deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 14:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into FromPrivateRepo

Browse Source
This commit is contained in:
huaping yu 2018-12-04 15:34:25 -08:00
commit 9513728045
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md
View File

@ -11,7 +11,7 @@ ms.pagetype: security
ms.author: macapara ms.author: macapara
author: mjcaparas author: mjcaparas
ms.localizationpriority: medium ms.localizationpriority: medium
ms.date: 09/03/2018 ms.date: 12/04/2018
--- ---
# Overview of Automated investigations # Overview of Automated investigations
@ -31,6 +31,7 @@ Entities are the starting point for Automated investigations. When an alert cont
>[!NOTE] >[!NOTE]
>Currently, Automated investigation only supports Windows 10, version 1803 or later. >Currently, Automated investigation only supports Windows 10, version 1803 or later.
>Some investigation playbooks, like memory investigations, require Windows 10, version 1809 or later.
The alerts start by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view. The alerts start by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view.