From 6ae7ac7040da83a5ba120342e03b8e75e5507f55 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Mon, 15 Jun 2020 14:25:05 -0700 Subject: [PATCH] More updates --- .../auto-investigation-action-center.md | 4 ++-- .../microsoft-defender-atp/automated-investigations.md | 4 ++-- .../microsoft-defender-atp/security-operations-dashboard.md | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md b/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md index 644d856e3c..dab80159ea 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md +++ b/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md @@ -120,9 +120,9 @@ Selecting an alert using the check box brings up the alerts details pane where y Clicking on an alert title brings you the alert page. -### Machines +### Devices -The **Machines** tab Shows details the device name, IP address, group, users, operating system, remediation level, investigation count, and when it was last investigated. +The **Devices** tab Shows details the device name, IP address, group, users, operating system, remediation level, investigation count, and when it was last investigated. Devices that show the same threat can be added to an ongoing investigation and will be displayed in this tab. If 10 or more devices are found during this expansion process from the same entity, then that expansion action will require an approval and will be seen in the **Pending actions** view. diff --git a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md index aaa51198b1..81ce65baaa 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md +++ b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md @@ -41,12 +41,12 @@ When an alert is triggered, a security playbook goes into effect. Depending on t ## Details of an automated investigation -During and after an automated investigation, you can view details about the investigation. Selecting a triggering alert brings you to the investigation details view where you can pivot from the **Investigation graph**, **Alerts**, **Machines**, **Evidence**, **Entities**, and **Log** tabs. +During and after an automated investigation, you can view details about the investigation. Selecting a triggering alert brings you to the investigation details view where you can pivot from the **Investigation graph**, **Alerts**, **Devices**, **Evidence**, **Entities**, and **Log** tabs. |Tab |Description | |--|--| |**Alerts**| Shows the alert that started the investigation.| -|**Machines** |Shows where the alert was seen.| +|**Devices** |Shows where the alert was seen.| |**Evidence** |Shows the entities that were found to be malicious during the investigation.| |**Entities** |Provides details about each analyzed entity, including a determination for each entity type (*Malicious*, *Suspicious*, or *No threats found*). | |**Log** |Shows the chronological detailed view of all the investigation actions taken on the alert.| diff --git a/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md index c597c7fad8..a19501db2f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md @@ -67,7 +67,7 @@ This tile shows you a list of devices with the highest number of active alerts. Click the name of the device to see details about that device. For more information see, [Investigate devices in the Microsoft Defender Advanced Threat Protection Devices list](investigate-machines.md). -You can also click **Devices list** at the top of the tile to go directly to the **Devices list**, sorted by the number of active alerts. For more information see, [Investigate devices in the Microsoft Defender Advanced Threat Protection Devices list](investigate-machines.md). +You can also click **Machines list** at the top of the tile to go directly to the **Machines list**, sorted by the number of active alerts. For more information see, [Investigate devices in the Microsoft Defender Advanced Threat Protection Devices list](investigate-machines.md). ## Sensor health The **Sensor health** tile provides information on the individual device’s ability to provide sensor data to the Microsoft Defender ATP service. It reports how many devices require attention and helps you identify problematic devices.