Adding content

windows/keep-secure/windows-defender-smartscreen-mgmt-using-group-policy-and-intune.md

@@ -1,6 +1,6 @@
 ---
-title: Manage Windows Defender SmartScreen in Group Policy and Microsoft Intune (Windows 10)
-description: Available setttings for Windows Defender SmartScreen using Group Policy and Microsoft Intune.
+title: Manage Windows Defender SmartScreen Filter in Group Policy and Microsoft Intune (Windows 10)
+description: Available setttings for Windows Defender SmartScreen Filter using Group Policy and Microsoft Intune.
 keywords: SmartScreen Filter, Windows SmartScreen
 ms.prod: w10
 ms.mktglfcycl: explore
@@ -10,7 +10,7 @@ author: eross-msft
 localizationpriority: high
 ---
 
-# Manage Windows Defender SmartScreen in Group Policy and Microsoft Intune
+# Manage Windows Defender SmartScreen Filter in Group Policy and Microsoft Intune
 **Applies to:**
 
 - Windows 10

windows/keep-secure/windows-defender-smartscreen-overview.md

@@ -33,12 +33,12 @@ SmartScreen determines whether a site is potentially malicious by:
 - Checking downloaded files against a list of files that are well known and downloaded by many Windows users. If the file isn't on that list, SmartScreen shows a warning, advising caution.
 
     >[!NOTE]
-    >Before Windows 10, Version 1703 this feature was called the SmartScreen Filter when used within the browser and Windows SmartScreen when used outside of the browser.
+    >Before Windows 10, Version 1703 this feature was called the SmartScreen when used within the browser and Windows SmartScreen when used outside of the browser.
 
 ## Benefits of Windows Defender SmartScreen
 Windows Defender SmartScreen helps to provide an early warning system against websites that might engage in phishing attacks or attempt to distribute malware through a socially-engineered attack. The primary benefits are:
 
-- **Anti-phishing and anti-malware support.** SmartScreen helps to protect your employees from sites that are reported to host phishing attacks or attempt to distribute malicious software. It can also help protect against deceptive advertisements, scam sites, and drive-by attacks. Drive-by attacks are web-based attacks that tend to start on a trusted site, targeting security vulnerabilities in commonly-used software. Because drive-by attacks don't typically require any interaction, there's nothing to click, nothing to download, the infection is often invisible. For more info about drive-by attacks, see [Evolving Microsoft SmartScreen to protect you from drive-by attacks](https://blogs.windows.com/msedgedev/2015/12/16/smartscreen-drive-by-improvements/#3B7Bb8bzeAPq8hXE.97)
+- **Anti-phishing and anti-malware support.** SmartScreen helps to protect your employees from sites that are reported to host phishing attacks or attempt to distribute malicious software. It can also help protect against deceptive advertisements, scam sites, and drive-by attacks. Drive-by attacks are web-based attacks that tend to start on a trusted site, targeting security vulnerabilities in commonly-used software. Because drive-by attacks don't typically require any interaction, there's nothing to click, nothing to download, the infection is often invisible. For more info about drive-by attacks, see [Evolving Microsoft SmartScreen to protect you from drive-by attacks](https://blogs.windows.com/msedgedev/2015/12/16/SmartScreen-drive-by-improvements/#3B7Bb8bzeAPq8hXE.97)
 
 - **Reputation-based URL and app protection.** SmartScreen evaluates a website's URLs to determine if they're known to distribute or host unsafe content. It also provides reputation checks for apps, checking downloaded programs and the digital signature used to sign a file. If a URL, a file, an app, or a certificate have an established reputation, your employees won't see any warnings. If however there's no reputation, the item is marked as a higher risk and presents a warning to the employee.
 
@@ -48,17 +48,36 @@ Windows Defender SmartScreen helps to provide an early warning system against we
 
 - **Management through Group Policy and Microsoft Intune.** SmartScreen supports using both Group Policy and Microsoft Intune settings. For more info, see [Manage Windows Defender SmartScreen in Group Policy and Microsoft Intune](windows-defender-smartscreen-mgmt-using-group-policy-and-intune.md).
 
-## How SmartScreen works when a user tries to run an app
+## How SmartScreen works when an employee tries to run an app
 Windows Defender SmartScreen checks the reputation of any web-based app the first time it's run from the Internet, checking digital signatures and other factors against a Microsoft-maintained service. If an app has no reputation or is known to be malicious, SmartScreen can warn the employee or block the app from running entirely, depending on how you've configured the feature to run in your organization.
 By default, your employees can bypass SmartScreen protection, letting them run legitimate apps after accepting a warning message prompt. You can also use Group Policy or Microsoft Intune to block employees from using unrecognized apps, or to entirely turn off Windows Defender SmartScreen (not recommended).
 
+### How employees can report websites as safe or unsafe
+You can configure Windows Defender SmartScreen to warn employees from going to a potentially dangerous site. Employees can then choose to report a website as safe from the warning message or as unsafe from within Microsoft Edge and Internet Explorer 11.
+
+**To report a website as safe from the warning message**
+- On the warning screen for the site, click **More Information**, and then click **Report that this site does not contain threats**. The site info is sent to the Microsoft feedback site, which provides further instructions.
+
+**To report a website as unsafe from Microsoft Edge**
+- If a site seems potentially dangerous, employees can report it to Microsoft by clicking **More (...)**, clicking **Send feedback**, and then clicking **Report unsafe site**.
+
+**To report a website as unsafe from Internet Explorer 11**
+- If a site seems potentially dangerous, employees can report it to Microsoft by clicking on the **Tools** menu, clicking **Windows Defender SmartScreen**, and then clicking **Report unsafe website**.
+
+## Viewing Windows Defender SmartScreen anti-phishing events
+When Windows Defender SmartScreen warns or blocks an employee from a website, it's logged as [Event 1035 - Anti-Phishing](https://technet.microsoft.com/en-us/scriptcenter/dd565657(v=msdn.10).aspx).
+
 ## Windows Defender SmartScreen on Windows Mobile
 Windows Defender SmartScreen on Windows Mobile helps to provide anti-phishing protection. If SmartScreen detects malicious content on a site, it can block the site itself or in some cases just specific content on the page. Also available for Internet Explorer 11 on Windows Mobile, is the SmartScreen URL reputation filter, which blocks or warns your employees about suspicious or potentially malicious websites.
 
 ## Related topics
+- [SmartScreen Frequently Asked Questions (FAQ)](https://support.microsoft.com/en-us/products/windows?os=windows-10)
+
+- [How to recognize phishing email messages, links, or phone calls](https://www.microsoft.com/en-us/safety/online-privacy/phishing-symptoms.aspx)
+
 - [Keep Windows 10 secure](https://technet.microsoft.com/itpro/windows/keep-secure/index)
+
 - [Security technologies in Windows 10](https://technet.microsoft.com/itpro/windows/keep-secure/security-technologies)
-- [Available policies for Microsoft Edge](https://technet.microsoft.com/itpro/microsoft-edge/available-policies)
 
 
 >[!NOTE]

windows/keep-secure/windows-defender-smartscreen-recommended-settings.md

@@ -0,0 +1,81 @@
+---
+title: Recommended settings using Windows Defender SmartScreen in your organization (Windows 10)
+description: A list of the Windows Defender SmartScreen settings we recommend using within your organization.
+keywords: SmartScreen Filter, Windows SmartScreen
+ms.prod: w10
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.pagetype: security
+author: eross-msft
+localizationpriority: high
+---
+
+# Recommended settings using Windows Defender SmartScreen in your organization
+
+**Applies to:**
+- Windows 10, Version 1703
+- Windows 10 Mobile
+
+By default, Windows Defender SmartScreen lets employees bypass warnings. Unfortunately, this can let employees continue to an unsafe site or to continue to download an unsafe file, even after being warned. Because of this possibility, we strongly recommend that you set up Windows Defender SmartScreen to block high-risk interactions instead of providing just a warning.
+
+To better help you protect your organization, we recommend using these Windows Defender SmartScreen Group Policy and mobile device management (MDM) settings.
+
+<table>
+    <tr>
+        <th>Group Policy setting</th>
+        <th>Recommendation</th>
+    </tr>
+    <tr>
+        <td>Administrative Templates\Windows Components\Microsoft Edge\Configure Windows Defender SmartScreen</td>
+        <td>Enable.<br>Turns on Windows Defender SmartScreen.</td>
+    </tr>
+    <tr>
+        <td>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for sites</td>
+        <td>Enable.<br>Stops employees from ignoring warning messages and continuing on to a potentially malicious website.</td>
+    </tr>
+    <tr>
+        <td>Administrative Templates\Windows Components\Microsoft Edge\Prevent bypassing Windows Defender SmartScreen prompts for files</td>
+        <td>Enable.<br>Stops employees from ingnoring warning messages and continuing to download potentially malicious files.</td>
+    </tr>
+    <tr>
+        <td>Administrative Templates\Windows Components\File Explorer\Configure Windows Defender SmartScreen</td>
+        <td>Enable with the Warn and prevent bypass option.<br>Stops employees from ignoring warning messages about malicious files downloaded from the Internet.</td>
+    </tr>
+</table>
+
+<table>
+    <tr>
+        <th>MDM setting</th>
+        <th>Recommendation</th>
+    </tr>
+    <tr>
+        <td>Browser/AllowSmartScreen</td>
+        <td>1.<br>Turns on Windows Defender SmartScreen.</td>
+    </tr>
+    <tr>
+        <td>Browser/PreventSmartScreenPromptOverride</td>
+        <td>1.<br>Stops employees from ignoring warning messages and continuing on to a potentially malicious website.</td>
+    </tr>
+    <tr>
+        <td>Browser/PreventSmartScreenPromptOverrideForFiles</td>
+        <td>1.<br>Stops employees from ingnoring warning messages and continuing to download potentially malicious files.</td>
+    </tr>
+    <tr>
+        <td>SmartScreen/EnableSmartScreenInShell</td>
+        <td>1. Turns on Windows Defender SmartScreen in Windows.<p>Requires at least Windows 10, Version 1703.</td>
+    </tr>
+    <tr>
+        <td>SmartScreen/PreventOverrideForFilesInShell</td>
+        <td>1.<br>Stops employees from ignoring warning messages about malicious files downloaded from the Internet.<p>Requires at least Windows 10, Version 1703.</td>
+    </tr>
+</table> 
+
+## Related topics
+- [Keep Windows 10 secure](https://technet.microsoft.com/itpro/windows/keep-secure/index)
+
+- [Security technologies in Windows 10](https://technet.microsoft.com/itpro/windows/keep-secure/security-technologies)
+
+- [Available Group Policy and Mobile Data Management (MDM) settings for Microsoft Edge](https://technet.microsoft.com/itpro/microsoft-edge/available-policies)
+
+>[!NOTE]
+>Help to make this topic better by providing us with edits, additions, and feedback. For info about how to contribute to this topic, see [Contributing to TechNet content](https://github.com/Microsoft/windows-itpro-docs/blob/master/CONTRIBUTING.md).

windows/keep-secure/windows-defender-smartscreen-set-individual-device.md

@@ -24,7 +24,7 @@ Starting with Windows 10, Version 1703 you can use Windows Defender Security Cen
 
     ![Windows Defender Security Center](images/windows-defender-security-center.png)
 
-2. In the **App & browser control** screen, click **Block**, **Warn**, or turn **Off**
+2. In the **App & browser control** screen, click **Block**, **Warn**, or **Off** for apps and files, for protection while using Microsoft Edge, and for Windows Store apps.
 
     ![Windows Defender Security Center, SmartScreen controls](images/windows-defender-smartscreen-control.png)