deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 21:03:42 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

update secure score

Browse Source
This commit is contained in:
Joey Caparas
2018-03-13 17:22:55 -07:00
parent 2d8a37c5b4
commit 9b4fa7efe9
6 changed files with 22 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
windows/security/threat-protection/windows-defender-atp/enable-security-analytics-windows-defender-advanced-threat-protection.md
View File

@ -1,7 +1,7 @@
---
title: Enable Security Analytics in Windows Defender ATP
description: Set the baselines for calculating the score of Windows Defender security controls on the Security Analytics dashboard.
keywords: enable security analytics, baseline, calculation, analytics, score, security analytics dashboard, dashboard
title: Enable Secure score in Windows Defender ATP
description: Set the baselines for calculating the score of Windows Defender security controls on the Secure score dashboard.
keywords: enable secure score, baseline, calculation, analytics, score, secure score dashboard, dashboard
search.product: eADQiWindows 10XVcnh
ms.prod: w10
ms.mktglfcycl: deploy
@ -13,7 +13,7 @@ ms.localizationpriority: high
ms.date: 04/16/2018
---
# Enable Security Analytics security controls
# Enable Secure score security controls
**Applies to:**
@ -25,21 +25,21 @@ ms.date: 04/16/2018
[!include[Prerelease information](prerelease.md)]
Set the baselines for calculating the score of Windows Defender security controls on the Security Analytics dashboard. If you use third-party solutions, consider excluding the corresponding controls from the calculations.
Set the baselines for calculating the score of Windows Defender security controls on the Secure score dashboard. If you use third-party solutions, consider excluding the corresponding controls from the calculations.
>[!NOTE]
>Changes might take up to a few hours to reflect on the dashboard.
1. In the navigation pane, select **Settings** > **General** > **Secure score**.
![Image of Security Analytics controls from Preferences setup menu](images/atp-enable-security-analytics.png)
![Image of Secure score controls from Preferences setup menu](images/atp-enable-security-analytics.png)
2. Select the security control, then toggle the setting between **On** and **Off**.
3. Click **Save preferences**.
## Related topics
- [View the Security Analytics dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md)
- [View the Secure score dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md)
- [Update general settings in Windows Defender ATP](general-settings-windows-defender-advanced-threat-protection.md)
- [Turn on advanced features in Windows Defender ATP](advanced-features-windows-defender-advanced-threat-protection.md)
- [Turn on the preview experience in Windows Defender ATP](preview-settings-windows-defender-advanced-threat-protection.md)

2
windows/security/threat-protection/windows-defender-atp/machines-view-overview-windows-defender-advanced-threat-protection.md
View File

@ -84,7 +84,7 @@ Filter the list to view specific machines that are well configured or require at
- **Well configured** - Machines have the Windows Defender security controls well configured.
- **Requires attention** - Machines where improvements can be made to increase the overall security posture of your organization.
For more information, see [View the Security Analytics dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md).
For more information, see [View the Secure score dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md).
**Malware category alerts**</br>
Filter the list to view specific machines grouped together by the following malware categories:

4
windows/security/threat-protection/windows-defender-atp/portal-overview-windows-defender-advanced-threat-protection.md
View File

@ -51,13 +51,13 @@ You can navigate through the portal using the menu options available in all sect
Area | Description
:---|:---
(1) Navigation pane | Use the navigation pane to move between the **Dashboards**, **Alerts queue**, **Machines list**, **Service health**, **Settings**, and **Endpoint management**.
**Dashboards** | Enables you to view the Security operations, the Security analytics dashboard, or
**Dashboards** | Enables you to view the Security operations, the Secure score, or Threat analytics dashboard.
**Alerts** | Enables you to view separate queues of new, in progress, resolved alerts, alerts assigned to you, and suppression rules.
**Automated investigations** | Displays a list of automated investigations that's been conducted in the network, the status of each investigation and other details such as when the investigation started and the duration of the investigation.
**Machines list** | Displays the list of machines that are onboarded to Windows Defender ATP, some information about them, and the corresponding number of alerts.
**Service health** | Provides information on the current status of the Window Defender ATP service. You'll be able to verify that the service health is healthy or if there are current issues.
**Advanced hunting** | Advanced hunting allows you to proactively hunt and investigate across your organization using a powerful search and query tool.
**Settings** | Shows the settings you selected during onboarding and lets you update your industry preferences and retention policy period. You can also set other configuration settings such as email notifications, activate the preview experience, enable or turn off advanced features, SIEM integration, threat intel API, build Power BI reports, and set baselines for the Security analytics dashboard.
**Settings** | Shows the settings you selected during onboarding and lets you update your industry preferences and retention policy period. You can also set other configuration settings such as email notifications, activate the preview experience, enable or turn off advanced features, SIEM integration, threat intel API, build Power BI reports, and set baselines for the Secure score dashboard.
**Endpoint management** | Provides access to endpoints such as clients and servers. Allows you to download the onboarding configuration package for endpoints. It also provides access to endpoint offboarding.
**(2) Main portal** | Main area where you will see the different views such as the Dashboards, Alerts queue, and Machines list.
**(3) Search, Community center, Time settings, Help and support, Feedback** | **Search** - Provides access to the search bar where you can search for file, IP, machine, URL, and user. Displays the Search box: the drop-down list allows you to select the entity type and then enter the search query text.</br></br> **Community center** -Access the Community center to learn, collaborate, and share experiences about the product. </br></br> **Time settings** - Gives you access to the configuration settings where you can set time zones and view license information. </br></br> **Help and support** - Gives you access to the Windows Defender ATP guide, Microsoft support, and Premier support.</br></br> **Feedback** - Access the feedback button to provide comments about the portal.

2
windows/security/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md
View File

@ -106,7 +106,7 @@ There are a couple of tabs on the report that's generated:
- Machine and alerts
- Investigation results and action center
- Security analytics
- Secure score
In general, if you know of a specific threat name, CVE, or KB, you can identify machines with upatched vulnerabilities that might be leveraged by threats. This report also helps you determine whether machine-level mitigations are configured correctly on the machines and prioritize those that might need attention.

18
windows/security/threat-protection/windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection.md
View File

@ -1,7 +1,7 @@
---
title: View the Security Analytics dashboard in Windows Defender ATP
description: Use the Security Analytics dashboard to assess and improve the security state of your organization by analyzing various security control tiles.
keywords: security analytics, dashboard, security recommendations, security control state, security score, score improvement, organizational security score, security coverage, security control, improvement opportunities, edr, antivirus, av, os security updates
title: View the Secure score dashboard in Windows Defender ATP
description: Use the Secure score dashboard to assess and improve the security state of your organization by analyzing various security control tiles.
keywords: secure score, dashboard, security recommendations, security control state, security score, score improvement, organizational security score, security coverage, security control, improvement opportunities, edr, antivirus, av, os security updates
search.product: eADQiWindows 10XVcnh
ms.prod: w10
ms.mktglfcycl: deploy
@ -12,7 +12,7 @@ localizationpriority: high
ms.date: 04/16/2018
---
# View the Windows Defender Advanced Threat Protection Security analytics dashboard
# View the Windows Defender Advanced Threat Protection Secure score dashboard
**Applies to:**
@ -27,19 +27,19 @@ ms.date: 04/16/2018
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-sadashboard-abovefoldlink)
The Security Analytics dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines.
The Secure score dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines.
>[!IMPORTANT]
> This feature is available for machines on Windows 10, version 1703 or later.
The **Security analytics dashboard** displays a snapshot of:
The **Secure score dashboard** displays a snapshot of:
- Organizational security score
- Windows Defender security controls
- Improvement opportunities
- Security score over time
![Security analytics dashboard](images/atp-dashboard-security-analytics-full.png)
![Secure score dashboard](images/atp-dashboard-security-analytics-full.png)
## Organizational security score
The organization security score is reflective of the average score of all the Windows Defender security controls that are configured according to the recommended baseline. You can improve this score by taking the steps in configuring each of the security controls in the optimal settings.
@ -53,7 +53,7 @@ The denominator is reflective of the organizational score potential and calculat
In the example image, the total points from the **Improvement opportunities** tile add up to 321 points for the six pillars from the **Security coverage** tile.
You can set the baselines for calculating the score of Windows Defender security controls on the Security Analytics dashboard through the **Preferences settings**. For more information, see [Enable Security Analytics security controls](enable-security-analytics-windows-defender-advanced-threat-protection.md).
You can set the baselines for calculating the score of Windows Defender security controls on the Secure score dashboard through the **Preferences settings**. For more information, see [Enable Secure score security controls](enable-security-analytics-windows-defender-advanced-threat-protection.md).
## Windows Defender security controls
The security controls tile shows a bar graph where each bar represents a Windows Defender security control. Each bar reflects the number of machines that are well configured and those that require **any kind of attention** for each security control. Hovering on top of the individual bars will show exact numbers for each category. Machines that are green are well configured, while machines that are orange require some level of attention.
@ -356,7 +356,7 @@ You can take the following actions to increase the overall security score of you
## Related topics
- [Enable Security Analytics security controls](enable-security-analytics-windows-defender-advanced-threat-protection.md)
- [Enable Secure score security controls](enable-security-analytics-windows-defender-advanced-threat-protection.md)
- [View the Security operations dashboard](dashboard-windows-defender-advanced-threat-protection.md)
- [Portal overview](portal-overview-windows-defender-advanced-threat-protection.md)

4
windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md
View File

@ -77,7 +77,7 @@ detect sophisticated cyber-attacks, providing:
- Rich timeline for forensic investigation and mitigation
Easily investigate the scope of breach or suspected behaviors on any machine through a rich machine timeline. File, URLs, and network connection inventory across the network. Gain additional insight using deep collection and analysis (“detonation”) for any file or URLs.
Easily investigate the scope of breach or suspected behaviours on any machine through a rich machine timeline. File, URLs, and network connection inventory across the network. Gain additional insight using deep collection and analysis (“detonation”) for any file or URLs.
- Built in unique threat intelligence knowledge base
@ -89,7 +89,7 @@ Topic | Description
:---|:---
Get started | Learn about the minimum requirements, validate licensing and complete setup, know about preview features, understand data storage and privacy, and how to assign user access to the portal.
[Onboard endpoints and set up access](onboard-configure-windows-defender-advanced-threat-protection.md) | Learn about configuring client, server, and non-Windows endpoints. Learn how to run a detection test, configure proxy and Internet connectivity settings, and how to troubleshoot potential onboarding issues.
[Understand the Windows Defender ATP portal](use-windows-defender-advanced-threat-protection.md) | Understand the Security operations and Security analytics dashboard, and how to navigate the portal.
[Understand the Windows Defender ATP portal](use-windows-defender-advanced-threat-protection.md) | Understand the Security operations and Secure score dashboard, and how to navigate the portal.
Investigate and remediate threats | Investigate alerts, machines, and take response actions to remediate threats.
API and SIEM support | Use the supported APIs to pull and create custom alerts, or automate workflows. Use the supported SIEM tools to pull alerts from the Windows Defender ATP portal.
Reporting | Create and build Power BI reports using Windows Defender ATP data.