From ae6550c5333a1bf099152ccfe0640c473de5e330 Mon Sep 17 00:00:00 2001 From: Deland Han Date: Fri, 28 Feb 2020 17:06:44 +0800 Subject: [PATCH 1/7] finish --- windows/deployment/planning/windows-10-deprecated-features.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/deployment/planning/windows-10-deprecated-features.md b/windows/deployment/planning/windows-10-deprecated-features.md index 4b2d75eae6..3276da608a 100644 --- a/windows/deployment/planning/windows-10-deprecated-features.md +++ b/windows/deployment/planning/windows-10-deprecated-features.md @@ -64,3 +64,4 @@ The features described below are no longer being actively developed, and might b |TLS DHE_DSS ciphers DisabledByDefault| [TLS RC4 Ciphers](https://docs.microsoft.com/windows-server/security/tls/tls-schannel-ssp-changes-in-windows-10-and-windows-server) will be disabled by default in this release. | 1703 | |TCPChimney | TCP Chimney Offload is no longer being developed. See [Performance Tuning Network Adapters](https://docs.microsoft.com/windows-server/networking/technologies/network-subsystem/net-sub-performance-tuning-nics). | 1703 | |IPsec Task Offload| [IPsec Task Offload](https://docs.microsoft.com/windows-hardware/drivers/network/task-offload) versions 1 and 2 are no longer being developed and should not be used. | 1703 | +|wusa.exe /uninstall /kb:####### /quiet|The wusa usage to quietly uninstall an update has been deprecated. The uninstall command with /quite switch fails with event ID 8 in the Setup event log. Uninstalling updates quietly could be a security risk because malicious software could quietly uninstall an update in the background without user intervention.|1507
Applies to Windows Server 2016 and Windows Server 2019 as well.| From 19b6ca8e313f2fde89c3891f1eb8901c8c659fd3 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 10 Mar 2020 17:03:52 -0700 Subject: [PATCH 2/7] Added backporting info for 19H1 policies --- windows/client-management/mdm/policy-csp-update.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md index 9d98a92f10..bf1610dffe 100644 --- a/windows/client-management/mdm/policy-csp-update.md +++ b/windows/client-management/mdm/policy-csp-update.md @@ -1233,7 +1233,7 @@ The following list shows the supported values: -Added in Windows 10, version 1903. Allows IT admins to specify the number of days a user has before feature updates are installed on their devices automatically. Updates and restarts will occur regardless of active hours and the user will not be able to reschedule. +Added in Windows 10, version 1903. Also available in Windows 10, versions 1809, 1803, and 1709. Allows IT admins to specify the number of days a user has before feature updates are installed on their devices automatically. Updates and restarts will occur regardless of active hours and the user will not be able to reschedule. @@ -1304,7 +1304,7 @@ Default value is 7. -Added in Windows 10, version 1903. Allows IT admins to specify the number of days a user has before quality updates are installed on their devices automatically. Updates and restarts will occur regardless of active hours and the user will not be able to reschedule. +Added in Windows 10, version 1903. Also available in Windows 10, versions 1809, 1803, and 1709. Allows IT admins to specify the number of days a user has before quality updates are installed on their devices automatically. Updates and restarts will occur regardless of active hours and the user will not be able to reschedule. ADMX Info: @@ -1374,7 +1374,7 @@ Default value is 7. -Added in Windows 10, version 1903. Allows the IT admin (when used with [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates) or [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates)) to specify a minimum number of days until restarts occur automatically. Setting the grace period may extend the effective deadline set by the deadline policies. +Added in Windows 10, version 1903. Also available in Windows 10, versions 1809, 1803, and 1709. Allows the IT admin (when used with [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates) or [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates)) to specify a minimum number of days until restarts occur automatically. Setting the grace period may extend the effective deadline set by the deadline policies. ADMX Info: @@ -1444,7 +1444,7 @@ Default value is 2. -Added in Windows 10, version 1903. If enabled (when used with [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates) or [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates)), devices will not automatically restart outside of active hours until the deadline is reached, even if applicable updates are already installed and pending a restart. +Added in Windows 10, version 1903. Also available in Windows 10, versions 1809, 1803, and 1709. If enabled (when used with [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates) or [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates)), devices will not automatically restart outside of active hours until the deadline is reached, even if applicable updates are already installed and pending a restart. When disabled, if the device has installed the required updates and is outside of active hours, it may attempt an automatic restart before the deadline. @@ -4170,7 +4170,7 @@ The following list shows the supported values: -Display options for update notifications. This policy allows you to define what Windows Update notifications users see. This policy doesn’t control how and when updates are downloaded and installed. +Display options for update notifications. This policy allows you to define what Windows Update notifications users see. This policy doesn't control how and when updates are downloaded and installed. Options: @@ -4179,7 +4179,7 @@ Options: - 2 – Turn off all notifications, including restart warnings > [!IMPORTANT] -> If you choose not to get update notifications and also define other Group policies so that devices aren’t automatically getting updates, neither you nor device users will be aware of critical security, quality, or feature updates, and your devices may be at risk. +> If you choose not to get update notifications and also define other Group policies so that devices aren't automatically getting updates, neither you nor device users will be aware of critical security, quality, or feature updates, and your devices may be at risk. From ff9a9dcb97212169c09f2aa92bad1cdaf8672125 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?= Date: Wed, 11 Mar 2020 09:02:15 +0100 Subject: [PATCH 3/7] fix spacing and lint the document MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Thomas Sjögren --- ...ormation-protection-in-windows-overview.md | 67 +++++++++---------- 1 file changed, 31 insertions(+), 36 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md index 12d5e36306..800351a160 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md @@ -1,6 +1,6 @@ --- title: Information protection in Windows overview -ms.reviewer: +ms.reviewer: description: Learn about how information protection works in Windows to identify and protect sensitive information keywords: information, protection, dlp, wip, data, loss, prevention, protect search.product: eADQiWindows 10XVcnh @@ -13,60 +13,60 @@ author: mjcaparas ms.localizationpriority: medium manager: dansimp audience: ITPro -ms.collection: M365-security-compliance +ms.collection: M365-security-compliance ms.topic: conceptual --- # Information protection in Windows overview + **Applies to:** + - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) [!include[Prerelease information](../../includes/prerelease.md)] Information protection is an integral part of Microsoft 365 Enterprise suite, providing intelligent protection to keep sensitive data secure while enabling productivity in the workplace. - -Microsoft Defender ATP is seamlessly integrated in Microsoft Threat Protection to provide a complete and comprehensive data loss prevention (DLP) solution for Windows devices. This solution is delivered and managed as part of the unified Microsoft 365 information protection suite. +Microsoft Defender ATP is seamlessly integrated in Microsoft Threat Protection to provide a complete and comprehensive data loss prevention (DLP) solution for Windows devices. This solution is delivered and managed as part of the unified Microsoft 365 information protection suite. >[!TIP] > Read our blog post about how [Microsoft Defender ATP integrates with Microsoft Information Protection to discover, protect, and monitor sensitive data on Windows devices](https://cloudblogs.microsoft.com/microsoftsecure/2019/01/17/windows-defender-atp-integrates-with-microsoft-information-protection-to-discover-protect-and-monitor-sensitive-data-on-windows-devices/). - Microsoft Defender ATP applies the following methods to discover, classify, and protect data: + - **Data discovery** - Identify sensitive data on Windows devices at risk - **Data classification** - Automatically classify data based on common Microsoft Information Protection (MIP) policies managed in Office 365 Security & Compliance Center. Auto-classification allows you to protect sensitive data even if the end user hasn’t manually classified it. - **Data protection** - Windows Information Protection (WIP) as outcome of Azure Information Protection label - ## Data discovery and data classification -Microsoft Defender ATP automatically discovers files with sensitivity labels and files that contain sensitive information types. -Sensitivity labels classify and help protect sensitive content. +Microsoft Defender ATP automatically discovers files with sensitivity labels and files that contain sensitive information types. +Sensitivity labels classify and help protect sensitive content. Sensitive information types in the Office 365 data loss prevention (DLP) implementation fall under two categories: + - Default - Custom -Default sensitive information types include information such as bank account numbers, social security numbers, or national IDs. For more information, see [What the sensitive information type look for](https://docs.microsoft.com/office365/securitycompliance/what-the-sensitive-information-types-look-for). +Default sensitive information types include information such as bank account numbers, social security numbers, or national IDs. For more information, see [What the sensitive information type look for](https://docs.microsoft.com/office365/securitycompliance/what-the-sensitive-information-types-look-for). Custom types are ones that you define and is designed to protect a different type of sensitive information (for example, employee IDs or project numbers). For more information see, [Create a custom sensitive information type](https://docs.microsoft.com/office365/securitycompliance/create-a-custom-sensitive-information-type). - -When a file is created or edited on a Windows device, Microsoft Defender ATP scans the content to evaluate if it contains sensitive information. +When a file is created or edited on a Windows device, Microsoft Defender ATP scans the content to evaluate if it contains sensitive information. Turn on the Azure Information Protection integration so that when a file that contains sensitive information is discovered by Microsoft Defender ATP though labels or information types, it is automatically forwarded to Azure Information Protection from the device. ![Image of settings page with Azure Information Protection](images/atp-settings-aip.png) -The reported signals can be viewed on the Azure Information Protection – Data discovery dashboard. +The reported signals can be viewed on the Azure Information Protection – Data discovery dashboard. -## Azure Information Protection - Data discovery dashboard -This dashboard presents a summarized discovery information of data discovered by bothMicrosoft Defender ATP and Azure Information Protection. Data from Microsoft Defender ATP is marked with Location Type - Endpoint. +## Azure Information Protection - Data discovery dashboard + +This dashboard presents a summarized discovery information of data discovered by both Microsoft Defender ATP and Azure Information Protection. Data from Microsoft Defender ATP is marked with Location Type - Endpoint. ![Image of Azure Information Protection - Data discovery](images/azure-data-discovery.png) - Notice the Device Risk column on the right, this device risk is derived directly from Microsoft Defender ATP, indicating the risk level of the security device where the file was discovered, based on the active security threats detected by Microsoft Defender ATP. Click on a device to view a list of files observed on this device, with their sensitivity labels and information types. @@ -74,47 +74,44 @@ Click on a device to view a list of files observed on this device, with their se >[!NOTE] >Please allow approximately 15-20 minutes for the Azure Information Protection Dashboard Discovery to reflect discovered files. +## Log Analytics - - -## Log Analytics Data discovery based on Microsoft Defender ATP is also available in [Azure Log Analytics](https://docs.microsoft.com/azure/log-analytics/log-analytics-overview), where you can perform complex queries over the raw data. -For more information on Azure Information Protection analytics, see [Central reporting for Azure Information Protection](https://docs.microsoft.com/azure/information-protection/reports-aip). +For more information on Azure Information Protection analytics, see [Central reporting for Azure Information Protection](https://docs.microsoft.com/azure/information-protection/reports-aip). -Open Azure Log Analytics in Azure Portal and open a query builder (standard or classic). - -To view Microsoft Defender ATP data, perform a query that contains: +Open Azure Log Analytics in Azure Portal and open a query builder (standard or classic). +To view Microsoft Defender ATP data, perform a query that contains: ``` -InformationProtectionLogs_CL -| where Workload_s == "Windows Defender" +InformationProtectionLogs_CL +| where Workload_s == "Windows Defender" ``` **Prerequisites:** + - Customers must have a subscription for Azure Information Protection. -- Enable Azure Information Protection integration in Microsoft Defender Security Center: +- Enable Azure Information Protection integration in Microsoft Defender Security Center: - Go to **Settings** in Microsoft Defender Security Center, click on **Advanced Settings** under **General**. - -## Data protection +## Data protection ### Endpoint data loss prevention -For data to be protected, they must first be identified through labels. + +For data to be protected, they must first be identified through labels. Sensitivity labels are created in Office 365 Security & Compliance Center. Microsoft Defender ATP then uses the labels to identify endpoints that need Windows Information Protection (WIP) applied on them. -When you create sensitivity labels, you can set the information protection functionalities that will be applied on the file. The setting that applies to Microsoft Defender ATP is the Endpoint data loss prevention. - -For the endpoint data loss prevention, you'll need to turn on the Endpoint Data loss prevention and select Enable Windows end point protection (DLP for devices). +When you create sensitivity labels, you can set the information protection functionalities that will be applied on the file. The setting that applies to Microsoft Defender ATP is the Endpoint data loss prevention. +For the endpoint data loss prevention, you'll need to turn on the Endpoint Data loss prevention and select Enable Windows end point protection (DLP for devices). ![Image of Office 365 Security and Compliance sensitivity label](images/office-scc-label.png) -Once, the policy is set and published, Microsoft Defender ATP automatically enables WIP for labeled files. When a labeled file is created or modified on a Windows device, Microsoft Defender ATP automatically detects it and enables WIP on that file if its label corresponds with Office Security and Compliance (SCC) policy. +Once, the policy is set and published, Microsoft Defender ATP automatically enables WIP for labeled files. When a labeled file is created or modified on a Windows device, Microsoft Defender ATP automatically detects it and enables WIP on that file if its label corresponds with Office Security and Compliance (SCC) policy. -This functionality expands the coverage of WIP to protect files based on their label, regardless of their origin. +This functionality expands the coverage of WIP to protect files based on their label, regardless of their origin. For more information, see [Configure information protection in Windows](information-protection-in-windows-config.md). @@ -127,10 +124,8 @@ Those information types are evaluated against the auto-labeling policy. If a mat > [!NOTE] > Auto-labeling is supported in Office apps only when the Azure Information Protection unified labeling client is installed. When sensitive content is detected in email or documents matching the conditions you choose, a label can automatically be applied or a message can be shown to users recommending they apply it themselves. - - For more information, see [Configure information protection in Windows](information-protection-in-windows-config.md). - ## Related topics + - [How Windows Information Protection protects files with a sensitivity label](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/how-wip-works-with-labels) From c72b3f50b8a6b3ddeb7bc203fcb1754943647934 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 11 Mar 2020 15:37:54 -0700 Subject: [PATCH 4/7] Rename Oracle EL -> Oracle Linux --- .../microsoft-defender-atp/linux-install-manually.md | 6 +++--- .../microsoft-defender-atp/linux-install-with-ansible.md | 2 +- .../microsoft-defender-atp/linux-install-with-puppet.md | 2 +- .../microsoft-defender-atp/linux-resources.md | 2 +- .../microsoft-defender-atp/linux-updates.md | 2 +- .../microsoft-defender-atp/microsoft-defender-atp-linux.md | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md index 84d747929e..50653c4861 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md @@ -43,14 +43,14 @@ The choice of the channel determines the type and frequency of updates that are In order to preview new features and provide early feedback, it is recommended that you configure some devices in your enterprise to use either *insiders-fast* or *insiders-slow*. -### RHEL and variants (CentOS and Oracle EL) +### RHEL and variants (CentOS and Oracle Linux) - Note your distribution and version, and identify the closest entry for it under `https://packages.microsoft.com/config/`. In the below commands, replace *[distro]* and *[version]* with the information you've identified: > [!NOTE] - > In case of Oracle EL and CentOS 8, replace *[distro]* with “rhel”. + > In case of Oracle Linux and CentOS 8, replace *[distro]* with “rhel”. ```bash sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/[distro]/[version]/[channel].repo @@ -170,7 +170,7 @@ In order to preview new features and provide early feedback, it is recommended t ## Application installation -- RHEL and variants (CentOS and Oracle EL): +- RHEL and variants (CentOS and Oracle Linux): ```bash sudo yum install mdatp diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md index bdba284676..8055a89985 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md @@ -140,7 +140,7 @@ Create subtask or role files that contribute to an actual task. Create the follo In the following commands, replace *[distro]* and *[version]* with the information you've identified. > [!NOTE] - > In case of Oracle EL and CentOS 8, replace *[distro]* with “rhel”. + > In case of Oracle Linux and CentOS 8, replace *[distro]* with “rhel”. - For apt-based distributions use the following YAML file: diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md index 177ef802de..12e03e5b05 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md @@ -89,7 +89,7 @@ Note your distribution and version and identify the closest entry for it under ` In the below commands, replace *[distro]* and *[version]* with the information you've identified: > [!NOTE] -> In case of Oracle EL and CentOS 8, replace *[distro]* with “rhel”. +> In case of Oracle Linux and CentOS 8, replace *[distro]* with “rhel”. ```puppet class install_mdatp { diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md b/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md index 388b235ac3..adc92e7c31 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md @@ -68,7 +68,7 @@ There are several ways to uninstall Microsoft Defender ATP for Linux. If you are ### Manual uninstallation -- ```sudo yum remove mdatp``` for RHEL and variants(CentOS and Oracle EL). +- ```sudo yum remove mdatp``` for RHEL and variants(CentOS and Oracle Linux). - ```sudo zypper remove mdatp``` for SLES and variants. - ```sudo apt-get purge mdatp``` for Ubuntu and Debian systems. diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md b/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md index 74979b6c15..37b668c4f2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md @@ -28,7 +28,7 @@ Microsoft regularly publishes software updates to improve performance, security, To update Microsoft Defender ATP for Linux manually, execute one of the following commands: -## RHEL and variants (CentOS and Oracle EL) +## RHEL and variants (CentOS and Oracle Linux) ```bash sudo yum update mdatp diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index ad38c483b0..96bb2dc3c9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -82,7 +82,7 @@ In general you need to take the following steps: - Ubuntu 16.04 LTS or higher LTS - Debian 9 or higher - SUSE Linux Enterprise Server 12 or higher - - Oracle Enterprise Linux 7 + - Oracle Linux 7 - Minimum kernel version 2.6.38 - The `fanotify` kernel option must be enabled From fa769af522683d1ab791b6f5d22de336514cf69b Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 11 Mar 2020 15:41:07 -0700 Subject: [PATCH 5/7] Remove CentOS 8 from not --- .../microsoft-defender-atp/linux-install-manually.md | 2 +- .../microsoft-defender-atp/linux-install-with-ansible.md | 2 +- .../microsoft-defender-atp/linux-install-with-puppet.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md index 50653c4861..d6714f727e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md @@ -50,7 +50,7 @@ In order to preview new features and provide early feedback, it is recommended t In the below commands, replace *[distro]* and *[version]* with the information you've identified: > [!NOTE] - > In case of Oracle Linux and CentOS 8, replace *[distro]* with “rhel”. + > In case of Oracle Linux, replace *[distro]* with “rhel”. ```bash sudo yum-config-manager --add-repo=https://packages.microsoft.com/config/[distro]/[version]/[channel].repo diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md index 8055a89985..30ebd5fdad 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md @@ -140,7 +140,7 @@ Create subtask or role files that contribute to an actual task. Create the follo In the following commands, replace *[distro]* and *[version]* with the information you've identified. > [!NOTE] - > In case of Oracle Linux and CentOS 8, replace *[distro]* with “rhel”. + > In case of Oracle Linux, replace *[distro]* with “rhel”. - For apt-based distributions use the following YAML file: diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md index 12e03e5b05..89133920ec 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md @@ -89,7 +89,7 @@ Note your distribution and version and identify the closest entry for it under ` In the below commands, replace *[distro]* and *[version]* with the information you've identified: > [!NOTE] -> In case of Oracle Linux and CentOS 8, replace *[distro]* with “rhel”. +> In case of Oracle Linux, replace *[distro]* with “rhel”. ```puppet class install_mdatp { From 2d9979fef848cf1d1b00a3ef6fa87b90faa7ef4b Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Wed, 11 Mar 2020 17:16:41 -0700 Subject: [PATCH 6/7] Removed extra character --- .../microsoft-defender-atp/microsoft-threat-experts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md index 2b5f9a206d..235ddd3611 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md @@ -27,7 +27,7 @@ Microsoft Threat Experts is a managed threat hunting service that provides Secur This new capability provides expert-driven insights and data through targeted attack notification and access to experts on demand. Watch this video for a quick overview of Microsoft Threat Experts. -

+ >[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4qZ0B] From 048316dea4e07a695e10149aad403be5ecda9424 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Thu, 12 Mar 2020 10:27:36 -0700 Subject: [PATCH 7/7] Update TOC.md --- windows/security/threat-protection/TOC.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index cd1454ec2e..2ac8e45d32 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -409,6 +409,7 @@ #### [Next-generation protection](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md) ##### [Better together: Windows Defender Antivirus and Microsoft Defender ATP](windows-defender-antivirus/why-use-microsoft-antivirus.md) ##### [Better together: Windows Defender Antivirus and Office 365](windows-defender-antivirus/office-365-windows-defender-antivirus.md) +##### [Shadow protection](windows-defender-antivirus/shadow-protection.md)