deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 05:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #5409 from appcompatguy/patch-1

Browse Source 
Updated "threats" to "evidence" to match UI
This commit is contained in:
Daniel Simpson 2019-11-11 23:48:41 -05:00 committed by GitHub
commit 6aac4eb688
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
View File

@ -44,13 +44,13 @@ The Automated investigation starts by analyzing the supported entities from the
### Details of an Automated investigation
As the investigation proceeds, you'll be able to view the details of the investigation. Selecting a triggering alert brings you to the investigation details view where you can pivot from the **Investigation graph**, **Alerts**, **Machines**, **Threats**, **Entities**, and **Log** tabs.
As the investigation proceeds, you'll be able to view the details of the investigation. Selecting a triggering alert brings you to the investigation details view where you can pivot from the **Investigation graph**, **Alerts**, **Machines**, **Evidence**, **Entities**, and **Log** tabs.
In the **Alerts** tab, you'll see the alert that started the investigation.
The **Machines** tab shows where the alert was seen.
The **Threats** tab shows the entities that were found to be malicious during the investigation.
The **Evidence** tab shows the entities that were found to be malicious during the investigation.
During an Automated investigation, details about each analyzed entity is categorized in the **Entities** tab. You'll be able to see the determination for each entity type, such as whether it was determined to be malicious, suspicious, or clean.