mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 21:37:22 +00:00
several metadata changes
This commit is contained in:
get-itips
parent
88092b8074
commit
71f7d76da8
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Alerts queue in Microsoft Defender Security Center
|
||||
ms.reviewer:
|
||||
description: View and manage the alerts surfaced in Microsoft Defender Security Center
|
||||
keywords:
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
---
|
||||
title: Advanced Hunting API
|
||||
ms.reviewer:
|
||||
description: Use this API to run advanced queries
|
||||
keywords: apis, supported apis, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -186,4 +187,4 @@ You’re all done! You have just successfully:
|
||||
## Related topic
|
||||
- [Microsoft Defender ATP APIs](exposed-apis-list.md)
|
||||
- [Access Microsoft Defender ATP with application context](exposed-apis-create-app-webapp.md)
|
||||
- [Access Microsoft Defender ATP with user context](exposed-apis-create-app-nativeapp.md)
|
||||
- [Access Microsoft Defender ATP with user context](exposed-apis-create-app-nativeapp.md)
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Microsoft Defender Advanced Threat Protection API overview
|
||||
ms.reviewer:
|
||||
description: Learn how you can use APIs to automate workflows and innovate based on Microsoft Defender ATP capabilities
|
||||
keywords: apis, api, wdatp, open api, windows defender atp api, public api, supported apis, alerts, machine, user, domain, ip, file, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -62,4 +63,4 @@ You can access Microsoft Defender ATP API with **Application Context** or **User
|
||||
## Related topics
|
||||
- [Microsoft Defender ATP APIs](exposed-apis-list.md)
|
||||
- [Access Microsoft Defender ATP with application context](exposed-apis-create-app-webapp.md)
|
||||
- [Access Microsoft Defender ATP with user context](exposed-apis-create-app-nativeapp.md)
|
||||
- [Access Microsoft Defender ATP with user context](exposed-apis-create-app-nativeapp.md)
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Overview of Configuration score in Microsoft Defender Security Center
|
||||
ms.reviewer:
|
||||
description: Expand your visibility into the overall security configuration posture of your organization
|
||||
keywords: configuration score, mdatp configuration score, secure score, security controls, improvement opportunities, security configuration score over time, security posture, baseline
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,8 +9,8 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: dolmont
|
||||
author: DulceMontemayor
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Configure Threat & Vulnerability Management in Microsoft Defender ATP
|
||||
ms.reviewer:
|
||||
description: Configure your Threat & Vulnerability Management to allow security administrators and IT administrators to collaborate seamlessly to remediate issues via Microsoft intune and Microsoft System Center Configuration Manager (SCCM) integrations.
|
||||
keywords: RBAC, Threat & Vulnerability Management configuration, Threat & Vulnerability Management integrations, Microsft Intune integration with TVM, SCCM integration with TVM
|
||||
search.product: Windows 10
|
||||
@ -8,8 +9,8 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: dolmont
|
||||
author: DulceMontemayor
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title:
|
||||
ms.reviewer:
|
||||
description:
|
||||
keywords:
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Configure and manage Microsoft Threat Experts capabilities
|
||||
ms.reviewer:
|
||||
description: You need to register to Microsoft Threats Experts preview to configure, manage, and use it in your daily security operations and security administration work.
|
||||
keywords: Microsoft Threat Experts, managed threat hunting service, MTE, Microsoft managed hunting service
|
||||
search.product: Windows 10
|
||||
@ -8,8 +9,8 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: dolmont
|
||||
author: DulceMontemayor
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Create custom detection rules in Microsoft Defender ATP
|
||||
ms.reviewer:
|
||||
description: Learn how to create custom detections rules based on advanced hunting queries
|
||||
keywords: create custom detections, detections, advanced hunting, hunt, detect, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -63,4 +64,4 @@ View existing rules in your network, see the last results of each rule, navigate
|
||||
|
||||
|
||||
## Related topic
|
||||
- [Custom detections overview](overview-custom-detections.md)
|
||||
- [Custom detections overview](overview-custom-detections.md)
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Evaluate Microsoft Defender Advanced Threat Protection
|
||||
ms.reviewer:
|
||||
description:
|
||||
keywords:
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -40,4 +41,4 @@ Next gen protections help detect and block the latest threats.
|
||||
|
||||
|
||||
## See Also
|
||||
[Get started with Microsoft Defender Advanced Threat Protection](get-started.md)
|
||||
[Get started with Microsoft Defender Advanced Threat Protection](get-started.md)
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Use Microsoft Defender Advanced Threat Protection APIs
|
||||
ms.reviewer:
|
||||
description: Use the exposed data and actions using a set of progammatic APIs that are part of the Microsoft Intelligence Security Graph.
|
||||
keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -180,4 +181,4 @@ Sanity check to make sure you got a correct token:
|
||||
|
||||
## Related topics
|
||||
- [Microsoft Defender ATP APIs](exposed-apis-list.md)
|
||||
- [Access Microsoft Defender ATP with application context](exposed-apis-create-app-webapp.md)
|
||||
- [Access Microsoft Defender ATP with application context](exposed-apis-create-app-webapp.md)
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Create an app to access Microsoft Defender ATP without a user
|
||||
ms.reviewer:
|
||||
description: Use the exposed data and actions using a set of progammatic APIs that are part of the Microsoft Intelligence Security Graph.
|
||||
keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -240,4 +241,4 @@ Sanity check to make sure you got a correct token:
|
||||
|
||||
## Related topics
|
||||
- [Supported Microsoft Defender ATP APIs](exposed-apis-list.md)
|
||||
- [Access Microsoft Defender ATP on behalf of a user](exposed-apis-create-app-nativeapp.md)
|
||||
- [Access Microsoft Defender ATP on behalf of a user](exposed-apis-create-app-nativeapp.md)
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
---
|
||||
title: Advanced Hunting API
|
||||
ms.reviewer:
|
||||
description: Use this API to run advanced queries
|
||||
keywords: apis, supported apis, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Supported Microsoft Defender Advanced Threat Protection query APIs
|
||||
ms.reviewer:
|
||||
description: Learn about the specific supported Microsoft Defender Advanced Threat Protection entities where you can create API calls to.
|
||||
keywords: apis, supported apis, actor, alerts, machine, user, domain, ip, file, advanced queries, advanced hunting
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
---
|
||||
title: OData queries with Microsoft Defender ATP
|
||||
ms.reviewer:
|
||||
description: OData queries with Microsoft Defender ATP
|
||||
keywords: apis, supported apis, odata, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Get started with Microsoft Defender Advanced Threat Protection
|
||||
ms.reviewer:
|
||||
description: Learn about the minimum requirements and initial steps you need to take to get started with Microsoft Defender ATP.
|
||||
keywords: get started, minimum requirements, setup, subscription, features, data storage, privacy, user access
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -70,4 +71,4 @@ Topic | Description
|
||||
[Data storage and privacy](data-storage-privacy.md) | Explains the data storage and privacy details related to Microsoft Defender ATP.
|
||||
[Assign user access to the portal](assign-portal-access.md) | Set permissions to manage who can access the portal. You can set basic permissions or set granular permissions using role-based access control (RBAC).
|
||||
[Evaluate Microsoft Defender ATP](evaluate-atp.md) | Evaluate the various capabilities in Microsoft Defender ATP and test features out.
|
||||
[Access the Microsoft Defender Security Center Community Center](community.md) | The Microsoft Defender ATP Community Center is a place where community members can learn, collaborate, and share experiences about the product.
|
||||
[Access the Microsoft Defender Security Center Community Center](community.md) | The Microsoft Defender ATP Community Center is a place where community members can learn, collaborate, and share experiences about the product.
|
||||
|
||||
@ -8,8 +8,8 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
author: mjcaparas
|
||||
ms.author: dansimp
|
||||
author: dansimp
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Configure information protection in Windows
|
||||
ms.reviewer:
|
||||
description: Learn how to expand the coverage of WIP to protect files based on their label, regardless of their origin.
|
||||
keywords: information, protection, data, loss, prevention, wip, policy, scc, compliance, labels, dlp
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -53,4 +54,4 @@ After completing these steps Microsoft Defender ATP will automatically identify
|
||||
>- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data.
|
||||
|
||||
## Related topic
|
||||
- [Information protection in Windows overview](information-protection-in-windows-overview.md)
|
||||
- [Information protection in Windows overview](information-protection-in-windows-overview.md)
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Information protection in Windows overview
|
||||
ms.reviewer:
|
||||
description: Learn about how information protection works in Windows to identify and protect sensitive information
|
||||
keywords: information, protection, dlp, wip, data, loss, prevention, protect
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -98,4 +99,4 @@ For more information, see [Configure information protection in Windows](informat
|
||||
|
||||
|
||||
## Related topics
|
||||
- [How Windows Information Protection protects files with a sensitivity label](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels)
|
||||
- [How Windows Information Protection protects files with a sensitivity label](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels)
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
ms.date: 08/28/2017
|
||||
author: zavidor
|
||||
author: mjcaparas
|
||||
---
|
||||
>[!Note]
|
||||
> This page focuses on performing a machine action via API. See [take response actions on a machine](respond-machine-alerts.md) for more information about response actions functionality via Microsoft Defender ATP.
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Manage endpoint detection and response capabilities
|
||||
ms.reviewer:
|
||||
description:
|
||||
keywords:
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -28,4 +29,4 @@ Topic | Description
|
||||
[Alerts queue](alerts-queue-endpoint-detection-response.md)| View the alerts surfaced in Microsoft Defender Security Center.
|
||||
[Machines list](machines-view-overview.md) | Learn how you can view and manage the machines list, manage machine groups, and investigate machine related alerts.
|
||||
[Take response actions](response-actions.md)| Take response actions on machines and files to quickly respond to detected attacks and contain threats.
|
||||
[Query data using advanced hunting](advanced-hunting.md)| Proactively hunt for possible threats across your organization using a powerful search and query tool.
|
||||
[Query data using advanced hunting](advanced-hunting.md)| Proactively hunt for possible threats across your organization using a powerful search and query tool.
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Manage indicators
|
||||
ms.reviewer:
|
||||
description: Create indicators for a file hash, IP address, URLs or domains that define the detection, prevention, and exclusion of entities.
|
||||
keywords: manage, allowed, blocked, whitelist, blacklist, block, clean, malicious, file hash, ip address, urls, domain
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Overview of management and APIs
|
||||
ms.reviewer:
|
||||
description:
|
||||
keywords:
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Configure Microsoft Cloud App Security integration
|
||||
ms.reviewer:
|
||||
description: Learn how to turn on the settings to enable the Microsoft Defender ATP integration with Microsoft Cloud App Security.
|
||||
keywords: cloud, app, security, settings, integration, discovery, report
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -60,4 +61,4 @@ For more information about cloud discovery, see [Working with discovered apps](h
|
||||
If you are interested in trying Microsoft Cloud App Security, see [Microsoft Cloud App Security Trial](https://signup.microsoft.com/Signup?OfferId=757c4c34-d589-46e4-9579-120bba5c92ed&ali=1).
|
||||
|
||||
## Related topic
|
||||
- [Microsoft Cloud App Security integration](microsoft-cloud-app-security-integration.md)
|
||||
- [Microsoft Cloud App Security integration](microsoft-cloud-app-security-integration.md)
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Microsoft Cloud App Security integration overview
|
||||
ms.reviewer:
|
||||
description: Microsoft Defender ATP integrates with Cloud App Security by collecting and forwarding all cloud app networking activities, providing unparalleled visibility to cloud app usage
|
||||
keywords: cloud, app, networking, visibility, usage
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -45,4 +46,4 @@ For more information about cloud discovery, see [Working with discovered apps](h
|
||||
|
||||
## Related topic
|
||||
|
||||
- [Configure Microsoft Cloud App Security integration](microsoft-cloud-app-security-config.md)
|
||||
- [Configure Microsoft Cloud App Security integration](microsoft-cloud-app-security-config.md)
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Microsoft Threat Experts
|
||||
ms.reviewer:
|
||||
description: Microsoft Threat Experts is the new managed threat hunting service in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) that provides proactive hunting, prioritization, and additional context and insights that further empower security operations centers (SOCs) to identify and respond to threats quickly and accurately. It provides additional layer of expertise and optics that Microsoft customers can utilize to augment security operation capabilities as part of Microsoft 365.
|
||||
keywords: managed threat hunting service, managed threat hunting, MTE, Microsoft Threat Experts
|
||||
search.product: Windows 10
|
||||
@ -8,8 +9,8 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: dolmont
|
||||
author: DulceMontemayor
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Next-generation Threat & Vulnerability Management
|
||||
ms.reviewer:
|
||||
description: This new capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
|
||||
keywords: threat and vulnerability management, MDATP-TVM, vulnerability management, threat and vulnerability scanning
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,8 +9,8 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: dolmont
|
||||
author: DulceMontemayor
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Onboard machines without Internet access to Microsoft Defender ATP
|
||||
ms.reviewer:
|
||||
description: Onboard machines without Internet access so that they can send sensor data to the Microsoft Defender ATP sensor
|
||||
keywords: onboard, servers, vm, on-premise, oms gateway, log analytics, azure log analytics, mma
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -49,4 +50,4 @@ To onboard machines without Internet access, you'll need to take the following g
|
||||
- [Security Policy \> Log Analytics Workspace](https://docs.microsoft.com/azure/security-center/security-center-wdatp#enable-windows-defender-atp-integration)
|
||||
- [Threat Detection \> Allow Microsoft Defender ATP to access my data](https://docs.microsoft.com/azure/security-center/security-center-wdatp#enable-windows-defender-atp-integration)
|
||||
|
||||
For more information, see [Working with security policies](https://docs.microsoft.com/azure/security-center/tutorial-security-policy).
|
||||
For more information, see [Working with security policies](https://docs.microsoft.com/azure/security-center/tutorial-security-policy).
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Configure and manage Microsoft Defender ATP capabilities
|
||||
ms.reviewer:
|
||||
description: Configure and manage Microsoft Defender ATP capabilities such as attack surface reduction, next generation protection, and security controls
|
||||
keywords: configure, manage, capabilities, attack surface reduction, next generation protection, security controls, endpoint detection and response, auto investigation and remediation, security controls, controls
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Overview of attack surface reduction
|
||||
ms.reviewer:
|
||||
description: Learn about the attack surface reduction capability in Microsoft Defender ATP
|
||||
keywords:
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Custom detections overview
|
||||
ms.reviewer:
|
||||
description: Understand how how you can leverage the power of advanced hunting to create custom detections
|
||||
keywords: custom detections, detections, advanced hunting, hunt, detect, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Overview of endpoint detection and response capabilities
|
||||
ms.reviewer:
|
||||
description: Learn about the endpoint detection and response capabilities in Microsoft Defender ATP
|
||||
keywords:
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -39,4 +40,4 @@ Topic | Description
|
||||
[Incidents queue](incidents-queue.md) | View and organize the incidents queue, and manage and investigate alerts.
|
||||
[Alerts queue](alerts-queue.md) | View and organize the machine alerts queue, and manage and investigate alerts.
|
||||
[Machines list](machines-view-overview.md) | Investigate machines with generated alerts and search for specific events over time.
|
||||
[Take response actions](response-actions.md) | Learn about the available response actions and apply them to machines and files.
|
||||
[Take response actions](response-actions.md) | Learn about the available response actions and apply them to machines and files.
|
||||
|
||||
@ -1,18 +1,19 @@
|
||||
---
|
||||
title: Hardware-based isolation (Windows 10)
|
||||
ms.reviewer:
|
||||
description: Learn about how hardware-based isolation in Windows 10 helps to combat malware.
|
||||
search.appverid: met150
|
||||
ms.prod: w10
|
||||
ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
author: justinha
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
ms.collection: M365-security-compliance
|
||||
ms.topic: conceptual
|
||||
ms.author: justinha
|
||||
ms.author: mjcaparas
|
||||
ms.date: 09/07/2018
|
||||
---
|
||||
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Overview of Microsoft Defender ATP
|
||||
ms.reviewer:
|
||||
description: Understand the concepts behind the capabilities in Microsoft Defender ATP so you take full advantage of the complete threat protection platform
|
||||
keywords: atp, microsoft defender atp, defender, mdatp, threat protection, platform, threat, vulnerability, asr, attack, surface, reduction, next-gen, protection, edr, endpoint, detection, response, automated, air
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -42,4 +43,4 @@ Topic | Description
|
||||
[Advanced hunting](overview-hunting.md) | Use a powerful search and query language to create custom queries and detection rules.
|
||||
[Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
|
||||
[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other security capabilities in the Microsoft threat protection stack.
|
||||
[Portal overview](portal-overview.md) |Learn to navigate your way around Microsoft Defender Security Center.
|
||||
[Portal overview](portal-overview.md) |Learn to navigate your way around Microsoft Defender Security Center.
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Partner applications in Microsoft Defender ATP
|
||||
ms.reviewer:
|
||||
description: View supported partner applications to enhance the detection, investigation, and threat intelligence capabilities of the platform
|
||||
keywords: partners, applications, third-party, connections, sentinelone, lookout, bitdefender, corrata, morphisec, paloalto, ziften, better mobile
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -54,4 +55,4 @@ Microsoft Defender ATP allows you to integrate with such solutions and act on Io
|
||||
Microsoft Defender ATP currently supports IOC matching and remediation for file and network indicators. Blocking is supported for file indicators.
|
||||
|
||||
## Support for non-Windows platforms
|
||||
Microsoft Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in the portal and better protect your organization's network. This experience leverages on a third-party security products' sensor data giving you a unified experience.
|
||||
Microsoft Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in the portal and better protect your organization's network. This experience leverages on a third-party security products' sensor data giving you a unified experience.
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
---
|
||||
title: Advanced Hunting API
|
||||
ms.reviewer:
|
||||
description: Use this API to run advanced queries
|
||||
keywords: apis, supported apis, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
---
|
||||
title: Advanced Hunting API
|
||||
ms.reviewer:
|
||||
description: Use this API to run advanced queries
|
||||
keywords: apis, supported apis, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
@ -88,4 +89,4 @@ You can find below the full definition
|
||||
## Related topic
|
||||
- [Microsoft Defender ATP APIs](apis-intro.md)
|
||||
- [Advanced Hunting API](run-advanced-query-api.md)
|
||||
- [Advanced Hunting using PowerShell](run-advanced-query-sample-powershell.md)
|
||||
- [Advanced Hunting using PowerShell](run-advanced-query-sample-powershell.md)
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
---
|
||||
title: Advanced Hunting API
|
||||
ms.reviewer:
|
||||
description: Use this API to run advanced queries
|
||||
keywords: apis, supported apis, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
---
|
||||
title: Advanced Hunting API
|
||||
ms.reviewer:
|
||||
description: Use this API to run advanced queries
|
||||
keywords: apis, supported apis, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
---
|
||||
title: Advanced Hunting API
|
||||
ms.reviewer:
|
||||
description: Use this API to run advanced queries
|
||||
keywords: apis, supported apis, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
---
|
||||
title: Advanced Hunting API
|
||||
ms.reviewer:
|
||||
description: Use this API to run advanced queries
|
||||
keywords: apis, supported apis, advanced hunting, query
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -7,7 +8,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Microsoft Defender Advanced Threat Protection Threat analytics
|
||||
ms.reviewer:
|
||||
description: Get a tailored organizational risk evaluation and actionable steps you can take to minimize risks in your organization.
|
||||
keywords: threat analytics, risk evaluation, OS mitigation, microcode mitigation, mitigation status
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Threat & Vulnerability Management scenarios
|
||||
ms.reviewer:
|
||||
description: Learn how to use Threat & Vulnerability Management in the context of scenarios that Security Administrators encounter when collaborating with IT Administrators and SecOps while protecting their organization from cybersecurity threats.
|
||||
keywords: mdatp-tvm scenarios, mdatp, tvm, tvm scenarios, reduce threat & vulnerability exposure, reduce threat and vulnerability, improve security configuration, increase configuration score, increase threat & vulnerability configuration score, configuration score, exposure score, security controls
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,8 +9,8 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: dolmont
|
||||
author: DulceMontemayor
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Microsoft Defender ATP in Microsoft Threat Protection
|
||||
ms.reviewer:
|
||||
description: Learn about the capabilities within the Microsoft Threat Protection
|
||||
keywords: microsoft threat protection, conditional access, office, advanced threat protection, azure atp, azure security center, microsoft cloud app security
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,7 +9,7 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
ms.author: mjcaparas
|
||||
author: mjcaparas
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: What's in the dashboard and what it means for my organization's security posture
|
||||
ms.reviewer:
|
||||
description: What's in the Threat & Vulnerability Management dashboard and how it can help SecOps and Security Administrators arrive at informed decisions in addressing cybersecurity threat vulnerabilities and building their organization's security resilience.
|
||||
keywords: mdatp-tvm, mdatp-tvm dashboard, threat & vulnerability management, risk-based threat & vulnerability management, security configuration, configuration score, exposure score
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,8 +9,8 @@ ms.prod: eADQiWindows 10XVcnh
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: dolmont
|
||||
author: DulceMontemayor
|
||||
ms.author: ellevin
|
||||
author: levinec
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: Microsoft Defender ATP APIs
|
||||
ms.reviewer:
|
||||
description: Use the exposed data and actions using a set of progammatic APIs that are part of the Microsoft Intelligence Security Graph.
|
||||
keywords: apis, api, wdatp, open api, windows defender atp api, public api, alerts, machine, user, domain, ip, file
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,8 +9,8 @@ search.appverid: met150
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
author: mjcaparas
|
||||
ms.author: ellevin
|
||||
author: levinec
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
---
|
||||
title: View and organize the Incidents queue
|
||||
ms.reviewer:
|
||||
description: See the list of incidents and learn how to apply filters to limit the list and get a more focused view.
|
||||
keywords: view, organize, incidents, aggregate, investigations, queue, ttp
|
||||
search.product: eADQiWindows 10XVcnh
|
||||
@ -8,8 +9,8 @@ ms.prod: w10
|
||||
ms.mktglfcycl: deploy
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.author: macapara
|
||||
author: mjcaparas
|
||||
ms.author: ellevin
|
||||
author: levinec
|
||||
ms.localizationpriority: medium
|
||||
manager: dansimp
|
||||
audience: ITPro
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user