deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-19 12:23:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into FromPrivateRepo

Browse Source
This commit is contained in:
Alma Jenks
2018-03-28 10:57:33 -07:00
parent 9cd10e2909 aab1e9fdc1
commit 98c364f132
3 changed files with 21 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
windows/configuration/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
View File

@ -77,14 +77,13 @@ Here's a list of changes that were made to this article for Windows 10, version
## <a href="" id="bkmk-othersettings"></a>Management options for each setting
The following sections list the components that make network connections to Microsoft services by default. You can configure these settings to control the data that is sent to Microsoft. To prevent Windows from sending any data to Microsoft, configure diagnostic data at the Security level, turn off Windows Defender diagnostic data and MSRT reporting, and turn off all of these connections.
If you're running Windows 10, they will be included in the next update for the Long Term Servicing Branch.
### Settings for Windows 10 Enterprise edition
See the following table for a summary of the management settings for Windows 10 Enterprise, version 1709 and Windows 10 Enterprise, version 1703.
The following table lists management options for each setting, beginning with Windows 10 Enterprise version 1703.
| Setting | UI | Group Policy | MDM policy | Registry | Command line |
| - | :-: | :-: | :-: | :-: | :-: |

17
windows/security/threat-protection/windows-defender-atp/custom-ti-api-windows-defender-advanced-threat-protection.md
View File

@ -10,7 +10,7 @@ ms.pagetype: security
ms.author: macapara
author: mjcaparas
ms.localizationpriority: high
ms.date: 10/16/2017
ms.date: 03/27/2018
---
# Create custom alerts using the threat intelligence (TI) application program interface (API)
@ -184,6 +184,21 @@ Content-Type: application/json;
```
If successful, you should get a 201 CREATED response containing the representation of the newly created indicators of compromise in the payload.
The API currently supports the following IOC types:
- Sha1
- Sha256
- Md5
- FileName
- IpAddress
- DomainName
And the following operators:
- Equals
- StartWith
- EndWith
- Contains
## Bulk upload of alert definitions and IOCs
Bulk upload of multiple entities can be done by sending an HTTP POST request to `/{resource}/Actions.BulkUpload`. </br>