deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 10:53:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

update overview topic

Browse Source
This commit is contained in:
Joey Caparas
2018-08-12 18:49:23 -07:00
parent 21d209eb71
commit a0f22ae2b6
4 changed files with 34 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
windows/security/threat-protection/onboard.md
View File

@ -26,6 +26,7 @@ Topic | Description
[Configure next generation protection](windows-defender-antivirus/configure-windows-defender-antivirus-features.md) | Configure next generation protection to catch all types of emerging threats.
[Configure Windows Defender Security Center settings](windows-defender-atp/preferences-setup-windows-defender-advanced-threat-protection.md) | Configure portal related settings such as general settings, advanced features, enable the preview experience and others.
[Manage auto investigation and remediation](windows-defender-atp/manage-auto-investigation-windows-defender-advanced-threat-protection.md) | Learn how you can manage and view the details of an automated investigation.
[]
[Configure the security controls in Secure score](windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md) | Configure the security controls in Secure score to increase the security posture of your organization.

14
windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md
View File

@ -15,22 +15,8 @@ ms.date: 06/13/2018
# Query data using Advanced hunting in Windows Defender ATP
**Applies to:**
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
Advanced hunting allows you to proactively hunt for possible threats across your organization using a powerful search and query tool. Take advantage of the following capabilities:
- **Powerful query language with IntelliSense** - Built on top of a query language that gives you the flexibility you need to take hunting to the next level.
- **Query the stored telemetry** - The telemetry data is accessible in tables for you to query. For example, you can query process creation, network communication, and many other event types.
- **Links to portal** - Certain query results, such as machine names and file names are actually direct links to the portal, consolidating the Advanced hunting query experience and the existing portal investigation experience.
- **Query examples** - A welcome page provides examples designed to get you started and get you familiar with the tables and the query language.
To get you started in querying your data, you can use the basic or Advanced query examples that have some preloaded queries for you to understand the basic query syntax.

25
windows/security/threat-protection/windows-defender-atp/overview-hunting-windows-defender-advanced-threat-protection.md Normal file
View File

@ -0,0 +1,25 @@
---
title: Overview of advanced hunting capabilities
description: Learn about the advanced hunting capability in Windows Defender ATP
keywords:
search.product: eADQiWindows 10XVcnh
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.author: macapara
author: mjcaparas
ms.localizationpriority: high
ms.date: 09/12/2018
---
# Overview of advanced hunting
Advanced hunting allows you to hunt for possible threats across your organization using a powerful search and query tool. You can also create custom detection rules based on the queries you created and surface alerts in Windows Defender Security Center.
With advanced hunting, you can take advantage of the following capabilities:
- **Powerful query language with IntelliSense** - Built on top of a query language that gives you the flexibility you need to take hunting to the next level.
- **Query the stored telemetry** - The telemetry data is accessible in tables for you to query. For example, you can query process creation, network communication, and many other event types.
- **Links to portal** - Certain query results, such as machine names and file names are actually direct links to the portal, consolidating the Advanced hunting query experience and the existing portal investigation experience.
- **Query examples** - A welcome page provides examples designed to get you started and get you familiar with the tables and the query language.

13
windows/security/threat-protection/windows-defender-atp/overview.md
View File

@ -15,17 +15,18 @@ ms.date: 07/01/2018
# Overview of Windows Defender ATP
Understand the concepts behind the capabilities in Windows Defender ATP.
Understand the concepts behind the capabilities in Windows Defender ATP so you take full advantage of the complete threat protection platform.
## In this section
Topic | Description
:---|:---
[Windows Defender Security Center](../windows-defender-atp/use-windows-defender-advanced-threat-protection.md) |
[Attack surface reduction](overview-attack-surface-reduction.md) | Understand the capabilities in attack surface reduction so you can leverage them to protect the perimeter of your organization.
[Windows Defender Security Center](../windows-defender-atp/use-windows-defender-advanced-threat-protection.md) | Learn about the portal and the various dashboards you can leverage to enrich your security investigations.
[Attack surface reduction](overview-attack-surface-reduction.md) | Leverage the attack surface reduction capabilities to protect the perimeter of your organization.
[Next generation protection](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md) | Learn about the antivirus capabilities in Windows Defender ATP so you can protect desktops, portable computers, and servers.
[Endpoint detection and response](overview-endpoint-detection-response.md) | Understand how Windows Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization.
[Endpoint detection and response](overview-endpoint-detection-response.md) | Understand how Windows Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization and the features you can use to mitigate and remediate threats.
[Auto investigation]() | In conjunction with being able to quickly respond to advanced attacks, Windows Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
[Secure score](over) |
[Advanced hunting]() |
[Secure score](overview-secure-score-windows-defender-advanced-threat-protection.md) | Quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to better protect your organization - all in one place.
[Advanced hunting](overview-hunting-windows-defender-advanced-threat-protection.md) | Use a powerful search and query language to create custom queries and detection rules.