From a1bf0b2c10338f292c24e64b5a09190cd3469dd1 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 9 Oct 2018 16:06:34 +0000 Subject: [PATCH] Deleted incidents-queue.md --- .../windows-defender-atp/incidents-queue.md | 35 ------------------- 1 file changed, 35 deletions(-) delete mode 100644 windows/security/threat-protection/windows-defender-atp/incidents-queue.md diff --git a/windows/security/threat-protection/windows-defender-atp/incidents-queue.md b/windows/security/threat-protection/windows-defender-atp/incidents-queue.md deleted file mode 100644 index 783f74ac70..0000000000 --- a/windows/security/threat-protection/windows-defender-atp/incidents-queue.md +++ /dev/null @@ -1,35 +0,0 @@ ---- -title: Incidents queue in Windows Defender ATP -description: -keywords: incidents, aggregate, investigations, queue, ttp -search.product: eADQiWindows 10XVcnh -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.author: macapara -author: mjcaparas -ms.localizationpriority: medium -ms.date: 10/08/2018 ---- - -# Incidents queue in Windows Defender ATP -**Applies to:** -- Windows Defender Advanced Threat Protection (Windows Defender ATP) - -[!include[Prerelease information](prerelease.md)] - -When a cybersecurity threat is emerging, or a potential attacker is deploying its tactics, techniques/tools, and procedures (TTPs) on the network, Windows Defender ATP will quickly trigger alerts and launch matching automatic investigations. - -Windows Defender ATP applies correlation analytics and aggregates all related alerts and investigations into an incident. Doing so helps narrate a broader story of an attack, thus providing you with the right visuals (upgraded incident graph) and data representations to understand and deal with complex cross-entity threats to your organization's network. - - -## In this section - -Topic | Description -:---|:--- -[View and organize the Incidents queue](view-incidents-queue.md)| See the list of incidents and learn how to apply filters to limit the list and get a more focused view. -[Manage incidents](manage-incidents-windows-defender-advanced-threat-protection.md) | Learn how to manage incidents by assigning it, updating its status, or setting its classification and other actions. -[Investigate incidents](investigate-incidents-windows-defender-advanced-threat-protection.md)| See associated alerts, manage the incident, see alert metadata, and visualizations to help you investigate an incident. - -