png) 3. Right-click on the newly created antimalware policy and select **Deploy**. - ![Image of next generation protection pane1](images/f5508317cd8c7870627cb4726acd5f3d.png) + ![Image of next generation protection pane10](images/f5508317cd8c7870627cb4726acd5f3d.png) 4. Target the new antimalware policy to your Windows 10 collection and click **OK**. - ![Image of next generation protection pane2](images/configmgr-select-collection.png) + ![Image of next generation protection pane11](images/configmgr-select-collection.png) After completing this task, you now have successfully configured Windows Defender Antivirus. From 97b3adcc06c2e3f7932b20817210431fc4c7aaf2 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Fri, 15 Jan 2021 11:52:48 +0530 Subject: [PATCH 29/93] fix-suggestions To fix suggestions --- .../onboarding-endpoint-configuration-manager.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md index c471aa800c..4b1d1bdadd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md @@ -275,7 +275,7 @@ To set ASR rules in Audit mode: 1. In the Microsoft Endpoint Configuration Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**. - ![Image of Microsoft Endpoint Configuration Manager console](images/728c10ef26042bbdbcd270b6343f1a8a.png) + ![Image of Microsoft Endpoint Configuration Manager console0](images/728c10ef26042bbdbcd270b6343f1a8a.png) 2. Select **Attack Surface Reduction**. From 6ed3ad6d59604799ac8d0c15249d9e154c1ce174 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Fri, 15 Jan 2021 12:02:01 +0530 Subject: [PATCH 30/93] fix-suggestions to fix suggestions --- .../onboarding-endpoint-configuration-manager.md | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md index c1356ab8ff..8ad69d2bd0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md @@ -286,12 +286,7 @@ To set ASR rules in Audit mode: 1. In the Microsoft Endpoint Manager console, navigate to **Assets and Compliance \> Overview \> Endpoint Protection \> Windows Defender Exploit Guard** and choose **Create Exploit Guard Policy**. -<<<<<<< HEAD ![Image of Microsoft Endpoint Configuration Manager console0](images/728c10ef26042bbdbcd270b6343f1a8a.png) -======= - ![Image of Microsoft Endpoint Manager console](images/728c10ef26042bbdbcd270b6343f1a8a.png) ->>>>>>> 23a3021e03bd6b1ecdffdc738c3e4c4c37399ecb - 2. Select **Attack Surface Reduction**. @@ -310,7 +305,7 @@ To set ASR rules in Audit mode: ![Image of Microsoft Endpoint Configuration Manager console3](images/95d23a07c2c8bc79176788f28cef7557.png) - ![Image of Microsoft Endpoint Manager console](images/95d23a07c2c8bc79176788f28cef7557.png) + ![Image of Microsoft Endpoint Manager console1](images/95d23a07c2c8bc79176788f28cef7557.png) 6. Right-click on the newly created policy and choose **Deploy**. From ea643ac5af768f03175b44fb13d69737ffe5888a Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Fri, 15 Jan 2021 12:20:44 +0530 Subject: [PATCH 31/93] fix-suggestions To fix suggestions --- .../microsoft-defender-advanced-threat-protection.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index 73322f89c6..4b0617ee7d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -54,12 +54,12 @@ Defender for Endpoint uses the following combination of technology built into Wi

Microsoft Defender for Endpoint

- - - - - - + + + + + +

Threat & Vulnerability Management

Attack surface reduction

Next-generation protection

Endpoint detection and response

Automated investigation and remediation

Microsoft Threat Experts
Threat & Vulnerability Management
Threat & Vulnerability Management
Attack surface reduction
Attack surface reduction
Next-generation protection
Next-generation protection
Endpoint detection and response
Endpoint detection and response
Automated investigation and remediation
Automated investigation and remediation
Microsoft Threat Experts
Microsoft Threat Experts
From 630e2c6f0784e6c94f7a4465e737f3210c0660e9 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Fri, 15 Jan 2021 12:42:05 +0530 Subject: [PATCH 32/93] fix-suggestions to fix suggestions --- .../threat-protection/microsoft-defender-atp/manage-edr.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md index cdf46b37a9..2a8ba54469 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md @@ -2,7 +2,6 @@ title: Manage endpoint detection and response capabilities description: Manage endpoint detection and response capabilities ms.reviewer: -description: keywords: search.product: eADQiWindows 10XVcnh search.appverid: met150 From 933b72f0906c77e17a6cc30a177bd68955d8ad84 Mon Sep 17 00:00:00 2001 From: Lovina Saldanha Date: Fri, 15 Jan 2021 16:37:15 +0530 Subject: [PATCH 33/93] Update configure-mssp-support.md fix suggestions --- .../microsoft-defender-atp/configure-mssp-support.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md index f82c9abd56..2ccb094c18 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md @@ -1,6 +1,6 @@ --- title: Configure managed security service provider support -description: Take the necessary steps to configure the MSSP integration with Microsoft Defender ATP +description: Take the necessary steps to configure MSSP integration with Microsoft Defender ATP. keywords: managed security service provider, mssp, configure, integration search.product: eADQiWindows 10XVcnh search.appverid: met150 From d57d47e6bbad71b17af6e9f3be77c177e909be59 Mon Sep 17 00:00:00 2001 From: Dan Wesley <38053816+dan-wesley@users.noreply.github.com> Date: Tue, 16 Feb 2021 10:23:18 -0800 Subject: [PATCH 34/93] update fix broken link to kiosk mode for MS Edge --- browsers/edge/microsoft-edge-kiosk-mode-deploy.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md index d906bfc6ce..7c44ef1c3b 100644 --- a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md +++ b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md @@ -11,7 +11,7 @@ ms.prod: edge ms.sitesec: library ms.topic: article ms.localizationpriority: medium -ms.date: 01/17/2020 +ms.date: 02/16/2021 --- # Deploy Microsoft Edge Legacy kiosk mode @@ -22,7 +22,7 @@ ms.date: 01/17/2020 > Professional, Enterprise, and Education > [!NOTE] -> You've reached the documentation for Microsoft Edge Legacy (version 45 and earlier.) To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/). For information about kiosk mode in the new version of Microsoft Edge, see [Microsoft Edge kiosk mode](https://docs.microsoft.com/DeployEdge/microsoft-edge-kiosk-mode). +> You've reached the documentation for Microsoft Edge Legacy (version 45 and earlier.) To see the documentation for Microsoft Edge version 77 or later, go to the [Microsoft Edge documentation landing page](https://docs.microsoft.com/DeployEdge/). For information about kiosk mode in the new version of Microsoft Edge, see [Microsoft Edge kiosk mode](https://docs.microsoft.com/DeployEdge/microsoft-edge-configure-kiosk-mode). In the Windows 10 October 2018 Update, we added the capability to use Microsoft Edge Legacy as a kiosk using assigned access. With assigned access, you create a tailored browsing experience locking down a Windows 10 device to only run as a single-app or multi-app kiosk. Assigned access restricts a local standard user account so that it only has access to one or more Windows app, such as Microsoft Edge Legacy in kiosk mode. From 3606a8850a297404cec2705bffe366a557a769f6 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 16 Feb 2021 10:23:52 -0800 Subject: [PATCH 35/93] Update partner-applications.md Acrolinx --- .../partner-applications.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md index fd47c04d4a..cf23911650 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md +++ b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md @@ -57,7 +57,7 @@ Logo |Partner name | Description ![Image of Elastic security logo](images/elastic-security-logo.png) | [Elastic Security](https://go.microsoft.com/fwlink/?linkid=2139303) | Elastic Security is a free and open solution for preventing, detecting, and responding to threats ![Image of IBM QRadar logo](images/ibm-qradar-logo.png) | [IBM QRadar](https://go.microsoft.com/fwlink/?linkid=2113903) | Configure IBM QRadar to collect detections from Defender for Endpoint ![Image of Micro Focus ArcSight logo](images/arcsight-logo.png) | [Micro Focus ArcSight](https://go.microsoft.com/fwlink/?linkid=2113548) | Use Micro Focus ArcSight to pull Defender for Endpoint detections -![Image of RSA NetWitness logo](images/rsa-netwitness-logo.png) | [RSA NetWitness](https://go.microsoft.com/fwlink/?linkid=2118566) | Stream Defender for Endpoint Alerts to RSA NetWitness leveraging Microsoft Graph Security API +![Image of RSA NetWitness logo](images/rsa-netwitness-logo.png) | [RSA NetWitness](https://go.microsoft.com/fwlink/?linkid=2118566) | Stream Defender for Endpoint Alerts to RSA NetWitness using Microsoft Graph Security API ![Image of SafeBreach logo](images/safebreach-logo.png) | [SafeBreach](https://go.microsoft.com/fwlink/?linkid=2114114)| Gain visibility into Defender for Endpoint security events that are automatically correlated with SafeBreach simulations ![Image of Skybox Vulnerability Control logo](images/skybox-logo.png) | [Skybox Vulnerability Control](https://go.microsoft.com/fwlink/?linkid=2127467) | Skybox Vulnerability Control cuts through the noise of vulnerability management, correlating business, network, and threat context to uncover your riskiest vulnerabilities ![Image of Splunk logo](images/splunk-logo.png) | [Splunk](https://go.microsoft.com/fwlink/?linkid=2129805) | The Defender for Endpoint Add-on allows Splunk users to ingest all of the alerts and supporting information to their Splunk @@ -100,25 +100,25 @@ Logo |Partner name | Description Logo |Partner name | Description :---|:---|:--- ![Image of Bitdefender logo](images/bitdefender-logo.png)| [Bitdefender](https://go.microsoft.com/fwlink/?linkid=860032)| Bitdefender GravityZone is a layered next generation endpoint protection platform offering comprehensive protection against the full spectrum of sophisticated cyber threats -![Image of Better Mobile logo](images/bettermobile-logo.png) | [Better Mobile](https://go.microsoft.com/fwlink/?linkid=2086214)| AI based MTD solution to stop mobile threats & phishing. Private internet browsing to protect user privacy -![Image of Corrata logo](images/corrata-logo.png)| [Corrata](https://go.microsoft.com/fwlink/?linkid=2081148) | Mobile solution — Protect your mobile devices with granular visibility and control from Corrata +![Image of Better Mobile logo](images/bettermobile-logo.png) | [Better Mobile](https://go.microsoft.com/fwlink/?linkid=2086214)| AI-based MTD solution to stop mobile threats & phishing. Private internet browsing to protect user privacy +![Image of Corrata logo](images/corrata-logo.png)| [Corrata](https://go.microsoft.com/fwlink/?linkid=2081148) | Mobile solution that protects your mobile devices with granular visibility and control from Corrata ![Image of Lookout logo](images/lookout-logo.png)| [Lookout](https://go.microsoft.com/fwlink/?linkid=866935)| Get Lookout Mobile Threat Protection telemetry for Android and iOS mobile devices ![Image of Symantec Endpoint Protection Mobile logo](images/symantec-logo.png) | [Symantec Endpoint Protection Mobile](https://go.microsoft.com/fwlink/?linkid=2090992)| SEP Mobile helps businesses predict, detect, and prevent security threats and vulnerabilities on mobile devices ![Image of Zimperium logo](images/zimperium-logo.png)| [Zimperium](https://go.microsoft.com/fwlink/?linkid=2118044)|Extend your Defender for Endpoint to iOS and Android with Machine Learning-based Mobile Threat Defense -## Additional integrations +## More integrations Logo |Partner name | Description :---|:---|:--- ![Image of Cyren Web Filter logo](images/cyren-logo.png)| [Cyren Web Filter](https://go.microsoft.com/fwlink/?linkid=2108221)| Enhance your Defender for Endpoint with advanced Web Filtering -![Image of Morphisec logo](images/morphisec-logo.png)| [Morphisec](https://go.microsoft.com/fwlink/?linkid=2086215)| Provides Moving Target Defense-powered advanced threat prevention and integrates forensics data directly into WD Security Center dashboards to help prioritize alerts, determine device at-risk score and visualize full attack timeline including internal memory information +![Image of Morphisec logo](images/morphisec-logo.png)| [Morphisec](https://go.microsoft.com/fwlink/?linkid=2086215)| Provides Moving Target Defense-powered advanced threat prevention. Integrates forensics data directly into WD Security Center dashboards to help prioritize alerts, determine device at-risk score and visualize full attack timeline including internal memory information ![Image of THOR Cloud logo](images/nextron-thor-logo.png)| [THOR Cloud](https://go.microsoft.com/fwlink/?linkid=862988)| Provides on-demand live forensics scans using a signature base with focus on persistent threats ## SIEM integration -Defender for Endpoint supports SIEM integration through a variety of methods — specialized SIEM system interface with out of the box connectors, a generic alert API enabling custom implementations, and an action API enabling alert status management. For more information, see [Enable SIEM integration](enable-siem-integration.md). +Defender for Endpoint supports SIEM integration through various of methods. This can include specialized SIEM system interface with out of the box connectors, a generic alert API enabling custom implementations, and an action API enabling alert status management. For more information, see [Enable SIEM integration](enable-siem-integration.md). ## Ticketing and IT service management Ticketing solution integration helps to implement manual and automatic response processes. Defender for Endpoint can help to create tickets automatically when an alert is generated and resolve the alerts when tickets are closed using the alerts API. @@ -131,12 +131,12 @@ Defender for Endpoint offers unique automated investigation and remediation capa Integrating the automated investigation and response capability with other solutions such as IDS and firewalls help to address alerts and minimize the complexities surrounding network and device signal correlation, effectively streamlining the investigation and threat remediation actions on devices. -External alerts can be pushed into Defender for Endpoint and is presented side by side with additional device-based alerts from Defender for Endpoint. This view provides a full context of the alert — with the real process and the full story of attack. +External alerts can be pushed to Defender for Endpoint. These alerts are shown side by side with additional device-based alerts from Defender for Endpoint. This view provides a full context of the alert and can reveal the full story of an attack. ## Indicators matching You can use threat-intelligence from providers and aggregators to maintain and use indicators of compromise (IOCs). -Defender for Endpoint allows you to integrate with such solutions and act on IoCs by correlating its rich telemetry and creating alerts when there's a match; leveraging prevention and automated response capabilities to block execution and take remediation actions when there's a match. +Defender for Endpoint allows you to integrate with these solutions and act on IoCs by correlating rich telemetry to create alerts. You can also useg prevention and automated response capabilities to block execution and take remediation actions when there's a match. Defender for Endpoint currently supports IOC matching and remediation for file and network indicators. Blocking is supported for file indicators. From 6767be310d6300de5ddf7ab5f11c3b10ec619305 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 16 Feb 2021 11:40:28 -0800 Subject: [PATCH 36/93] Update ios-terms.md --- .../threat-protection/microsoft-defender-atp/ios-terms.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md index 3f8377cefd..91470a29b7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md @@ -26,12 +26,6 @@ ms.technology: mde [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] -**Applies to:** -- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) -- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) - -> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink) - ## MICROSOFT APPLICATION LICENSE TERMS: MICROSOFT DEFENDER FOR ENDPOINT These license terms ("Terms") are an agreement between Microsoft Corporation (or From 9dcef5091551fcbe64e0158a4c57c0cf8b8f1d20 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 16 Feb 2021 11:49:32 -0800 Subject: [PATCH 37/93] Update ios-terms.md --- .../threat-protection/microsoft-defender-atp/ios-terms.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md index 91470a29b7..aa2cb53ec8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md @@ -26,6 +26,7 @@ ms.technology: mde [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] + ## MICROSOFT APPLICATION LICENSE TERMS: MICROSOFT DEFENDER FOR ENDPOINT These license terms ("Terms") are an agreement between Microsoft Corporation (or From 46d09cb951ca2cde417a9072cda57a6a7223c20e Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 16 Feb 2021 11:55:47 -0800 Subject: [PATCH 38/93] close bracket --- .../threat-protection/microsoft-defender-atp/isolate-machine.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md index a052275ba6..a8a4b7a434 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md +++ b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md @@ -31,7 +31,7 @@ ms.technology: mde [!include[Microsoft Defender for Endpoint API URIs for US Government](../../includes/microsoft-defender-api-usgov.md)] -[!include[Improve request performance](../../includes/improve-request-performance.md) +[!include[Improve request performance](../../includes/improve-request-performance.md)] ## API description From b6a539cc3c029b0ee98d39aa8c4bfca60e7ab9bf Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 16 Feb 2021 11:58:53 -0800 Subject: [PATCH 39/93] fix note indent --- .../threat-protection/microsoft-defender-atp/ios-install.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md index 3c76749068..d02a9b3d4a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md @@ -94,8 +94,8 @@ The Microsoft Defender for Endpoint for iOS app has specialized ability on super Intune allows you to configure the Defender for iOS app through an App Configuration policy. - > [!NOTE] - > This app configuration policy for supervised devices is applicable only to managed devices and should be targeted for all managed iOS devices as a best practice. + > [!NOTE] + > This app configuration policy for supervised devices is applicable only to managed devices and should be targeted for all managed iOS devices as a best practice. 1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) and go to **Apps** > **App configuration policies** > **Add**. Click on **Managed devices**. From b0f330630fc07549c6a0b3374911e53d9a910ec5 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 16 Feb 2021 12:18:53 -0800 Subject: [PATCH 40/93] add white shark image --- .../images/white-shark.png | Bin 0 -> 2874 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/white-shark.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/white-shark.png b/windows/security/threat-protection/microsoft-defender-atp/images/white-shark.png new file mode 100644 index 0000000000000000000000000000000000000000..ac5c199599c4d6f797957412107f49d827e68269 GIT binary patch literal 2874 zcmbW3i93|t8^<3aGh|H^V;LES$`VOK*0BtlQr41W8Ai;QF_ux;mn1@@Vp7wHtQ8W% z$ZN?`S*C~~%P3nIk_!DEz1Qy_c(3c6=UnG=?&nFF|&KUy4nsHrPOetX+cvKnk&4c`&Dymp~{$!JM!V;P8q`ii?PL!dZWjg$uZWKsG{!+5f z#cfkX3O>*WIPyaj3XVXxN6rv&l(36rAK-k@pKWuYzmwyGy#g+RrevUoS#=Y{kZtUI zkxal7d;zBHbP~t}{{26M?BxS|{}VU&e=~DpV4x3y0<3l4ZUWiPZ8HZvCBO$L`qrlk z`pJ($n>vK&EzmC5?LH^p-o&p-SCZS4WvpJA@sv-hOc$A*f_>yRRSdmn5_Dt~_tB58 zTxzuUd%`dJa`Sn4w@C%3`s7@{dn3buXisZAy!n#-0p%k2)80;Z|MN~3mFn=%LjvEr zv42d@okg`@HhRN{`qI6)fit4%MCt4JLEwD59B+v&^6k}WQMLzep?Oxa6zUe)sm}5@ zfB@Yro}~=NL63i=IU+4}27(@$$Y=~5P)X*!qx@exOro{)2|GKx2PGv!i(^ec?g1tx ztj;r`p?Vb5`Mkg(&9_zv1YtqIEF=?nK&LAa z0*NCpwF!X&=GmDxwziWWUdSMxa3u{#gx<}4tnea}B@P`rxJn?y68{xgX64NzI zgoK3R+KRyKSF?0Yl%8ZC*6IQ03%5E-~iz{_@ zb=_B0T2&=kTU*<&(G9@vf~mj}+(d0h-TO!&mc{A8?E}RwEK2LeUI*G@=!csq6?K zJTU7Eqo(w3tu!s)jM_R{Op40Sja}qQSslS0JhiEfnV9&9?>Mok?!Wwj5t+~wSypb0 z;fs^OxSi(RdVx6Zzg$kl2;`vKXZtfangMU^+Qt%wQl3L*2J`O15^hZIELP@W#=L6v z`&4ysf|I+et4Lo&?IBhI(A~hMH0^yY{oS|au&yNDE8RZe;b{qA0m6yoQ6cRQ85a({ukwarybT zmaU!qq>h6Tr!=9!VJVe~-$bX+o~|-d-TfZThQb=R3&xX(PKv>BIrHSgxa$TY56M+p zdoD-nR9jtzl9d~g7-kN_Y9i(9w?+yWck7O}&(D@=ryMslgjKr)E6w!e9wo_T%Row4 z*9%YPw<*6sULS0ViW->cNoIg!kLv3U{A!Wcxl;zlQrGC$K7IOhr&UiT)jsu@YUX`I z>R~UrN4?i{eBT0qq5R1K=PaB@2L=WPp=dyK zTbt!eHo>hv^u*SDeIDA>l*ixSUlGDo<0N!*nwJT4STpE9y#{W)w$E(+8`jrdCu|)>`aX!aF@T?DT+p=-i9-9$8u0 zmY*wMIPW?GB_x_HPhi`JDt)1Vr(P};9)G6?mwE4=P3XcW3kaN1UCk}a$BlwWC)+BV#S4~+ryL8(F*LaI6M|Y{mDfPHC{E~F-cP}HVWJCQlKizXlS3Iy!Oyy&QK=$3r}*dj1|gu z4CvG;#&@uXH-G<#d(q$9%VP#Xp-_Oy=z%O!H%La`kv(_EPNl*H zSXy890+^sI4V|&o2uSROUCA*qJOeCNGoi*SC`e3N!wphb-Y@=)0j3dS453Dr&1QpJ z-qG1NR=P`*~@+1zw}Ar4`NT z%IWIz*Of7hSVfi^{#YEl3915#jRsfnsI2TzDF>m1QbDMwc=kU&@si9Dgoy}@5NfW- zQT}XQ)u&;VYIb(EK4~KUWSt!0dZm9wDp}O%^u9`1I|HVJ^PDlul1_+KG!f$~b*)tS z+Da$K0cT_f!ZeW@8i~yw=}j)?Bh}P+fQreC z#Wvoprtuvtd_Vwr#$(0;bEl_qlG4(@X|Vz=HSC4q8n3O5pQgdw9=NJ%`{I#forEK& zZk+N=N=ZawG2lJw^C#RMfjnO{owj4YzMTZW^1VGY&eFR-uR9$}T15H=2IBkrPJ>4o z5)0&X@!Lyggw%^}B3>JKi2 z>cd2q3~x?NJsD@}rm;PX=Q98RBhgJmT0%lX zOIJ7Exx#%M6yW^~<>~N3M@L8c3h(351G*@b;QcS0z4AA$(k7R~nIssvu|`o_H^6B1 zt3EqY7h>x!im!e4OnY^04fMid^-6Z1g~OV1+T^QIgz9xAODii58PAD%^5ZQSi*Pa`-leF&InG&C?&(*nUI5<1UeW6ktB^TNCVeTOXIpIMtf%{*22L>cpTje{i z6zIn)g6qCWp-7%BlbW2I^z-+RedC>(ud>>cI{EUw-h?jNBD3mQ0lJ{U>{ADe#p3$T z6k-d_iA2p06&Exs?pQwJ0cz8@vK^$nk0FT;Ig|R^xk#Ha$Q(!!h!eL?Bg#t5eJHyX z~0GY_N)hLvs9D7)j>8 zk0emZ|I%4cm6~k~J1S4rdfa?zM9!S{^jq5YQ)*q|n~l5qWlf*$M<;->z@p2|JYxR` D6Bsi3 literal 0 HcmV?d00001 From c383d608bbfddb4718d3ac383b8b20ed272d8dfe Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 16 Feb 2021 12:19:46 -0800 Subject: [PATCH 41/93] add line --- .../threat-protection/microsoft-defender-atp/mssp-list.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md index d3a673d14b..d544ff9f9e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md @@ -38,6 +38,7 @@ Logo |Partner name | Description ![Image of SecureWorks Managed Detection and Response Powered by Red Cloak logo](images/secureworks-logo.png)| [SecureWorks Managed Detection and Response Powered by Red Cloak](https://go.microsoft.com/fwlink/?linkid=2133634) | Secureworks combines threat intelligence and 20+ years of experience into SaaS and managed security solutions ![Image of sepagoSOC logo](images/sepago-logo.png)| [sepagoSOC](https://go.microsoft.com/fwlink/?linkid=2090491) | Ensure holistic security through sophisticated automated workflows in your zero trust environment ![Image of Trustwave Threat Detection & Response Services logo](images/trustwave-logo.png)| [Trustwave Threat Detection & Response Services](https://go.microsoft.com/fwlink/?linkid=2127542) | Threat Detection and Response services for Azure leveraging integrations with Sentinel and Defender for Endpoint +![Image of White Shark Managed Security Services]() ![Image of Wortell's cloud SOC logo](images/wortell-logo.png)| [Wortell's cloud SOC](https://go.microsoft.com/fwlink/?linkid=2108415) | 24x7 managed Defender for Endpoint service for monitoring & response ![Image of Zero Trust Analytics Platform (ZTAP) logo](images/ztap-logo.png)| [Zero Trust Analytics Platform (ZTAP)](https://go.microsoft.com/fwlink/?linkid=2090971) | Reduce your alerts by 99% and access a full range of security capabilities from mobile devices From c70d169ac3d7714f94bd58ec3bb6fe04b4165fa1 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 16 Feb 2021 12:21:51 -0800 Subject: [PATCH 42/93] add white shark --- .../threat-protection/microsoft-defender-atp/mssp-list.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md index d544ff9f9e..fba0f03552 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md @@ -38,7 +38,7 @@ Logo |Partner name | Description ![Image of SecureWorks Managed Detection and Response Powered by Red Cloak logo](images/secureworks-logo.png)| [SecureWorks Managed Detection and Response Powered by Red Cloak](https://go.microsoft.com/fwlink/?linkid=2133634) | Secureworks combines threat intelligence and 20+ years of experience into SaaS and managed security solutions ![Image of sepagoSOC logo](images/sepago-logo.png)| [sepagoSOC](https://go.microsoft.com/fwlink/?linkid=2090491) | Ensure holistic security through sophisticated automated workflows in your zero trust environment ![Image of Trustwave Threat Detection & Response Services logo](images/trustwave-logo.png)| [Trustwave Threat Detection & Response Services](https://go.microsoft.com/fwlink/?linkid=2127542) | Threat Detection and Response services for Azure leveraging integrations with Sentinel and Defender for Endpoint -![Image of White Shark Managed Security Services]() +![Image of White Shark Managed Security Services](images/white-shark.png)| [White Shark Managed Security Services](https://go.microsoft.com/fwlink/?linkid=2154210) |True expert approach to cyber security with transparent pricing on every platform, mobile included. ![Image of Wortell's cloud SOC logo](images/wortell-logo.png)| [Wortell's cloud SOC](https://go.microsoft.com/fwlink/?linkid=2108415) | 24x7 managed Defender for Endpoint service for monitoring & response ![Image of Zero Trust Analytics Platform (ZTAP) logo](images/ztap-logo.png)| [Zero Trust Analytics Platform (ZTAP)](https://go.microsoft.com/fwlink/?linkid=2090971) | Reduce your alerts by 99% and access a full range of security capabilities from mobile devices From fa8337bc64246e08f058e6c2059ed801f81f02ca Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 16 Feb 2021 12:37:07 -0800 Subject: [PATCH 43/93] add sentence --- .../threat-protection/microsoft-defender-atp/mssp-list.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md index fba0f03552..46d7022fa6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md @@ -24,6 +24,8 @@ ms.technology: mde - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037) +The following managed security service providers can be accessed through the portal. + Logo |Partner name | Description :---|:---|:--- ![Image of BDO Digital logo](images/bdo-logo.png)| [BDO Digital](https://go.microsoft.com/fwlink/?linkid=2090394) | BDO Digital's Managed Defense leverages best practice tools, AI, and in-house security experts for 24/7/365 identity protection From 7b7ea02457fa36af150114064a98c72849178e1e Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 12:41:44 -0800 Subject: [PATCH 44/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...ecurity-settings-with-tamper-protection.md | 32 ++++++++----------- 1 file changed, 14 insertions(+), 18 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index a4354b5403..a4354fac1c 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -14,7 +14,7 @@ audience: ITPro author: denisebmsft ms.author: deniseb ms.custom: nextgen -ms.date: 01/07/2021 +ms.date: 02/16/2021 ms.technology: mde --- @@ -93,32 +93,28 @@ If you are a home user, or you are not subject to settings managed by a security If you are part of your organization's security team, and your subscription includes [Intune](https://docs.microsoft.com/intune/fundamentals/what-is-intune), you can turn tamper protection on (or off) for your organization in the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) portal. -You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations, to perform the following task. +### Prerequisites -1. Make sure your organization meets all of the following requirements to use Intune to manage tamper protection: +Before you begin, make sure that all of the following requirements are met: - - Your organization uses [Intune to manage devices](https://docs.microsoft.com/intune/fundamentals/what-is-device-management). ([Intune licenses](https://docs.microsoft.com/intune/fundamentals/licenses) are required; Intune is included in Microsoft 365 E5.) - - Your Windows machines must be running Windows 10 OS [1709](https://docs.microsoft.com/windows/release-health/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-health/status-windows-10-1809-and-windows-server-2019) or later. (For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information).) - - You must be using Windows security with [security intelligence](https://www.microsoft.com/wdsi/definitions) updated to version 1.287.60.0 (or above). - - Your machines must be using anti-malware platform version 4.18.1906.3 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).) +- You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations. +- Your organization uses [Intune to manage devices](https://docs.microsoft.com/intune/fundamentals/what-is-device-management). ([Intune licenses](https://docs.microsoft.com/intune/fundamentals/licenses) are required; Intune is included in Microsoft 365 E5.) +- Your Windows machines must be running Windows 10 OS [1709](https://docs.microsoft.com/windows/release-health/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-health/status-windows-10-1809-and-windows-server-2019) or later. (For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information).) +- You must be using Windows security with [security intelligence](https://www.microsoft.com/wdsi/definitions) updated to version 1.287.60.0 (or above). +- Your machines must be using anti-malware platform version 4.18.1906.3 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).) -2. Go to the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) and sign in with your work or school account. +### Turn tamper protection on (or off) in Intune -3. Select **Devices** > **Configuration Profiles**. - -4. Create a profile that includes the following settings: +![Turn tamper protection on with Intune](images/turnontamperprotect-MEM.png) +1. Go to the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) and sign in with your work or school account. +2. Select **Devices** > **Configuration Profiles**. +3. Create a profile that includes the following settings: - **Platform: Windows 10 and later** - - **Profile type: Endpoint protection** - - **Category: Microsoft Defender Security Center** - - **Tamper Protection: Enabled** - - ![Turn tamper protection on with Intune](images/turnontamperprotect-MEM.png) - -5. Assign the profile to one or more groups. +4. Assign the profile to one or more groups. ### Are you using Windows OS 1709, 1803, or 1809? From 9c48461d03c697318939897af63a04e0513f08f3 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 12:44:51 -0800 Subject: [PATCH 45/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...s-to-security-settings-with-tamper-protection.md | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index a4354fac1c..ab3f0c575e 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -123,9 +123,7 @@ If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release #### Use PowerShell to determine whether tamper protection is turned on 1. Open the Windows PowerShell app. - 2. Use the [Get-MpComputerStatus](https://docs.microsoft.com/powershell/module/defender/get-mpcomputerstatus?view=win10-ps&preserve-view=true) PowerShell cmdlet. - 3. In the list of results, look for `IsTamperProtected`. (A value of *true* means tamper protection is enabled.) ## Manage tamper protection with Configuration Manager, version 2006 @@ -135,24 +133,17 @@ If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10, Windows Server 2016, and Windows Server 2019 by using a method called *tenant attach*. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver your endpoint security configuration policies to your on-premises collections & devices. +:::image type="content" source="images/win-security- exp-policy-endpt-security.png" alt-text="Windows security experience in Endpoint Manager"::: + 1. Set up tenant attach. See [Microsoft Endpoint Manager tenant attach: Device sync and device actions](https://docs.microsoft.com/mem/configmgr/tenant-attach/device-sync-actions). - 2. In the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Endpoint security** > **Antivirus**, and choose **+ Create Policy**.
- - In the **Platform** list, select **Windows 10 and Windows Server (ConfigMgr)**. - - In the **Profile** list, select **Windows Security experience (preview)**.
- - The following screenshot illustrates how to create your policy: - - :::image type="content" source="images/win-security- exp-policy-endpt-security.png" alt-text="Windows security experience in Endpoint Manager"::: - 3. Deploy the policy to your device collection. Need help? See the following resources: - [Settings for the Windows Security experience profile in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/antivirus-security-experience-windows-settings) - - [Tech Community Blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin) From afe522d54941bb0f10e0c0f52b3d90f2c95f4fed Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 12:45:57 -0800 Subject: [PATCH 46/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...changes-to-security-settings-with-tamper-protection.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index ab3f0c575e..503295678a 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -235,8 +235,6 @@ In addition, your security operations team can use hunting queries, such as the ## See also -[Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/intune/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune) - -[Get an overview of Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) - -[Better together: Microsoft Defender Antivirus and Microsoft Defender for Endpoint](why-use-microsoft-defender-antivirus.md) +- [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/intune/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune) +- [Get an overview of Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) +- [Better together: Microsoft Defender Antivirus and Microsoft Defender for Endpoint](why-use-microsoft-defender-antivirus.md) From 4e58545358194d63602faa078fc5a4b9bf315fb6 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 16 Feb 2021 12:58:48 -0800 Subject: [PATCH 47/93] Update delete-ti-indicator-by-id.md --- .../microsoft-defender-atp/delete-ti-indicator-by-id.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md index deac1f5953..82e098b761 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md +++ b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md @@ -29,7 +29,7 @@ ms.technology: mde [!include[Microsoft Defender for Endpoint API URIs for US Government](../../includes/microsoft-defender-api-usgov.md)] -[!include[Improve request performance](../../includes/improve-request-performance.md) +[!include[Improve request performance](../../includes/improve-request-performance.md)] ## API description From c40a2e7c61c5ed467a7398f8e45cc9eb763599b6 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 13:07:50 -0800 Subject: [PATCH 48/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...ecurity-settings-with-tamper-protection.md | 20 +++++++++---------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 503295678a..80e3c1dda4 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -57,16 +57,15 @@ Tamper protection doesn't prevent you from viewing your security settings. And, ### What do you want to do? -1. Turn tamper protection on
- - [For an individual machine, use Windows Security](#turn-tamper-protection-on-or-off-for-an-individual-machine). - - [For your organization, use Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune). - - [Use tenant attach with Configuration Manager, version 2006, for devices running Windows 10 or Windows Server 2019](#manage-tamper-protection-with-configuration-manager-version-2006) - -2. [View information about tampering attempts](#view-information-about-tampering-attempts). - -3. [Review your security recommendations](#review-your-security-recommendations). - -4. [Browse the frequently asked questions](#view-information-about-tampering-attempts). +| Task | Link | +|:---|:---| +| Turn tamper protection on for an individual device | [Use the Windows Security app](#turn-tamper-protection-on-or-off-for-an-individual-machine) | +| Turn tamper protection on for your organization | [Use Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) | +| Turn tamper protection on for devices running Windows 10 and Windows Server 2019 with Configuration Manager | [Use tenant attach with Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006) | +| Turn tamper protection on in the Microsoft Defender Security Center | | +| View details about tampering attempts on devices | [View information about tampering attempts](#view-information-about-tampering-attempts) | +| Review your security recommendations | [Review security recommendations](#review-your-security-recommendations) | +| Review the list of frequently asked questions (FAQs) | [Browse the FAQs](#view-information-about-tampering-attempts) | ## Turn tamper protection on (or off) for an individual machine @@ -146,7 +145,6 @@ Need help? See the following resources: - [Settings for the Windows Security experience profile in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/antivirus-security-experience-windows-settings) - [Tech Community Blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin) - ## View information about tampering attempts Tampering attempts typically indicate bigger cyberattacks. Bad actors try to change security settings as a way to persist and stay undetected. If you're part of your organization's security team, you can view information about such attempts, and then take appropriate actions to mitigate threats. From 57ceb89b659c50facec08994ad70fad60e063987 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 13:16:38 -0800 Subject: [PATCH 49/93] Update defender-endpoint-false-positives-negatives.md --- .../defender-endpoint-false-positives-negatives.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md b/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md index 78039bd903..2016a7df22 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md +++ b/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md @@ -17,7 +17,9 @@ manager: dansimp audience: ITPro ms.collection: - m365-security-compliance -- m365initiative-defender-endpoint +- m365initiative-defender-endpoint +- m365solution-scenario +- m365scenario-fpfn ms.topic: conceptual ms.reviewer: ramarom, evaldm, isco, mabraitm, chriggs, yonghree, jcedola ms.custom: FPFN From e0527cc5f46137a319765b49e676fff1182eaf24 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 16 Feb 2021 13:22:27 -0800 Subject: [PATCH 50/93] Update common-errors.md Acrolinx --- .../microsoft-defender-atp/common-errors.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md index 45c2995008..60e31e7900 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md +++ b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md @@ -23,10 +23,10 @@ ms.technology: mde >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink) -* The error codes listed in the following table may be returned by an operation on any of Microsoft Defender for Endpoint APIs. -* Note that in addition to the error code, every error response contains an error message which can help resolving the problem. +* The table below shows the error codes that may be returned by an operation from the Microsoft Defender for Endpoint APIs. +* In addition to the error code, every error response contains an error message that can help describe the problem. * Note that the message is a free text that can be changed. -* At the bottom of the page you can find response examples. +* At the bottom of the page, you can find response examples. Error code |HTTP status code |Message :---|:---|:--- @@ -48,14 +48,14 @@ DisabledFeature | Forbidden (403) | Tenant feature is not enabled. DisallowedOperation | Forbidden (403) | {the disallowed operation and the reason}. NotFound | Not Found (404) | General Not Found error message. ResourceNotFound | Not Found (404) | Resource {the requested resource} was not found. -InternalServerError | Internal Server Error (500) | (No error message, try retry the operation or contact us if it does not resolved) +InternalServerError | Internal Server Error (500) | (No error message, retry the operation) TooManyRequests | Too Many Requests (429) | Response will represent reaching quota limit either by number of requests or by CPU. ## Body parameters are case-sensitive The submitted body parameters are currently case-sensitive.
If you experience an **InvalidRequestBody** or **MissingRequiredParameter** errors, it might be caused from a wrong parameter capital or lower-case letter. -
We recommend that you go to the requested API documentation page and check that the submitted parameters match the relevant example. +
Review the API documentation page and check that the submitted parameters match the relevant example. ## Correlation request ID From d798d5e14653e3250317e585df8902644f9ac46d Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 13:26:22 -0800 Subject: [PATCH 51/93] Create mde-turn-tamperprotect-on.png --- .../images/mde-turn-tamperprotect-on.png | Bin 0 -> 92380 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-antivirus/images/mde-turn-tamperprotect-on.png diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/images/mde-turn-tamperprotect-on.png b/windows/security/threat-protection/microsoft-defender-antivirus/images/mde-turn-tamperprotect-on.png new file mode 100644 index 0000000000000000000000000000000000000000..f7fa41a4acada208ac1c326dbce85ba34e3b14f4 GIT binary patch literal 92380 zcmce-Wo#Tx&@gCbX5N_Xm?36}W9B$!W@ct)W{N5Cnwgo|F|L_0W@fg}$&*)l_35Ph zb9W=Hc2r$c-BnXv)HUH><;0N@2oS))z>p;+M81K6L8^g)fq#aBd58QAUUhx{gSV4V zcLW2YIQa7e|4OlU{|i||P)B**p(uZ$4#xU_P(L`CTN{IY zx~=Ke4+k)R(3H%btc<~mPN%5Bz&?OU ziU=vWWgf4(IuXsTzFpi|sh-Uyl$(4iZ5mpwvD((589>wU`wW*SlpQDK6B~{RM;iAv zfzRp7Ap7>3XR2p%nZb?8O-<{PK&RmE2zc&`J+7~#|K3`eKX1Wi5?}O0Ru`sIs-S$X3?Fp(^>2>dvg#JN%2YWH_KcDxS0;CaB z{z2Trq3Hjk6LgLNul64r+$QD!qC%ku{|_Toq6_0622;Er<-d7!$iSult))!_;{T3t zf;3UpidqY=nXM(T9f;WaG7j@7~X8el%nS6RWC)kd3(&4^MLEG$bSCG%XAUblE_Sj7Q9Y!J-*mOFs zc9xY!M_j5DEbDfG`}G~Cca6mV@b_IBt%}IX`vsNn{vH;}C~EJ!<|%p4Iu_qj zu5hgPdN?M!MJGZ^+MJLXJqHnoMx+p#^ijGU^WSps4cbVm4kI`nrZBp#Rb`t$Xo2Ge zYz-qkauT+9n4ht3D_lc`K;_K$uPdQxj2=&M&RIGw3>Mc-aS0Ad}Jm z65B3x0XliU^yIwA=(OSUHI_To9)AX`_h*`8rZd|^)b6eR8aa~g_>GSJk0))nc4#`A zedkf)+BnthXYP()fcwq13#gZ6!V0BZ?{mDn3E%X|=VkZ(i<~W6OFdBM>#+P8?>Ht? zTTj_2*nrj(W;VWCQhp`h2q-N5`OK9{Z}MRH7&l~dH|KmNE}rl1($WbwcBiAY(4dBJ zND37ubD`YCV^n43u(`d3$fZRt`TQBvH@6pmf*+MXA}2pPm`QNBx3jG8`ciWx3D?=f zn)gWO-uL-FJlRODGdlF`5)tAP|M6N?!ULi}ZcR-_Tc%?#`P_*|;uFa|TR}JH`3B&O zOyVf_avx`DNy9F|WwYJzKW4*hu_|HdDL?qbzTRVvi{qaEvOP1ns=@cVi&;+NcE=*k zSJg-(3M${DGz zEzF^#aHXkkj`zA=<8{leZFYH_xw1K{`3X9lJgD1qo=}`Tx~Z!_`N?}d@w}5dkKyJq ze6Hkc^LT1|e;=ZX(RyN;`i zZ-$O%XiAkAjzF#7^)zRYY$hvq<1%?-%zviq0@+n^`~ebUplV~W(e0)9jkL@V^~%?Y zw{h*pQUzeaWy?UVIp-x)%$BMv;Kca8(+tEM=4YFeQf)TXMh+fIJs7z7{YLz65_#*? z?L3wEY+!fg8C%05mUnuX_(C&mvK%?Iz@d-{1{Y@VmIz~}PQmSJZ4bngU`_1L?sl_~ zRlU8MA44*RPHlU3x#k1%IS&r3t#j+jb^_Wh>Is@*|1+RrwoTIPs5l##-D%B&`oHU% z%hc=Qa9!5Nb?O{cIk>5LZzs}GQV|1LOKJR?4@1f zQ|w{)M3R)&J#{GSHTfD7m}e+-B=Y&m?>>;pBjsK^k!e#AQM5dmm>_`fF#R=@ifYvn zH8S>9(8qqT{J8yvsz4^Q>%Lo3r@Zq&AF=hz=>THRT%%LX#OH4BckIYEr(j2{DZo92 z1t1_=(iwmQo!Xw}%m08^Qj(kPnv*0~O3LGb*MSSgbf%z;njIN2_fuh9kOIYHl@S60 z>E3H;OtA#vFqlcyM0-q7H+nB{UUxIg^>rYDQ`hMJI^!WH=Pj=6JW}}kzxgw^6JX2O zATS26+B0@*UO>r2MKuZEjiE$CX-_S5JYVMfjxwA0_VTfzv7%9Q1v?QDzX_BASACb^ zzXQ zuUn=!MU^j__-P_`6~(p`?cG;sG|ni+W+BnOh{@3-_lqy8PC0{kD1(=a%h(Osv*lz- za8IvNomDP2VID{oDI zIa=FToX0`uxF!&zyoZS6e9;IIpFJO9@)=9ndaN~e8 z1tz%``z4-ccU*#?(M*HBU$!ebxp$p(8PvOPo|xmik0BfF%bzz2zJzC)!d6r{T5W6c zJsKJcI zIah13xr;-u?Lbzf#G?e&SoUDedi(fYrJ#_O3=${bIo{PJ*=O9|n|WE|6T`F1UiaGY zOUd8kZ&?$WoAF$ut4_`t6B)45{Wd2BwIdGQD{7{x>8%Hc0*&-WlSHrQtqwj{3v|!t zF)w-4A_ht;X|v3`K6^SXp0DAvyN8;KdOwWM97sG*Kk3LG#m4Hy0-vy=$GLnShT4(N zFK$6N|CvZF$vS9g=uW{aqpiO1H)nr+$zEDK?g*b3GWhFHTex^%ydLdrUb+LH4_`GU z;abkc3VysUjy8KBRCm1l)^m6`a>p4ZlKY#=bbk8NfQM28HgRTlN(j%&;2*Dn>0J8k z3a=WUNqIc6gcW-Z>X+aoe;G{mfkf^t?bPU@s89{A&xs)9?ilJcJ>jE>`|j=2@3rmZ zlOk5FC~3GOLA|vX^WbJ-!+0atrD7OG&IYa)VPiytsJ<7L1x79R=jE{=3c24);l+M{ zMW9$bmVVEnodE(ICEXj3&&`o8vjFAqPJxDh&VX)WcPwK*``%_x68*l4^FPRoZPOo#zXq&(p>-g|;IkrwoB;95@d_%ms*WqT238vf_2s5$ie? zMECC*jH*}ioO7%Y(&GkCt)?St}B9qy~_Fh)SAq>Uqfv&HuN#iQv_8B2&`xg!(A7Pd)xIQeiX&MgDKn z|L4f||Fe+!|8K(Yse(NhQEDm4moO$Fg(Rl-tikOI2kXCr=z|6yF{#zAco$IzRA{e% zNr|o-Z9`y(kdprOtXp(c;L>5XaM5Cc zvlhljbLH&p?3vyx3kx)kI)5VsFVWvr$fO6Ud5xK~f1ltF3oa>X(yEZwBL8Fe!)*T!MZa^+!^6Xz zF=ob|!%tH*xZQ2WjzK{1h&?O!camlCcY3;p1koWC6^w_6@8Oid)5PM53nm_(gqj-O zFI6SM|Hu*ko9SJMtG-BT5xGNN|K)k9X)^48h5C;7zg7MB5oT2;zfv-`#(|1gNTGd_3e6s&uMyp zBmr$T#YB!sP$ETnm*`*WnCaLLTc+5$wxim4&-+sGgzoz`h6f>|!E+c<G+lo>UcH;S^E=;X#FxA$_h($rO~=Qb`+M-;nT;Bni*hMt zi?Xp8Vz0-Rcsw7{9w7m>t=w^KNi+==>awKD>2}`h9AnfCwFcg#SuJn~CZopt zV7?Z2m8PmdL1E03;}vV;+mpmDph(BZ)CPO+Dd|Fly#pN>aw@eswK zrZDheetZDdPJOwktgN@-@EkdYjD;~%F&J=uf3zGfMI2VWhbRBs5C?dEpzVqA9>rwJ zHd;C6g**6YdQu8dSTotU0K^p9%zN^^48ZhEJ21Nt@5aCJ4>19>{a(*KULVEa$zcx6 z4@ktjuc7A3Rz*rNA{wsVNt$rR6zb?j#BMqO2>!g`ciqC?kFbfd=RMi~#0cRX4d#?$ zvl*YWKFq+WJE85X7B;pxzHHku0^&&istftr4W3yd(DzGw2k#kTGL+&yXL7x49n9YQ z+5AGg*cs!}8jWq+Il9Rx_{9t99yZv3NvD7JMRbEOs-ZoVW&Mp8alI`ETw&O2?{+zz zhcD4z@&(k0Q`6c+kZK@8&Q_1`-`Hu$VI73z~M$R2Qc3>egR!&`;A<4 zZyUZ%%}PsrVSVZ8g$p0uFhzZdKZ_;)9NV0_-$aw}cvH_2d~?-p=Ad_Q^0T-)G^mdv zm%Il)Tw*&ERd5X1@LQGUC{*Dto4y1V7%`>h{Y&Lr>RkiTUjp)ju}j zeLF>JgS4UQS%jNS++gJS@3^2BeMto=gND=uw*tKFZ3Q^r`QZ-OR4 zLn35<)gN=@SVCAl4(T1XAtv!!rHs1^?5P#lT)c9IF{uxPs7q@GUi+C(UMusuPp+1@fLl^ZxO1 zUST0@^lq(SWJ!quI{`c@syI+#^2oRf=dV`TF0{E{Ee`&Aez=<8=%rVy+HjZ=hr6I$ zwBjf!DKRrM`&{^R3}fE7Ec^L0n7O(6ejS0A*GosP#^2ZBRr{~{brt!~e*K@m=C8*5 zzg_+M->$r6L>rv6uTfF9FwrCuu~75IV-aD)bS4hX>O&XJeEgr?d@=i{w019LU0QQ_ z+bzeTtVUy99e9LsECTMUi%h=lot{oIL@XQ#cQvaMK>XKxX-T}hf-SmDr&7L_=HO0i z^ZdbMm~se${?_#`B?yIteWUFp99VZ%n?dQWD9)F@^L@-@YlD%ze|>UO+I1HC7cB=8 z?ANNF!O)i952{v{?vV4`HV1(L)6Hsi z4E4*?$mauj-`z@i!QNM%k(~yyQN~nE?ih_G{g*jmF@cGMTW1){N1M` z=gjfcqTJ|ifXvDaKaKNycQ|QIC*!S!&b=L^c8)LNyB6w#ACS=mHRYAbB^SEZZQB>? zo%=Lha$30GF5z`>(%%P&_CBUJvG9fg7|r!|;%%7CXv*r&LDi@7Wk;Js1+I%)CgfD? zaP76h<>Dnxx8J!bVCdG$&*oz?dKz^Kc@GF)O?B1|=0m_IT^yK#8T?0yl3`*L%hole z$E*0r>KMvA4zzDI`H(W45rwUI-QLDH?FUu$+x9}EWF~7p7bC6sR)o~HKG-x}@O-&p zjNquu@6P>sxq%K5GOlOP5RJO78AxZ$dZ)vNFzwzMak>;pRC3%kt01ReoP6PUW@6<4 z24=i0XtdZsb{%fm{8UhCwpgErx~3N9qlb7{ClmE5gf#riKgD3qrqXECnGN28f3$*t z8W^$*QtU|POgZf-xM%elKZ%lp&u!fWdm14;D6^zyHO1@b?!JG7^=pp_J}alNzC1w+ z|8%1~Zd~xQ0Zv$peSDjjYiXlrMWydTjFZjw1zbHIrfYOA_^hh5N7A57uwcVy-!IWP z`C9DVD6nr@F&b=Y(iQcDqO;i=T9o|y?y6&In;%)G;Mim%h0!YL6Cb-?`lF>iA-nX$W$ZwBM2yEs4rqkP4Vn4Dfq9DwS zDQ2u)S5$5wSbCRo%Wq#-Wqt>~l=bl`r9(n{=tD)ifIr%-tezKvc_8aBi9mJ`Gbf$S z3v5Q~Ba8K;(^i?dyYVKB77fwkIlqe4ncmEGb*7syc&B@7P<0}r-Kl%zY$&7EYYhj{ zCSXE9RD6a8A>oEz=bkj{qtcn?uL6rS{xjY@%h>bBslXtry@c#fVaMp(5;4;?76&L6 z^m?TlW3^`t`72umC;RV}YE3TXw)j+>6RJWzgv2WY^|#$pqQlz_8=j%73EwadYbZ(k z?jMKe&YV@pJF48p1DJq3K~2usW`9}Blxor6SM96DNskVgrnLUSSpgRQAV{eB?BYoA}sg-+N{C%Q$&8~f>uEmFdvb~r# zwAZQ<_&S8;Qii&_mT=_#r^nJF8d8@&3XGTWS=;@45LSn-MB=n$e+}ot0^Vp^rk>Qi zO}@zh@#uK?<*8@$x5d_CRc9nlt>?-wK(;MY)=c++%1Zchm@l$CF(iWHVb5nQJd9v) z6ap;Z>!iKmQviL>;9m@#O)1BEA6ENL=TSi$b(m=Q-AxCI!{dlRgJ&VK?Ew}yJBWfu z?wJ&=L1l>m({;4GWlFJ+lu!vQpe)H#fK6%5h6 zpR}>O&Ulfc{Y1R!80d)oB0%%8U3!qn!6W-{BxCX>(cEVr&1kw$mFabzgAz(ezA@P3 zPQ#$Hb@hiGQxNg47nbp+3d-U8lk68ZT)61N-)2hmOxLDyG34Yi+okN&E_(!&UW&1@ zvkZ*@@ZOE`2L`n-VbW#OhcI`A>vz|>7oWdWW#@hE_0@8|b_c?`sPQjon;vfGHN!t6 z`{3HVA71?E2Gowll$gQElMF!lq;Dk&u!gWGnuu}&Eb7_ifa5s8R z&ZIx<>6XT=0)Ncv+*e9L_q=$01v^GLX0%(fUhqUVLLw0tdUZ2de>L=ZSytaT95{5^ zbm0ag#|I{GxA{Vbl8dnx{s1t{wwmwTP?OR^WaLtQ*wWf(Hb>TT-BkI|GvVanCxtB= z8#qwG$iwb~8&WF2d1m?<+RB9uMILufhtsD+0O}#zoyn%mG^9gB2xvdKTG2a?=CdYf z#>uPW9WonAB-3WWvj}N;-n6<=wSC=W@7Wa-A;1&BW^Jw!2;aUMt{JQcAQvbkjGHdt z>td<|3{B1FY`moq^?fcm$;6>J!zR zpoXE}HyAl}HFNIk6Th>zbTVwb@$!U7!5AOSfUVt&#$D7oIDUWE)YrzoYT9IqjrQZ~WXOe6St6H*R zZgCC?GR&<{Og^uf)nEqh^DQpSD=RD5&9Q%5wIHRZP3{_SwxYK#C@l?c=eCQI4=}Ly%g`;vAoV2*_@TMu#W~HJ7(=2v5Q2d1O zLsb3Kcf1i&YPGD<^jD;aD^~FmU;F<-1r!B?>`>p=o*hN|M;wV+@HIE)9Nc<;@C|i*(#-e-kzF!mkRa)ZFMn3i1kgl%Am&dvc zJp2;aH??mt*SxERI`Ud?uYG-aEPI2ldW_nGHNATwG)hSR6nS}=KfpWFj1n-&z$YJr z;?uIj2Fwgj%UyGcd{f0=uRrcCbjyrMgMHwj3~%}X{S6Kx>3@0w*2BCyIO(!tb9@7+ zUtd|N$G~OUjaiccf+K7b))XE?dRxz6y`N3;ZZF3P&p=pwX`VKKv5w%_t9_vSBnDeb zhWMRue`;S6I|MQq0sW_=`;jx>!P29QG_UnfLE67iW8aVUrD?DBCImf&T>sQ*YZ>2b zcta+&3d+i&!orX|tETJU4qRH{;ov?nFd%2Cyj$&c(~2_&0Ljtr?cL$Nvs)Wsozi5B z@~ewB(p~JsU19jD3n!*d(UzVp6Ad%%SPo_5-QZgrI`YU}g~32!LyS4B?X;#NBiO>CJZLDz|B55DxCzj#Z zJZ8wjBae2%DlEIw^VG3&q@%sw1@I2s@-4gK=d&df6cx><-F1iJQ3=GR_fzjYq#QY? zZ~W0GIP5&WkJJO%9jT(dO-H9)<|^6;Q%36PxDsggVa_;D$`B9vGN0!2M7=n zW17?blR2()sk(H1({w+JFI-$cp_;^Psq2U$a)g|hm)%?Mr*F;AQdEI_A%A`wBhZZ+ zv?<6R7Q6SetJAfT*7&YDc^`_oTbggMXMmzPmCk9JwsKF^;e3jZ-jn@Z2j}!`ACY&> zYIus4-G#^9OcYbz+LpYlsC!3&+t@|Fu}Nrseg+$>Xq$-*7>4-hp_BKgBHB0Ko9tb2 zR;|Y}c+sx=lD+w5L{^k=afr!D^#Y4WPdc+%wZs-$V- zjtr^WV@OTU%53=ToNB@H+7K+Dtv{hX`I?76Pqro4y*4zPf5Sx@_npKZ6@#*T>S+UL zagj1nFv1qgH!#GsGJLb3P4B#D}n1z&;!{FTcagYDYHgl+F;P;>RQ(3_**#K z)YbEf+AhlD^&H)QMSHbN_D|Mq?$#ioOn3V_BK1K{KxJY5>d++N z*>1>+4o8J%e>|(NP6YgRH@CW#<|P3kijuyoDC=1_AOY98!dRN$*^hcnBXZpA1D7F; z<2Syx+fxG#9t{aRFLKwFxc*0E%LRwLfb7&<_l<6DHP`Z;lbzOmrA(wOJL-9PIsF^U zx4{lZK(0qA_uT#edM6B`ha+)cDeTT#+u0;Q0TE6N~1g3Gt4KXGgQ|oS{{(jbWLzgfz?G^}oaK<;z zR_XP5VDhbdO+_r-khSw^^=|P6wC?8X%@Vuf#-?c6dNJIQa$rt+EC`bEw8fYUd1<>H z*WZ1%5D4tm@1^tIE-%M^w#xl=u^l?pa_6(_duQ@`1{z${&X|}nI&*Ty+LF?np8)A{s6Nez@n1F3z*nB6yH4F+^FsiDvY8O*tl|5zqy{Nb>FjxiTW<$ z5XbrIeS72gmHk&L$>X}AwZVM1!<1OGFu%G)IAsKjFhVh>2TilRKW;~d zD`7>NevaEq?JUW%Xf$;U3-^WUeiEE_Cug)6xH#`J=P{Ynz6dL@V`II~^z=(VFneuq zZ&F8FO1%}8JhX4x#Q{L*O47XxGC+zje2yv&dkxSHl-&_8z7=6%{dBoCKWiq25_N9? zt@G{UO}@DKWFIRZp*bGCu|Eb}!k;wvbqxtiQ%LLYD;xiihsex!5EgD^wvZ+J)3@3X|Yj%GgQDBtMR3 zO(&a)od|&4`eL(`EanSnb)U7|h+=whJ~wXwGQ~=J#VhSfYA`fAFOX2qc(0q?-IK~H zyIDyiUh#qWS@`f85>X)yDU5M`lpX%h*8~+(x7#H~__1eFdv!Bc7p;*X%2bs0yZ69#bS7|Km1Y(6=Zg!1u^wN}-p4Yg{CgitYk zzd3H9qt~OYQ%<#0+upwM%V!B@b^C3HwDy?s)^==tyzGiL-PKkLUi#BYP?^R4_kaft zBOSTf?`R~1W8?KXW%_woHcoM2(581Dm3N0T1oVhuL zu0DT9#kpU8E{%uR%Y@U3eYNMZN)-7X+M4pX;@iqlpE!xJ+Gq5uoYl}?WSc_F*r_{F z)n#L4 z&F(uRY07Zy93(+m)Na!DcC~IkmgB4Fcq-PCL-iTx7-m(jXPSI~dH}k*Y=9y8HMe40 zNNmMiEvSD9DT5*#;b zKT4A5KQKEyK1;_9+S30lC!mT;J|7Q7OpJKHZiHYex zZ9}oB(9?hre6c;nvavB4vx;YkS;f(S$;OTaAXWk_{+i>bwhN(RcK)Tb<;APkX+b$G%t4p(LTWEKAS{f6(>;wyK?1(xX+S8jHKcx|VbV(RAXVUd z=>Uqzyk|sK>#r&rZKorQW=6p)r#Qv)3&h;kO|(*Zm9Lc)tcH(91}}AZQ35}XG)GpP zqHZ)14yr!BGnFi21?3+xVX1<5rFufD)?r$)rBPES}K3=#&h1z*i zt-6xH4Cw;@t;-+m^Ifi?Qe8|vFv~AUNT%I_-9I82a{10+Hru{V^8v198fGyJytb_GVD2gpA~9}dFZ$nZH#{ZE**|w z)w5+V9V6j$ z+|wwXHe|icnlg71BZH+#%uM*=5Y_XFssfti5ATX&v-IRrXbRvTl-Ea+HRvgm6glue zB}ge-jatNss2uj!{e8feb)|F1!gC&b1MRWUc*M*6^c5za=pgHwfWPqk% zchBHk>teGN17$hC$c~)R+$8u6(Q03Tck+Em;aBEXKZ)q*_KZ2Zrn2y`D3Hv=ME4Ju zTEj&GDNP2EJvqJIsv!9nmv6kKYHcov?c>Zy9=JaC-V8Dpw&a#7HU-rqa%K)BY=||J zyh}7InnAP1KPyVYgFuPl2i(Ks{KkDznO(}lijy0=3o-fcfkBL|(nr;?aq1cCg1p@C zechW*sVDh)W6`ZUP{}D@5emkrC`AJEH@Qk1PrJ9^j25EOks{6?W*!@o&WsfG(c4ML z4<1z6SV_aiTMUV4Y`dqdsL4E;fvmYtDk^npG6ihDJYf4sR8c(08{Jq$LSk~P!#sAg zCnkl>kYRmhtUr0r0)Mu&(yp}m8)A?3p)l$>=sYeWYL*m+)@<(}5qEm=C9}&{EUs3rsy8?m_Xm+Xm0FWkF#?_y5#wm%$04Ns z3jL>U6Nk$yI1m>tBVU++J9GRv!fi5#;h8lhjWL_W(5jTPCz`NBBBREP zj|1Xa1;0p78pHrPP*x)5Z)~U!RuK|q16V00L2DK9wHGuQ)9Dn2uR$!_1JQ9%O#%`hGtah^f zl)g>P%JqrF&=!+drF@WxI|-kSdeX%V(vx6mp;e!@Jf2&IBuD(mZd;^Rgny8KV3@Q7 zxvd(`Ym5dC<1sG|^tQMme?xq~r-k6f(|*CcFPN%qhGbMjRK4d%Az%GQ%ILYU>A9{R zR9v7WfuxWS$?D)-ZABA_qa(K`N;Z_0)q0hGdFw|z_ZBWUD?nC-qr&*2V}h%IRs@wX z7BqD4K3`4BY-onR&0LwbRB$Pvclt5QHK4M8dU|yD&?F&Lo`SO~IT%pZe+>Gej8*3W zS+Tp_c5%Vj1B=ZpAQ&2<9l5AwEc|J{#%+<~`P&t~AS-dALVvLZGXX!*LQPl?jzkQi zz!`DL49P-QORqN4a8B1o65L7yM@r`tX?+KNR1P!v+bv{UXEmIkcWFv>eN*U){Wddz z(a6*s)xs81THrCwLy;9)xM#82oF7?^Gdh%`x>jK#>45FPw#4)%#K0;>Ma8QL{&6o} zkOR^8y=fF@siboz=7+&NWtC7id>dXfXmVuWn zWo}>>zG)4HXVGz=A{qWlg2;V|;<7-kF*2nSE|jC>q{V6+6a^J1CpBZHb6ZjkJib^7 zD9B&LBx5y`rLh|G#S3W6$RCKFo?34JMd|GOkc_X>uv#n#FMfzSb6kNurJ2Qz**ZP| zRA*IE&Wgll-z|Mxkbx(?Vdy~Zt?ookad#;C_7v?>O^o4~Tvx;@b+S2|DViDo@Ia5p zq*JZw9f{nc@^@*M8naoI9+(}ruZj~T1&_Q!+YelY(ShQcW+zTpj{_f_ zBo$VYF=eV$C@ERe%G7jCcEsX-)L&kE=BEk2Kj}mvFzd|M(N2s-Ej_3FZU1&>*Gf>w z`;B=*wX2-`g{!9YyK{8T5R8t4aig9&8J_R9*=;iCS6dKTB2S90?C7C%u+XrU_lrzQ zg+NGxLKh@7Iuyj~B4(4d2U|WdPQ}NxvAWa#thT`mt}=w3Gd$*5QR*@2n9r+8U_DTDjvI$!;y?`PWu@_J6gQBh+DJ; z6bfD(h@YG+Ql%-s39_EiK*|#l$6PrS_7XuGL-u%niDpj*{1hUb;NNDufDDN(`k^)L z8luOH53+oc+jNE@r)tEBMGyi74gvVXxP<8}QO|zTO%9KvAj`@YPO9XP@d|{c^dz$9 znViRPrGzOh&ImKM7fI-G<#dHH=cMLavH9N-|!uH74GL7Vz= zsNU{~SYB`4bkpv}UT{^B^l?8*<4_uP+Ct`cfkN@V-v>=@X-mr?xiDi}dtU2Vmnd3E zk)sTnO5}bC`h%D8EPu{yuFs+Jtn0+wXbc;+42J5$_^062L7|1L9@l!0x|5!((Ia>g zCZ|v^C}F{7{IGA$8DgQxum4U=0r-K#*DEK6CdNGfKcghx?5I}QWpht0|c`{zkogOE`&Hd>5?ts(|>DbezD zHy~5EFcqtV9$EH=911<}msTDUU*F_yag<5VURk5y%sUcifxbQwOac?id|kZRWtB<7 zl>R)@VeiOL-0GjV6xmTj^6gR;(`Gcw&*+t@B8IL6Y3$AfEPJ0y%#y$o$n~e^WZ6}+ zdx{#T)}}t!e@a@W`i%k8B$ihL8=O6`t)wB`)c)hlc`xi6!s^G30W6-lV+G(oz}V!< z^2rRPx~5cG-cpz{W<$jx_vOHh1~{HDynjtILxQ+;su3Yi#b)}q|6wK z55P;7s?Kj@L*8PI%ONqL+5*Pj$`Tvr6RvM!)+M?4P`W2WpukN93a;p&G`wV%%y<{n zhhX%Zu_Tpx^n5n7)QsMtvRAF9VuT2oG55xHng|aM83^R2tOcG7Zm(;oM}1Bf-e0g* zC%7kzg3Mq?YrUCuD>6a@!K?fVb?@Dwk1)&10mH=c;wEoU-?SHrRwrdRCtb~jNm*QJ zghCq?El>I#nnId3q0LHBCX1wZ2ilO3J{OgSyGmPDi@kRxf69KfvS5Bpo3!jIzaZ7$ zuoEl1+k0N~s;55WF1g!&04bOXPW0c@;~{^qZG62?bHZ~*K<{`r^3KfGIuQ6B1pChD z#8!H0U%K8*&-eq$B`cuDn7&DW0H-keV)>&^MO(wE-XxKzhWq!*vBa`whGy%Nz3<#H zm$YVWYyC2RD}O7Y5DN#90~ZlTtGc#!i(de}S$X{&S$sO!x6md)Q3XUvgi*D+tV?D8 z9UVH{-TAp)tlLCR=Nw0$KM;BI+ufm!t4 zeAt2ZB%nsIQf#?~*Ls`+*qaZk6GX(ei(XWV`|?~q>~;>X+ly^>L&o|JnqWCxf*S0F z9cXo*dZ)zSXm^IFsTUpGuiD@2O*QEyk9qHhH|FDNpP)XzU!AI>@O?)r=~~w{oHnL7 zCh9P)FX0kDrp@Ch(4moGvW$;}@zE6m(8&@4C?tobFg+7K_)$oyl{X9m$V5}(-rGDi zghF*1ZvfyA)s#|(Y(G`~?EJ#!gob}&9!r63&bV(G5UVkWKIeC25h@Gj+uqZkwKt@e z%WktKbo-5&xO+in|6R|H|-=NkOl&c zYJ=0DQ6T=Ak~YB1!QuB1EvqaB^|)5grbL&)Gu3)nW#Kch6X<(3|1dQ?N*&OGCz@hx zWKL)4&qB3Z&6*E7K* z5;3?1PssR4a};4}+ikDHS-5|)FD}PG=97`vp}h9m)FxLdsvv@eUq?X4Gggb=ThBv0 zC;uo66t!J!P?l5(gGgDR9=Gu*CsD_O7Yi^m%ubMk2DhIU*Hhe0&r5X(^7|22Q+{SF z`GwHXm+Z%(6I?`8(a^pV!F4PSoCvoB4S}cvloJOV4|H5EjefityNt-p){=9WVZPjC zW*-Ue;5SYDTn5WM6OX^dP@owbbFBs_tUB#cm((OOG<5e<5Hgq2u* zrpMJ0g{!LL)06MuwdR>!HN{D_GBW{oyfHL>oCyB1qN8lQuRANQq=E$f!XVufVii@B zg#Ga~s^$URc5eY?Otxn*k|%6n#22Nh_cN>W;q+WA(Mj5{T$o7ny^Hb;6|^#{r~rr{ zI7A!-l*|pi8l24;_2X*zK8@Q;(-@s!AAKa=_LVzsb_HIqC)R-lB?$m8*M!EmeY}8i zvF_KzWBDm7y2cDa=j*Sx8==>+9Rr-}3nSAcHVJwC1`UEFBneoeXur#EZCX*wRU$uQ zsiWT;*?fj7U-J`!MH3V2(&MOJ@r>22^Wb)W#VQ_983@WM7J+(~!SiqKUn0He&v%1%H5;h-qz$_j{WvC4mR8%QxaQ#IpU0te~^PB@hToUoSjA1Fbmq3vw#?=E!~jG4aon(^JVK!ncYTX_m5m31RWYug z`RCXB_;Xs!aItuBQ5<-|rJP&|g=c@bVtjWAMDjYBvg*yOANAEaVPfEA6nzm<$gwpY z)gqdTY&xQ!OC^GY^>fMeByvAYk3ZL>-uF=$uoIR^kkuMu(iHc%IeQ3pfJj$jDRIfu zi%qCn2-I)f(*Z?=-V4G?L3sffRy{mA+C<|)YCZm+IH3K@ghkz`zVBzuIeb`0=w|+D zho%s2tXds7{uoN{(LOrLfJPRdK+on#f^KSn(XvnF(?2*lgfYGXY-_Q_WqScaxn5U> z6nO@#Hv*(hNRYaW#{Z`mpkNkl+p^IRM`? zZz|3nd8n_#e3bBF8i# z1WqAJN`Qhf$xHidhHX-9EMa0~N`!Y?C^*xJ*Ma#n&9j77GG%UVP}`=dhkka@6q^>G zm4T5_)X8eetjL82uG#`zyoy%OfEgw+n}Aogx&{pA&=Ac6Y1eRq#Bb0u22g)A9RK&u zjsQ>#+^s!Q#9)d>QhK0~FO(ClKmGTYRspGzA%vqNwwXECZPbrk-?Ys*2S|u>3K}{> zzg{bJ2KR_ipobZ{>XSv%S@v;fEhM7}^}m1m%U8pY(>Rf1Z0MCR+;6^{D<-GgE|qH@ zF-*z!B%P?Pb%D0$WT5y3O5N1Tf}~%kYk6;?N`Pay#y5E2kc4l!4$ZU$aZb!E!>;x; zBd?(v*7yBWB1aZzv7*zQ!M&@g8BVD(OI#Q4I6az6GjP+R^vGED-)0mMWqzjK@U)Cs zJx0{o`R>o?@NwZH4ZkD}g6xbei^bzbb8Di0YnvMM%kI8PXRc7P@pSYZI?+Y0qKa0&ar6Gai2BCpN`kKIL2TQ$ zGchN&Ik9cqxv`TQ+qP}rWMWQin_r$6-@AWwt<|f4RIRSAKDEz2yL3~AwJm`2%9+Pt z8CMNwoBHnT5;A}A5--rXd68ed)LPq+ zC{QApeq9*N1ju}pz=f1K2ta8iMMM3(U=mX&@!%&EINQ?q;1iTx;)dn|3{tUV7#v^U zB8ZZa#B%fEB}4g%l^Hgg&1ApF=Daz4yfHGPmz9=!Ga!p1*DOs84@2Ng)#x%RqJbBH z!sm}g3Xo?{1$Qg^4)!) zN~}SD#8~5^(%BH9nA($=ZJNm;;@9i(UlA->;X;J`pvmeDFKQPU6;%}`F5G^7RzpWq zg>-CjsrrEIRT>Dh#V<~il$AX(ij2=TN5s{Z!8Iu6EJ}r9wZeUQdHkt7bVtWS#1yB^ zrzJCwD+JX}kDO!pNdqa`X84pGY z|0o(-VpH_443aYr8&WAvRX(^ekk_#RcDCBp>9g-Q#bW>78Q17$rA9m9W>H;R;;{rA zBn+#@N!fv|2fA`MCxg#E9W}*9BKn`-bm>j}C!U9+D}D(B*gvAt-7IVf1vA_NTjbEr z>^0n4Gb`aal$AL``KbX(XLvV>vaNi?EU+-lPfJiIS!XnKWHV)X51T(%y~LRgGk2Pd zo{zw4k4T;hIb+TyMvC1v0fY8CqYRa6S;zEadlbC`uiE=nZ6$40q5!v>FLFqhr&xlz;n901Xf!8*yoq&^_4ICShUroDy4oQ#*zxiWHgj?^P#RMn;_83v0{p8D9I zZ3r(Fm!R22ai-?D76!b*%INy$vjL#8aJf#9?-JlEQf8-IDGbe*6umw0YQ38R_4e<^=}EiT#yugSmv_mi$Aa z;O6S9rIogZ=C+ByQ@8Ti`XuyylEbNi`B7wO%)MHIza@nj8g$UtJGFz>(k2#eOYGCK z(=cRy;cfyE+Qm#B@C4-Y_(X=fAe|9pcGg|uBVXr1wutF?%S4sY7^Zgw`cjRH3sK~K3~fHDS09qc_$b~e@j+zO`U z$w<1Rt4F|qa%2+&VuH@a_>y z->KD*c;*fa9e;(B36q$aCZ?v(T5n{FP>TAiu0FfD5|-&2-Xf1#fcdl1v%heEFHt|` zy1FVcPBVC(Y*%}OjDjyH{|yc!!^-?5TM#ox%u@}4tBhj(g6O!-1M9afSw&=EBWK|i z#AYc#=a~Tl_tL3mhd3jqtJBAo5Vh$M__wfub{CK#E~E9UuFrvn*6IjXvtaM+6i=!N zdHHTT)rgu-!f#xof}F3%|H_%3{r>z;=5^Wa10KO-*dJ@?^foa~Q=$_YMMtjqC6uXX zU;kQWZeeA>UXNqfm+u;fP_^Y^mY;Bc52#KpQ_nk1ABorBg+W}=3e~k0gq0yBq(vuX z9<&e+=+AdJ#1Q5RR&T#SGDQ>NWJ9f51-yTw@NnkQO`NazW8s<_8k# zS$tf~aL%%~TPNy3j-i_pOl5m4mq9y-C&fqZm5{Q|EUP`w4LFXMPN*^JH^!135DiHr z0iZIIb8eDl!Z!Y{k~1Ny_6$BT4NY2ca$;pxT~+n|spab2&hNGE^Pb;8%p` z_L~aL(9tpB`Psv{UGF_GjtshELrzfi|`sP)P7zLVCOeDWgvs%ZB=yH6C zE9)KQ7WzMHa~|-Lra(P)Bw1$$V(s~@PG}`dt{xFDk7&OqXYav~v)5aXk7I4U^OjO? zBZ-I$?ttB)~`aRF#iiTuR?cN*KBZg%hEc*W;IW@Rk|7#roADv_>;L`tzoc{;= zWa@l3ci|WYk<-cr!-J|dplBO5a#(=@s#CSl39XP+PlXqXh(*p7;|!$N>Y1F zo4wyI`w7I?H7NiO!I^3M?;!{}v`GvGe}+4KA|Z+ns#C*u>>E9zt+KAFyqo%$V-h}G zlx>_!T*$rKo++_3Nkpy?l74kf%)>Di(BgV6!6o##vU^5@EM+oS4@)l3l$B z4ATWldlzl+@i7lK3aM?xBJpOebk(fEh z9Tn+MetR>bQ$$uwgk|Tjv65lV)Wkj8&MFu?pEOxV=FA?@my4>ElE(sHv;SCXMar}S z%$%xc`ur8X5?Q*L_Jg%furh{Sd9z7G%$4S4%ki5#MSCgk3ekMBKgCYo!-oqEK{IG; z>$jIQPenSIqq3nUcJ+P%Zp#tY1{pgeWCj9MwSw>K&+!UR==6k9iTZc7T?eDQ)G$6) zvW__>-Vzeg_^&)Hu&n}1jLMv(82j>}dpT+Q>@W^Na z??G9W5Pt7%Ir`F*`-6a=ocv)4liqgtOX;RLTo*vRLL2*ICt~j+^ozs6%_w;t-C5i; ztmk%8?>HkEOjwm?0g~ZXfKI3=&~UB2p|0xdd)2bQ8YK#c z=L$rME3?bl`J~b|^mYjHP#kE}85^wjdeUbb{cxroABOmx>4Ns1>zoX<-V=-n*j%Lk zP~QK+5%zw@5Jk?`JnGlV@%vo{s%l_30F2MX#prEoK{`qHnfgm#xCz#!e_afWN(6sj_PymsEGO7mq)bdjk#;vpvm(?j$*VwQrhrvnM;)?n z?ny!Pa|p|W=7_1Ji~8^=RugtN4>W}NrAd8&T5NC`G3`)YHw=v;pRn{FEEso!* z+#5-0U#af+!)RwnT0WB86DjgeW3se)DCEOIAdA;Vjezz^@@T79QePb4K^-8R3T$6n zYE@t8zX^>83llMW1Vd2AF_lfrZkAhr5kX1jqB&W`Ca^X!=L_vOrdQ>tQPkBL$;A3? z;MvcpiLZ`j)7E$I)f7el3=L3pj6m3C8;fe(+#5cZdJ+Fwm}<(rb?=`yg~hT%U&|#e zx`E|cF*>`90yw6|S}y$e!Pu&;JJ2dmLdlVJBn-JE@DctpOzmu;Nwx;>KCJEjxk}$2 zI?UW5<&d7!Xx-it^HR<1d1`fpb&raRng6iJSbF4^n4J|iRVz6VMDxbH!by*V5r%W5 zy|5k80@8U$Zke!5yV7*fQfqTN|C#PNf^0*L)|O3{c|R4yd;-0#bCg$HkIqbtnmPa{ zaksQ}I6UQbR~0-qI^N$oC3T`lkYC)LwHc$B^7Fgt$SdG0Rn7rBiMYtR4ce8Ool{Yr zI$GzY-zNkeF2*IE3TtBL7u&=EuNiE&?8uDeNNLB$PmC#l6VL-CxzlN^urhKAiq5!w zbm29*7~p#6dVl+Rc4fAesTT7RH2$KDk;f^nL(;@EnLOMU>`sh7Fg@T!c5Ws^z$jt? zDUPKV1SdWN?%aM64;L56JYLoMCB$!X)6j<1?(c0k9tlCuYJ4DbOtjnA*zGI~In=Vj z7NF!6JRrDTs?Bn>OBvcSF!x!|@TAxm@x*TwtXCgXF!SKv4wEHsOcWL#S+qXDUMz7m z5Dh6Ft#;=k8QAE^`x?OH#mNXsBAc#ApAT@~%=l&TVapjNIi#EZlgP8G2=5d!l4bYx zqL7PBxnE(heCgUN904icI@zvU>3b^@cQC=P7pQQwFwcUf@~wx4S=@YIzBdK24i@ek zA;!%A+9T#8g^q3&eugAee69svivsW7*rFn04^GrVF-y!ly>bGct32JjtM;L~{d+HT zfR)xK%gX5h-C4uBp&fh9*~-}2p6q^}lE^e`OG6>`{!_|GN%`o!o-%MBEtCSC-ORUf zt39$peS}A*R^)-~$w3=s<-(2w2Db~o+zLBD+B)w}6izX>w)ruBu7y69(H{ut#VY+h zp+~SFX%o{TbrPeAa;%*N!rX&HClz*(oT;O^f3!kU-82mjq_;7K zu@OjknRPrX)=%z!z@RYLI>E&$sRb_nOll-Ipe$QXY!U1ap!u*H$WQ;ZQ2r-?*#}p^ zBGB0TrvjDq?bF*Sv%M4`z(XMK_RcBG4+LI7e-!hKa?G@G0!s}nga-A|t{7{s8*C91 zQ2xEgid~Zr-eQ`eQa3_}gP4#jfPQ}D8PXU6pKYGV;+DK64K|r{vOD?G;wxF-ZL7_n zBO8u8FQ9Jp>}2X0XyKfvu0J21xZKEqcoPkV9Rwkv)!^;xzT77xX_2eXIgFI?Mhi$e zC?osUur(L*{}g!Nd{)pTJN~?N{C40B(KA>`$RDi_rlTDV(DZ%zkR9cp-k&&(7q@I% zWNO;In_Wel^7$!()~q%u4xs`2f?Zl_EH!pm#W53)Vnwl&u{Rv#TCeMo#i2V^(shC{ za4MhTk2(iS%`jQGH|pTHV?zXxL6qBBcT4YrCcfAxCCi7BadBm8#4&cb;+LKHp}y%E z8A!%c-`G`cSbuXvwc&=AIyBR@hNy5ebNz5i3B0V%b)k@OW{t3VWZv{W#IwRjZ)CKh z+EA9V^(6?Czo1~|mRBD6mcb$ze4Qs$%!>ksLDl1w;d1yL!9=^P%MVts|NExrp-X>I zauT9vHcxZ$+J$|`{K$1=>hdWXP&3Bx7cHHusuG9Yc2i5YNPtm@*ZxMh0inx6R(S7@ zJ}znZx6ob^c$=TWV1R0Ej-xe+e>WAWRO9wL8Q6zn=ifp~w)UqQ%Gfq*418@8*4$o3 z`EDW1V$pJwT^U*!;hL3o_+-acoR%?Zp6mpw3$~X<>+^lqt&bo@Ue>hI9&D4fGmeei z9fI2WV9GI#b$xDSVG{4t@EN2cq{pcFCjSK{;V;b||H8)2AgR6r!_*tg`xu6F_R61h z-7Ik#nm)bs1@f9?p0e{%t&N8)nYG?F;5d79P)#*})@BDMhZnIgj`<->7yYT|TkJqA zRrYT?;J?~&EbtIXUd>uRK=g~Ku1?4Lye_Kfbkf^dC;2Ys1mSbuuNYMgKSmg{&AJKz zDP!M0Rwy=Wa11U(BF`q4l-yp4VFR*m$tXEeN9WiSsmBXP2IJLZ3{cFjBS{(}e~eLM z3#M&8Koob9e5{!Ix|SsW?J8ML+}W2?g{&t5d3^p%-*D)BIk7k!r@*Zcijr{N@XL82 zhsCV!9RK(WZ|kivoi3)|S(Y-E+h6Pzj!U@6)WOieGCx#1GNL~v8`^l>dHq8E$CYpV zAqI^O?Sh(YEl(U}pMFT7U2Zl*@QqY+%{o#DIxI&+8|)|U?Z96*>#5tmlwX~JDSe?V zo}}2F_YZ4>Az{>3nG|T6#cwY@dzC+v3a!584dyF|qt)G-!&HRVDTvKQj!5jM_uH-C z(C+#~5p8O%$7-7{D3(NUWFWQ-JKke|j z4S99e%W=tZT%AsRe?miU9b{E>994Pt{`CwlJ5Xy+A@R?7$QI-6H|wZUmli_yoFeS+WkAOcU(Fwc7Ee zVg(K8_wHGsMqA7LtG83Bw<9dF_M1aV%9F(|T0o*E@8-86kO2!8fu;?Zj2Nm`)pzkq zbUQ!TUGlAM6$88pKG{3OM^rG1eOU}l4h>gG>Zp}=4ksBB0Cb(me1m=3{iH}i>jVD2 zf*N`KDw}PpqG0@HxJ0fQ@1uM74Dm&??ol-*b4}ew##yBzw$pGKa zsF~AJ1W%|+xjO4vrwc>`)OnZGkmzrTPD1sOkMa7)1Lk#km9lf(2xcEQcq_5S#UUxD z&dyULW2)xK@F^vWn&EiFecJ^!ZvOq!m=ewB-Um2A@qwseRMV6Fo=@Kzq_NTV_Y$y1 zcQNO!s9KrQC%qF6B+Qr$W??vYcETC%K+dmp zZL{0?g*`!SL#pdtHZnEj%BbnYwe7u?9@$7U% z7;&|Qg$=KJ)GYOEXVbQZ-mb~^p@6%$fz0)c-<`%3O`iynrz{wW*iIUd5*o_$D{ebz z*uWnh4cb8M^b)rsMD0z7n0?dl%x9;M`MgC*!yO5rrbZC^Y_v9_9Uh}ARE3kvNH%tlZJ-t)_+pd8Fz+5<>umy)b{maDZt z@3C7{jm3C>km&)DkO`Ap);Feia1_OmbFkXT!hMMXDhe7c^&lSQPwxh6uZRIbiPU^H zPijFzKWamHV7~P;7yk>YWn@TV*UXb&TaB+vbWQ zi6aJXnHY-ngX5dvFFE4id931wikt+u=|toLGgqa^Dce3ij!~7_KEmv^AmyKBFMMyU z4sn9BA$$~J>+|BHqs{hgEg1(ZCREXW7ks=`p(1J!SnwKc2^nA#+K;tUhzbe$=2g&m z0!pJjA8((AOvH#oj5|~g))mId7a)^|u8*+2!c!ui?D$8&$vrKwF3{MAPZ*UWxj>5^ z`gg;Ic`Q2G0w3Fe1s7-mu{mW_dv~zE4&_8|kK4wSO zglz4{hH#N4Xgp5$;HW#c#xRy=dqeQgIhYL{*2)RhNf^ZxijuT=2B+F(!ONo`;!U<{ z?AV#K;XZw*-rWB~810AD9=Tw#e?vhQ4G0g^L<(=>O}G;Q_gE9xLn6XUxXNI&#$;6w zGke~m<^AKynyOJUxyA64DwrHxQ&CVcE=tSrF7^anFf6dpUy(HK?FWE2$l&`@H}8kj z9LZJ>|Kulk&afYMYB(J&Rl<*>r(MSLyhfAs&vQy0?_HJedi2liYocgz;7qGF-aF-t z=8Z&=JeBa=RT$BmgKD=;qe^iKP=7|MZ%Qn5)?cQMh5ZmAAqiA_Y^^ECLt6Zs_%_t?M`h#FzXzYEpU~$X-B958x2A9k z85uHB#Bf@FUc;dT2UTW|@vtR_lFuO}oH(reZa;wxBEKN1G*N`aO-gNY!`DQ>jJROrY#Dk%{WX#@_-1HtZO zHyRR~hLKSnkeHS^=AxNEI3c@$>z4+KBG`9wJTgNT!%Yg1gaL9#MV$IH{%^*CWDdGz zLqpK#baRxLa@ za9IiQ+U}DRP#&TE<|mN7&$!v)Pcp%4qy0?*4d1k2zwV}D$qIA?CR`tI)>Xo(yeA0y z({I~gw617tRc8eIy-P9Z0>m3vRMqx9cfkV0w^~CpPTa4Ej5MnmZT>x#j_}$8WDkPEGnibSkc7CkAMS4W*h|kp^otAsRhM(>wan& zmvTX{SDL+1$6ScfIixpyuc-Dh^QM1Bv*l^U*fXh?_wDE`4d2%Ld+(32J6I zu8_e;m)XSy*lWo`?n;q-&zson9cNcKoOAHXIs}q=_#^n2Dvx3ghik+S{IaQi?=Pjt z?(C_bOt*#A^mu*nnDxOmt=zIw9J;6wQa07KAytIAx5G>k5Cnd=XstB$P0QMoZ)cVC zlZHBiY?TSyh3vd*GRN#}7#GB}fnmV652(+hLea`1XgE&1E*2v7ucR^ueT`ht1*y@q zk(hCb|Ak9#lt0Fm^Gg@7PZO<(uU4;^XsYz%_Kh% zz~@rpA`EQerzJTq@_ymGVlbiTJGi3du;*0NV6bp-$wXBIgY^yE6@RbT@OLu;uW5a6 zpz}vFFmO!~bhfgRq3SI9OI0tyi6``ZPy&rj@gU_;<9@{cVy?m*!xXsk&!HL#AQmnn zV!xMou8^h+XV|cM{S*|QkzwsAiZa&#V1@*0Yf+F{2^NrV-!gHu#GvIwk#ovEUcp!? z>##M&etD7$B11zCh>#;$W1|&frDZ${>fchtqWZxT0!5sEyf|tE% zqjf`CW^$@vhKgKLL!a8X*Oa579Y^?1Zl142?mGS!%~TvaLu2(iX~;ay-dVaYp#WLf z;2N|Xff6HzR2zp?!?d^+Il>|DB+be%Ix@G8M{7W8#+WnG&OIap6_pTfW*f@>DF^9Y zRV(+Yz_D9FkRpzQbx)y?nJpqD#C`E>VO#;v!*BZj4<9C-L=-xtU;8_JI3=^3VWS^X ztXoRTqUj<@dzBd;jIE~GH)a%}Bs4TlGOUPNb{7+p_^PdXEDz@%n12f9+HFXAaq*d* zV5S|~Y0fouOtYewvm~DH^ZiYL^}k56@Gj=_w@ChHboBJ}HbiH}47p5tQifpvXi|l5-KdCi{Z(r@P09#?GMA`v z+%;6l5VKyn5$u_fmNK(Q|V4x6-{4R zJw4BjlFKRJX7=3*BFxZd-D6qE@q^e|3pGR(f!FCatx_#q?Ak_T)|@=BugZ*JLbn}K zeRSO?n^f{TDtZcejtcCZIMYIOFtoVTGQIa)x1h}k%WB7#&J>`}ByksCq<~T&GI%H+ zqhK6wZ@jh>(j*k9>| zkB!ub!%I6sSNRHxddJuTOfRS-a9^FTnRF1oO4U?J4{ubb~shcked2HOYr)Q}|D^ z>8p9JT+u)@3XjbjEHfCQj7vQvn$F$66{{s5agt*pN3GG)vVv*1lc_iuODe%N)GG#zw9+CfbF6OnAyi_*Ij;72|Fg42q7Cxn z?hi(XQS>0t#CN&w%Xw#rud9EHy>i=O@YZgI0yPWQc-^d+N+3BaGJ}L)KB@4GZRZ?% zulVS=v`t?7kSO#mvD2kfUpx-BFVp{b=7E7MzO>Sh5Ra9;gFPa~2m90ASGcFjKm2|H zQG3RYXNok0Dzh7`GJ^?17N$SiM_eqzS!o*=n{wUuzlh_}VltTeOd^Qum!>`ReG(5o z4VD`Tr2}{SQzNa{Un_q5Bwq7|*^SciS2hrmGSh<=Epdq^1vQmXDb)nL3DF5V-u1iS z?Uww-cB;f&E26Hp#F7pOXftS2_)f<7oKgW}vNo#t6+*Nt;BBoeERrmt4v=?y2PTFf z?9nL+!`ill;YEalH#OJPLe{q{BegT~Br-okax{s_$=@1Bh4tN8vQ`++T#|()`#a;~ zqCl&X`es00nP_Int7P3N(}?y}b!EKQ6Bt7W2G_|5CUcx#nz(~6w-dfwnGKe)GVaXB zyO#t<&24RG;Pj?%(%=sm9gJ1N^@8F&@D-O#H+i(YC4LV(2o7Fz!?`i}SW=W_B1sG=7vcQezUk6_#hG-2Q5`PuvdrX< zb3M=evvDSbFqBq6$T7mI))J@vJ-t*W#g5L3NHI@osfDpUg@maPGhmStLyG#$jMb8& zhY2<@mz=n7xHstQKZ{Fth?bBXFKe0)et7~h);2_@3I5}YdEaRmi@?-~#iE{+9?2EC ze(EnYJv2!44lhQ#(P4I1=a8JHr2vs^>*@W*&FI_Y^OB6CXw%ye7OW@2y)QgWio)^KJ7 zX3C^M(v;a|4F4OaU?-0b_5sI9)BxxletFlMrn$`%+ zfE_f$FXEhvG0Ts>srR~*v+~&AkltI3p3y)ptR?I*q+n&mC;dSUTyYOQbywh%81KH# z+)8};`@jQ#{Yyh@$?0gB!LSiW$*KMdp0}_)FS>3Yp2h8wL%LmD$w=X*L5wyPT~^MX0(1gv6xO-}S2E<{Pjv zDll_+ywP~q4Gh}Uqf)C%rGv658@PLytKx43Od-WjDw*x%&4j3b30V;<9v( z6&vTbI%8V2qgxUtF{1*AN$I1{GQBgQ>srMlPSWv*U z#xLg=7ryky$vbCg&RTr9i9VB-j_&X73^^g+t-Ru3|E+C(JQ(di@@zd%o7r=rqbJWq zC{PXV?UCKy-X8e^Rz6V4B>Qb!lvPxM&FBa zjX;45i5J1XH0J9$g1&+DyJE2D;ZIJE7(axi4z#n0h^=0T`?3UPxbR&pIXAibA8~>m z_kU{yl4p=`DQhx^jo>klORC-ZO7iF2wNP zPyY8+7o|M#znHE6uv=faNl-wi`#-$``u_o^8qt(pSnl0y5e|_^T!FIpuc~Vksi|v5sw>aB3sz)K+K2FQ@YF zXjI{bcMgVYm?ozLEjLTn(~pj?rr;Bd*#h_2Z?Jsc&MhemdIBm?Rd5b1<>*_=9xlQY zu`!^ zh+92le}@~!;**Xjrr^_R)YJ+q6p0FDI^B;PJTOH1;gFyN&gG<#>CtMa5mC$UxEg_wg$5 z?{({yf2mw=m>2EXraa$Z@O@$isUZBuj+5Gt93~rJ`f&{TDYH9!60-{`9bGIUapq8) zlb( z?gx1Ke%RxEb28*No5mx*Xn~?Jcg3*(m;9SkmqKQdN$!_H8)JG-nFFn){WUG!^-*9sogB_jI>!HBE9D(kk z*_%a_=vJ=j^Lm7Ym_Pex{IKYRK9h!M#oUCm?fN_8Yj$~A)_ZCbWZ!;I_2in24L-YV z?cab(G5sVcB2 z&IiF=&4z6|{=yJ$l^c_M%VpyFJGDG+*138GzVAdJYM%uu@W$+dS^Wf{HHsRl6z!I!wgg1wvAf%Cw0Pq&M)frb4%A_= zUJda+$|~?4Tn>d;4MV~zE#wCBU&$L?0VzXMl2aT~v5o1}PP{)w`EUG2PP!;k(^o~T z9iZd;G+7)tDmwUv0t4t(_l@lz<b9@6=7V3KeLgPLXXw>g^lSef&7-_73Rr4$Rj)!vtbqQ8;1w7>rFhv=$g^+x5; zmv^ws3B4SKHR3yNaX~vyi@vE*e#ZSWiLT!*34lAGcZZ1Ma&h zRXWHDZLTsSZ9Y~py|AR^fk4{fwXKyWxv!XIaNX%F0#U*15$AV<5S<11AK!Bl$r~7U z^e$`5Ur<_+%QX%9O&Ux;@!bTB`|2ZU%_0c>uFPIfj&+cb-&ke5j32T+!i?IOC+`

}xPrGj2qaA*kUSdYbhAFa;h)^iUY*da=YeP$#X zau|mF`(@O@O{xlx&Lq!Pl?ToDb#O2ZYtws%7lh%b-mUQXJ&>{*<#vO3?&K=-W9wd_v?Z{hle;uo2xo2u5yty{x1*dJLka4=lVm5dj3%O& z(k{Qq0BS^N@)7qUCWwxqs0Ek_A5|5^-jJG1(tn`+AG8C1n`21Dgy|T>IK7{#`mQOo zD24HOAAeE8?tB9P9vsVgDB|Im@i<>GAX#nvMYaa4*brXBWy61Fp?6^j7PfqlrhBO~ z4_)qzr^@fH^NS`SRqb;e)2q zV?*S|I?n5ZeP<&}h5wAmn0h;!QBN%G+<+>xAIP^Nf!mO@)id$8Tw?umX47j#G-U&_ zdrP}50uCHaLBZHu7_~iMn(Ht-n{JF$x}v3-|KYa!*6Y-)W^1i!OMA^q+qWZOB!yjy zbx}lCyd5`v)_Gnq(ZbwOPPDkxd*I{y{O?%P;d-)~;nkN97wU`m4X0_o!}VL99{c$S zPLJ9seFK13aku98ow5cZrHc5`3ghf02c{((d;p{KGDc+|C>ZF3t`X z-X~8eMe4PzTwL8Lx-|fze_ZL=^^kMApXudAH7RRZu2oCa-Tg{=e?hFUfz|MxlaD3p zV4tw*@iir^&8H)9OcYRBsU&w!J4`j>)KVT#o(j`6JQ*;*_PlMCtkw0sOAhis3I^Q9 zd%1ims_kdx4$bo}X&X`Y>ToVLOg;Tn*`bZo%X!vwVhS(F!-xGk?o}zDSp3JpoF^Od zv(XqIC5+D-CiR*nmP0ha*m@t(r!9)F@}Ge`WnC!L+)fO#HCWtHd6)3}#>icbyZiN| zQ2#)nX4=Kx28UfO6}jWXj-nxaE%(CEc?9>t5L7ch|FEm}U~FR_BX^DsY)Yeu-Yw3W zJpafc|EF{&e{E21PUE036px%PkwD+*jy{5F1_u9RSgY~?sH&zBjB%-fV42fa?`1J(T z1{P#;b!O>D`%CQ`85$z#y!}Erk12jI1!v8lv_5s&wA0i-9Gl0Z1?=`UJ!1b!)J#7s zHgev87k5}WJ|Y|r^OyQor8YBekAArjtK|7YCOSr3IlU6UAfNGz7eU}!Tgu~Lh4tz6 z0>t!BtU$3q$?EEvqD|-4Kgnpuv5*WiQOdY6FY|F#=Zw!c^!FM{tM&&&Y$}I#h02q< zIxy2!(R&XruK|C(@>E=GuuA^lAkb_jg-Xe#1fN+Xx1=aSk)w8XWB?jcYl}*qCPQ-5 zE#)@M@u;#*Y)1J;lwhOl_eOzgGa+BJMS0k&8jtTImilF5g6B5eA)@KL=ON2)DY&8# zVBtPyJt-sp#vD}>{lMsxhw~>4`UWZyw}n+k|D|^R+f)k>ie~%EPG~vFV6)s@{DG^i z%PY~rh1<&!RWUDj-pbwilUubwm&FNXWj!C3ROe66qQvCG@62VO$i{xlkrSX&&e`cz zO@J#*x~|gYy2=fwHYM|5aEx!V`OmKF7S7_juu?DHL`Dc^}0T}EyoP68{DG; z>Enx<2EOgyOP6LuY^LefgL6MA>e$2-C3#Cy){4WZbOBrQ{Z2fuO3y3zyA%wid=Bx5 z`C(QC{1bY}bU6%8nD-f{FOETOR(lMvFasLqcpN6Z@Mx?0U8@GNB5YkVICU zVg9nk;bc%?MUR1wWz#y@BuD8bpLrl?z}B=>&9ZaPx@r#`_YDaek&h!JXRaeMWTS~D5S!9gxgO6@XgH2^XCU$Wu@xc(%EP5H&mce%9Y_EyyZg+h7vrXXH zo5B7Yjeu)nvylk{BNZtb5mODPD+N^ji<@%2m&FG0Rq(Rp#1h*+2b zBoUkmyIC$f<1K(uWfS`x(^F#ya1X1XeXMUfF$};uPSrmj*_%s+%e7)*E`mttK8lTU zOBJ1U*hP!p>DLzhl=+(si{m~_0oFqsg;{C`RodI$oochl!qiw$)5LtZZ|9B8H&#$1 z{QI{=Vz^{&LmQX$m1Oqzlkw+GtF0X#^^9ysWUvsxCZvk$y5St!2uKH8K3UT>>ZXfh z9Au2Q_xE_Wl=9+w;LD79eZ9jwOw)$9s0fJVjw6KBdr2{xJ_VGXF>q*9+T@ioo>OCS zVi}|75|qnK|8nnSB2*n@oyiO-gD59t+;NF=xDBHpOtCSO-U%Cz@iXz~*lY(7n=zKi z5eVT_|2qki+-XLOOK%R@*)gOeCY&UoNoYY!Ovskj)TFM+%F(gS#A zL0Nf3=hd(C$LsOeYJZUTbx}bu6w6N+yDPPQQez{CnYVFTYv_B>+^UGgg#jG|s#s9= zR0i4Rv+l+EnZE*XF;q+`))#R2c$hD2(0GA!x!yigk23J@P|rZGJAlWodrUyLOMapf zsP}$Cea5be)pBlpGwxEZ<>`=|YRH2suG5kA9`=YtF>QbE>m<}Mok^<#RhrnQRg@MJp7(zi-LXNot~5xNG{T3C%4|00EJQg*NltXpC3_sK;8 zLlYG$h#?x^&a0~nI%GT}U8Hi_zviS4nMp`M0*A)9f!NCPvj&{m--e1{M^QMAyC$L$ z0yrpBaE%fLA<9gFr|2zdIoX5ActOP8h+LpYY#dFJWmZvlLyW#@=C2ce3`LW$l5{2~ zd4PKM1BqGI*gnQ=q8+Y@ScEaOJfV;enx^81$M{FXA(Q@RhN~CGzOwRK)@XV8z@u=5 zC~9opQUXJFwXk8WP+3M+_SKNI1lfEx$qh%O!yNkla&W6FTkdLkrb{Nnm}x_C3x+yk zrZQF5_idciUDumu#x9W^ahV^1V$#Dg8))Q%-wljgVpy3E$#iQdtLSnvpUhv%X%q}2 zsU{kKs3D-kDf9F8T~C7blaho>N)TzVi-@lg^#=x5$Pb+jGTodJ!Ot5FCJ_|QVnAwq zPfLp;88joNm<%_Q3<9CSMUvjhfH@thOV#1@;dEt)*SN6kJ0YW?ieFc6kda}HPCyly zcw-dJ-t2YJmo{R-d4i#_y||A@NYxE%D(n|tJ(S`Dk|?E$sHlTS4jZhrVKDSx7rp+j znO%vNBC~N1J{u6ohdI9OxK?u4ik;`ZdUeT6Kg|EC-kq&E8*cw6wv%x>$g|RiJ77EQ z_nb=Iz;Dx~U<@v;i=jP_8qRW<$c-f>>B|C=3uzt0>15#8h{cekYZKHGMk5nRygkB6 z3@V`G(z0WaA;g1SCKeHitw*?+AuVaAYHx5TP@O{fT1oFQJaXoeRI0*M zsi@DGrH&gk6*WHoe6AV%t*)cxw&k(JUP??D)!KSRQR)w`G3BO_wIT8xhvk7@;oHqC z)wMW4sYCORriqIOIx_{#l(LSN$Vy{AYU&xC2MN^T3(^2wcntYsl1N}k$w*(jV^ei< z2pNU~-qu8h-Y2f1aDn}CKNJkhj=C{_tBlZhu%u-2VRfI*yAVARp1~=v&nuebEWjVC zW^XF(o83g?P6ot=MArlsqwFMmgCk_v7dBl6nUQZIXEb|Fi<0Z282vT?YuYs_XEcGp ze2H9G3YkV_ua20pYm2}t-MhYD{iFkmC<)L@Gjl5&K|ITmZYsU}=9F`Wl;m1rHfw4T z^Yqqp?7)k2eMOu7wtkf;|2(p+iP%@BBy>~)WB~be;4vUXnTV4mbhcK4&Y=#g$(Oer zDk7pKQD0I}Ic+lI=j~(+*U>SdkdiGZC^EzVQyGD9EHB3+dDm>*tfM&)qQ}eMP4|`G zftUh?MQT|UPx5iY?YOaX(5~kSPVbZPlTc@j@#<9114z5|j^LIK!=;B4LD?Fo-t8E7 zJ$(Adt0sWHW^Zog&EI^2AEima5<;1mwe$0SiTbMyVt@be_w&KlMqv+USls62HR6Ia z@9hvHYCUg1;--7D{b^5$`MW`AFrhDcxZKX^^aTH-CDP<W5;0U{wz|g)V0|lUhIqz*!dQwS#_xisINGd-d1|a2TN%+TNJ3ZQ!-u|k;kycfV z{o!^zEAj9Ut-MAsBigmk#s*CW0DVBdUuc;s|{LrX{c$=&rZ;Poxy#yJxpg*0p3 zN)nL}IE^)UV~l&LV@2|L#MMmi>d=6X_IIz4;z~akfRGhgxb6&BL27Q)!0Eh)CH7tJ zBMHhMVuG~mzZ__=AQo$25kjvO5hLomw_)WZC`dYE55i(=FSumh z3LsV3rGqKZkd1EwLH^f2r-U?Wa=woK03)>&f>5D?8Vw}W{9`c082`jv<2i7^_<7QF z#D)VV*m98=N(FT!n^D$l5&pkgfD2R3n3pff?mCk3V zrVon|S4A{GvSFEcbQKEHP|5@L?_b_y;K@>g4Rx$k;{@Jwl;{4m{sdK)?|*v4MQ&c> z1EvfYC{SN0{cxC$ng|&((ZQR>!vB#<{~S6LWjmU+d(jaTR3ZD@4>Ms!cnMiBdgJ+) zp(lc0sLdEQ6B~$=oS*w8D7w$^Rz?$y@5>!&1${&ujU1{9#>JE2m#sZGkS#^!DjC5+ z`;NDR^xQ&tx>&@gvyAJCQbzhcbDp*}0}*=)iJsqb7xZU+?3=yr-~o8u;OrW$!PxKp3{DfIwP^GRbAs6hEp83mAiKEXcS9Hn&%lijLC02!8Erb zRMF+T9$y=L+V0v`=TyNR-T01xCF*MMxXAH}9*I|9%*^Gk&^zDGF1^fM-$^>=q$e*w z$;>HXtgQs=q=u-V_OV?tJh;p8pO{VIP! z%1#Xnc{S7Ayf|R?-|Hc8@@00DzxUZ7rBL>P}5q)1jYn5zzL9xcX(!-ouF77-sdkPa6q z0U5$T5AZCGzqfHRWC_S=c~U%cX$FHIL(jjKdLOD*b2zh{KjgCn8v-JUX^2CP6n)_&Na5PKjp@{=H`@dZdP&of_~jaMb|1tH=(Uryix6_$+YWvoK<%E;~jl_7w5*>Z+5nnimvFpKX(`v4c1WgcU)p;;BZkwBlM z(xC~MO7jt!Eo`E~?K{tFTjR#~cV2H_%;vGbN_c{fEx2#b^buCF-u#9Ra8i9T&M_9l z%>YQb@!oMlpF1Q#RHTnX8koW};!79VZD&gc@2-+ls9|&$hsQ@-kVO*Ww3YJslr&@g zuJDWqV!o@Qn^{UAF_i|SZ5f`deps^sbFqG6QLD~U(1vaCjV~E#1gcZb@8q$G!Hes* z%oJ$3yITRQrS1nxnZ2>l^i40y#DBt8WWS*ABHdUS+f0e6NFloCf`;0wm&vxK~yr&VDYcV&Gs770Tk1VT%4Po+(+No}j5aXNXHjos>5M6RNM5j^Z)x z&CL-qurLhd2mu#Kx^BsYI5eIWGApU{4c*|C^4j=S@a(?p{CnN@DgF`pgV+1BI5{|+ zdiUm8{ztc)&R?)t61>frjB-WcbD{}uZ|(@6x|ml)GK&$_`*7&wxvwPE0Ca%M_Wvo(4z&=rjFaJM}D9B3zJ zdFUk^ZwzklaetGkUP}?uHmBQLvF?oVtXtv?+I|a<TZFTpMws;I z#G&Z?PL`fW(e-u`>9mPSXaaP^;0zw4ogO;ZBJD;ix1ZjwZ3>#00Yul4@JxoyOtTA< zK=Xe9IC#6Q9N+7{b86sLyF_lhLnQ|S7>&@yQwkcBI5ZOiI;yPLhmNVKS*cwX3C)~n z3P}J)X?pnJ_o*^Ya~(#-45PyOSH{K|bPa6G94}{#cAw}j3bHr{3OU2lA9?Z3`gP4p zD;&Wayb?Bh2#d^EqymGT7T9)!S5G@n5$rg!k#RGD$1agkGWF-W&1I!LwxrQY$qDnrqC*- z3TWq%(o?&rsK(hxBku7cc(TplQj%~6x7b9`XLozo_ej21a>-~XdPJumZ%ON1Kex`n^Vot`|V^_btWMLBGNEabIZPSUq5Zhli! z)di@3U?^)iqN(goI`xGjsf{hRGwJRHfWA6kV9{I6S^A*y0wLo(O+)W+Xl#Ny5RAMgK84*^)ytX{}##!->O0 znDk6Mt2oDC^-)pUJ0c5PT>Z$&0^c@Gg63!}$C?y~;;-u2s#qWY8zCFYk9`0kcU)DN*WKe7A=qBx2G|Xq$Z{#fDynG(JbKC zk%85T`5o&I9F_@R-4Flx`wp|)*YLbvPA~x%(yJv)xpdH;{yG4@@$`$c*vOFQ|@$`dl3n^t>T`6zmuK72#B+k ztx#5L*sTq00p(ZID@-zmBMOgZsfg3a#9ZcfmIDdeD9kF^Ko&BlHP^@ zf+}6hD^>C+Ryk1l@ zMezBjdB_vv&b-?OZ!n0ZtQ8|8#KGkb?(@XOMF<5+8d@$$Xvu$RSP~%|(pJMY(e7)F z3yKZv3z00A8${(T7)m>yBUPKswB(^Zt-}!Sx2pFIyvU?Z?H!paAhJ{va@c2g^W~-B zG%t1XF9qmwTe&zCGa}Em1t7yoXei<$6XbEXDhpbDe&{GN6uX(^_6(hd$2>Pk=S6P2 zR_N1{#baaL<~zk58x2q(WhY1mS_WP6ayg`)1X}z+S+8R8C#)n6#Da*K!XM}2SF!mO z;KbN2n?b}RIbg2GrzlJ)p>Vc{Qf-AQ(~{U{G$JIJ~lDgzvrs|8$RPl0S~JP4C7}ZR6H0`Y=}iM5j$nQ zzZ?IX00)C^(c%*loh6{GAYrUYB<};XxI_;c#uq`Ibz?eKp>KyZ<(mNc`YvW&D#jsOpaD0u>Bau2iw9@;c<(PV>ePdkc z_)PDXn^*g!5|hb%|5)=%#d%fQ z?}NQg9oV~}XJqW1pGN^q6nni(0)@rJAv82J%;za1i*n?6_`Xrt?vw`IkKb;YLGM>| z=g%JKB>zEXeGQ)T`CjwMhW@jCC#i3c7vJ^@-q6fbuyje}CI#oeBw=hwDuL*^9xWoc z>l6w-x2LN!fM7$w(~NN7fPAH6Culc8NW~KoIZlpUZq-k0W-!xgZI`E2%$PsK~sek7bmAGi&%Rp;QKtu0vO`PZhM9bLi>f$dqWqcpujbm1jKfhB~#GQ z3S*IE@6-g|0jDEy(K-t@zaAe=nL;m`agT`n&x7w>%I}=_GlCrb|6ncuTMqxpnVLY#*BcnASt+WGyRB)$G}xltd(S682{tg%*JeqI z$^^NSefxLXPoSWXVDt(KZ?ph$8HT(1sg2X( z+O`Y=H}areW|qQ+jOCKlMn8t_QTq87nH$cK3;-g zuS7l%Gf)oBzBCT3U-sc%7GYn--hp`EUePSS>NCpM`-)mLD-+|GJd14Z(qQgYIBe)||MkuT@|7Sb}DMvkU=J;Gb!;hP_idUde2P<7@Df#FS$ z*Z%LW^PjHLtLO*IS79p%+CU(I&D#>vl9PQ;b7WRfogN1^#piR{jR3TYp3L%9{lNS3 z^QaA3vRm5u&0kPk1gX|53uoQz)4Tgw+{Z94J>)MaYB)b7p4UITO{heR+LcK1xi zae^oerP~&gnZaYe=k_Q%t-&^YaS~$%nmXwv^j_SCDVo8!eRPqYU$L6^k{N*LyorO^)~uFPgY+p#rQsTSQ^NDJ1^oLWk6L1Gix6SDjm;oh}X;16LLwdwMTH zI>i5YJ(2f|_5FB2RNHdvC!^lk+|z z<*)0v1UEXn_d_%9nut=CoA`7|?d{QvGnk5ZcN(r4g)uJp!NtOA+1VMc@aH`kurKUn zyA6H!hoSZTNjlBnW zaI%9dQ$2xOxyDikw$GHIy*s|3Ks}iAPL}tat}CTUgwpcP-T(%8eSE(m0m)fHzJvEK z4`Gr62X8-u!Kpv4cPAD@|M`UR|9#Cqqk*@0S0-`91XdoilQokuEN$@{b^oet7#^NS z3M$sk9q$;v&~mfLh(%BqjlK*o?yL$~_wh=#sy4J2>F3}Hj8&FYU}j!q&QW*baC-cK zNEx)#v^LLsK2#lUx-<~6FKj-I6@Xw2PD8^JScrp9GcK{vh?UZml{-#(o3q1v;~_Q^ zxhU`ZgqXF>4u{7hq*@U@B-4D7`P7#dlgDHx|7xqSz#Nz-aj<2(e(rvl0{MqyA&eAJaTY%8qve^n^KqiS zNBoRU^nVjaFhA=|!!Wl6Ef~pWqtcC`F#MfCUy?lT1~FQ_>YgQa>08htp=Rs9;~8$t z$Y2LkZbENin}(PPMIMrCM_YuF`EAYIL4xbI!kJ}dD6!olOn~EFO!Cc(F+V=Bv|I@k zznp;XdK-R(V9y2z+9FCrgcG%>*v)}EPq?U5pa2*K1&xF{AKRk;bxpe19ic}U;`u6h z1da5-pS7Stl&P$7gv)z3g|x0aBeZowfD&nOwAOK1tDx;JdQDKt%qfhy3MIdRZ^_>^ zH!TNug3^5yu?Xw?#f`k$wy;kLydzp3In`n6M71q5ea)y!efXg#V;&9pN*OoD_FGaM zDpSEoI>%{j=}^x!@a8SEnkm`Es(5Ugx;%F?@@~bR<&J>siVtnhSfQ&8E#}1rdhWBm z^VU1-u+3}cYdVMOD##egzJ7f?N+$yJsdIdF5~f83AsHcbTOTAbx=d2Xs;IP4!1*g? zL$nPB3z8O;o1tkM)zaw*=RHhn8l>gw+Xx*`s6kQUm|L30jkx+Pyo0IO@7q}fm8h8O ziWdmkaRF2m$=DgtQK*Bfjws(V4>;4brLm$G^Rh}4MA)hsTvJ$$3_hQf7JNRL#zbi@ z6cmN2&pWZ}CpP=eHrN<_Vy7d9$D_e%Ri}t{_;k!itJdciCUu^G4zJE&)Z~~*o+*2J zvfsvRu!&0+SJ|S;%EOn&EN*~P`-Ulf#cVQx)S@MuLwg6L&qTy3-O8TJYosLY{#GNB zlztA&t0sKQd6=gMqq-!AoA0@$ySifLbf$dq?RnLjjcv@T)+>OV-7yUq3P!1Ew$kVa zZ(x~P6)cH8!$lFMmGgeOQ($Tp}!(97{}+Y34b(gtB{Nua?8m@zL>+p8)VhjcS+7RCm~?>7Br| z7N4Eq;ZP9dl{x3GY7BHeFQoTP)k>~rV!#t#+$6%L7T5nKGiQ;28I)%CEZDo^amXkb z(qAkrISeM&Qc;C3gt@Ms103V~O1pFF=$ zvai2QIT@J(Xp}cC^*NZch=!(OQE8@~x-)_&5eq`4W%bzoMQW8aR))j1gzVk98RDQT zFdbLw2mE(2a_d~ugd@U6z``=QA{Zpg*J=FHFBR|*N3=K`EYV+IY^%1)OkF7g*M)|b z+ey%l+_A1ynRi5Fc50KCvuZq|-$!0xj@|z|E~*b-g7yfRx_uu}9K=gv+6MdTMQE<( z!LK_;0C&u5@#_SHY)VVapv^*uuhi2Z$D5@sCef;j{0*zp)I5yD=5WnOENXrc_@I8v z;s|kVi)yc|{}Z~DFj;y>SIZ?NB_jfj1ONqt5yh!0g~WZF%zrj>Usf0K`68TMg^A%T zx*mfn(}xzz_6ze-g;#NT5dUXv#sk|4*Mzeka{El17yv~^*V$hs9hRPaW^YqfVD`5y z{UFkUsr7oCLV3^4<7yM5uICSwJj(UU0t#;Tzk0E|6F>VXkmj&FAfa`u$T<~Ne^Q35 z=pdS-ZWNRk5 zyVLS3Bvt2>08A*haxD9i^wDEIgV|0|b7yLDst#AH@O&<%7rsXkq+CRdQ|!aRmhi3i z*g>i|Tiwb`6Az29rOQbNV?Rp28oC6pMj>Wesr0}yc?#Xn-Ho9N65<=XJGOPWg`eNB zWOrrC_SB|NBrj){6a}7!b12-VrMlr-uCimF3IrvH>N_>K1>`EZn{^G;M0hAAaSBi$ zRj+$y?C3K$J(y!lDbKXctVGGbHW+$b)+4p1`c`uQq5J8TXw&z-fyA=GD%>RI??s&E zKRK~C=B*M8V-oIgI`pb`R}Cb?Z=6y+{#jkPJLb7J0DEdyQDG@85)SqITxRvQG)zdxolmLE2grwl$u+Hg904S8P-sKI=v4=s|<&JIU$J4lhr^y?sV1Z&w zL)>Z4)?ROn%7A%j{*GHOZ)3{gHTZ5r?o8(SGJhnOG}d!E`&v+tTMg_%)6H{ZovEp98IeD{kyHU-WiCu6V~wh1jeU9ol(yd$~{BIDZB za+UycKwQ%|ceFB%!|4)%>ceFozVbtS3qcux@&uzssa1>Po`o)Jcc5ScMg*5yI+S@o z{wk1`-|2%=IXO{T-WZ6cw>@y=#`IE?7VQBK-G?*JA{Xm*{i8`A(M}v`h__(XsOfGuV#+AZHm}Vsd@{{SI{4^z{aXwm z!rK#@6Fs=JV^LstGt-*EtHrT3DHJHxaeXd32q<%JI5sh8NezFC5#R92aw1Vs{=8;H z=EY+Q(1Drc1hJ=!nw#SbWMxkC-}P1ucXiUYV(enUOFCD~^1JyKW|x`2r$NZn6?WBS z1>=H`M@AmyH)HC9_Qf`G^QdnN@mE6UaC5{WYP_1GzYw~}+8(U5Oz20F#g)vv(Zz|U zJ?N8cA!}7p5u2?==kU_UGSG~xZL&NygU#@~B$1>Z({5i0R%;ymD0gYeXC&Xq5=ik& z1%JQ^{pT!)ZZyV7c|}dLA@rxe4@>Phd5+!hhI_4!x&^Jc#qo^brakNEC1T)yvod#z zcd`jg+a!RFXaD+xjEtBBtO4C|O2GxX7E*6vV6x z+g@nzj_JjMkU9)|v2g=UHG(#C#0teB1XRPFZW)F|>R84Gr5zz992ls{3g_xOp!yA= zpBz3GSq{yL9nyMZ5fM-@70^Z7STf>Td0%l)!sMugbkj_oCj&@xQxfDsLWGKPcXdoj z$uycO+NVl|2$zA4$mJZsx5Uo-r?(Pknq9s6`r`-#1<<)cEO}LY#@g7qM5jw-FTLp@RohCJ{bSKef1j8?iPYbn|4&avM3Dk#-7a}GI+62@3-X(=z3&*Vl-j^Fqfc&<$n4~j})R1 zYyE(JyZv2)le%qRmKr-PKb~YRy=%nDDN0{OLEZE{fWr`(R{T6e!)crp7FGxCNi!!5 zcwjFw$wO*ZOfn*oWI*t%jyVCtJ6Xio7gK9pWt)1QC7j_!jAsFEf7dp{kiv=ugNhiy z5zuJ@*540UPQx7eSCOeun%?u5PKkv*no2c_gDK|1Ln83xU(Vf({l(h&757v! z?Zv>ovX`X!1goUmISDIi%JS?5vu}Gc*hmBeX;$T$WN0)@UR7Rl%{|dRNySzRYKMWw!{pcYZZbLy+219LOxuh zs8o$=-@7vWog}tdgc1bEW75H`?A;GIIYfdan*GEBWUPErwg+BhCg|8lXX<>-`~i*) zDY-9t+Y>;if5?jg8T9HN%JMxoZYJRplRr~YDE9@Z-zKMI!x8Hq`M7KhW8*RLB!;A? z0|6$3!XH6k&%{BvSH-w=4VuLO*~$s7L;YO@S6IZ4yJ$jAEMo85pBI&x6`I1MV*0+W zz#I)S5r&!dDvMmAp7Blp{o?jI!dUeTxwwf)-@2@-M}?$!HcV7w)8e62U1vlK7_wq# zG7Sc_P=;7VrOErUUr{}Qy7{Xm&2XKvg84Iuh=`)GOVY|Eki@XJ{7eUp`O?zSz|+K; z)bYUJpge{lq>8278BF?9lh-ypuBs=V;_Z zl{fe{rt>l0sbs{Qwz1Zwtb+@X4UsJTlOu4Hz1P`Xoj0;N@q&b^MrBJh@`s!-*BbP2 zY`89xSOTA_1m>0OR^E6&3RWxe+d3w6U+sqo@cI{Tccf^2l}s2fqJTWlMzkeMcuvn% zvcU9R&=hJ-qfdt2drthv(Hw*2Jc{wq_o{e@oRWpW6V(YP;CQ0veQ<`@AA$aq8Bc

sr0lO0+lp1WTY?@Y8AxS<D! z8FM`8q04PZI7qUqTv-lK(gkw~G*#kJ-Y*12ocZ3KJhi~vN$(`=elW!Kz~a>SoaeU)2@ zR3(Nt-(~NnOZV$glc*3736}g31*p6>_=ztPr+@;25VsEtrU;ZzH>BWlO_C-mY1F(Q zEdKQ_A|d>ebNCbDHOlq+O#zgq$CD1WnRf27@uoNEV_wY%4+XM7=E)3wh+fa)v2lsw#@wi`7GlXUD2(H)A|HNIw<}rY z&Kwros_LJkgBVLC@~p3wyT1hN{+&2)-`Oa>v&omMn7gc!J*cGKn}ak;J{aV|_WV&O z_BhoYeeL51E*-&&+~-Hg9Bqfy3zwoWdm?-GOrE(hA7|alCnAVo?ht*C8*l-W*ZnNY z3JGK`NHBo;;XhC#RD|Jpcur(tj77uJaM@g!Iz-IXS?JA*2<}3nor+W`=aU?9m zNZ}0ryT6Jl!c}u;k7ux?j~g-HEv@O;?79Z5@`s+^TYs_^f6Q3Ui~rd=62nU!-<&h6 zg}_THZq*WQme5jz(R8My(X9L<+Wpy1IQHCeHpP!Zk^l?de0a*%%4T;^=rlF0^YB|L z970^YF4EL#jS3&)=c^37MBG6X1AdOG1>0+P==lx7XgalentpWG^BFPQ=Kk$dci&|G zRE}b*IL&%rX&oqk)Qs^DGrsWCJ`V*58GIJr$je7pl$GIVW#m~SL=pMFTQPe1ru71n zNF>q>rP%CVKyt7KPZ~}ogw=gIgr%21w`{s5=jTW4sV1MxzBf}O+k_bZg}3wK_5@5( zAsfJnX#$G<48b&hh}`cyTDN#mAn8`aOMoP*PW0Y`#z(*jqjccH*ZuUZ2G4G}WFvj$ zb{DbOTMp4v{O07eIDZ9nKEcJDjlyyJRTGv$p~{m73RX}W|KSMF6DLvpwm=HYGnBe` zjO5{Zd|hiaGwW=xU;B7qxZyElxn$_rNragM^N?kX6Mm{*H-7zy4NNLDbUE6H28PQ(+kL7dvbAdjGsoNzwPK~ zbmsOCTSAv;6}PsD=)O(ieQ+8#Ll^M3ac~R_6$D{JcfOrrFc5}UE=d_TMk4v7hr7qG zmw(=(ZSWT=BBz|?<@yAUj0jME+kZG88KS&D3lS=^hZ2u2BU^_$8QpuSv7rbx245#6 z`(6>o9S5Ije7{(V)%F2E?qS~R|3(`uIF@zEHbm$lMvaP9&A*3C-q`OJj<_f|jH8|!i z09F@L0fymR$C%c;TM%#`qK*=k!I24_-}i235>X)n_Wl>&P4xZVLybHuwuYnm{CqIw zrCXPJ_eyVU$4+nJFie@o432X|x~@(J^)O_?={{;=x+~A@%9Tl}k4f2uW{$1Cf8fxC zal@fxDfwAq0SW$Gs_z_rnh#5#6~C5=FX?6wvW!%%RfQ>vW+9BKX8g;?DQx{iHqtQm z6O(VuAg-&&!m{1xexhRbIMLoDZRQ8G)0{cA=x&3rn)j2$%%|YOIeG3~Xe5m77uu!R!``q&f@}2gAhf zs*h~3IdNFfjKHCHPt+$&@bbBfU@iiX90@LT8QYa`2kce!2vP)8-a_BxZ%-V<;s6bA zo@0VM{U36lYuq3Ram%_}sL*kE`dVyKB#m4%XUy+;B`Q=J7OtiRmyneuf?o>fV~*g~ z@ouIHW@e_Egsg`jI3(h{&#KaiEG_$>xO6elxDiEgY{r9NT+g{Eh{P4$-4oVe()HEn zhN%u?ok}*ptyNIo`getbPNms$rkycV&FUKbJ&+AH)rL!3x=C%8k#}TYo+;`M0JTBE zpI|>NWjDoLmhh92+Lu!l4ML1iS~jw#O3u_PDL5Rf`Np%;`92CEf%twERWw9YLj#^j zM0jzL1WB=uAq1Sl0z==?5g6VCf~3P0y6~#;1dhnIAu7V)?I!#BClsR>4?EDV8C^{bC5{(gSL zRMw8P&$8!)nPGF`-~K&}+v#ZPwTJ=;Ao1VmF@h77)w2(ysTTK7E12l$deX8VATrZa z%hNx)V#SHE`|(ucv{I&=$7IsPNK>(G^F648f2u(_5{L5DaC{ydA9_02xk3jWSy%%| zC+~i6RiFi%sg7(WjoqrlQ~jm?yZ!Um<_}Gkgg<=$I&C8i++-(dE*#nhe|JtYg zdj-5cJ3GSg+9oV9oIEhn(@T>#LNr?>ZRU#f8m7e6g7r!vH$1}SO3~^MMXPu0#e3_L z8?2(DbPfLJ(j~8Ks#r+?C?CayR39Fb>`UC~L3uz9bBIk$4V6UGfG?A{bGPpw+QB+8 z(bvWAi~mXR_nw-~awdjkL_{(p%U&Nx$sf8{MUEYV-ztoZiwgeY9Y0aUrUZ%6p>@55 z={)cQ#Cj4&(V8@pldtWW+qDfDQIMdfsGf`uHGn1#LyxWS!KY+*cKFFSc1N0USFbN6 zRzkD`(g}#=q#t;C%5@(jw>P{g5w7CqMy9NpU1VbpmOm&aWdsiiCdSb;7KQ*&R%%*CEU3LPZDV97kIw?vPL_a{b(=Y&xPac#Wv$<@zM`}8B zIDO`YDT6q(0@E|tpt#H|>>dTHO+L1qhxb%WRf10Xz|D1ymscNjP0EN+j`w)iJ}>E?e+=Hzlmc%@u$dO=mv1*J0U;wd=6VtuTV8TZ^K-onj&@ z4m%AZ^@a{5`pZV|K1C3>G}SUO1!uJ}a+-m0Upi}_*dk4+O7EDgu6ov(9>&|VS$Fh% z;)gSBh;%5(u-8Nn0tIblX>VpQ%k0$VxVWV{$YL7Uf2lgb0DUVOF$R7SFaRaTypui!8jqF>Q7|IB+)kTb4ob>QE+o0G5tQ!_+>RnfNw6iJVyuj_9L zR~DX$3-Lu|;NC+?lxyAG9JzS&tfrQPmm42L7C48?Z~!NgArC}pD($WzsNi20>1bz0 z>?c{=z8;r`MU-_5ixyyGL()cGz8gYMlBBLEw`CM=fTXa=m~k=}NaE-pss&NK3mQ$% zHVrls#eG-8ki{8IB?pofdJdq%OK=JKmB2UsNwW!B&XRDY6*mdItaYxQUpoV&n>Wh` zjFyp6DfO(fsH-+0%$~X(st%#^A|W|>j?Zep79E#tqok9|O{5njug#si%D4f5Ts5!m zX=OXJx*|l+no6j~Sl?$OEk)W(ROw88>~Y@@IcvD^?bAo?$~?o#96V7Upshw}F)3W( z;6UxhOpj3OV64aMWTR&O80=8wG3?kb-UO%}gt%v87A%V(?)*bRfD^+NGoPYTW~Va4 zb(w#BOz~JWKp5l?s$yDKmvOugapsFzOcwu~5>;C%SkT>-5dI1`KZ%3w*Am;m?|dKe zOL=MCz|1+Wj|;cD(W8!fKIJ~alHF>Rx8PC zDoy@F`PU|B#hC2WqMEX}vK@UUN#ZY6>dv7gW%;Q_#M%gS%(>uK*v<)GW~ISu(6_hJ zn%l(imG4t~w`(pG6jZm5e-Azp5s|d4Y~IZK9d0*}*nl;CWNb_*U)6x#_l1KB1*Hp0 znDp%B&aKVk#P5}~s`|D|$o#JpdU!1=??}FggkBS~o7Y&1|6B%#!^(QU(iDisADWwA-cM>7f=n)*^j_QrQ>evxQ=(En@jgO zD52Uu=G*v*%k4|Gt4C4(J3XsK=}Q_PH9?5J%vFCV&J5k1*PB5KClP5-kRo3gre6Ow)9ml z91sf`vZGi=>Gbl7>~`X-Q!clA3mubq znY|Cp1NG^j<5<-*ZTAFk#Hzp6%jt?%+CS5kBkdaE z@IE&DiW@Av$F8tEI{QmthMgBSawJIESXw%e6w7e63!NjzVJ)nlNt9ntw?)7j|c`4C?X!QRuD zmNk1{25;m#C*z#{kippvJyRu6R8Gw-u#LYKui0cv>dmRpvdaDZS#=@C-bHujq>BBX zkgT0=%MAe$3GcF}^S!~=9d>9)yXf)-Z~<^UA2U3**krqln7f2uZX)*L0Zw;XX(!Rq znZ5`_n9kGl+THGnmi#UQP1*e}7=^O+1Bz_;diUO(TKPir(lG7dHxsw^b+n5rDv;kk z$=q}BJ;tu65>S$-S+PJsO^1GCWPQ|Veozb>1ix{m-iLMn^~S33!eV!8j8yp{gcO70 zmqGoeMpm%jyG;KpzFe;g0hry>MQh482D*c_kG>?C`h^-I-_JJjFD3cSi&@gj1PA)& z&Er&@_G|XnD^*zVf5k`NmoD-CM1?BdXRw8d4{FQZ5sBG3F8bcrQJ7{)Neo>E;FW|h z#H7Q=td}+wO|hMZRM*;w@SO`SS~3GWZvX*DL_~1?y4>Uf)6%+-lQ4q77EK8d^yN&72GPLo)co}K? z@ZGzk7KieTu$rLtd(i#`MB2}Ln^AzK`b_ao*qnXwxz1*{clr)kT*A3C3?6x3E~X^i zR*_3iRFOlNO({cy4yV{il;f+9Wt|R%Iat``YI%px1mP`__N+;NJkM;$Jly=Bk@5J-|AxCSyW4Qv+cI{D$T{v zh{LL|ouM-`{I0k!I`bi-m6@G38a(se6)!3#ogF^Sj!H{xjI9*{)-oem>3bT>7ht3x z9nLN7L!5W29o;1^>mErgF6DR&I67C^aa&&-JW^R#X zB+V{-w0uC?f@#D7YTfgT$9AEKp*@e3g)IX97Cl6@!}(sizKdHzMFUa@go)z>vIHzO z^)KaSw|!Px83Cx-H+Aw&W$b$Z*!22BN@Q_~{4Kq2OpK6WyJsnaH^PzHzg@iZ2&+ni zIlj?4e1OFgIZ+8bA0^<_9FW^=6}GxUXsWQGpBFz64_v=zH}$f;ne;lc0B9Jy*kFcO z;o-JNmv%vIc3<>qW!3EwfFtIAlhQ8$!lHQnEak}R~ zrqP;w#VIc51zwx=;eKvO%4z5DsmRdy084Ei??9%dfM}AJ|4l_h`R?QJ1Uz_R?g`CX zJ~5-GoTh;&b@41%y2>3eb|H+ck<*a}Hj);(VNW;m@NQ2RAXPpNx1i*ipT2yKjT8y+X4=qpKfM&F7}KtqTA;0%4$c}LrP<^`#hY22S48hk|Vab%XTaq_Rd zArd=&xXBwH&m2&WER)gh7*PAdVyNUeQZuTo`$3^*r#!<+|Cfd+y#>R(RYlrl><5lZ zK+0WRjU^buQLAq*6a&St5P^wVc_Nk%DPv--l5WqeauO5fCQpXedIyX==7cSM>2R_M zTYZ;~fI3?|4hvPyvMQyyRavPo2v#$=#kY`8yYWTgzEQ}e{|X$2^1@u|?5;rST(J*F zK30xd7{`!>sD}<69)m(sZ7K3yx&NRbT%YrfT2*%k+BPJG=b~nSfs?Om^mpaU)$y=A z+NSzr=RG{4{`Qy6^894E&G+e0S@$mqo7VJ=5OJavgTFA&d*mM2Fo@3f2|B`^$U7M& z`Mnt6oUB`9#FBWV=Mj|O?lk?P)}rH$!||q|>-Rwoli=j#9z2*n@LV5#ySidF9KBS( ztRwJ}lK3s-2!OYhBWZKFQ`O#^%v>7>G&?!!aV9R&)$FqWE8lX5J+tN^xqu#b)5~wM zNhQgoy?u=(UU+z6S!VUNlh7!(9t)~fiI3w5|uB_!leIX)i5 zA9o~b+dleJ^4q9j#+PYl`JIr@`M5aKNJ=*+P2<+x&0^WrY{iFm3``BDHfQJMWuEih zVg$)z{T-m_h(HRF>kQ^vmvc}7SKwFVV!xTC%2+-74!5u>G#J?%s{g$I3h^*kL(^)G z@K*X@W`$RJey%@nh`fH{>kvJRo5OYqqG;U+j2u_@1J}(KH?R2HJSMjMHExx$o+)jo z1*_W~DO+sd>yGU+=$pk`o1F!WxPOj1=W9t{&m)ZHef$wk15RXlarkiJ<#9Rg1j<$A z)M^v`PaA%q5gD8Ph14wDQOWCt)2PSm)8}jxZL>{XY*A>+;c-Ao_>GeML{kuMa`s!B zSl{RmBk%k~gI#8+I7+^1FMlC64Q7rt>Jhf|iD$SifK? zHh_fRKB}(Y=MSMqHuJYouAD!z#ipIjz-%>Xr{_{NcBfYeA{X@1Y&gU;^ZXXa3?8|T zUT8U-UemybKheLw1(6buaC^1I_ZaYJ(m4UCg-lM=DNdCuE@a&~jp;=N&ie`*4)X9fAW;8`;uj8R! zQMz5$>G1%)mX7u2Gt)t^%c3oql1wuwRf_q;@XDG3wNy*4Pg?g>1!I7@ynOurwvIPPZ0 zu$_NH3$TQaYF&^-wr~A`voeDEcO1JB+>k0u;`wh?!|-TFaeYLJ;u=k*yu45 zZg${m(ZcivsC9l@xVyUsTbDS_+Iog6lD)vJf$!0-CQZcFC327BS%wkE)t-GhX?8+g zj%+Rf=}nKvf3E1K7$LAaJt;|6nKvv^H6=Bj#D`#fCjoS{oa#i}-CrmOGW3)f#%Vyi zJO0~Q)r(=P`E_L3nge?|St`RJZL^A1bsXs|fHC53Y#CU5td2wAvs7_ z%a8#vhT|LiE+7pXF$-hI@2pVmuO~qXwT&11w2q+4xf)M^>YSOp9`%$dUn^z z-Hc3Qv5=_jpypqJ{NY@d0H+70be5Q?G!SUxzp0y=FP&jVp#Av$A zSQPw~!3?K>oCc((mg)_T)3{$ALdzAT9U3ShC|B1NoC<~t=71($Tf4kBVcvW%M~qEK zTO7NwrWgi}yPPF4@ct9}_J@xSQAyz)gaY3fG{K=NfsxYw$Rkvxag(_6{i7@R&6f7C{}cwAD?kWfze zx~;??#5G*S8RUfD7C!gRQ8{55Vo8hYSuu>wze^usJ(5JdQWJsft!qKB?%V%deHCWp zgx!8dtVAx@4&`(fvz{4MrbwGwyK*sTq7qP_FSmxEXmKZ9;GSCfjLSaGa?$sfxo6=L z^!mFcwl=yfpAwToloTNN{OTj#=aWvF17T-RVB?>fW`E_UOY$FDPOZJ+zTp=}m(m(R zwUwP@sNW?+P%vstV;Bfut|Vp7gYt<){GPodsp~Fwmh3s5x7q#8wy!WUVPkWm&5pW$ za^JX;kM11~V50r)m#GEby6shT4IbZ8&Lla^KH`XQE%fG5q%T3uP5+9)U7dhWFTPHl z$8af&isulB(ybP&Ts>u?Bnp;6IbRJLvn8u1&#rqaRtLc*<+*57qe#DIY)2XLl>X_} zH00=Hj6DO;*Hs&ipG4sM8e&xi_G+L1AF94FIW$F%NhPKo?ey{oO>mfG+kZbcte{1m&e z)xYi=bUveEa+PVpknnjI&fYI!5fW4L0Lbgf(yQ19mZPYhkW=RP}j;$|LTF2_gb>M*{EgmzIoF1gP0{TMWz#($#JXo_Z9JxcvH)*EkBD zj~l|Y&1%4Jx%UwD2Y#1SNNB)-fY{iRZuE2*GmdL``ech_!Fpx^IZDP-()Rramwr6T@K)W+6M0gOgYycQ^RHPJMQ8OQ8Mg@XH z#|jN!061uyu(}lF2SZrd*W|}Z@W@b*P%*!iERvSGWt^jvqOCsV8fcu3di{}BxRe7+ z#;fA|+NCgf`KgPYyc{sL{b`!u;I{`GUoes(zwh;j=EKh(Nz>mwmY9LyAZGY6ciSX- zL%gK>)C3z=R%%zWM?3M$7tBBdpJ}BiiEy%l6aX3CkE-_V8zYWSPp?31124>ePuyQr z;`@^yht(ns4$)A;-%7fc;b+5xqv0S?R&3$Pq4yOE(LP+NDwI+?{2cj*pYNapO3PJ&&kBcMW&sRVZj{v;;D zTeU=IAuCX}N%&DqO$zfECn;PYeEZ{vTo5XYKs#AjjFQ{SLp6Fp3i1pFA^Z8vJb*RRE0wM?~F(cgd z?zeYoqLyY~vJ9fkD~douLso7cibST;A}LVuMTo0~$bKyiG}F-Mv^Hv`oS5sN_Lnx1 zjN;g~5eT_NdVZ@|%wG)XbV$iv%w5{BL6%NLaRmqI1gSL?%??6Mb-i+m46#fRExP=D zdmT{@mr02EXj`Xa9qE(U-e@{2kV>2g9kE`>sE^u#QK5F;hQ)eOL$Z@KF6{WhWB3z7 z5)Gv@cgg1Bp$Q-!o=+iBA*xitrKnmUHZU_BtvI>)(q{shED@%oQ}h%j6c#jnGbV~U zmE}PBM^jm?F(VS+fHq@Uif%1TJ3bue{EY8`z=!LQGRuB^wJO(m8~rnMVghfg`^g3C zkwCJBb8odN=aAT$9G>>hn-I?mNjU}86js>*c=%DmbHZtFi*oG7u2&_&?0ZDskG!T1 zr3_0iEuQIl?Ic(KU86+2K~O45#?7M~MU*s9crt8bKOY}RP5T3ZHY=q=A1^t4j5Uyi z1jcuSd6R_Hg18NM&(6+?COy$-x2#MK^SC9hEt2@HN+WM}Aa~A^OB|U@k}Jk5>jgOe zL8hb!iTO{sR}i&HX7FSM?EO}-uvCm01waNd65KC55FXxI-Dk;(hA=V1#X8hp3J%%$ z;TG!SqYbyAstp+vI+FP-rI@o5Nd8m3IZ-V&Mmx5a=*mHYaG?Q|{Lx?JI>N&@D}AT* zBgGeAZ&pt2R9K8r8Iq7ZI=KYuADXwUf7A70st_bj>W7#JNwIV|HPMc>2(U*zWt*1+ zVb3&}`t#qMcjY_>&7pfqT-kI0nOu+hO|!g$Cc>QQ;WsfRQGbqSMy{aymSaM~l8*N5 z?gTG2-XD+_WEBN5jd5O9RW$`3o%2OdO6TviEnD#xqGn`S@RRF%-JQ=9GSmavPEYCLOJ)hUbtsr zKAO}KXr4V6*!1XZOl@7GBO^H{q-jh|F%n4SobJuZfd&0{h;eKkj6in08Cm16(4nb% ztJH?FKhr*l4m94SOj4VgP^`T8X5?BNtE__St_5j%Qyk5(ay7!PUV}1FFHHOLm;-tH zNwq1!x^c!Y+C+=)=|suZf^JIf%TSt^OoR+uTpPBiesKrmL5I= z)XRWr4-muHOUOr|fqWDNXlt68pHs?@ULFx$T1++C;&mU(GXe|W!jN?sDthocZ<$z_~RLw1mOVj6N%0rEJ#G!ZSZ%| zpvq9dK0^YbnY5{&9ipx|sa2@B4lkAVebo#P`{>EZ5(^zV+!Jg*mC$&#IE0DJDz#x)t#Y~l~+$tyJS@-n;^bS8| zqmz9-z+;LA5u#(~mX)Sl*`wYdA^ZdW*#A@mWfr9N`+wZjyPMA_8}z30{)pD9Ej$G3 zpX`ri84L}DQdba?ZYD`b&P%&C$Gm(vea$$rI!=?Q>NcE=4Gw}7d0eAHK}*R05@?NB zSLeM%8H!7gElL^5n-{N#=UJm~uBd=lnzWJ(EUEAV+Na~5TbKycnr+m~F0BMxUOO^x zPAzP(;)aAgN$_1UzFbww%?h-K%0PYjiAL-$=)_-?TN_;FFfO;S9tCgM(Cmp@bQ2dz8`AYe&}wM`DtP`k>tg5(gWrjXvc9I7k>wH+ ze!N8fH;`#q5M`@v;d}QB><>HGw)^`Xqmy#x^$np14+dE55oe>Lrgn{Kkte*A5E1&_$@OC36qh@}sG4xLc@fQJN(0PH^K?)0o4b?qlBs!~*Tb<( zO3SE=s-%P&l419JJkh8zx55GwA)e`NO2r$KlG({_u1jZS zNi5D;ROc}5em8!;VT;?JdX`T@7t|;Q?c}6kzK)+7Cr{aLFX7-GpL|RvG%07JPN5&9 z3b6C}3FJ#eB{K#`6~NWDN?l|%VGb0S7tQCFKR;LD{VGnx?UxB2W;~8th?F61np=VH zmLG-Dfaj9`PZbP1nuuLA6%`dRG*C^w1*Oqc<&RTBdb*5=FG0imrd*hblf@RiGie0r z!U14|1}PsE)uht2a1}KlwGR*8z662=XCQr_lA&KTlwu?+Qpb0Qdx7-F&p>@{AVAE- z$!jhgH6Ic}8I4VV`^?F5$>QitmxO^S1G!x)h0M~{oXjQ3wb3KN>k1II$*DF3Iaf)> zu()`K6l)^IL_#;~`}oXJ7hy_KW?5BHSQ3!9072!+z8sqy)nAM>tD_w>ohqViEQni% zJAeyhk@RzQLqhwNFlr)6*d$MwT2FMapDj0FgknO7aj>6cj5O!?%9-TMx*o+}$TKf3 z$=W9p`cAwJebwvOoUF)r8A_HUJW$ zIn}Mb!<(hVG|3d)PY(_^R?AcxkY5*nejT4-p5Kw5IQ4-FsSD>-9n3%l%bKSY{A7we z<%)eAYIb6Cf`emdaR^kbBcBat6wGQ&H9N7k#=VmmS#gWcQiwtpzOv{L%q)$2;BctO(e!n4cyPx!ga3bLI3Iqgwx9BIp`^MTL69LVtc+Af zBdvA+xMWU)AwqmPkZk+Ks-U~`jDBv<^klsJTHLnP-E_~L5;$waas<-5Rd7GxRxY62 zOdh)VLx`u-k(O9_HsS(YL2x85Rg=5daO^0K`Bs?$R3rjWupr*PaJw}jBKT-ZGtiUG zR+3`;l$sc!U>X*6?96&8MxxY2+{ZRehzFHU*~YiuSbxQWC~Sw9s^w#@l%L(=l3uG0 zI+I?Uajpow=yftlWF1wIC+lF&S}oRDlcbUwSrzT(i}`6f>{soa;0T!{kg(9Iwed`} z1d>O$JRfv$cDWfKm7@iz@QLX~X8deL9>&F(c?mt%iry)cd^A>qE%b6upyVraum;9r zWb-~#b24zF5k5(zTM}svsVj+v(h+JVhB#8o={bK@SjR^1ceMGh=950~y<_|R0$XLL zM&32E=ehrqT&Olq%_cmy+L(yvHjH5Ob$_Nj2fIn=oqS5(?ocTusJqzzCfh&80=d}f z`STUMFzf@pq=iqgD}FlRc}Id4D~rE}>u-xrO`m3l5%b8%2uxB^k|q0R=PZ*nnt4N7 zXD2_1Y~t%4_FG6vVBauF4bshffNvah_cie<{->Gj?I~-&;)gD-xC8$*(Qwb5QU7Os zghU`c(@S_cWD2EjtCvM`NzXL_jrU-$@0v@&xj1Zg6gcLV-(iKW>a`aA%f?lsxcz7q16!_sbzu}mCF>&gB7RSS$gnH|RQ zEkQRVlel7X zNXG;B^C=1se3zap@)MS+c0+e8$M28{7rs|-TYjsI*xar&VO-N&%C$`iS>3U^kWf4G zFVn~N=a??TcxuecYl^qJnrUT6M0TvV%%Ru=kq=n>Gxzjl+my}Q^5r|no-@7oA}=QP z^lTl5Y%!=tvg2~52g7V(< ze=uMQHVH!z-hEY=n@!OFAR?{cj5FnxYg9itrBoX7ZR|SWN2Ke$%DFlwepHXE#0Qt%Z1Ct!n0E9|NHSZdx~8D!3x7W zfyL%-@ulZ>h;DxvDq#_e6^%=tunISd<#+m4-$yWgafNlNZrt7znp5;OHDv&G?1 zkDq2zij8^TB6Lx~q7rDkK;;TI0gp%d-zX zY=rOJj9KKH**nQpa=<9nV9E}goa0+FHbmH!jR|2LTL{A7)< zRUe)!y*G+&xO+@RJZuG~eK}C6Q(SD1^Sx+Cfl}lckO5iG@13s0I7>KXtZ4kjc{Q%A zd2omQMB1gqxE|oNyDzPf?U_o@0+Ecc<7ml7fAua#0V*_t{Jq;pR-Y>jRv0d&*8SY8|i=7dFfSf;AzvTMXB{eTl(8<((!v;?N1W0@68PDdK@vy&QAodN$Z zJ?AWMQZ&`pcN`>iq;1(*N@$TM?EY`TMYXZy(;r_xcQUMgE^L@EME;ZR{rA(S`Mst& zibQ9^NkS|DMh^d@CUC3wmZ^L6^Ql+pDu*#lnZoq;tfI!wG=F+CO4ScjHZ%*TfyhsV z!0Uni4jhBfD=C)vjU(W$q)3YamjCAF@>Z)n;R$kmn9`a37+C6mI(@`jBWYKAHOHlB zjFNu@JhyCm+|Fguif9-hgP@h=v``QjF!cRYq(NmLz~mnx?)1ltnF?PM>J@sQ3^2E( zANcXBCuGI1S z9N@e^Vd!6LMJNnA)M{$ian&*rCivyOY2Ew;c-%8*oFD&3ayD};dOL9EcLST zEt0kO8;US~kiqS!T^svGZx$+M9KX)UFh%Uj%2_lTa3NsOBlw?S&BgU1(tK<*KmwKB zTJS853Tj#F>Unl>t?^@kYkmK$sycx);*3lkWii zxuf>wOEh4}PJ5yd%mrRB7>5o?cB1$UHNSMmR$7JX<(GEMkkR4~2d@yR=w!$!G_of{ zHknlS5T^8O{D7gyt?UDjkLAxWAXG{WF*%#>r_VM}>7IN0{lNu?oXkY+Tgkldj?dhba!BS$a+h$!IR@Y0{801uEds<%A6vN7K3C^*MpT01F~lnt^FCH0m#DoydDHWU zz3A6(BK}S^C*K+r{O0O$`x!Ux+{U^zQKWmz|9;?9nIkO%Vk{5YW;D!UK8Go7BJP%7l`SkO=6*b4U9y@;Zth;-iL%$v)x zR>L#~o}TzRJR&}enD$&TNtr~`aMpJ^93!Z_pz@Z@jWB|o-s>dAJr)M%dlABlH56kY z5)<)y$k%vHD(adlb4xXlOrqKp(Zh_kOT=0%4H>P#I+0HrbVFryON#P*i-@bb_{X*6 zO4i4ZQBtGYfuwAcLkKo$ovc4ERo?k5c%Wz?N`370+_nAy4C@}@-wkR9;pD`K)?%_{ zOOg}(Kf6ut?Bf!VK^r1*AA7>;yKTJ zi6WQRW2i7S+x)h5ZQ;c(IayV&a)N&di;IxS^9r_A4zJeYlW;#u;J4#-Q~4?6^GHZE z>_+tR$;ZaGUJFm}eF-KE27v2Tkoj3^F0Ii3z{d1A91<$o+|c{Ap-0#3;EcZRl*wHO z9IvyLoV3R9aWG;c5x(2gVQlhp{JTU$#W-xnNXQul9iCg6jj#B06uoIVSF3lXPY;xj04avcB~rPFki@-A;)_c zc8T)qs()_aM>E`5M{(O>1e5b+x;VF)kR)f1R6*K!Nw#MoC||o$=Ou(bWh(QFf!yPH z(w2I(z;e~v89v43@El(XDPaEZL_Kpf7iFo$AO$HRG8^~ecq~K{efK*X|8qn#JJE*t zo-2377-))F{k=(7Z^hjfHr56Z{Mfh9M&;^@-Q?VOhc+LQlmJZC=MI-Rv*(ry_oxI9y3Bu6zHDd-pB=HhDPhCfRX&?M=2o zO+^cQJW_U)X7jh?SbgbwPqIK35z*5CI=`!|Um8yAXKcy{;0%U^oeOH{ykBUkRAb9gLrYa&~$-qGrs8 zXKQ~5_Kx}u&+N*2J*md+o$&Xiun9c9(t6ozl8bu?PL&Y(d{?^lf8bCoumrNRH=;HI zzUnAC=WFl9h7nOLuTNj>WdZi9N?J>Qs<&(iJFS_KYpt>KarN}6z2OO7kA_LrPqJWV z<~R^I0vyK$a{ku6rYLzlQ9~rgaa3q1$M+HF&T5&1UaWhD&-P~gXZ`8Pn+kLHom=v|C%h2ha8rKm7riD3MaQ$793BZ zL_ZEE<=Lec4MLY=cZ=7!fx%4>4A&F!-UX!M+1)p}wp5&XR-yL`^+mIR2T+TtEtrhS zIKy}tE*Y*$Xldav)*#oc=XYCVzHxY!#A@Fud0QEG*rtA0u*`WYfjfZSlp_LjTqXi3u8^88t9{AX zHdd`~!+2y1M(>wdz9l-Lt3pTH>j${6v67aGm~Kc2(ts!8!^N7+_7w?Gv@TdF{62Wc zbqe*uja2t*f{IXv!RDanC$qCP-q*LDA{V$o5ndvJIREdhY5-h@g}J&*{f1!H$*`))54T*i7cDBbD( zz0C*(9$r*KnxQKuu4cM7(Nrx1(X1M?zme4V>HxH@VAw3Ll+*OsWLutHbeKl=dx*S$ zMin9<2W=E$%jUqK7(cKPT09|@$-ANe7b~>7ppE~I4M7=doKNil7Xa!Lr4x(D!l60L*iJ5D?eVi_ zcIk)gVA`mKv310eIa*d~zyzu-_;oM33xF^*3LgBYs5Fp9kxnYhwFPhPSe z>o+mN5Aq)yN7A%w7-KiPEFxdPzaYXhH-gQp`lGQ$hTpW*6?BF!HFH|8d(YBC^a!!% zjA5q9c6+3B`NYjEtqom^9$tf#6H?E1HbT7f8)T)EDUUgKX=LVkx*f3Xs;V+K15%BA z$ka2qs4dE{mnw1%C zyEaWw++38E4x}ozIT=(s!@y!Nu5SuV{}2xCI4#3V?P~-Cet@m5i$N6=^<5%^+k-Uh zOL^Oq4w^Oa6o?DBjtZD(MJ>&-0!Z$bVkn~0W{Ip%){ZP~iYzRnbD@Mk2R}rpkA@w- zIeYUq+*5I{&WQM&qfT))=1Ozgx+j-CD9}zd&&_&g_b&oL(ZKkurf{QImaz&QE1Qnr zbuTn27=?Mk;1kb5THmoe_cBwx!@ns(o1VF-HgYbp@!m?zR7n&k?7}!*&ET%B@lkIF zgwC#_NPYFs2poo+Th@}){Ddh+;N+8wZJwDC=*uhv@@AH*0v9xvSy3C~t56L#-@s!E z$QIBbcZTw8S88`0m_8g&t6B_(t6>7K4368U1_mJK=jTUmIsyz$w6T!Ff>Kj)OtnSS zx2vh^N%Th9+4Z^siDUx7JO!g8lK{T0Fe^MQPGl=9mXXld-3UrL^5nouNF7=Q$Jq*b6XZg{0QHU!|m`dk^)V@RdwKbhwRNEi;>2 z5D8HHo}XXI&PmD)Skd|{1$`1jn~`jB!Q;s#CeJYvQVgYqHu}D^0 zQJR!~MbU1W+rC5G#*R>$?sE6wjJmLv+j$RAu1HwY=9k!c?@>o9K%l=|XKOIWmYCp{ z6<&yu=&K;7DtSE=pN1y-b2-1Oj);ab>gPyEpIm*AIFA(qXI62wRp8wmn)6(ul%fK~ zl(BR58~aBsWIZ+mB{@Uv)fF{H02iVirFcsvm2Ga?y!!c5{mtm;7=U7H>i2JIC+XFv z%;ombA`oih<8wWlDH`VTOmi1T*@~f_XN2inWL{LCQZ%sq6H)VyI=bA!7Dxg^{Eax5 z^&E5pa_2U&R~Q=AYEH-Dd=SDY!P`ksIGB*26J(w+rYK#9$@Z;Hkk5GvB8k)kUHyFqk^3l?ALh+QX8#--eCvJijQ`l2pSNZ=oDEM(WhS*3N zE)g}ir6g#F2T|PH28>*qS%CNV%oF|G`rF6aqcS-8??2y&=fCVl3XVh~(s4@w{RsV3 zg>4=eX!Li z&GN+d+eY0KPtC-@{`7;5RoeVHEVgye z$dp-*{Wj8Y#6h^Z)tTVGQGJP~rlTe%wHZ7;S*0t?7^1-38stTE*;F1G*+;NqzLd&n z0D(&Q^{gO52ELzjDh*xqU89(7XsAgGdL}_(nGM(~zM_r_y?qHN{ZB_2^d+(0IsCp{ zOA4|i)XF}+?-V9?q?2V0FuDRWyFUr9dxbi1uRmBW zD(zZ%!-=O*LdTU;lLgH=AvsGrwVXtjl3XA0PVNX$Scrb^W)xvuCxlaMm4Eu;;Fo2L zgA;l!cqjFr7i*{gG!&`URGgG~ZDh1v+WzzG&??|vGqd`bG(eR1WCO-0;GNunhfR1X zUu{UoCw%p&$ZeaAUln&$_47(SpSStCX4@~Mqx3e6~OA`}fOnIg1Z^ys5RD6m9KV}W42n4=qU!w(f_zzUqaezddg(h7W zW#6uj&AZ=%9A>U|g=)(-2h;x+RkrbD{{XJ9=x#z6hbDGr3VFZTx5vGOYQ{C@uhE;x zUhGA5j44f!6o=OdUdhc5oZcrUCI-^?ydD)=rE?RIwPOA2ty1idz+{y%+A9=U{zx4% zU9={hgf4sjoq!VbIyD($JUb|w-}8O337CFKW$b>vhktsH?=hyB+ahd4R$$fC3_?|w zQr4hNyhN(kJXW)NXJPtzxikAZrX&~hoi019`$}BKcYCKK4B2_x4)@IaLQ~FSV_G$* z2i?sc$*nn=Sl|_}H(&8;ACF1svxK<*TuG3k!N(F&cd(`VLHiAJT1D9j!zM2}#LUvt zn8x?)M+eWg+^}tu=Yb4Q^UsM#ACn{zfY9Lwb8LRkqiT{`kdtRX`Vq1 zVPlvOd1LgVV1DC%09z~Lud#(xf2S+Z76g{1a;KqSZy63FgkFG^V~5Wt#YvUkZ{t6? z@t!_);Ce6ih0YF_=H& z)J4=zY)zOJM|QZBE{o)1X`;51whxYS5cDK2%A8IKg5bC`BZ%a3i1+iH z#=uD`u6Vp-Q${j^s0bR%c^8HdfY+Z z%$5^VTcfr^ZK%ULb&ex6eadkKPNn_9|HhB9Y1l)>fa`~3dY{@CRS{)7DUci5`KAt# zgSU-D94t0!SXDB`l|!G$RWR{J+L4K0t7a@ljQKG%|5H~urK&w@A=NU4{|2&ax^t|h zM}7J|PH1$k(^JkV=^eVCU7m&Z-?_vwsMQ#PUfM19-tdp>I80Q^b_^dNNxL)pU`524?1B@w*W7}D_aF@2q&$CczF9O!59 ze45jxaGmoRPlbkGR#_?0LQhXG=NHQp5Fc-!Ps_~9A#LOy8Jof=QDSNeML#~k%;73e z#!p62g4eqS-SeAJTVaT@WJZ)ytmZHNw&CCsu`ehsWepFt{mhzB|AWyP66)XCdZ)Zy z7=j))%v#B)5;#D9#_OH)6DRl6^&G;3{(tTg$&~-`3ET7cd zD=atPY4T1j-i&j3X*_ckpMe%+nkH2r7||ZrB3F4hnXKA3*U` zn$x3sf0a-1V!WQdyhsTE!J#X6(?nxZgQ%YUOAV8Tz^0PJG- zh(*iEQd9|!$%~cXr8J#W&4-bL4p&exwQq&)VMr{*L6+jQJwRYUL`0BJ8?Z1X<0fVvqc_!9)#q{K9pgO%+ z3L5S#BxVsvQQoCKUL|)Z_D!(_5*)a^QX~x5KvKd{^I_v8n6E*p^qpIjz!SV)B^X&1 zQ2opb2JZX}%vTOMz?nOAIe5A`$+~H@63k@d7S3=Y1_2VjH*>hX4hRu;Z2lk%s)mBK z;;obgRXRg5Ri!G#CHVnZ z$6C6ppJ_rNo&2Uu$gKu7z5x4GG~fFV2jIWZI2bu+9HJ7RT^t1fi@*^48A;VU6Nm#Z zq!k((px`qeibmP{{j)xY;ZEs$6djcQhRAZ@?X>i*9aQwQJ5!gS>uM}Rk`nW`qZk2F zf?{{~kwJe2&9C&r^l&&JP zbcz-J$j9h!#r_YpFHd!VsG0u{n1hApWB^W&$tz+3n7Top`271`txQlDsY8 zr}8fxdZhTLH(Q#Aui%}Y#)(}FYzs(VVUL%MRB|C%jNwk_H#am<6PubLp z{^!nMu74IB!HRB0>E1yr8(QbuP%zp6a5P6o`M-Csl8a%1d zLOI1&bX*D<9jNi~HQVL+ZA7Rh!$2KK(RKyB+S9(x81T2#xhu0}k7TuA7wBD1{nL9c zKmr>%Odm%}k$<|w1df*9 zp)LIBoXUu9ZX>AQp_R;n>KMJm4i|fl{Rk^&v5gb8W$x+2vSihk#n%HBXKl=Z)99h) zadnrzd~q8d*rVAM>zl}Uqqy?Mt6$-O@2+L!8~&$X^|aJ3d_p0xi={>lhutnLYEU{GCwu*<9_Fkh7huuo+i=Q^Dcdd<0O8!W}k$2L1}rmmHsgH1ypSo~z>I?0Unq z>%ZQ(J_^Dp^7<0BMxL?aR~|DEh-phNf3V#1%)tRo|MR+6m!a#ss69L%9_s1a zwGaN%ki4<5sX?e_)FC+ha~zf^6v|GmOMz8v)Zh_J9G1J z_&33y=bTUY!;(E}>GZwJkDH!`isAk_f;5I{Az2Twi65%`_g%#EWJO9UDI?jR-sz&} z{%={sE8RUAiMkHt)7F2RCWl$>aI@e4_FQ>K$r*d|H;+%*-CvYEZ?R>BYjsBZN?b~msv3h`5QCALQ!B?aIZY%D7x4$kTH^n?cdSEVIQJk9RcSn zbQ4^-oKMFrAMDqJ9cFTEKIv>}iHiy=gSFy9E*=sxvV}D?7}G`tz3JR~4?Bv2Rdd!s@g{xS=j}!^v7cMq zUx+?-;ilm__KFO@zZRAim;KF_cyJi`^_ou8`lq8VW=h*D{q=EMV{nGBU5EbtD}_Ha zo$I&*7>K+4I0SzSdZrh53zEHhIM#~}As`zgKGX(`jTW>FqN1z*Ztu7>mrwT=C&o~u zAH)|LefdjK%O7>ni?z~@5@EJsf6%b?=nD1lV_rST_Y(0 zx~0-Eu*9Ely`@FTyCY88EAm10o_*6m>a^FN^JDgxw$G~nuY-MHu=D72L|(T##m1gd z;ST-cd(=~gP!}SX63)fpuVH*xEGqPbrf3e2t?6{rRJ#ve!Y=Yk1!+Ix>7W0+<^r22 zUs5*hhuP%;(xy%D#I~SyF15+Y>tBgO*O|!*Vk6vmOfxE`hZgLrR+|1nA$oqIG!9rj z9bZ{sEiqY2Hw`xPgk`fu{|#a z*lm^=#fjlafPqknwh$1h@VhZrXvN@9!p)?zMmU_l*;<|Ob|GQwPNkGdY?R8{;`G`- zW9wSu@2{*T&+RgPT~zQ**jWKvEJnF>`|@><6FNbYoI3+Ao7L(6lRwt`-7|>;_*)!+x9q5F!(3FK#RU%I=i8Y-j3Js+!HkiTowXnJEjXT_=hG>Q?BN!3FRy)jnLpinB~5)!a@Zdef=InG{?*U8&*EMpsIL3B1v8Q zsJvCFqLU~WnH=NGFLiOU_*CiSO@#@NrNp@_z;$?^22M>XxttI*(4nOY1_XD*U`OmA zc|-Vv=b_}*^3RVmDPEdd{!J2lS}(mICV5bM8*IgUCZVs@s9|V47v1;=)^iLqq8rMoLb^ds= zIvXb*Du7OdhlF9+Pdw2<5skJ6%~!sq;XI%ipPnkCdNxyzf72-1I~#9-OOKz1+NRP~ z%*P6a?Jsb)v?2-$1Q3t#`q^NHQ4l(GEHKz2(YB@Fm@<^52YH;m_K&Ehu!56#0t$8* zB*x}5PV>#-^MlY^YTcFVoXI9ho3yO-fEfe^Rb50`D<&9Uoz-=#`b=HYpGNM+=k4bg zE`JHF-u|By9nuCLIQaR{Pul_an!fLRLIw6SV465qX``O!4t^ze_Q=+yS%&X>%g={| z=Nq@bH=k_LvQu4m$q$x!#y6f&JpRVs^k4c0ecn!gii0+`y2zHpFUZ-;<{bP|{0vl3 zM2!<_Otsto#QVIhFa(abX~cK>?!zmhEZxv=KfS2(w=|(aj2LK+nI0PWceUY3n&4R} z+Y=~5@n2t~#lG#*e7pqsB~c!#WViCb%kf3fSb1W7?IlBJ4Tr}*tpNpKeN&~j-wwE# z{F)xB9Q;nbAH+eR$I{&VYd`ars&|!{c4;|c3*Q;u!x+T| z_>cD;)9yyr8$!c_WjRj4&C$^%+;|H6u`?NuiT~9Czye<_=C2K8wAsr9>O=Mz<~=jv z%2ACblKUhSb6~|rIuR0tY3b6mMAbsD{6erQG?p_LGeiL_hT4;p3i%a-Hu(D(M;R0S=yXafN<7qmNg%j&_kMXjFmAg!_O?PyjHrt`Izj-`?N$EI4E1HgX3gsOm z%GK?7#;GEnZ&A;w$g5=#9e~^u%$k?-cDfr{s zeGEnc^}0TgCMl#HMOp{MFZ6f#X8wO`Y6H%UcdI5}Y2A@}MSF6qBH__>18 z4*|7PD7G?#5S6s)|M5P6(^Hn2%7j{zRyfG>Wa>1q&WV}!Q{HqgBPaPvqDz^+_u>Kd z)c@8dcw2m8ZvAPzs3(B0g6J)2y9f0jWZWA1Pqe&`zQzlKQ1}g{uOLymU15?s`|1x{&-vIZOLBv1s+Ggrd?P*k0 zIyG_dp}g#w7B$lKUgfJgF8vV!(wr6Rb~k__T2I?kfYaa65L_|krF!b)-}T$pkAFh@ zo`wL)70;cdvNv{{%)==~B_RR;cTtd){${-|_W0YX85-GnrL@Z}_Gv*IkLdoxe-aLk z=l?PN7_&@ztH~vP`}|ihwsCrv9WAql(KA^ZZJ-rXqqtQo<*fbWJRlXJF$cJkGBme< z1B2xBh;@xR8k%D7uNWmfmy>?6X z6Mp+h5vXDnBH9aHOZ6!wqE@r${h|F`u$mEFDpJz{DU5wvKu}thavqn`Aq)t^`0T6g?ey^hiu(f&IAR{qoWyUR&h_lsVQ_8+^D(AT(8 z*JYQEyNyl?gnV+wZ#Q({m9qyxf{XaJy<)ko@uH%SCrV0{3sd>E80}@v)mr2JZG*R+ zC0&QESbbE;oi4Z#5v`Q_?4@3CC5-1tmBqj-h0qQgSg~SK4uayooXMoPjbO#(-t@m` z-BkqK+Jmi_!V-PHZbKI*&JSmNV*TG0tliOK|Da%EHr*k*I^WC)@`4-GClxTl6Pfn) z0mEgZO>=vaGSwgJ*=Yj1%Rx5@$@!fkIJH@|PD(TCl@?Z2rOit!pu)vbuq*W+WJ#tb z7D&fEnoJ@&Ru`xBc4Hx(@l9Q2X51}Mn|{N$Hy@u8&?~j+&8|(g{G|Yt$7HCAQEPTZ zPl)%oa{5#DLn8DXccZO2x-io;o%RtJr6W_?6FYR^O{@D7J}pPSpg$RF=fiEd8A6aD zk-5Bk*3DqM?GfEe!zay?=J_sgwo)I&)+CRTrqHPgg+PMlkAhT>p?Cs@*_WWj()2+_EZ4dNg}H+1Ih9>1`DgFx(j`#&>(@}4gnf>cXxNU;rsi~RL!G#1yj`z`abBc+o$@T z+Gp>zKI@2fY~HOPlrAxsK-6Is(d|@7Mq?ObQ}*y7J8j(~)ap;gFITI8vhA?u2`&Y7 zOX5{=Y{U72^tM&_$cP!74dX$&bK-`x@hGa}o*t<&!(jR= z_sLRqP-L-+4+EhDpV*A1`UE$Z#O|*gE`+jowZGRGB}1i$s^aY>?2Sh9%NI*^8v92mt(9#S0LY&? znQD{S3SV0FwL9X7a%*b(@;6qHBHcp6F~%PlXcJTQ*b|Q!aXOof6rVy1x*vy(#v@K| z2cSDrU_UI`6c$y&-qT|3cYL~WjbGA*Nd%ivUoywYOwK!;j-;6reRyn$j(Xs4A_(HVBvnwl$>Wf1=bPzQVIZS~W*24e3XQ5B<;89H>lAcma0Q!yK;l7Pc^4L+Y z-S?ro8osJDoC+y;zmrt!lr{mP`Z(bi-8T?iSEnK7g_y-MF1%XU(Yg{1-odr5;t<+i zBTmcGs+NGWn4_F>~1&FqVS4(_B(#7uyzc>2lJM#Pn$KZ=-1*#J)n3(#R zJCq4M*K9RQuZR%^x)s02^$g@)zFoQ_LURf>`2 zb6qJ5n(eBB)b)quPY^}nfN_(P(sUK)7*wp~dy@b_+){)8kP(Cww*3BO0Q z@vyj!$qa76+IEh{$wEU`S*3A)V$H?Uug*zv2qP&wm?+(d zZ3D2jUs!U-=Y2<7*x(ttknPgFqhn)}6*2xzbVw|qX#A$yeK|_~mIzR2o{+Rr(0NAR zdQVbVDJ#H+jq}vZ@hzC+&YP zzf*lHqt#B%=+pboKYm(CVK2)rnSqAZd53g6&B1VJ4WOk-sOL*!YtOQ4Roc*LOZ-4i zWG^&Eb;N^?4@pUEuaXS)6q3ceNpZ#HoIaH{dqTWPZ`4WmL?rQBc)EvKJBQ57$RvB4 zZ*tbU#>yz;ix)1JYDtdc8T2wmdM8))2oMY|-R{&+cIwpx&G2!Pu(^90v>G_f{+XHb zD|NP!OAncB-SQZ$d&8a9BpF{r;!~3qoTPXTBQS5WSG$U*eRpthlSuh{=d>E8$lG2{ z2xq_^IhO9c@tK{$IHh6uhO0^w$yUHeU?)GPh^Qtbc1+l!p+HZK>v6hLA ziLfU$Hi3Qlp6xWwk_7T{>|By&L+(}~zuUQ>+&?6ztJ}0i*J5x*kvsvPXL`?Vfrlxl zjAASuv-@Px2GT!5GHE#*4q3wH!hSD=STyQh^BT8P4md_Prv^iKf4VI2;+VP_5koGt z-&K%*!KA`33Y$>URyTJ0F0*CpT<=Ts7xvFMmdy+IPvu;oP=X2pF;D66+3)jMWH#pa zlbT|E^a5b-KsTn;I*3&ZBf6RaZ+KDM-_u2~ll_#mu^URsoo$gd+RYnd?z&&(fMn5^ z$aM4jF-0y#y+3Gt#hy~ zW`#~8S@||fm`&*4V(-P;eH83}{~mK*e1>IBoRAQ*ewz$e(~fLP83-?k&P8gNNiC*p z2o{zUCdMa&?smIyC!9{8q@M*Vbaeuj?J-eMYW?@wqi3+@zKm~mcaheOWuVO1nrh9m z@%Pd|o>zjU1Q>)}qmAFi1a2)$5ATCI)0oHKLWR7sN-tIFvibidgsS*N=m2Po5;Jn- zZKFpHd%l&DHUtoYNXrWy_F{xWyvAw|f3P-}YbKJJ(-{$Qk$8o)Gef81;3rYkeFC=}2Yb#N0U~mv(NxuEB()VUeRI8V^K?5!E zo4P`%d-NYxJIn6i>b{__uTz+9gpU%zM2kLuuZG6CzK2qdigsPOnl*VZ_|;({M~o$9 zJ@!^Is$QpxoLe`5ZNnz$tJ>OfB7Xa%nn`m27kVljcmHmWh>*6T=TPi?)D#JFKDsQ; zgOhb+>;0E##N}EnG$UxDuQhg0W3|^3@KJM>)WSYLSHs3QX6FChacY>QR?;#Lg%qLx zy}uP7f#Cf8A`IQr)TB@6`F%bCpQrD`iqCd~(eKvrZw#4p2j6^3yE?7Fjx$)YBr!E! zLf4+9dXq&LM6&r~lmf#@+r8Fh*9*(m&Q@46j-k_)UZcTVRzZ%2mOo~Ofb|u%e{r2p zc5ulRFx7o0&V3Ntm28;ra_Y79Ddz;J7bEyJ@Fv+q)#*wm`es7QInz{Q6)OFW5=35Z zB9&+be8I|Mgc}@FkUr+`8RPWDsr;rC+YZjz)j)C8s($sM_8itqz^TNT5_dSL)#{C6#QxD z>gVR%tt$TWt+(W86G5!xgjZBPL?1cy>+Xb&uv|+u(`aJ$mP#C(_EG4wp${doy)Gya-Y1au z4yArtmse5I6y~!r(sq{$5GZ{}ZVt&H*l4IuvLG?@Q?-j9TGTJR|6^ zBXQeMnGZXds7RsgR&_)QoD0q2TEa*w#Jq$Tk0FwMs3s|^qkht444?||85#~#Wd$)f zCw8o<=n`cTSP`3?z8dB|OxZIhCgo4!;bZMPa+uX_Bf3w{`{a@(J`VMnkcfO0v^}(j z3=B|k@T8?QRuoTIPOdM=%byd_AVwgcjykpEht_c$7TQ_^;>VSr$F0c_;`2h2w6q~* zZM_)mlCPCyv|Qo(O<9_P>}Ird1mzgg-Qkh60WL6$I|1 z)-9iiU`R>LD!p+2IMVHB!F?#%WCEeRY~T+%TA`F|KMl{Vc5nS;`+53NfC7k3TyZhB;w(O40Kuhno z3WINAP85lu^Y?6}LHR%#rk0RzQAqIvMV(LPUM=1SrIkgd6QTfMlJDsaN+^3`S`@1@ z`|&(8^(d-14>6iX7YA1xA1c&Ri(@BrjLgj4JA2d9%4E`$kDcDIqQl3$g!? z-re}GKJnN4@PuG83!gcqZ{L~aj&$t}I&cPx+N(eJvi;kp7VPUi9J;Y)LZ=?7WSo68 z!(JIR0p96HeBGtj8ikCEp*Z4*L=W&yp_d8<>|n%1|a*hDB?!&6-cVaTfm5=O)oRSzPu zA7(&k<7)X>lMw2$XK_RG6&))ZLL`shh2@-j^60ZV_WebVWe}>Ev%9B!QdxCT&Jg|n zn#QwJJelkRSZN5^PXydzH`k1%PSvh&(@3h5Q~&&;;0=3Freozo=Ui9@8DZH1PFn5Oa+y!@GGe#D%wiqWlLGsUNrQqR-b600L53_Q50 z87Sr+qPH#8oo4H$r_HXI-i3=G_F*Fj{7v)w#Qjj@R?x)EA51(r1+)nuiHR-8=Q!4& z?5z1j@R?adK~m-z=G=OwsFxm<+?$CB^-3LsTQ*}r)Yc9C9a)vxZ-?Z`MOhSvBjy5N z&8obU9Fk)$Nlj8dzt71RML}bU1(X+!vLOIk<2WeXw!^X_c8y$1?KHO9tW*6z&Q zLeqsl>G?E+S(OrWh<@v$d+z&l6|3_#_=TCbsLfkf&B{J;GEdHACq{$awr-E$d3@mO zRWnDd!y78+Vx!}DP2;cwFCj6pw4*fEX0kQ#g_vao_afqXxbmA&$H)BDfO5L;N}7zW z@}6(J!!PmuZoaIdvd2bNURSFk2SJ;h{@~&6IrQD7r7kb zZ463T-Ib~@KY#En<}=%C8N0ZeljE>AP)bnS-l>Q-*QJn6hZDibT9r;;{q$2i@vA?K zrOtwnP&dBnt9ok~TZzQPc|T?f$j^_A2RpSgj)t9R$rf$puF*hMaT8Mzue!h?> zP=j}gsUn>I>B#o&)-jXhfd6%09<>DKf4?YpqR1>Z{f%ezpj*{^r|c0UHv95mdDhcz^Oby6jjzrwpj! z>gNi|5&Mi#roEM4eI!B=3?S|sDv?lExM}WWR!Jam#npmRMH;4Ohzy!?vX=*SomoSy z>a)x94oyp4^!sgUvHWt0L?$VA?y=cqAOJ{i);BHl8|1hkvaN|d4R!u6D_`3a^E&Z$ z)Gp*PvM`*5a%fFChHk(skmcvF4EI;SmtR6p0N0f(ms-TES)iK_w|ZQdkqe8Gkf-oB z_mhpsOt@5^Q@@e2(6TamHkN-w8Ggh{%lFks?ekWZ+5OpHP{qv{&3DZuz7yec;>F`^ z8!x&s@#A;g&&woJx^6xfWb4`9WSjC$=+!T4PPk$cELjF-boN@8)(&nYjT zLe!-W`GBYg2M2h_m~PkFgtHSc&{DG)4G@p9+&?WWVbb&MD5MA>Vw-KyI-CxBgTeHg zo%b9iB_rGNyh_6NWJ&W?A5q&1lCsc@yCdNs05x}N7c45ScWO(ii-j=$CfE26el`4*wCCiV;+vj!HLR8m8f@H;T+pHcM& z8Q)lB<9$4jyHJW-N)8C7#qZHh73VWI4y?M5LC(yIs$3NIggm2me0so)Yj_$@cA?4M z7uu{?$bVX-H8 z!{@F*>^=26Q-ZMMwJlE}PD-Z6~qrKx=adQ7n`Qq_~ zyea16NKc+ZbhCk|-Mm>DCPTc?FMs?ULBb+2%g9u{R!vV;&de52MkH%(Kr3VzP?4{C zb)9qxAHBdVwUX1$#lw&IAkC+@EM;TgXD-!0ts+Jl-!(hmE2GZC3u1(cgO3w{N(9m4 zNRXDte})ki%OnGp1S@lkq+X(CZ+RSJ_`S19kKJHoDJ%FnqG9e)I5|Q0Nch^iN0 z(j3tJwn^KOKzyvG-Bs36!9=SZ1EIqq{ND7I_wysNEOVPazQ!i7-SS8a`B@<`!R=$u zJJv;!(A*2jgrR5m#7WyRu4j}%Y&KgGJQ1D5|3U;L7*<^7+Pxs)OJOFP{kyfqjGyR5T2l zKcR&KYrE2mvDB00TfWOhZ;?1*sVm^@XYqS&V6b$8H^)r59&JNiLXI}*f3K*7he^}CGzw`o5!4hkC=m(%235DpRt2cLut>f|!Fi0a@M zxkyz)Lbq)#7l1wu0ZK@tz7`_v&rR=^$`Gc%!Avr*sJAW;pQ7((r@6Lhn0bTpSG3i^ z;EF^nCl1vKaU-@e*cZ_;JUR_TOjWK4?oVB{)2_+N7#chYDaj)J)r?QCetM++ABHlq zG}f<7J~uAtiMm2rQ$Hm_!&V<$u@_}8>q!4}Z{BmR_(iv*8UP64TA$fzw3Kx;gSSW_ zxKM~OMr=Mlv&!)s+U+v)IO>2l7(tXpRqdAvEY*+A=^V|79iGsU-|;gmJ$_4QK`V^u zq#jwP1CpTKtW|>#2R4n*99N{gd;~ZAB=t1Cg4SYZCmeWP$-NU>F%|$qbS(QG{!fPK zxqKXB#tfj3dXE44^R*~c*yML?6M;)iz73Gw(=+`O^U2D(l(qR-lj(`;N2*yymms>Z zOtw#Cv5-J7A=2~x{O0}hA-`*|5JT7s0ihwA2n9VRDLDA-IL{jrS9{4;A0zl1i()WX zN{>$(=64H-o-Ty-o*n$p}SW@7ii_+N5& zOiEFDke^hTuZ(FwC7b5vv_{AW$;!!#r;D>*UEl>)kCdde(wK|Ok6ut;4I#99S7S?F!zcxo(^P;vnDqon6= zKiNnf-=Z*NFi4>E^vAWV{&kSvL5CljR!*_W+ou+{ zKXivJo)F^Ak=&v-jnnOxL>B_V-gB+_M1oC|Z2{KmR}mQTI~RNU=$(N*;p;HoHOu|j zQ@$ClNTkGm?q%-tZ$r+*4XXYx^txAOC(NynujhuA+h?auD9y=xeSdFn@gJ_o3P_f! zvo$n)wWWx(FZZGdT_#;K-u%Q2T9GG|AJ zs7oC_JXG+7^XJ+b7wU@E?Twqvi%Y8WkjbgeG8VUvWu*( z7-z^Cd-4;t3#zz^BQz%d%xM9&x((V%k(R8*+sg3;&$;Dx!|IGHT(jS#i5xcTilL~k zjnX!XmvxzdhKVQ*|Lp;qyEGMaX%AS*+YJhEVRG&$1FC)UJ-*Vw1RzNE`>3b zb8c6R`w4`0eVOU8tJ4F;vswJA%K>;`c~Kj{E2$u4Ux|vk@85w4zTY=E^JYW|w(d&1 zFt(zP#5i{$Lrl%z>n#~?17h}!aYYvMHfTJp;nA@ajX$tTEqL{Vl+{&&1$TrF_{7`%wcv0ZFVTbe$F;DTsZk4lCK zDXN-+t+1QmybvVKRg=F=pI&@4zs2fgdnc!3nCqkS^S{~_jN0mShLDY-AekkPQgGUw zK;lOVB^XFnt5eG~c~vG8%=SL;L-9ebO$p4z4O8VAl!Zw`hd^5MzDX|+TyK!uuZ)6$ zAtp*z&HNtBd@EJ5vf3;oGg=zLYWg+Gr%#y4MMJg*?TLc$32gQVWxIcP>E+}hJJ#m+zlf+f zhGe2*x|Y4-@&1H=98QVW8QGTlB2&s2{hM+ZYQCi#=E}Pn(B{kvEL1y_qxSIFcRuq> zQ7iC0w@?D365I4<)}-8QS44#q3JYnIzA1ymBmg$^40j}U0CqZfUytCz#6fkOolVrui~DOcGZT5qGqTMqg1`ZD0E|*r?b*HP!fs&(6 z%il*D1TDj}Tm+GeEgYTB;pXfXq#D`NdU+M;mB1J$#tsNi-kaSMzgw^^yK_0 zfTr{3PWZL-lF{L;dZ@cr#(l+7jD-=`?mGS?I9Xnnso z)XeYYK`(Q@;~#N}-3Qqz4)ai`r?yjnu&}>#*zWT_^66#Kd!JGx;o~jqTWb2|YTLz- zioMs>@lF|?$DPu$=f(5-_Dt0K2yodX*MASV_OM^FNa{=8`IyC8eT&~|@^?!mb>wib zSD4JGOHC;Ww_>|l%dPq$%do)lah#CBC$wr!cOaqBZ*=dD!|%c0e)ksqLYKQ}xR)W2 zczAM+Y0Bwj)pNe^y(7xMr7>XMz!&Cu=GoIq7fD+4C6hal_~H5UMU-Kc<>bA;hceR@Hf~_}vS?Ne%VWsoSzL zpx^o-5fRo^@BTIJlp*TJ*YiY^R>h@jPABwZm6b)hEbd0v?A<$T<~rib7nkU(;<2QW zzj8buo3s??>z`J)O!xy^xAW*=MZ8|KQgN57L*`+hggb(7!E^%&W(mR0)>cW9#j za-019VP$>(ML?T5jAwE)7m_Q;wz4Q5gV45)T)IohIV_7QXUvV>9HR*hiovcF(xygZVqMX zh0qfj!aR3F2x2f5GWBB_T%p|xGFDE${LBOgHb@a=qH$hqAxJR?h=a`Qj=4aB36H!f zMqFZ!y9%-QAyA|Ri@}3durvckqh5ZURe_s+bcom7fW`1GqkmRhRPq$W3JarH?J5s}N4dX2oW+XTakXZWB{s zC(%{EBEt5kFeY+jYQ#h9h5RpCu5Fb(!c)@xnp#T^GWf}}ad>*r3#QWp@%cT0yXJoH zfaf{hmF}l|9?raA1j)j`8yy0JEhi5X+t;VWHWsViS&n5$zru0wV&&aKoZdwNk2U7U zTN_A~>T|5%x2YOm>wqWY$3&@b+HYgDH_@IeT22`oHntt*y6?S%l^4%V*LT!k&gFzu zTjD%?f!=<83(Zc0=V>RLhc)J&RAXInt?Mjl;9*vIqWg(`n>lw`{thw1r^3opD5izp zHw$D$m7baTj~Vn}_p(>0+dSz)!N~!P>EgZjg}1K^mR00W+6*Xcc6O zkwVuOpxH#srchCh3a!P}=*#PU=iuW7MA7$OoG{K=ZDpuB%4TDQ3JxwQj8uWbNbf7Iw8koUF10-vM@=7zsjLD)A(nH+tmIOaeA^z(1VxO4`cYg zCk?s}!O0o!F?^rvx2MDj9-rnWF*@Y3Hw@wQ1PZ^7z3vy=``w-Ec;;m|q~KCiX%Bj5 z0NI%Z_@-^8cmft}%`g7J-6<$qoViMVZM?$O)WOF%JjCq>h0{sSYdF?)>0p__`F9`20p z^yAuVDDg~c>Ql6bSYZl?+H%{$(>g;!g@lXjYfqi@S@%g*E$Iac=HKL0({-;X7v zK$xdGG=)PW=Uv55fZ!4(!)|7}E22AXx?%beav#13s5vso$`s2WMbagZZSE;6!e^xL zvcLB+m;q=oz?q=r#)LlQPtJQIMPK` zH=Z&~=^$$_5=k{$%%ieBiKMhe_w~VShDSh&lyUX4?D$ar-wK>|_wtwZ_0_dm={;*tN4v2A=kBuFp3PwRhIA8OiQ#Q!%y z}th0j@PF;5}870HEp)uZrnOb zf?~3^UpO5Mf+>Mp+bjwgm9n6!p{Hs4xonc6mgO+k!XAk}QJ@S~p%h_r5yemMp@NJg z^Q?ck|Hrhcw^&bVL}?r+TjDdM9%cR1%ig2Rf8ZR`-;1jKb12BZ&4KL1r-#`^54=s1Eo>yz)=!X5hqhIDi z{ko*y0b_l8t94y>p1BeF8;O1sh2O9fah`S~3W{VRdNKGW694Uj*0W?cm5jOmm$+YWqnc?9O?IbtQGC5_ zHAEjIQfFH|j!r>knO`?)X$xR!J-6OuvFL%Yt_X*lP$0NQt=&gbw2tZu0A1o|FLk4i=E`FD_1GQrnk?Zw+6Ghm!KzC=$o!4T`3H(KWr% z+!YK&B;DYknyoXM>cwhQ3q;}oqC$O7MH<;(j{p`HP&GU9UbNPcQeulZcq?9li-?Tp zFZRfmV*C|uV92V@Fw`TC-8q2D7l=N>0)Lgx)0m=60jsi!$1Xd~Mpww@J!KMk#i`xA zMN;$?}hUgvj&@Upqw56bb^Ya`AOgz(C!VC$$EmS z9dZs-T{<=>-hE(GvvnKV7ltsa$x#eTpMo_fjzgP%j~_uHcF*#!9BvDoyKlQN80Bne z0!R^TaLl!vtG;A*OK|4q_2p`^mV=s%`Wai#ocn>frL$ye`q^jB07C7_$&l%n&3e+Wue|>9hy7<*uaEJcaw`1KUH5#p z4e2{i>Q#4TMve2Y_LY4?zL)01UchTya9xHOR_@BbzxY4UW$8MYg^%Bg*ndHzG^^LAKa1%No8~afAmIL#y7DmbHK+fug1FCjX zrlJ=r_yR6Ec_g!c>+|A4qJo0zr`WRkhplNs!&wwebuKOqbXLhvvKk0d+7Z$G?<}d9 zFp>FzAAvuO!QQ%`#bCvLsA$4&I+q+?T<5^tpu=}vF~DkNj&WXNJ!~=$nn{2=3w_T+ zJ?3(pt~=*$CRXsF3Lves)IOdzC{dC9@X9dE&)T*1a1Iy>9&Grl-9gADn67q)l)^C7 zB)ZjcTUBp{WZ5KW6f=3BdVne_m?%72wfTS2@(FoW6UbtvX1d@SNUbQWqK)smLjXjA zF7@u%V6|XW)|e8nh~Y8nuA`EY@}Tf!ll=alTuT1LFhWc^{0sw;VP|Is`JBk%$uK0s zby3s$K-^jjwQNEdO8DglQV5+in|GHOmLj8|pznhq2$&;Et1(7#_A|YITBpCVKoJ6v zHg1s4My}C61G=W%ghz@k!*}-4RVk&fQ(yD$iO4UCKjZXD>H+)fjQN%@tiry>0k;DNYYWb8Or_Tznpf2f=y9pPgAqtw58Ux!FF_m{~|oEl-Ba zBeSmWqvz=_3`=TVKKcZ!2O!X{DobfuvZ~0+0Fco;#W@PvM0}Z#qANohd|cICoz=3mGbC z5uqkxa<8WX_yb9LpZ)D-IL+$z2zCkm`sDlh#MVJcm9aooTT`;AQh?p@y0K*%T8D+- zZEdINC?R^2uFhq*4GF$p-I5#g?rEcY9#nKg_2#SA0kY_5=x$qQRgAGTGF@xVL7>oF zTYc(u5cJAvzxLyp{mX%^|8B|4NlFY#lU^{3_Sr>-@5|n-`ys)P3C%|E5lEPasYw^T z+Gg0k%}^U+In}X_;qNS$K$A=Q7puW z%~X^0#K)CTS{L5YW!9;f^&*3e=D)gU>A$)sF{f>?d7%(F(>yw1Lc>TdMh?TPdmt z2uD6LPvlSCs*#1n#xQDo?rUY33lI9g4v#-Pwh9nv+CfrQ$F%Uwug9D_cmAyUj_c`fihMqxZ;dgw$>#gG(dCdw2wZ|pw>)+qr3}4>g zZ&_l{gs~=9ekgs0U-wU&wu2s`)rvPum2J01bWij4I81x*B2POrAA?a+#x(y&09KMU zfWx9#++tuUr`R)%3#CT@$Lcea!Aart#n5tMs^>HjPzyIPY{G<@fmAm-&&xT4VGQ_$=UlTmdhdsa*~aZMtH9i6}cJ-A2B@LA{@=>&YJ@*lUbl6l?@ zo`64Nxx=l$DCsog>rH#-{x3(h(Gf!qzet9n#Lh?A-R5`yXT$f?e45^?dYYo`G}5H; zSM+@_*eH50x9T;(n?+8i%?RG#;raj{^5Upt_; zyD<0ItW<$}**8=Bhx0*6{{7-{y_e4PW)GjI8|!-~7I??ruMa=ifByJ$=oB&m!?>Mm zrT{Bh!Zz4FGJ;Ode?68cW3aRjo9C|d$p(cas82MAd%3;G3n_^=vNxXCH=SAR z7cnAI@_#lanr|QMXm?dG|;c`47GueeyD`o9fuEiJLdDPxY$pEw8;M2WVNWaOjB z!2Yvg(-tLpd;%~2-@in-A!p`u@bN{GAx%tqz%jdFp^s+77PnkHy=V(UPZ-Z%6`h?$fmj+~M%k)@sXjJ8c;a+&M+bF=^bhKI74X2;Jt-F} zj9EBpt{8h}K90@#PCZ}Yo9Fk|6j>d|ZB6_%qL}#&iBD~$(!T}SqtE6i3pktaTZK2P z9Fi8Rzhf8I`Ctt*JxrM@T|knQE*I>kWx~0zP+$=l@Y@ZUq~pnMrqzAnptOel%8qjg zY&oni3C%#c{o6`k2eop2k{6S%5)ilUAG>U!+mlA&fjT$0?}O8Zomn!qk@?V>p~WHV zDYIP4dav5@_*bX?4}|kYIeYb_x8N<&4^lTqrK>+Xy77mt*(aU0<@<(C4J1#g7keh0 z&Hth{zhU!w^&@;Ie%zITi^J0i+JU6P+{%r|vivzlL;4~Ud!RID(x>v*z8NO2?qM8Z2JQ<@T5?Q|)515#~+l=EEM%T#lS>fBR@MRMCPd`p% z;lY!4I@la4lA*q3v4A$wD(+(sHcHHiF1#dHRjSmMSy?i??s>mf!m%K%-UncqhCYq5 zUd?U#O>O0;J54J%6`OICoVmYj3%{kOBQSZ^;$I$gJAJW0e(F7clGWT>cg7d=*X|pC zv*s^7#JU@?`cwv4@y1tsjlzF)Ou>~m1M;rD5?l|PrjwX&ts1^17n1wLg<14o-HrPX z&DF_-ieYM_P-Km{VJ25gNtmRCE?k6Z@vm)%%qZX~$-XMY{s%DnVVCH4Q$U{Mo&KBz ze%ZMmiTaQwB`lvxX=oIpd%z!>v{agM5LPc!3;FCJUUY9#cGOk~eErcS@sU~|yGnmO zhOM)rf7i86+jL*=ra2!S@P(awc&Nc)4^x=u;&W!)>F`>ito$!NW~3nh_ySU)z18aA zA(V`I{}&~=$j%WpAVna8%5j8j zTq|vq?CL{?-ZB}vY6AO?p=j4`wa15ar8@4Kgz#Aq){H4Z3MO(qCXz7fbSh0sW1fOp z-&ewXC($S=UQzRB0Zg4ckgXSxl$OiJQv#0NbNd<@7(DVd@dV2t4t~(A$D+dpwsRsp zDAk_sViXxz>113G9j-e&3ktvwq+}{l(__?6*c>Rv;dR& zs)Lc7fs<&^ywI}}!K(uYzsbMVks2D}uLcz?s38wTVzc&qJl!uvkC$=&K4%UeB&Tlt z1$@eXHbf{j8zGuN_)kXJ8wP{WF^iuuE4&!9b_Rxd2RePs!W}x6Ln2`#`_Szb_twv4 znh(BdGnT}iZmaLJ(aMvk?T^xo!sSi6?g0W1^sdyXehBDV6LTo*W%uHrTr2(WpzagN zg7Q}aU-YBxuJQTO;*2S3tNGNAjjj5RHeN;$vjLfJZ4mi-W_L{Uoin>$8WW^kI`pwq z0PaIBHXk0vaW#;fKI~()AaYsfiKEo&(V`%w(%bwlNxQ3>z!mt2|G$<_C+Yv#RHe_Y zo)IV3cgoXeFvGBoCK-SR-X{KuLsNSYYzDj3OC(4!4veiY6kqg1nNHTn-++pf<1KOR z*Z=sto3*t6n+>=&JJK4wsKP0=FAql4ilzb-^}eS{_U+Fv=m~c>SJ@F4T?pgGyS$z4 z0p7;DA&9#FQHVYaa=ZVt!jD5n6o`jA5=T4j$c=6XRYKd59)v^KSH|J&fCSN4y`^{^ z?xvsC(+Ryb#9RI&Mtxu-u>KeRAl)(%&#+K zrS3s#CZ6yLWt#JMLI$q1yEyaNZ(BLeEupWJP)O}|r!tN@g%XCVe`zS)(OnhAcT!TZ z-EUhrYfByuoNlml;>BnBNoIchEl-#;W}0T4`ry^|q^B!R;ld>~6P1;Kw_|(@(?C>{ zS84ZudnVl?L56^oBEs#Vw&leLPBS`z+wC0W7XM%#%lMlcz=*$R>uu7s#?v#9O~Nwa zM;9-)v^TM}o5= z>sR0SW%GK*$Ci{>DJw%KK9G@Ec_t1I!+rkT$kQ86*yE)*s@TEOTpDiu{pv-Di>hFY zZ!{B?+GjW8Tk`?-lvY=NrN+5Y`ZF_GX6nUeEexECiwO8({}Z-6vB~jWibDIVw?ez^ zxOR?OeZ5RZ5<_gK6Ae>aMuF|OH#Ennj$!>>@)y})bgVVYC)|7e@d#a#2HWDDUcVDp zz3;%RSPmnm0*=+t*x1St;za?XxQ#k3X0dUxV%8AE--klNcUEYtc!X}-2EQ`)Z)ZnHq-=_W(oBQg5375QFVk<4 z%ShDYifH)rac=p%q#jv@r!kvh?-#C4)IzTqJSk=_aaCtD>7efhOOh$E-%nzwjmGpJLs-zAE#W^2p*%yavt8lNR{TNEz>P zIc?bu&@xS0ge3K&PpuZH33=mLtH7BphWDENgUX9l_1~fJEtpIm&jjh#VSWlyCoS#$ zqeGtyjJo-K*;rmV-OsnWNxOvCZPG|VjhU1l(M$675>Rl+N2l9TZJxqe4#){SLwgzE z%OtvxGUqI>Awb5Gs{LHR{&G{_z6lkR1C8Z8oUWQ4S@0*uNWrG57j!$dx*R7clyZWD zJ*i1>bk;@v{icx%lgpCBPD%(5s#j8fRupar<%*N)uQXi}j_X^X*u-g`DW3#L3Mlo{ z<^IkzVieGYmtTEGZ}&l73gHKfCOE05i&41Z& zjZ0It%_SY@ZWJ5aXIt%jC$PTO0T-Kn0Kw7!S3&3*?M7zNvveC=}aSQ*;gb)`B4T*9k@LBXGTTwH)MV2&`ZqO`ICML?>CYAPpsbpv%E_Yt(vg6AmYlT*0j!C$XwKF00 zpEq1NqDna<75Q9V<0KZRWf~CojArL97YKPKg?mYI;D_L`^m{#q^yN`bh z67P79Yz;Fc6Tf@RZvOPpUrZ^9J1y@3{^<;I* zx+h_z2@#3tb3Cc7@8s{$m<7?0ELhE&s$;vX4Xq1)YX(Mt(j8HY|l94X4cA4@}F$%?N$>+#ci(N$VmSg}Sg!5ep>XluP14CnPEH z?i;Lkfv~V7Z196ua2L4dfyxd}P84UWtjxj^$zPED!(V6o51uDu_^9pagVzp+Pwe&W zXlk)OZu1R{G>7(dT)RHp=}-j^DJ*Q{@t5g$DC|RKnaf8)^|IC^K^lQHcfXmtA8>E>0FdFH6sta5pwo<6;TI zp<(4|u?hDqcgcaodsB%@bASDhYgb2Z&RZZJI+8x#D_O#8HM$-T?~ir1_F8!#>U4NH z_wL<%MxPxkPN9Sx4IXjf^dqkxJA5y{<1Ks4@Uy-b=V^5{xd|GROvx-a_#-8R2dyMJ z+9-IU+1D2wRqlLy`r^J!Dg!0nj6{mt+3BFyVNMb# zLMBO4&NojoU=9;}iLh`c7)Gmbm%9dzJn_A zI_14S`~x@LK&kMVwm5XiqI!9HDtyOtc6xR4Xv%J(W+PIv+Z0Opyz43I&?nf0Nu(|c z>NK^0ux0qMZ#U$5*7>Iae_B=$D^w=xi5PMuf&8SP8FUEP(4b&KHR)N)tUhx*~E;2nsZDuEC3@RM*3|I`KLoX%j= z(Nv%YHr*X@u?@Pvb)$}W+e)w2KP3}01oXXkQ#Ad#{(?NV?U_o_Vtx+U14 zcc+y5`Rd8&%0JoK>u0Hg#~rc(Hf67{30(+yvEYCP6z zlyCoT2f(Gicp?D=%N|0Z2>Jxh2L(K#Uy42xZLE4C7L-S|xUiK^5VTQu8kM86qw7s{ zFWR_1$&pZPONjLy(j9p>`Y!tuJKnR;_(gm3YHh=*5<6~mrCReo=-*$Rk(rdWPO7jU zZEbz1bKLBH_ptKRAepFu)9b{@=v4T#f=(8Th*HGEv2|3==JVzzg_dLpc62Gg$l^l4dE(m&!5#S#u zRTQ(ia%w72{a~TE9QA%Z!*z(A?&f6%jgMFuJ%m$aS9>*7_s3Af@V8k}{dpC?o3_sA z>5W~$U_+HfOEe<`I`)xA+!7EAjCWqv6)o=%3NHPQ{h>3n1KCm?Yx1&`me4-$5N`a#h!>MgT-opA&?J;oq*cBaa6b2RU}Cyh%NFj zmPZ6Ri_7P9t4ArY^p?X#nJD@NCJu(d?{g%Vo%|>=Is^Nn+VO;bQ!ySwf^)&)#6Y8^ z;++_k#38k&%nnk##C-9Z;m0+%`{Ff__gnE&M{g1doI_UEk=sSbvls4o&X=#mq|7t6 zJQfWgRj60KSMeJgwu6S%a;oB@Eap9x9Pq&E#s0OwOW(2wut$~NP;VAnu}sPt#2Nl@ zBp1($mq211TgL|81i;b}CY0;PuoTGGYRU3s5Av!EODI1gJL|PYv#~K2?|Q%`E)XVq z4P9+npaB+N46=-}!{kXtL2=YX^`Ha`7Fqgo^}M|56P>*t1#i7RA?dv_UbN~=&AAbRkscWi zXM4tpMUpBOADAYYbB~$gPm-Qm{u!|0lvcJB6VGxGdHhT2*OIEyU~|G(cKz?VN-`5( z*l8glO{o;z=`eAZrrXT{=CgH&os&W`LlJ20p7l#up!O{<+;wlZxH9PvaV~@Ac>KKm zFR5gzXD>|7T@libLlM$$2gvuj?q|frQvocYx88ODZwFBfJTw48j$NaK0X76eUJV&& zJ8Uu9SZ+O}Wzebh+@a$B==sA-$U(1Yk31n=mZub>Qi?{s1e1Z0!-hSYT!QzrtIK8^ z8j6g(;0&(L+{)oSv`1T@^NGl&@aE&i&+FMN?$Z27gNzxzcH;3&)s|`0x{|_EMtAfr zI}F+hC+lS(3^IvdW_P)J+Q+dL0#Ty=skg5tp4iX7xA8R&c^k~fg_#S|w)VCG6Kk$<&EgSVDw23-J z1w%<}e`0wu8?}Ua67g_!evppgCX1}f>MgZdVstUvT@#yLS+kk380swMhiJw?0x9hY zvsp{*sr#ZJadpoW3z{*5_Q+M9b!jI`<;S$rn&k(;LBjE&VUqmCLwSJ55;ehOGOGq( z&$E;AeY@>6wT3l!Q?nIT^{FJW@UrrsIRg+!;HMwWtmUq*mj5JiA+I)g4~S_UU$-+CY5~z4 z*qVdXaQyOexzG?a$cU?$GnAX90h;5B+P^Kw%nYQKE-SHT#2WpOexaxx@g<~IS{TxU z1^q>7fL~OBim9Tv31pnC*=wzjN+%HSIbXQpwP2 zpms++Z0Qn3iTXuJoT~=~fc=8nTGJ!1TgGg2hf4Hr?Xr2(XP>=XIkYE}c-AIXI)ldI zKXfK8r!qjTon-;-9~)nGAM8&~9ol{NpuJ21Hv#!8k^E9UaMR=Wh5sNC2kz6uNA30;ZzprzgHIFQ_81h zfK#qx0T9#(<-K@FC@$10wTl+h*|fAe30C`0Ru$!5S6c@x#HXF^#|v!8=oRu+BXN}) zeq4!V#wY7=d>Kj|&Ir|qi`NHO?|Hpl0DRG@DM<>(Dj7N|X&^Nw##-UhH+8Lqmxg=a zxA`9rMg9=-Gs(H1w#S%Humo%-Np?*;$Ic=-9xl>N8OX(@?KtLXTyeU-nfXO2QR3{j zYg$v`q7;8w)EP}n#%=-i&{bCelk6N6jatKeaeUvdMBjctI|(D_Q2E&UNcy^mGb$-n z6X;Ny3Al}@PoHM!nf9Tm>1nCG=%A*;SIgDP2EW4tDQ9y|Y2_46*E=G9hep_~Vl!i1 z@xS#mb=^I|c^tB6a)13AydK{Qv3Of)5`YIt00`Z6ie62mI9uw`5F-GTytE*;<+yRO z%<-tSfz-I}2muJm*RMgWtweKLnI^Xg8CJX4HPcGe#q`CH8Aary=+Kb%^iuNjZlt=k zHt5M5{_b}vX7eMfm2c{VS`Fg*d=dhw^l#NT^+pBxw^2)f51oiFCooJ488Nr0>@XIOK;=ST&5bU^;F0;WY$(96w z3OsOn-$`*N*g9zR%fSLoPnT*i^sGEbYa<9){*#BieU3kxZkUla|BINLq`in;9p|m~>(PBefF$*L;1&IWR+Rrw#A?OU3x-o6JB9!pcYXMJ#RpXYW$3cn^Ayte}fDJ64;9YWWs49 zD?iitSJ~W&?RpDK1;BNQCu>MTG#d66DniNKV)(^a*=AIYISyly3Nr~ki9t*>a1gce zEM;N;}%Y!No*VnDFylq0WNt zI+0N88L>Y%53OE#A2<$iad)kxzO;BwbF zfi^W$YKh!8GRuo!2#34A?rU#dXZCB4+GcV|GpVxOTCL1(dj%Dho!wT$$iVxteWnq9 z;R+(ZE;TmYje)u@TPW(p7A{Kp$MgoCnR4LM``X53^uMyTfbZm22qg}6zhHWjcKIGc zupgj9<3-m7%VkyA4=>+{Zg=tmu9tb%Aolu-ieHhT#^|;^-8&45&D8KeO39wW@s2e6 zmA7NI_TOOPiODw4t?G+Hl|-FPC*yke6S`%yW(1%hXmV*Vk=DGpwJKo<8rdGpfG4goISWtXUE5XmTjcbcSS|t^AtfdoC{=uhLIs`( z3M2+q$f!vX0g3(d_wRK{%Xpx@Fq}qa{QyhF(&YGn=tg?&Xbeqk$WCqV4 zpI@ZO(y>lz4Y@O@BV}1JihT9amPAmeu`ulb9=h&&Ueg_HMJG8)^pK|)u7hG5$4DoUJjcB|tr zv<_P^kibLWdl3n5ewh&eN@JN(<%E6;np@k5B8Jd zWV!1|xu|yrE0X!QPhd6y%}HdphuuI;=8nvTN`Xn?APDd+#Z}ztSUOJ*OgW#9I^vZf z-X@c?#-yiA+y=ByeiRn{&yi6Er5t8w=U))SO(FKk7J|-hk0FJ7qvO*mb zt&$ySjngED&$M1e`JETlHk(Mn=HLqp#dUNrCz1~)^{9jE=0kMxpaO_60*h{Cic=$| z`g7v0x{xBJX2!4SA?}&3`lT#3UDQ0^2%`eBL1PZcz>0)$@a>pm+l4>t)pbCyhmle2 zI2-J@#RWHbzQ2zY@eNE%^Yy^0U*bnSDd_r7!rEIPHa6xOts0vz zric)p4%Pd=L(1UB(}YdR_0y8~HLg$h@%P;tGUL&5EB;)4;_>gCX?`im{^`m#tr%;k zke!A8iJics4y8U|Q+7e-aMTy-Y^8&w(is5@6OnA0w8und&hpieg+YIf^-?Ud!yASyFKz)~0EHvf9o)b;YRduNPKE@%UTVg-9R zNq>a+^RtHDv`+}j`%7>15OR^{4_ELG$63&$is5g)741w~zDPoU1#xYE*l<9EzOXhC*W4#&$`OQ}S!CohDIC$c%=@VtURXFitY z#+1J6pu6l9Ci}K;)~FT%lt`Grch6H^a0Z7;-Z z5lf@lL5KFQmCZLh1t!3e`H}E*<_q$)es@jz=K!dv zLkR=ffpIY7s;6ba*)$GOkQN;HGh4lHAgV-k7wi{IrKeGSGS(+D_)yaN*%FVD~uN(4^UZv;3TH`O?jhHR-C!ufj@=?+kK1 zGD}lz<-F1(;8gbetFa~*z+~Q^pOo9v=M=?6Pw7s@1ad)Q!_5XD&og<_pe>3bwe*=| zmbKQx8qkOGZ4-OF&(*5WG{7oXCqF2AY+d0YU=c3u&2)Sp0tvC}{!(R@f3KKP54Wa@ zxom$VTYnBt+)zKhY@>m81P3qTLK@}@$I!9Z%VsH|pkpSud{)*OZ%L`;;ZhPMn zjA*H!hh_?g*$|m;mbZ6Le?OYC`e);VhDjs!mRr5fqR`0SWXms8#fmIQ7!1ROU&t8* z%p`w7nR5dK4XcVEAmFIvrNlM$IF6ZBgs%*M+whfcoO<1kq}$WR&k+{jD@+RzXZwM> zCm4ovWI5=C&%xQndLs+(;njt=SX!OgRu3G%Qd!|54CXXwaJ`J*_eLY29T!uOxoyd zxWN-?M!p-KZ8aYYBlNb@>-r_BsKmj}XmMoBz-9Mk;rq+McA#y8d-j5(58JR218a`e3=_US23p9?g@r$I)W8P>w&+Xnn_g7CYY%%f2a2S zg{sQMJcMRF`296=_sZn;M2EMI=41NnASo&7lkd%czLx_ZX8z_)?H(ALLLQKH2)euf zYt}9jT9-^ej;R*t2q!^7!r;oG1SgCsgJ9@>P6GY$s%l%J>p9_l^%9a2DkNDeZY50! zbCvt4l?{t0mO&=a2#=sO&^*f>Xok`xsxsLJFH;rf_%a%?HvZ;(6E1SxXnrWQs7X9J zpn)O*R1#TCIL1%Y$}Hj>xJ`15Z1-+z`}A>n&qzUEF@SJw&5*Us=@*9!%aa)y#M8xQ zv1{1=-hg!y>)#GVi)Etvyc?MDs4xebn1!UNN*Epz6ZR#j4bLu+@4YPAKN=b9U&@X} zvWJW^Pxce0=Ch(~GZYo6lC??((Ay2!jOm9#XQhk&dxC=OMp;rF@lv||JS+h%5ABOc zh){-Sq~x0FGM}MCHP4{oBE$s%fe-f4ih2x@(9k@>>%#Qc%)|9xTx&;gavDaY_-coMf2Es4#cj9d6(r&n=!G`zQ4oS{&6&(|<}} zKCqVU7bSQFy$(R&bv{iO$$vhEMudcVbav!c<{=p3em*+lkS}e*@Ayi|)CQ9(*3H;= z$I>C-z66vJFqoKHPFiX(vEI!Cw5z91fIqWXcIz@sFo4=@zoOtYiONo@igj>BFf-vZ z>RLleqkUsAHNXYp%4mFY9EH`A*1@?_>JYeD0xEYj$A`}PFL}z@43adpx8mlj1nb}# zH-9ae&;q|K3ZuS${L|(@a~eIMGaOsjJ3~{Zv+0_rRqy#X;=EVZV@Ft{6xBKNl`PIR zNu5h}cWP;A0p<4wUf(<6RI-f*2pQ@T#u4_|eZk|?3sb4sR3*aSv5A;`ATKf7JIYTX zoHHsxQ&bw+18msI3GCTt8ui4MMzX0iXJH7jp|vAht9t^S^bd%YH;6@5QvHPDGqJ0i zEiA;?10Ar&p|uwx5<&TkXt~zgGpp?aRO5udQ^@M!e<=*dYZKfd4SL+8rqHv{)%1zg z=0PF>t#E#N5`03NWiE`Qv@K@ZM!ug}7yL>b3mh+tD@MwfwvpvkXO$B`ip;5r<%c;AG@n>GaYtXWVJOa>-Gvv0q|Reic-+G zraZqv$)eyL?lPF7{GD-;FKI#$st&QoUIaHOIqK2X80%@9Tu@4Ci*advkw06xH2J|U z5o|&RvnV@bp_yUa@m(TBgMLe%kOD<HGyH1D+Y6EAFma&tcWsPpu>b2ZeW{9Tzk>R!1thSK-5`Z0UEAp3j;B# z=hj!X_hp}r?VaT#0`%|>`VeAl=ipnf7AJjU?aJi-vw26V09pRGdt!li)z+{#Wq+2b zXFADq>+X8Pfep~HIOI(OYysHnbKE+NM7^h<@DEU_keL2ryRg3T4&Xfa)-M$996xgT zz&aHk?i<;SkF&W$ySDk&1~r952a5E-Ps2#l1j)*bE!qIIp|fo({rw?nsT$;=L#J`v?tv?foY@^wov3&{R+Eoz2No@`W7>-*)T5ovMn44j9kh$%M0&1VO>x1Lzr;hsZ3jJSQZ zIg`A8pHpHRy-xAs36!@SarUC>nb};6;QrrA7nozedtX8b2QwMIVkdcR4wb|&*r1nWQF3pYB||7pwr|JLMploN59 USEXt82#Aj*FRd(9D`6V;Kc{HB1poj5 literal 0 HcmV?d00001 From 56a27bb8801ee0d1d728e9f7e508374b23b175be Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 13:43:24 -0800 Subject: [PATCH 52/93] Basic Acrolinx corrections for spelling or terminology --- .../microsoft-defender-atp/get-vuln-by-software.md | 2 +- .../microsoft-defender-atp/get-vulnerability-by-id.md | 2 +- .../information-protection-in-windows-overview.md | 2 +- .../threat-protection/microsoft-defender-atp/investigation.md | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md index 4fc8f04d6d..a8bf3252ea 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md @@ -59,7 +59,7 @@ GET /api/Software/{Id}/vulnerabilities Empty ## Response -If successful, this method returns 200 OK with a a list of vulnerabilities exposed by the specified software. +If successful, this method returns 200 OK with a list of vulnerabilities exposed by the specified software. ## Example diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md index e08c565ad1..5b09a4bb67 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md +++ b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md @@ -1,5 +1,5 @@ --- -title: Get vulnerability by Id +title: Get vulnerability by ID description: Retrieves vulnerability information by its ID. keywords: apis, graph api, supported apis, get, vulnerability information, mdatp tvm api search.product: eADQiWindows 10XVcnh diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md index 440ad1866e..baef9c8ecb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md @@ -86,7 +86,7 @@ Data discovery based on Defender for Endpoint is also available in [Azure Log An For more information on Azure Information Protection analytics, see [Central reporting for Azure Information Protection](https://docs.microsoft.com/azure/information-protection/reports-aip). -Open Azure Log Analytics in Azure Portal and open a query builder (standard or classic). +Open Azure Log Analytics in Azure portal and open a query builder (standard or classic). To view Defender for Endpoint data, perform a query that contains: diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigation.md b/windows/security/threat-protection/microsoft-defender-atp/investigation.md index 0d9f7a0689..5db24608de 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigation.md @@ -50,7 +50,7 @@ Property | Type | Description id | String | Identity of the investigation entity. startTime | DateTime Nullable | The date and time when the investigation was created. endTime | DateTime Nullable | The date and time when the investigation was completed. -cancelledBy | String | The ID of the user/application that cancelled that investigation. +cancelledBy | String | The ID of the user/application that canceled that investigation. investigationState | Enum | The current state of the investigation. Possible values are: 'Unknown', 'Terminated', 'SuccessfullyRemediated', 'Benign', 'Failed', 'PartiallyRemediated', 'Running', 'PendingApproval', 'PendingResource', 'PartiallyInvestigated', 'TerminatedByUser', 'TerminatedBySystem', 'Queued', 'InnerFailure', 'PreexistingAlert', 'UnsupportedOs', 'UnsupportedAlertType', 'SuppressedAlert'. statusDetails | String | Additional information about the state of the investigation. machineId | String | The ID of the device on which the investigation is executed. From 17346a8d8f3fb5a5e93b56408e2d537ea5c2d241 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Tue, 16 Feb 2021 13:47:20 -0800 Subject: [PATCH 53/93] new link --- ...ck-potentially-unwanted-apps-microsoft-defender-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md index f56820cf7f..173e44d6f2 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md @@ -178,7 +178,7 @@ See [Troubleshoot event IDs](troubleshoot-microsoft-defender-antivirus.md) for d Sometimes a file is erroneously blocked by PUA protection, or a feature of a PUA is required to complete a task. In these cases, a file can be allow-listed. -For more information, see [Recommended antivirus exclusions for Configuration Manager site servers, site systems, and clients](https://docs.microsoft.com/troubleshoot/mem/configmgr/recommended-antivirus-exclusions#exclusions). +For more information, see [Configure and validate exclusions based on file extension and folder location](configure-extension-file-exclusions-microsoft-defender-antivirus.md). ## See also From bfa803ec651e1e1252d34b2035a988a550b678a7 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 13:48:18 -0800 Subject: [PATCH 54/93] Added automatic image borders --- .../microsoft-defender-atp/grant-mssp-access.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md index 554cfcb912..5a2af69aab 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md +++ b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md @@ -101,7 +101,8 @@ To implement a multi-tenant delegated access solution, take the following steps: - Can only be requested by users in the MSSP SOC Tenant - Access auto expires after 365 days - ![Image of new access package](images/new-access-package.png) + > [!div class="mx-imgBorder"] + > ![Image of new access package](images/new-access-package.png) For more information, see [Create a new access package](https://docs.microsoft.com/azure/active-directory/governance/entitlement-management-access-package-create). @@ -110,8 +111,8 @@ To implement a multi-tenant delegated access solution, take the following steps: The My Access portal link is used by MSSP SOC analysts to request access via the access packages created. The link is durable, meaning the same link may be used over time for new analysts. The analyst request goes into a queue for approval by the **MSSP Analyst Approvers**. - - ![Image of access properties](images/access-properties.png) + > [!div class="mx-imgBorder"] + > ![Image of access properties](images/access-properties.png) The link is located on the overview page of each access package. From 701ca3f7993435a80b55ade8ab70620f241027dc Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 13:50:08 -0800 Subject: [PATCH 55/93] Fix broken code block(s) --- .../microsoft-defender-atp/initiate-autoir-investigation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md index 9e5c5c75a7..f36d4f2fd7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md @@ -85,7 +85,7 @@ If successful, this method returns 201 - Created response code and [Investigatio Here is an example of the request. -``https +```https POST https://api.securitycenter.microsoft.com/api/machines/1e5bc9d7e413ddd7902c2932e418702b84d0cc07/startInvestigation ``` From fa5b1cab2de7c5a8e9174e086d7a16dd2274b525 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 13:55:05 -0800 Subject: [PATCH 56/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...ecurity-settings-with-tamper-protection.md | 65 +++++++++++++------ 1 file changed, 45 insertions(+), 20 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 80e3c1dda4..e86fd4caa0 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -27,10 +27,11 @@ ms.technology: mde - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) -Tamper protection is available on devices running the following versions of Windows: - +Tamper protection, currently in [preview](../../includes/prerelease.md), is available on devices that are running one of the following versions of Windows: + - Windows 10 -- Windows Server 2016 and 2019 (if using tenant attach with [Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006)) +- Windows Server 2016 and 2019 (if you are using either [tenant attach with Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006) or + ## Overview @@ -49,7 +50,7 @@ With tamper protection, malicious apps are prevented from taking actions such as Tamper protection essentially locks Microsoft Defender Antivirus and prevents your security settings from being changed through apps and methods such as: -- Configuring settings in Registry Editor on your Windows machine +- Configuring settings in Registry Editor on your Windows device - Changing settings through PowerShell cmdlets - Editing or removing security settings through group policies @@ -57,12 +58,12 @@ Tamper protection doesn't prevent you from viewing your security settings. And, ### What do you want to do? -| Task | Link | +| To perform this task... | See this... | |:---|:---| | Turn tamper protection on for an individual device | [Use the Windows Security app](#turn-tamper-protection-on-or-off-for-an-individual-machine) | | Turn tamper protection on for your organization | [Use Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) | | Turn tamper protection on for devices running Windows 10 and Windows Server 2019 with Configuration Manager | [Use tenant attach with Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006) | -| Turn tamper protection on in the Microsoft Defender Security Center | | +| Turn tamper protection on in the Microsoft Defender Security Center |[Use the Microsoft Defender Security Center](#turn-tamper-protection-on-or-off-in-the-microsoft-defender-security-center) | | View details about tampering attempts on devices | [View information about tampering attempts](#view-information-about-tampering-attempts) | | Review your security recommendations | [Review security recommendations](#review-your-security-recommendations) | | Review the list of frequently asked questions (FAQs) | [Browse the FAQs](#view-information-about-tampering-attempts) | @@ -74,33 +75,29 @@ Tamper protection doesn't prevent you from viewing your security settings. And, > > To help ensure that tamper protection doesn’t interfere with third-party security products or enterprise installation scripts that modify these settings, go to **Windows Security** and update **Security intelligence** to version 1.287.60.0 or later. (See [Security intelligence updates](https://www.microsoft.com/wdsi/definitions).) > -> Once you’ve made this update, tamper protection will continue to protect your registry settings, and will also log attempts to modify them without returning errors. +> Once you’ve made this update, tamper protection continues to protect your registry settings, and logs attempts to modify them without returning errors. If you are a home user, or you are not subject to settings managed by a security team, you can use the Windows Security app to turn tamper protection on or off. You must have appropriate admin permissions on your machine to do change security settings, such as tamper protection. +Here's what you see in the Windows Security app: + +![Tamper protection turned on in Windows 10 Home](images/tamperprotectionturnedon.png) + 1. Click **Start**, and start typing *Security*. In the search results, select **Windows Security**. - 2. Select **Virus & threat protection** > **Virus & threat protection settings**. - 3. Set **Tamper Protection** to **On** or **Off**. - Here's what you see in the Windows Security app: - - ![Tamper protection turned on in Windows 10 Home](images/tamperprotectionturnedon.png) - ## Turn tamper protection on (or off) for your organization using Intune If you are part of your organization's security team, and your subscription includes [Intune](https://docs.microsoft.com/intune/fundamentals/what-is-intune), you can turn tamper protection on (or off) for your organization in the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) portal. -### Prerequisites - -Before you begin, make sure that all of the following requirements are met: +### Prerequisites for managing tamper protection in Intune - You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations. - Your organization uses [Intune to manage devices](https://docs.microsoft.com/intune/fundamentals/what-is-device-management). ([Intune licenses](https://docs.microsoft.com/intune/fundamentals/licenses) are required; Intune is included in Microsoft 365 E5.) -- Your Windows machines must be running Windows 10 OS [1709](https://docs.microsoft.com/windows/release-health/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-health/status-windows-10-1809-and-windows-server-2019) or later. (For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information).) +- Your Windows devices must be running Windows 10 OS [1709](https://docs.microsoft.com/windows/release-health/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-health/status-windows-10-1809-and-windows-server-2019) or later. (For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information).) - You must be using Windows security with [security intelligence](https://www.microsoft.com/wdsi/definitions) updated to version 1.287.60.0 (or above). -- Your machines must be using anti-malware platform version 4.18.1906.3 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).) +- Your devices must be using anti-malware platform version 4.18.1906.3 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).) ### Turn tamper protection on (or off) in Intune @@ -140,11 +137,39 @@ If you're using [version 2006 of Configuration Manager](https://docs.microsoft.c - In the **Profile** list, select **Windows Security experience (preview)**.
3. Deploy the policy to your device collection. -Need help? See the following resources: +### Need help with this? + +See the following resources: - [Settings for the Windows Security experience profile in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/antivirus-security-experience-windows-settings) - [Tech Community Blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin) +## Turn tamper protection on (or off) in the Microsoft Defender Security Center + +Currently in preview, tamper protection can be turned on or off in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)). + +### Prerequisites for managing tamper protection in the Microsoft Defender Security Center + +- You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations. +- Your Windows devices must be running one of the following versions of Windows: + - Windows 10 + - Windows Server 2019 + - Windows Server, version [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803) or later + - [Windows Server 2016](/windows-server/get-started/whats-new-in-windows-server-2016) + - For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information). +- Your devices must be onboarded to MIcrosoft Defender for Endpoint. +- Your devices must be using anti-malware platform version 4.18.2010.7 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).) +- Cloud Protection must be turned on. + + + +### Keep the following points in mind + +- When you use the Microsoft Defender Security Center to manage tamper protection, you do not have to use Intune or the tenant attach method. +- When you manage tamper protection in the Microsoft Defender Security Center, the setting is applied tenant wide, affecting all of your devices that are running Windows 10. To fine-tune tamper protection (such as having tamper protection on for some devices but off for others), use either [Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) or the [tenant attach method](#manage-tamper-protection-with-configuration-manager-version-2006). +- If you have a hybrid environment, tamper protection settings configured in Intune take precedence over settings configured in the Microsoft Defender Security Center. + + ## View information about tampering attempts Tampering attempts typically indicate bigger cyberattacks. Bad actors try to change security settings as a way to persist and stay undetected. If you're part of your organization's security team, you can view information about such attempts, and then take appropriate actions to mitigate threats. @@ -185,7 +210,7 @@ Devices that are onboarded to Microsoft Defender for Endpoint will have Microsof ### How can I turn tamper protection on/off? -If you are a home user, see [Turn tamper protection on (or off) for an individual machine](#turn-tamper-protection-on-or-off-for-an-individual-machine). +If you are a home user, see [Turn tamper protection on (or off) for an individual device](#turn-tamper-protection-on-or-off-for-an-individual-machine). If you are an organization using [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), you should be able to manage tamper protection in Intune similar to how you manage other endpoint protection features. See the following sections of this article: From c1045cc5b3f2c578eae8288bce7581af6a71e74e Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 13:56:04 -0800 Subject: [PATCH 57/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index e86fd4caa0..b0dc238061 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -153,7 +153,7 @@ Currently in preview, tamper protection can be turned on or off in the Microsoft - You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations. - Your Windows devices must be running one of the following versions of Windows: - Windows 10 - - Windows Server 2019 + - [Windows Server 2019](/windows-server/get-started-19/whats-new-19) - Windows Server, version [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803) or later - [Windows Server 2016](/windows-server/get-started/whats-new-in-windows-server-2016) - For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information). From 474cba28ac7a2d80a50795e297f99427a65fe71b Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:05:42 -0800 Subject: [PATCH 58/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...security-settings-with-tamper-protection.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index b0dc238061..30bc6cd8a6 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -68,7 +68,7 @@ Tamper protection doesn't prevent you from viewing your security settings. And, | Review your security recommendations | [Review security recommendations](#review-your-security-recommendations) | | Review the list of frequently asked questions (FAQs) | [Browse the FAQs](#view-information-about-tampering-attempts) | -## Turn tamper protection on (or off) for an individual machine +## Manage tamper protection on an individual machine > [!NOTE] > Tamper protection blocks attempts to modify Microsoft Defender Antivirus settings through the registry. @@ -87,11 +87,11 @@ Here's what you see in the Windows Security app: 2. Select **Virus & threat protection** > **Virus & threat protection settings**. 3. Set **Tamper Protection** to **On** or **Off**. -## Turn tamper protection on (or off) for your organization using Intune +## Manage tamper protection for your organization using Intune If you are part of your organization's security team, and your subscription includes [Intune](https://docs.microsoft.com/intune/fundamentals/what-is-intune), you can turn tamper protection on (or off) for your organization in the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) portal. -### Prerequisites for managing tamper protection in Intune +### Requirements for managing tamper protection in Intune - You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations. - Your organization uses [Intune to manage devices](https://docs.microsoft.com/intune/fundamentals/what-is-device-management). ([Intune licenses](https://docs.microsoft.com/intune/fundamentals/licenses) are required; Intune is included in Microsoft 365 E5.) @@ -144,11 +144,11 @@ See the following resources: - [Settings for the Windows Security experience profile in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/antivirus-security-experience-windows-settings) - [Tech Community Blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin) -## Turn tamper protection on (or off) in the Microsoft Defender Security Center +## Manage tamper protection in the Microsoft Defender Security Center Currently in preview, tamper protection can be turned on or off in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)). -### Prerequisites for managing tamper protection in the Microsoft Defender Security Center +### Requirements for managing tamper protection in the Microsoft Defender Security Center - You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations. - Your Windows devices must be running one of the following versions of Windows: @@ -157,11 +157,11 @@ Currently in preview, tamper protection can be turned on or off in the Microsoft - Windows Server, version [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803) or later - [Windows Server 2016](/windows-server/get-started/whats-new-in-windows-server-2016) - For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information). -- Your devices must be onboarded to MIcrosoft Defender for Endpoint. -- Your devices must be using anti-malware platform version 4.18.2010.7 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).) -- Cloud Protection must be turned on. - +- Your devices must be [onboarded to MIcrosoft Defender for Endpoint](../microsoft-defender-atp/onboarding.md). +- Your devices must be using anti-malware platform version 4.18.2010.7 (or above) and anti-malware engine version 1.1.17600.5 (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).) +- [Cloud-delivered protection must be turned on](enable-cloud-protection-microsoft-defender-antivirus.md). +### Turn tamper protection on (or off) in the Microsoft Defender Security Center ### Keep the following points in mind From 2bc1a7558788683356714a234e703909833c9ae6 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 14:05:51 -0800 Subject: [PATCH 59/93] Acrolinx: "currenly", "Multilpe" --- .../microsoft-defender-atp/linux-support-perf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md index c1e093f243..9c286456bd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md @@ -35,7 +35,7 @@ Real-time protection (RTP) is a feature of Defender for Endpoint for Linux that Depending on the applications that you are running and your device characteristics, you may experience suboptimal performance when running Defender for Endpoint for Linux. In particular, applications or system processes that access many resources over a short timespan can lead to performance issues in Defender for Endpoint for Linux. -Before starting, **please make sure that other security products are not currenly running on the device**. Multilpe security products may conflict and impact the host performance. +Before starting, **please make sure that other security products are not currently running on the device**. Multiple security products may conflict and impact the host performance. The following steps can be used to troubleshoot and mitigate these issues: From 1d788d8bcf9dfa1fb22a8492889f41b604eee01e Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 14:07:23 -0800 Subject: [PATCH 60/93] Acrolinx: "multi step" --- .../microsoft-defender-atp/mac-install-with-jamf.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md index 4d370ef168..9ca979d54b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md @@ -36,7 +36,7 @@ Learn how to deploy Microsoft Defender for Endpoint for macOS with Jamf Pro. > [!NOTE] > If you are using macOS Catalina (10.15.4) or newer versions of macOS, see [New configuration profiles for macOS Catalina and newer versions of macOS](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies). -This is a multi step process. You'll need to complete all of the following steps: +This is a multistep process. You'll need to complete all of the following steps: - [Login to the Jamf Portal](mac-install-jamfpro-login.md) - [Setup the Microsoft Defender for Endpoint for macOS device groups in Jamf Pro](mac-jamfpro-device-groups.md) From 47c15353a29452413985efd85f18a4e0d39f8b7b Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 14:08:50 -0800 Subject: [PATCH 61/93] Acrolinx: "Microsoft Defender for Endpoint Endpoint Security Extension" --- .../microsoft-defender-atp/mac-install-with-other-mdm.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md index 6e46072d5b..1138236d4b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md @@ -98,7 +98,7 @@ Grant Full Disk Access to the following components: - Identifier Type: Bundle ID - Code Requirement: identifier "com.microsoft.wdav" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /\* exists \*/ and certificate leaf[field.1.2.840.113635.100.6.1.13] /\* exists \*/ and certificate leaf[subject.OU] = UBF8T346G9 -- Microsoft Defender for Endpoint Endpoint Security Extension +- Microsoft Defender for Endpoint Security Extension - Identifier: `com.microsoft.wdav.epsext` - Identifier Type: Bundle ID - Code Requirement: identifier "com.microsoft.wdav.epsext" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9 From a981684a3a993332c4f105ee560c0f31a1e8363c Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:09:24 -0800 Subject: [PATCH 62/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...-to-security-settings-with-tamper-protection.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 30bc6cd8a6..eea652a8e3 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -60,15 +60,15 @@ Tamper protection doesn't prevent you from viewing your security settings. And, | To perform this task... | See this... | |:---|:---| -| Turn tamper protection on for an individual device | [Use the Windows Security app](#turn-tamper-protection-on-or-off-for-an-individual-machine) | -| Turn tamper protection on for your organization | [Use Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) | -| Turn tamper protection on for devices running Windows 10 and Windows Server 2019 with Configuration Manager | [Use tenant attach with Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006) | -| Turn tamper protection on in the Microsoft Defender Security Center |[Use the Microsoft Defender Security Center](#turn-tamper-protection-on-or-off-in-the-microsoft-defender-security-center) | +| Turn tamper protection on for an individual device | [Use the Windows Security app](#manage-tamper-protection-on-an-individual-device) | +| Turn tamper protection on for your organization | [Use Intune](#manage-tamper-protection-for-your-organization-using-intune) | +| Turn tamper protection on for devices running Windows 10 and Windows Server 2019 with Configuration Manager | [Use tenant attach with Configuration Manager, version 2006](#manage-tamper-protection-for-your-organization-with-configuration-manager-version-2006) | +| Turn tamper protection on in the Microsoft Defender Security Center |[Use the Microsoft Defender Security Center](#manage-tamper-protection-for-your-organiztion-using-the-microsoft-defender-security-center) | | View details about tampering attempts on devices | [View information about tampering attempts](#view-information-about-tampering-attempts) | | Review your security recommendations | [Review security recommendations](#review-your-security-recommendations) | | Review the list of frequently asked questions (FAQs) | [Browse the FAQs](#view-information-about-tampering-attempts) | -## Manage tamper protection on an individual machine +## Manage tamper protection on an individual device > [!NOTE] > Tamper protection blocks attempts to modify Microsoft Defender Antivirus settings through the registry. @@ -122,7 +122,7 @@ If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release 2. Use the [Get-MpComputerStatus](https://docs.microsoft.com/powershell/module/defender/get-mpcomputerstatus?view=win10-ps&preserve-view=true) PowerShell cmdlet. 3. In the list of results, look for `IsTamperProtected`. (A value of *true* means tamper protection is enabled.) -## Manage tamper protection with Configuration Manager, version 2006 +## Manage tamper protection for your organization with Configuration Manager, version 2006 > [!IMPORTANT] > The procedure can be used to extend tamper protection to devices running Windows 10 and Windows Server 2019. Make sure to review the prerequisites and other information in the resources mentioned in this procedure. @@ -144,7 +144,7 @@ See the following resources: - [Settings for the Windows Security experience profile in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/antivirus-security-experience-windows-settings) - [Tech Community Blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin) -## Manage tamper protection in the Microsoft Defender Security Center +## Manage tamper protection for your organization using the Microsoft Defender Security Center Currently in preview, tamper protection can be turned on or off in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)). From 306bf2d93394b1cdc85e47e06c7bfaaaf0acd159 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 14:11:27 -0800 Subject: [PATCH 63/93] Corrected incomplete coding of automatic image borders --- .../microsoft-defender-atp/ios-install.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md index d02a9b3d4a..d3614e3095 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md +++ b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md @@ -51,7 +51,7 @@ Deploy Defender for Endpoint for iOS via Intune Company Portal. 1. In [Microsoft Endpoint manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Apps** -> **iOS/iPadOS** -> **Add** -> **iOS store app** and click **Select**. > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center1](images/ios-deploy-1.png) + > ![Image of Microsoft Endpoint Manager Admin Center1](images/ios-deploy-1.png) 1. On the Add app page, click on **Search the App Store** and type **Microsoft Defender ATP** in the search bar. In the search results section, click on *Microsoft Defender ATP* and click **Select**. @@ -63,14 +63,14 @@ Deploy Defender for Endpoint for iOS via Intune Company Portal. > The selected user group should consist of Intune enrolled users. > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center2](images/ios-deploy-2.png) + > ![Image of Microsoft Endpoint Manager Admin Center2](images/ios-deploy-2.png) 1. In the *Review + Create* section, verify that all the information entered is correct and then select **Create**. In a few moments, the Defender for Endpoint app should be created successfully, and a notification should show up at the top-right corner of the page. 1. In the app information page that is displayed, in the **Monitor** section, select **Device install status** to verify that the device installation has completed successfully. > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center3](images/ios-deploy-3.png) + > ![Image of Microsoft Endpoint Manager Admin Center3](images/ios-deploy-3.png) ## Complete onboarding and check status @@ -100,7 +100,7 @@ Intune allows you to configure the Defender for iOS app through an App Configura 1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431) and go to **Apps** > **App configuration policies** > **Add**. Click on **Managed devices**. > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center4](images/ios-deploy-4.png) + > ![Image of Microsoft Endpoint Manager Admin Center4](images/ios-deploy-4.png) 1. In the *Create app configuration policy* page, provide the following information: - Policy Name @@ -108,7 +108,7 @@ Intune allows you to configure the Defender for iOS app through an App Configura - Targeted app: Select **Microsoft Defender ATP** from the list > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center5](images/ios-deploy-5.png) + > ![Image of Microsoft Endpoint Manager Admin Center5](images/ios-deploy-5.png) 1. In the next screen, select **Use configuration designer** as the format. Specify the following property: - Configuration Key: issupervised @@ -116,7 +116,7 @@ Intune allows you to configure the Defender for iOS app through an App Configura - Configuration Value: {{issupervised}} > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center6](images/ios-deploy-6.png) + > ![Image of Microsoft Endpoint Manager Admin Center6](images/ios-deploy-6.png) 1. Click **Next** to open the **Scope tags** page. Scope tags are optional. Click **Next** to continue. @@ -133,7 +133,7 @@ Intune allows you to configure the Defender for iOS app through an App Configura - Navigate to **Devices** -> **iOS/iPadOS** -> **Configuration profiles** -> **Create Profile** > [!div class="mx-imgBorder"] - ![Image of Microsoft Endpoint Manager Admin Center7](images/ios-deploy-7.png) + > ![Image of Microsoft Endpoint Manager Admin Center7](images/ios-deploy-7.png) - Provide a name of the profile. When prompted to import a Configuration profile file, select the one downloaded above. - In the **Assignment** section, select the device group to which you want to apply this profile. As a best practice, this should be applied to all managed iOS devices. Click **Next**. From d406fcec81e0845f74168ee7f6e6ab25655a5e9e Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:12:35 -0800 Subject: [PATCH 64/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...to-security-settings-with-tamper-protection.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index eea652a8e3..3a0887b1d8 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -146,7 +146,11 @@ See the following resources: ## Manage tamper protection for your organization using the Microsoft Defender Security Center -Currently in preview, tamper protection can be turned on or off in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)). +Currently in preview, tamper protection can be turned on or off in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)). Here are a few points to keep in mind: + +- When you use the Microsoft Defender Security Center to manage tamper protection, you do not have to use Intune or the tenant attach method. +- When you manage tamper protection in the Microsoft Defender Security Center, the setting is applied tenant wide, affecting all of your devices that are running Windows 10. To fine-tune tamper protection (such as having tamper protection on for some devices but off for others), use either [Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) or the [tenant attach method](#manage-tamper-protection-with-configuration-manager-version-2006). +- If you have a hybrid environment, tamper protection settings configured in Intune take precedence over settings configured in the Microsoft Defender Security Center. ### Requirements for managing tamper protection in the Microsoft Defender Security Center @@ -163,12 +167,9 @@ Currently in preview, tamper protection can be turned on or off in the Microsoft ### Turn tamper protection on (or off) in the Microsoft Defender Security Center -### Keep the following points in mind - -- When you use the Microsoft Defender Security Center to manage tamper protection, you do not have to use Intune or the tenant attach method. -- When you manage tamper protection in the Microsoft Defender Security Center, the setting is applied tenant wide, affecting all of your devices that are running Windows 10. To fine-tune tamper protection (such as having tamper protection on for some devices but off for others), use either [Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) or the [tenant attach method](#manage-tamper-protection-with-configuration-manager-version-2006). -- If you have a hybrid environment, tamper protection settings configured in Intune take precedence over settings configured in the Microsoft Defender Security Center. - +1. Go to the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and sign in. +2. Choose **Settings**. +3. Go to **General** > **Advanced features**, and then turn tamper protection on. ## View information about tampering attempts From 7f6b04fc198cafc27f87a1aa6e13f749718763cf Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:13:28 -0800 Subject: [PATCH 65/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 3a0887b1d8..f0ba5681d4 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -167,6 +167,8 @@ Currently in preview, tamper protection can be turned on or off in the Microsoft ### Turn tamper protection on (or off) in the Microsoft Defender Security Center +:::image type="content" source="images/mde-turn-tamperprotect-on.png" alt-text="Turn tamper protection on in the Microsoft Defender Security Center"::: + 1. Go to the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and sign in. 2. Choose **Settings**. 3. Go to **General** > **Advanced features**, and then turn tamper protection on. From 0e3785b302793792da8bb93332f8c0fc5f31d64b Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:16:23 -0800 Subject: [PATCH 66/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...nt-changes-to-security-settings-with-tamper-protection.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index f0ba5681d4..bd83299fe9 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -30,8 +30,9 @@ ms.technology: mde Tamper protection, currently in [preview](../../includes/prerelease.md), is available on devices that are running one of the following versions of Windows: - Windows 10 -- Windows Server 2016 and 2019 (if you are using either [tenant attach with Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006) or - +- Windows Server 2019 +- Windows Server, version 1803 or later +- Windows Server 2016 ## Overview From 965daea537139eac62a4bcc867fce615de248687 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:18:41 -0800 Subject: [PATCH 67/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...changes-to-security-settings-with-tamper-protection.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index bd83299fe9..15726f51dd 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -78,13 +78,13 @@ Tamper protection doesn't prevent you from viewing your security settings. And, > > Once you’ve made this update, tamper protection continues to protect your registry settings, and logs attempts to modify them without returning errors. -If you are a home user, or you are not subject to settings managed by a security team, you can use the Windows Security app to turn tamper protection on or off. You must have appropriate admin permissions on your machine to do change security settings, such as tamper protection. +If you are a home user, or you are not subject to settings managed by a security team, you can use the Windows Security app to manage tamper protection. You must have appropriate admin permissions on your device to do change security settings, such as tamper protection. Here's what you see in the Windows Security app: ![Tamper protection turned on in Windows 10 Home](images/tamperprotectionturnedon.png) -1. Click **Start**, and start typing *Security*. In the search results, select **Windows Security**. +1. Select **Start**, and start typing *Security*. In the search results, select **Windows Security**. 2. Select **Virus & threat protection** > **Virus & threat protection settings**. 3. Set **Tamper Protection** to **On** or **Off**. @@ -162,7 +162,7 @@ Currently in preview, tamper protection can be turned on or off in the Microsoft - Windows Server, version [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803) or later - [Windows Server 2016](/windows-server/get-started/whats-new-in-windows-server-2016) - For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information). -- Your devices must be [onboarded to MIcrosoft Defender for Endpoint](../microsoft-defender-atp/onboarding.md). +- Your devices must be [onboarded to Microsoft Defender for Endpoint](../microsoft-defender-atp/onboarding.md). - Your devices must be using anti-malware platform version 4.18.2010.7 (or above) and anti-malware engine version 1.1.17600.5 (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).) - [Cloud-delivered protection must be turned on](enable-cloud-protection-microsoft-defender-antivirus.md). @@ -254,7 +254,7 @@ If a device is off-boarded from Microsoft Defender for Endpoint, tamper protecti Yes. The alert is shown in [https://securitycenter.microsoft.com](https://securitycenter.microsoft.com) under **Alerts**. -In addition, your security operations team can use hunting queries, such as the following example: +Your security operations team can also use hunting queries, such as the following example: `DeviceAlertEvents | where Title == "Tamper Protection bypass"` From dd94f51d5145cd7bcdcbc0dbafdf77c29388960f Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:19:18 -0800 Subject: [PATCH 68/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 15726f51dd..33f03234bc 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -55,7 +55,7 @@ Tamper protection essentially locks Microsoft Defender Antivirus and prevents yo - Changing settings through PowerShell cmdlets - Editing or removing security settings through group policies -Tamper protection doesn't prevent you from viewing your security settings. And, tamper protection doesn't affect how third-party antivirus apps register with the Windows Security app. If your organization is using Windows 10 Enterprise E5, individual users can't change the tamper protection setting; tamper protection is managed by your security team. +Tamper protection doesn't prevent you from viewing your security settings. And, tamper protection doesn't affect how third-party antivirus apps register with the Windows Security app. If your organization is using Windows 10 Enterprise E5, individual users can't change the tamper protection setting; in those cases, tamper protection is managed by your security team. ### What do you want to do? From 3cc65289ccf916bb3f89841f8383d4aa70cd5536 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:21:11 -0800 Subject: [PATCH 69/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 33f03234bc..6bd4f7aacf 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -59,7 +59,7 @@ Tamper protection doesn't prevent you from viewing your security settings. And, ### What do you want to do? -| To perform this task... | See this... | +| To perform this task... | See this section... | |:---|:---| | Turn tamper protection on for an individual device | [Use the Windows Security app](#manage-tamper-protection-on-an-individual-device) | | Turn tamper protection on for your organization | [Use Intune](#manage-tamper-protection-for-your-organization-using-intune) | From 25bf8aa71757cffda2400c95de677f90e13e449e Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Tue, 16 Feb 2021 14:23:39 -0800 Subject: [PATCH 70/93] title changes --- ...-extension-file-exclusions-microsoft-defender-antivirus.md | 2 ++ ...-potentially-unwanted-apps-microsoft-defender-antivirus.md | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md index 49091cb89b..54c891a786 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md @@ -31,6 +31,8 @@ ms.technology: mde You can exclude certain files from Microsoft Defender Antivirus scans by modifying exclusion lists. **Generally, you shouldn't need to apply exclusions**. Microsoft Defender Antivirus includes many automatic exclusions based on known operating system behaviors and typical management files, such as those used in enterprise management, database management, and other enterprise scenarios and situations. +**Note**: Exclusions apply to Potentially Unwanted Apps (PUA) detections as well. + > [!NOTE] > Automatic exclusions apply only to Windows Server 2016 and above. These exclusions are not visible in the Windows Security app and in PowerShell. diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md index 173e44d6f2..c061f72dc6 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md @@ -151,7 +151,7 @@ Setting the value for this cmdlet to `Disabled` turns the feature off if it has See [Use PowerShell cmdlets to configure and run Microsoft Defender Antivirus](use-powershell-cmdlets-microsoft-defender-antivirus.md) and [Defender cmdlets](https://docs.microsoft.com/powershell/module/defender/index) for more information on how to use PowerShell with Microsoft Defender Antivirus. -### View PUA events +## View PUA events PUA events are reported in the Windows Event Viewer, but not in Microsoft Endpoint Manager or in Intune. You can also use the `Get-MpThreat` cmdlet to view threats that Microsoft Defender Antivirus handled. Here's an example: @@ -174,7 +174,7 @@ You can turn on email notifications to receive mail about PUA detections. See [Troubleshoot event IDs](troubleshoot-microsoft-defender-antivirus.md) for details on viewing Microsoft Defender Antivirus events. PUA events are recorded under event ID **1160**. -### Allow-listing apps +## Excluding files Sometimes a file is erroneously blocked by PUA protection, or a feature of a PUA is required to complete a task. In these cases, a file can be allow-listed. From dae577be97753903526b02baca883419a6fb7ea1 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 16 Feb 2021 14:26:06 -0800 Subject: [PATCH 71/93] remove duplicate description --- .../threat-protection/microsoft-defender-atp/manage-edr.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md index 217dcdf4ea..d053e3cc3d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md @@ -2,7 +2,6 @@ title: Manage endpoint detection and response capabilities description: Manage endpoint detection and response capabilities ms.reviewer: -description: Manage endpoint detection and response capabilities keywords: search.product: eADQiWindows 10XVcnh search.appverid: met150 From 34ae93709b8ec81bc424ec901acdd9ea724b63dc Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Tue, 16 Feb 2021 14:33:03 -0800 Subject: [PATCH 72/93] list --- ...ck-potentially-unwanted-apps-microsoft-defender-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md index c061f72dc6..eedb6be8ae 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md @@ -176,7 +176,7 @@ See [Troubleshoot event IDs](troubleshoot-microsoft-defender-antivirus.md) for d ## Excluding files -Sometimes a file is erroneously blocked by PUA protection, or a feature of a PUA is required to complete a task. In these cases, a file can be allow-listed. +Sometimes a file is erroneously blocked by PUA protection, or a feature of a PUA is required to complete a task. In these cases, a file can be added to an exclusion list. For more information, see [Configure and validate exclusions based on file extension and folder location](configure-extension-file-exclusions-microsoft-defender-antivirus.md). From deb021f484c3c8172629251b15224c434d062e83 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:46:23 -0800 Subject: [PATCH 73/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...revent-changes-to-security-settings-with-tamper-protection.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 6bd4f7aacf..7af80ebac0 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -152,6 +152,7 @@ Currently in preview, tamper protection can be turned on or off in the Microsoft - When you use the Microsoft Defender Security Center to manage tamper protection, you do not have to use Intune or the tenant attach method. - When you manage tamper protection in the Microsoft Defender Security Center, the setting is applied tenant wide, affecting all of your devices that are running Windows 10. To fine-tune tamper protection (such as having tamper protection on for some devices but off for others), use either [Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) or the [tenant attach method](#manage-tamper-protection-with-configuration-manager-version-2006). - If you have a hybrid environment, tamper protection settings configured in Intune take precedence over settings configured in the Microsoft Defender Security Center. +- Tamper protection is generally available; however, the ability to manage tamper protection in the Microsoft Defender Security Center is currently in preview. ### Requirements for managing tamper protection in the Microsoft Defender Security Center From 56d6db385321bc85936d0b7ccaa10578b2da45cf Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:48:53 -0800 Subject: [PATCH 74/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 7af80ebac0..fd94f30cd5 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -130,7 +130,7 @@ If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10, Windows Server 2016, and Windows Server 2019 by using a method called *tenant attach*. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver your endpoint security configuration policies to your on-premises collections & devices. -:::image type="content" source="images/win-security- exp-policy-endpt-security.png" alt-text="Windows security experience in Endpoint Manager"::: +![Windows security experience in Endpoint Manager](images/win-security- exp-policy-endpt-security.png) 1. Set up tenant attach. See [Microsoft Endpoint Manager tenant attach: Device sync and device actions](https://docs.microsoft.com/mem/configmgr/tenant-attach/device-sync-actions). 2. In the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Endpoint security** > **Antivirus**, and choose **+ Create Policy**.
From 8b1456745fff1102698c25621f3d0a6e5c5e44af Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:49:30 -0800 Subject: [PATCH 75/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index fd94f30cd5..4413ec0512 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -169,7 +169,7 @@ Currently in preview, tamper protection can be turned on or off in the Microsoft ### Turn tamper protection on (or off) in the Microsoft Defender Security Center -:::image type="content" source="images/mde-turn-tamperprotect-on.png" alt-text="Turn tamper protection on in the Microsoft Defender Security Center"::: +![Turn tamper protection on in the Microsoft Defender Security Center](images/mde-turn-tamperprotect-on.png) 1. Go to the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and sign in. 2. Choose **Settings**. From 08f27a0103193e83d893d4c39ea54ec5eae4f9b7 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:54:03 -0800 Subject: [PATCH 76/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...changes-to-security-settings-with-tamper-protection.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 4413ec0512..37bd02f704 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -61,10 +61,10 @@ Tamper protection doesn't prevent you from viewing your security settings. And, | To perform this task... | See this section... | |:---|:---| -| Turn tamper protection on for an individual device | [Use the Windows Security app](#manage-tamper-protection-on-an-individual-device) | -| Turn tamper protection on for your organization | [Use Intune](#manage-tamper-protection-for-your-organization-using-intune) | -| Turn tamper protection on for devices running Windows 10 and Windows Server 2019 with Configuration Manager | [Use tenant attach with Configuration Manager, version 2006](#manage-tamper-protection-for-your-organization-with-configuration-manager-version-2006) | -| Turn tamper protection on in the Microsoft Defender Security Center |[Use the Microsoft Defender Security Center](#manage-tamper-protection-for-your-organiztion-using-the-microsoft-defender-security-center) | +| Turn tamper protection on (or off) for an individual device | [Manage tamper protection on an individual device](#manage-tamper-protection-on-an-individual-device) | +| Turn tamper protection on (or off) for all or part of your organization with Intune

Fine-tune tamper protection settings in your organization | [Manage tamper protection for your organization using Intune](#manage-tamper-protection-for-your-organization-using-intune) | +| Turn tamper protection on (or off) for your organization with Configuration Manager | [Manage tamper protection for your organization with Configuration Manager, version 2006](#manage-tamper-protection-for-your-organization-with-configuration-manager-version-2006) | +| Turn tamper protection on in the Microsoft Defender Security Center

Manage tamper protection across your tenant | [Manage tamper protection for your organization using the Microsoft Defender Security Center](#manage-tamper-protection-for-your-organization-using-the-microsoft-defender-security-center) | | View details about tampering attempts on devices | [View information about tampering attempts](#view-information-about-tampering-attempts) | | Review your security recommendations | [Review security recommendations](#review-your-security-recommendations) | | Review the list of frequently asked questions (FAQs) | [Browse the FAQs](#view-information-about-tampering-attempts) | From e288fe627d8513328338937d849a8a2b8ca6e5ef Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 14:55:53 -0800 Subject: [PATCH 77/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 37bd02f704..3b250babb0 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -90,7 +90,7 @@ Here's what you see in the Windows Security app: ## Manage tamper protection for your organization using Intune -If you are part of your organization's security team, and your subscription includes [Intune](https://docs.microsoft.com/intune/fundamentals/what-is-intune), you can turn tamper protection on (or off) for your organization in the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) portal. +If you are part of your organization's security team, and your subscription includes [Intune](https://docs.microsoft.com/intune/fundamentals/what-is-intune), you can turn tamper protection on (or off) for your organization in the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) portal. Use Intune when you want to fine-tune tamper protection settings. For example, if you want to enable tamper protection on some devices, but not all, use Intune. ### Requirements for managing tamper protection in Intune From 9de13476ac5829b9b5f3508335e5b184edbaec2e Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 15:03:33 -0800 Subject: [PATCH 78/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 3b250babb0..6316b81245 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -128,7 +128,7 @@ If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release > [!IMPORTANT] > The procedure can be used to extend tamper protection to devices running Windows 10 and Windows Server 2019. Make sure to review the prerequisites and other information in the resources mentioned in this procedure. -If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10, Windows Server 2016, and Windows Server 2019 by using a method called *tenant attach*. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver your endpoint security configuration policies to your on-premises collections & devices. +If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10, Windows Server 2016, and Windows Server 2019 by using a method called *tenant attach*. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver endpoint security configuration policies to on-premises collections & devices. ![Windows security experience in Endpoint Manager](images/win-security- exp-policy-endpt-security.png) From 66ae0a27c3ed996b6feb54abc10262478932860c Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 18:10:48 -0800 Subject: [PATCH 79/93] Acrolinx: "engange" --- .../threat-protection/microsoft-defender-atp/community.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/community.md b/windows/security/threat-protection/microsoft-defender-atp/community.md index 5ac9580052..e8debb489b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/community.md +++ b/windows/security/threat-protection/microsoft-defender-atp/community.md @@ -1,6 +1,6 @@ --- title: Access the Microsoft Defender for Endpoint Community Center -description: Access the Microsoft Defender ATP Community Center to share experiences, engange, and learn about the product. +description: Access the Microsoft Defender ATP Community Center to share experiences, engage, and learn about the product. keywords: community, community center, tech community, conversation, announcements search.product: eADQiWindows 10XVcnh search.appverid: met150 From 114959efeea16f8b804631a302a70a849c810946 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 18:12:19 -0800 Subject: [PATCH 80/93] Acrolinx: "Powershell" --- .../configure-attack-surface-reduction.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md index 6b643c1ae3..767a807717 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md @@ -1,6 +1,6 @@ --- title: Configure attack surface reduction -description: Use Microsoft Intune, Microsoft Endpoint Configuration Manager, Powershell cmdlets, and Group Policy to configure attack surface reduction. +description: Use Microsoft Intune, Microsoft Endpoint Configuration Manager, PowerShell cmdlets, and Group Policy to configure attack surface reduction. keywords: asr, attack surface reduction, windows defender, microsoft defender, antivirus, av search.product: eADQiWindows 10XVcnh search.appverid: met150 From 867d8bd2bc1613faf3da3023792fc446390ae108 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 18:19:10 -0800 Subject: [PATCH 81/93] Various corrections to layout Second-level list items often do not correctly get a hanging indentation unless automatic number (1, 1, 1) is used. When a list is not sequential, it should use bullets not a number/letter sequence. --- .../configure-endpoints-gp.md | 49 ++++++++++--------- 1 file changed, 27 insertions(+), 22 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md index 5b9a8a4696..47651ed9e4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md @@ -34,7 +34,7 @@ ms.technology: mde > [!NOTE] > To use Group Policy (GP) updates to deploy the package, you must be on Windows Server 2008 R2 or later. - +> > For Windows Server 2019, you may need to replace NT AUTHORITY\Well-Known-System-Account with NT AUTHORITY\SYSTEM of the XML file that the Group Policy preference creates. ## Onboard devices using Group Policy @@ -48,13 +48,13 @@ Check out the [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/publ 1. Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/): - a. In the navigation pane, select **Settings** > **Onboarding**. + 1. In the navigation pane, select **Settings** > **Onboarding**. - b. Select Windows 10 as the operating system. + 1. Select Windows 10 as the operating system. - c. In the **Deployment method** field, select **Group policy**. + 1. In the **Deployment method** field, select **Group policy**. - d. Click **Download package** and save the .zip file. + 1. Click **Download package** and save the .zip file. 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the device. You should have a folder called *OptionalParamsPolicy* and the file *WindowsDefenderATPOnboardingScript.cmd*. @@ -84,16 +84,16 @@ You can use Group Policy (GP) to configure settings, such as settings for the sa 1. On your GP management device, copy the following files from the configuration package: - a. Copy _AtpConfiguration.admx_ into _C:\\Windows\\PolicyDefinitions_ + - Copy _AtpConfiguration.admx_ into _C:\\Windows\\PolicyDefinitions_ - b. Copy _AtpConfiguration.adml_ into _C:\\Windows\\PolicyDefinitions\\en-US_ + - Copy _AtpConfiguration.adml_ into _C:\\Windows\\PolicyDefinitions\\en-US_ If you are using a [Central Store for Group Policy Administrative Templates](https://support.microsoft.com/help/3087759/how-to-create-and-manage-the-central-store-for-group-policy-administra), copy the following files from the configuration package: - a. Copy _AtpConfiguration.admx_ into _\\\\\\\SysVol\\\\\Policies\\PolicyDefinitions_ + - Copy _AtpConfiguration.admx_ into _\\\\\\\SysVol\\\\\Policies\\PolicyDefinitions_ - b. Copy _AtpConfiguration.adml_ into _\\\\\\\SysVol\\\\\Policies\\PolicyDefinitions\\en-US_ + - Copy _AtpConfiguration.adml_ into _\\\\\\\SysVol\\\\\Policies\\PolicyDefinitions\\en-US_ 2. Open the [Group Policy Management Console](https://docs.microsoft.com/internet-explorer/ie11-deploy-guide/group-policy-and-group-policy-mgmt-console-ie11), right-click the GPO you want to configure and click **Edit**. @@ -123,13 +123,14 @@ Policy | Setting :---|:--- Enable\Disable Sample collection| Enabled - "Enable sample collection on machines" checked - +
**Policy location:** \Windows Components\Windows Defender Antivirus Policy | Setting :---|:--- Configure detection for potentially unwanted applications | Enabled, Block +
**Policy location:** \Windows Components\Windows Defender Antivirus\MAPS Policy | Setting @@ -137,6 +138,7 @@ Policy | Setting Join Microsoft MAPS | Enabled, Advanced MAPS Send file samples when further analysis is required | Enabled, Send safe samples +
**Policy location:** \Windows Components\Windows Defender Antivirus\Real-time Protection Policy | Setting @@ -146,7 +148,7 @@ Turn on behavior monitoring|Enabled Scan all downloaded files and attachments|Enabled Monitor file and program activity on your computer|Enabled - +
**Policy location:** \Windows Components\Windows Defender Antivirus\Scan These settings configure periodic scans of the endpoint. We recommend performing a weekly quick scan, performance permitting. @@ -156,19 +158,21 @@ Policy | Setting Check for the latest virus and spyware security intelligence before running a scheduled scan |Enabled - -**Policy location:** \Windows Components\Windows Defender Antivirus\Windows Defender Exploit Guard\Attack Surface Reduction +
**Policy location:** \Windows Components\Windows Defender Antivirus\Windows Defender Exploit Guard\Attack Surface Reduction Get the current list of attack surface reduction GUIDs from [Customize attack surface reduction rules](customize-attack-surface-reduction.md) 1. Open the **Configure Attack Surface Reduction** policy. -2. Select **Enabled**. -3. Select the **Show…** button. -4. Add each GUID in the **Value Name** field with a Value of 2. -This will set each up for audit only. +1. Select **Enabled**. -![Image of attack surface reduction configuration](images/asr-guid.png) +1. Select the **Show** button. + +1. Add each GUID in the **Value Name** field with a Value of 2. + + This will set each up for audit only. + + ![Image of attack surface reduction configuration](images/asr-guid.png) @@ -186,13 +190,13 @@ For security reasons, the package used to Offboard devices will expire 30 days a 1. Get the offboarding package from [Microsoft Defender Security Center](https://securitycenter.windows.com/): - a. In the navigation pane, select **Settings** > **Offboarding**. + 1. In the navigation pane, select **Settings** > **Offboarding**. - b. Select Windows 10 as the operating system. + 1. Select Windows 10 as the operating system. - c. In the **Deployment method** field, select **Group policy**. + 1. In the **Deployment method** field, select **Group policy**. - d. Click **Download package** and save the .zip file. + 1. Click **Download package** and save the .zip file. 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the device. You should have a file named *WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd*. @@ -218,6 +222,7 @@ For security reasons, the package used to Offboard devices will expire 30 days a With Group Policy there isn’t an option to monitor deployment of policies on the devices. Monitoring can be done directly on the portal, or by using the different deployment tools. ## Monitor devices using the portal + 1. Go to [Microsoft Defender Security Center](https://securitycenter.windows.com/). 2. Click **Devices list**. 3. Verify that devices are appearing. From 93c3e44a70334e5da6deb0b422444f1e31677899 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 18:22:26 -0800 Subject: [PATCH 82/93] Corrections for layout Second-level list items often do not have proper hanging indentation unless they use automatic numbering (1, 1, 1). --- .../configure-endpoints-mdm.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md index 829644772f..603253f4a4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md @@ -67,20 +67,20 @@ For security reasons, the package used to Offboard devices will expire 30 days a 1. Get the offboarding package from [Microsoft Defender Security Center](https://securitycenter.windows.com/): - a. In the navigation pane, select **Settings** > **Offboarding**. + 1. In the navigation pane, select **Settings** > **Offboarding**. - b. Select Windows 10 as the operating system. + 1. Select Windows 10 as the operating system. - c. In the **Deployment method** field, select **Mobile Device Management / Microsoft Intune**. + 1. In the **Deployment method** field, select **Mobile Device Management / Microsoft Intune**. - d. Click **Download package**, and save the .zip file. + 1. Click **Download package**, and save the .zip file. 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file named *WindowsDefenderATP_valid_until_YYYY-MM-DD.offboarding*. 3. Use the Microsoft Intune custom configuration policy to deploy the following supported OMA-URI settings. - OMA-URI: ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/Offboarding - Date type: String + OMA-URI: ./Device/Vendor/MSFT/WindowsAdvancedThreatProtection/Offboarding
+ Date type: String
Value: [Copy and paste the value from the content of the WindowsDefenderATP_valid_until_YYYY-MM-DD.offboarding file] For more information on Microsoft Intune policy settings see, [Windows 10 policy settings in Microsoft Intune](https://docs.microsoft.com/intune/deploy-use/windows-10-policy-settings-in-microsoft-intune). From baa217fc6cc9fce9ba5266eecbf9882c9945ae1e Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 18:28:24 -0800 Subject: [PATCH 83/93] Corrections for layout, code block type Second-level list items often do not have proper hanging indentation unless they use automatic numbering (1, 1, 1). "Console" is a valid type for code blocks and the closest match available. --- .../configure-endpoints-sccm.md | 31 ++++++++++--------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md index b8d9793a7b..4d619ca79e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md @@ -67,13 +67,13 @@ Check out the [PDF](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/publ 1. Open the Configuration Manager configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/): - a. In the navigation pane, select **Settings** > **Onboarding**. + 1. In the navigation pane, select **Settings** > **Onboarding**. - b. Select Windows 10 as the operating system. + 1. Select Windows 10 as the operating system. - c. In the **Deployment method** field, select **System Center Configuration Manager 2012/2012 R2/1511/1602**. + 1. In the **Deployment method** field, select **System Center Configuration Manager 2012/2012 R2/1511/1602**. - d. Select **Download package**, and save the .zip file. + 1. Select **Download package**, and save the .zip file. 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file named *WindowsDefenderATPOnboardingScript.cmd*. @@ -107,11 +107,12 @@ This rule should be a *remediating* compliance rule configuration item that sets The configuration is set through the following registry key entry: -``` -Path: “HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection” +```console +Path: "HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection" Name: "AllowSampleCollection" Value: 0 or 1 ``` + Where:
Key type is a D-WORD.
Possible values are: @@ -175,13 +176,13 @@ If you use Microsoft Endpoint Manager current branch, see [Create an offboarding 1. Get the offboarding package from [Microsoft Defender Security Center](https://securitycenter.windows.com/): - a. In the navigation pane, select **Settings** > **Offboarding**. + 1. In the navigation pane, select **Settings** > **Offboarding**. - b. Select Windows 10 as the operating system. + 1. Select Windows 10 as the operating system. - c. In the **Deployment method** field, select **System Center Configuration Manager 2012/2012 R2/1511/1602**. + 1. In the **Deployment method** field, select **System Center Configuration Manager 2012/2012 R2/1511/1602**. - d. Select **Download package**, and save the .zip file. + 1. Select **Download package**, and save the .zip file. 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the network administrators who will deploy the package. You should have a file named *WindowsDefenderATPOffboardingScript_valid_until_YYYY-MM-DD.cmd*. @@ -224,11 +225,13 @@ You can set a compliance rule for configuration item in System Center 2012 R2 Co This rule should be a *non-remediating* compliance rule configuration item that monitors the value of a registry key on targeted devices. Monitor the following registry key entry: + +```console +Path: "HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status" +Name: "OnboardingState" +Value: "1" ``` -Path: “HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status” -Name: “OnboardingState” -Value: “1” -``` + For more information, see [Introduction to compliance settings in System Center 2012 R2 Configuration Manager](https://docs.microsoft.com/previous-versions/system-center/system-center-2012-R2/gg682139\(v=technet.10\)). ## Related topics From 9492a8df26236e4a85421edc2dbbe14f4befdc8c Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 19:26:21 -0800 Subject: [PATCH 84/93] Added automatic image border --- .../defender-endpoint-false-positives-negatives.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md b/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md index 2016a7df22..87dd461c37 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md +++ b/windows/security/threat-protection/microsoft-defender-atp/defender-endpoint-false-positives-negatives.md @@ -137,7 +137,8 @@ When you're done reviewing and undoing actions that were taken as a result of fa ### Remove a file from quarantine across multiple devices -![Quarantine file](images/autoir-quarantine-file-1.png) +> [!div class="mx-imgBorder"] +> ![Quarantine file](images/autoir-quarantine-file-1.png) 1. Go to the Action center ([https://securitycenter.windows.com/action-center](https://securitycenter.windows.com/action-center)) and sign in. 2. On the **History** tab, select a file that has the Action type **Quarantine file**. From caf10a62471ac084d217700bd80987f65f37e25e Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 20:23:26 -0800 Subject: [PATCH 85/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 6316b81245..3298fb804c 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -27,7 +27,7 @@ ms.technology: mde - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) -Tamper protection, currently in [preview](../../includes/prerelease.md), is available on devices that are running one of the following versions of Windows: +Tamper protection is available for devices that are running one of the following versions of Windows: - Windows 10 - Windows Server 2019 From 0b82029680deef6d2c8c7c10bc47a64af4b7db79 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 20:25:55 -0800 Subject: [PATCH 86/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 3298fb804c..c1a9e12c1c 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -150,7 +150,7 @@ See the following resources: Currently in preview, tamper protection can be turned on or off in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)). Here are a few points to keep in mind: - When you use the Microsoft Defender Security Center to manage tamper protection, you do not have to use Intune or the tenant attach method. -- When you manage tamper protection in the Microsoft Defender Security Center, the setting is applied tenant wide, affecting all of your devices that are running Windows 10. To fine-tune tamper protection (such as having tamper protection on for some devices but off for others), use either [Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) or the [tenant attach method](#manage-tamper-protection-with-configuration-manager-version-2006). +- When you manage tamper protection in the Microsoft Defender Security Center, the setting is applied tenant wide, affecting all of your devices that are running Windows 10. To fine-tune tamper protection (such as having tamper protection on for some devices but off for others), use either [Intune](#manage-tamper-protection-for-your-organization-using-intune) or [Configuration Manager with tenant attach](#manage-tamper-protection-for-your-organization-with-configuration-manager-version-2006). - If you have a hybrid environment, tamper protection settings configured in Intune take precedence over settings configured in the Microsoft Defender Security Center. - Tamper protection is generally available; however, the ability to manage tamper protection in the Microsoft Defender Security Center is currently in preview. From b41d244d949d8d9f716ae1c7c111b785cedc6979 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 20:27:52 -0800 Subject: [PATCH 87/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...changes-to-security-settings-with-tamper-protection.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index c1a9e12c1c..9226c5487c 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -215,13 +215,13 @@ Devices that are onboarded to Microsoft Defender for Endpoint will have Microsof ### How can I turn tamper protection on/off? -If you are a home user, see [Turn tamper protection on (or off) for an individual device](#turn-tamper-protection-on-or-off-for-an-individual-machine). +If you are a home user, see [Manage tamper protection on an individual device](#manage-tamper-protection-on-an-individual-device). If you are an organization using [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), you should be able to manage tamper protection in Intune similar to how you manage other endpoint protection features. See the following sections of this article: -- [Turn tamper protection on (or off) for your organization using Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) - -- [Manage tamper protection with Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006) +- [Manage tamper protection using Intune](#manage-tamper-protection-for-your-organization-using-intune) +- [Manage tamper protection using Configuration Manager, version 2006](#manage-tamper-protection-for-your-organization-with-configuration-manager-version-2006) +- [Manage tamper protection using the Microsoft Defender Security Center](#manage-tamper-protection-for-your-organization-using-the-microsoft-defender-security-center) (currently in preview) ### How does configuring tamper protection in Intune affect how I manage Microsoft Defender Antivirus through my group policy? From 731b63fb69058b8f51da086fdcda07a57c0228c6 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 20:28:53 -0800 Subject: [PATCH 88/93] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...ent-changes-to-security-settings-with-tamper-protection.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 9226c5487c..e7286a1d8b 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -233,7 +233,9 @@ Configuring tamper protection in Intune or Microsoft Endpoint Manager can be tar ### Can I configure Tamper Protection in Microsoft Endpoint Configuration Manager? -If you are using tenant attach, you can use Microsoft Endpoint Configuration Manager. See [Manage tamper protection with Configuration Manager, version 2006](#manage-tamper-protection-with-configuration-manager-version-2006) and [Tech Community blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin). +If you are using tenant attach, you can use Microsoft Endpoint Configuration Manager. See the following resources: +- [Manage tamper protection for your organization with Configuration Manager, version 2006](#manage-tamper-protection-for-your-organization-with-configuration-manager-version-2006) +- [Tech Community blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin) ### I have the Windows E3 enrollment. Can I use configuring tamper protection in Intune? From 79cbd4d22784ef9266122e17285c49c83041592e Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 20:30:29 -0800 Subject: [PATCH 89/93] Update whats-new-in-microsoft-defender-atp.md --- .../whats-new-in-microsoft-defender-atp.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md index a22485ff25..dbac12f064 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md @@ -24,7 +24,6 @@ ms.technology: mde [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] - **Applies to:** - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) @@ -99,7 +98,7 @@ For more information preview features, see [Preview features](https://docs.micro ## September 2019 -- [Tamper Protection settings using Intune](../microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md#turn-tamper-protection-on-or-off-for-your-organization-using-intune)
You can now turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management Portal (Intune). +- [Tamper protection settings using Intune](../microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md#manage-tamper-protection-for-your-organization-using-intune)
You can now turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management Portal (Intune). - [Live response](live-response.md)
Get instantaneous access to a device using a remote shell connection. Do in-depth investigative work and take immediate response actions to promptly contain identified threats - real-time. From 9ea9db8bb205601ded7d3fa3e9dcbc9345b50351 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Tue, 16 Feb 2021 20:36:04 -0800 Subject: [PATCH 90/93] Update manage-edr.md --- .../threat-protection/microsoft-defender-atp/manage-edr.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md index 217dcdf4ea..d053e3cc3d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md +++ b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md @@ -2,7 +2,6 @@ title: Manage endpoint detection and response capabilities description: Manage endpoint detection and response capabilities ms.reviewer: -description: Manage endpoint detection and response capabilities keywords: search.product: eADQiWindows 10XVcnh search.appverid: met150 From 4366ccdbeae27075023ab2c4cda80c2c86ec7b70 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Tue, 16 Feb 2021 21:15:15 -0800 Subject: [PATCH 91/93] Added spacing --- .../microsoft-defender-atp/configure-endpoints-gp.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md index 47651ed9e4..166d6e77a5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md @@ -124,6 +124,7 @@ Policy | Setting Enable\Disable Sample collection| Enabled - "Enable sample collection on machines" checked
+ **Policy location:** \Windows Components\Windows Defender Antivirus Policy | Setting @@ -131,6 +132,7 @@ Policy | Setting Configure detection for potentially unwanted applications | Enabled, Block
+ **Policy location:** \Windows Components\Windows Defender Antivirus\MAPS Policy | Setting @@ -139,6 +141,7 @@ Join Microsoft MAPS | Enabled, Advanced MAPS Send file samples when further analysis is required | Enabled, Send safe samples
+ **Policy location:** \Windows Components\Windows Defender Antivirus\Real-time Protection Policy | Setting @@ -149,6 +152,7 @@ Scan all downloaded files and attachments|Enabled Monitor file and program activity on your computer|Enabled
+ **Policy location:** \Windows Components\Windows Defender Antivirus\Scan These settings configure periodic scans of the endpoint. We recommend performing a weekly quick scan, performance permitting. @@ -158,7 +162,9 @@ Policy | Setting Check for the latest virus and spyware security intelligence before running a scheduled scan |Enabled -
**Policy location:** \Windows Components\Windows Defender Antivirus\Windows Defender Exploit Guard\Attack Surface Reduction +
+ +**Policy location:** \Windows Components\Windows Defender Antivirus\Windows Defender Exploit Guard\Attack Surface Reduction Get the current list of attack surface reduction GUIDs from [Customize attack surface reduction rules](customize-attack-surface-reduction.md) From 3bd26ab1cdc5fca0ed93c721f5105586a4d11d92 Mon Sep 17 00:00:00 2001 From: Sunayana Singh <57405155+sunasing@users.noreply.github.com> Date: Wed, 17 Feb 2021 13:08:18 +0530 Subject: [PATCH 92/93] Updated a note on pre-requisites --- .../microsoft-defender-atp/microsoft-defender-atp-ios.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md index a1de0acb00..93f29b113b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md @@ -45,6 +45,7 @@ iOS devices along with other platforms. - Device(s) are [enrolled](https://docs.microsoft.com/mem/intune/user-help/enroll-your-device-in-intune-ios) via the Intune Company Portal app to enforce Intune device compliance policies. This requires the end user to be assigned a Microsoft Intune license. - Intune Company Portal app can be downloaded from the [Apple App Store](https://apps.apple.com/us/app/intune-company-portal/id719171358). + - Note that Apple does not allow redirecting users to download other apps from the app store and hence this step needs to be done by the user before onboarding to Microsoft Defender for Endpoint app. - For more information on how to assign licenses, see [Assign licenses to users](https://docs.microsoft.com/azure/active-directory/users-groups-roles/licensing-groups-assign). From d4051e408285dd7aae2046858c923d1b97fbc3b5 Mon Sep 17 00:00:00 2001 From: adirdidi <68847945+adirdidi@users.noreply.github.com> Date: Wed, 17 Feb 2021 12:52:14 +0200 Subject: [PATCH 93/93] Update gov.md "Management and APIs: Device health and compliance report" now available for GCC High & DoD. --- .../security/threat-protection/microsoft-defender-atp/gov.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/gov.md b/windows/security/threat-protection/microsoft-defender-atp/gov.md index e30f0defb0..555ab3ee79 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/gov.md +++ b/windows/security/threat-protection/microsoft-defender-atp/gov.md @@ -142,7 +142,7 @@ Automated investigation and remediation: Live response | ![Yes](../images/svg/ch Automated investigation and remediation: Response to Office 365 alerts | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog Email notifications | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out Evaluation lab | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) -Management and APIs: Device health and compliance report | ![Yes](../images/svg/check-yes.svg) | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out +Management and APIs: Device health and compliance report | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) Management and APIs: Integration with third-party products | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development Management and APIs: Streaming API | ![Yes](../images/svg/check-yes.svg) | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development Management and APIs: Threat protection report | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)