deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 05:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

rebrand

Browse Source
This commit is contained in:
jcaparas 2019-05-17 09:15:00 -07:00 committed by GitHub
parent 3622bb92aa
commit 6c3b8c9927
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
windows/security/threat-protection/microsoft-defender-atp/live-response.md
View File

@ -1,5 +1,5 @@
--- ---
title: Investigate entities on machines using live response in Windows Defender ATP title: Investigate entities on machines using live response in Microsoft Defender ATP
description: Access a machine using a secure remote shell connection to do investigative work and take immediate response actions on a machine in real-time. description: Access a machine using a secure remote shell connection to do investigative work and take immediate response actions on a machine in real-time.
keywords: remote, shell, connection, live, response, real-time, command, script, remediate, hunt, export, log, drop, download, file, keywords: remote, shell, connection, live, response, real-time, command, script, remediate, hunt, export, log, drop, download, file,
search.product: eADQiWindows 10XVcnh search.product: eADQiWindows 10XVcnh
@ -20,12 +20,12 @@ ms.topic: article
# Investigate entities on machines using live response # Investigate entities on machines using live response
**Applies to:** **Applies to:**
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf) - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
[!include[Prerelease information](prerelease.md)] [!include[Prerelease information](prerelease.md)]
Live response is a capability that gives you instantaneous access to a machine using a remote shell connection. This gives you the power to do in-depth investigative work and take immediate response actions to promptly contain identified threats real-time. Live response is a capability that gives you instantaneous access to a machine using a remote shell connection. This gives you the power to do in-depth investigative work and take immediate response actions to promptly contain identified threats real-time.
Live response is designed to enhance investigations by enabling you to collect forensic data, run scripts, send suspicious entities for analysis, remediate threats, and proactively hunt for emerging threats. Live response is designed to enhance investigations by enabling you to collect forensic data, run scripts, send suspicious entities for analysis, remediate threats, and proactively hunt for emerging threats.
@ -75,7 +75,7 @@ The dashboard also gives you access to:
## Initiate a live response session on a machine ## Initiate a live response session on a machine
1. Log in to Windows Defender Security Center. 1. Log in to Microsoft Defender Security Center.
2. Navigate to the machines list page and select a machine to investigate. The machine page opens. 2. Navigate to the machines list page and select a machine to investigate. The machine page opens.
>[!NOTE] >[!NOTE]