From a2ce9c52a9755b1801d14f4c1c5503b8324a4baf Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 16 Jun 2020 16:22:37 -0700 Subject: [PATCH] Updated older WD ATP mentions --- .../advanced-hunting-best-practices.md | 2 +- .../advanced-hunting-devicealertevents-table.md | 2 +- ...ed-hunting-devicefilecertificateinfo-table.md | 2 +- ...vicetvmsecureconfigurationassessment-table.md | 2 +- ...cetvmsecureconfigurationassessmentkb-table.md | 2 +- ...etvmsoftwareinventoryvulnerabilities-table.md | 2 +- ...g-devicetvmsoftwarevulnerabilitieskb-table.md | 2 +- .../advanced-hunting-overview.md | 2 +- .../advanced-hunting-query-language.md | 2 +- .../advanced-hunting-query-results.md | 10 +++++----- .../advanced-hunting-schema-reference.md | 2 +- .../advanced-hunting-shared-queries.md | 2 +- .../microsoft-defender-atp/api-explorer.md | 2 +- .../microsoft-defender-atp/apis-intro.md | 2 +- .../microsoft-defender-atp/attack-simulations.md | 2 +- .../configure-email-notifications.md | 2 +- .../configure-machines-onboarding.md | 2 +- .../configure-mssp-support.md | 16 ++++++++-------- .../connected-applications.md | 2 +- .../defender-compatibility.md | 2 +- .../microsoft-defender-atp/evaluation-lab.md | 2 +- .../microsoft-defender-atp/investigate-domain.md | 2 +- .../microsoft-defender-atp/investigate-ip.md | 2 +- .../microsoft-defender-atp/investigate-user.md | 2 +- .../next-gen-threat-and-vuln-mgt.md | 2 +- .../microsoft-defender-atp/offboard-machines.md | 2 +- .../microsoft-defender-atp/onboard-configure.md | 2 +- .../microsoft-defender-atp/run-detection-test.md | 2 +- .../troubleshoot-onboarding-error-messages.md | 2 +- 29 files changed, 40 insertions(+), 40 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md index 67da553c47..669be788ad 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md @@ -1,7 +1,7 @@ --- title: Query best practices for advanced hunting description: Learn how to construct fast, efficient, and error-free threat hunting queries when using advanced hunting -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, custom detections, schema, kusto, avoid timeout, command lines, process id +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, custom detections, schema, kusto, avoid timeout, command lines, process id search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md index a0c33bb68a..d568ae26bb 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md @@ -1,7 +1,7 @@ --- title: DeviceAlertEvents table in the advanced hunting schema description: Learn about alert generation events in the DeviceAlertEvents table of the advanced hunting schema -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, DeviceAlertEvents, alert, severity, category +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, DeviceAlertEvents, alert, severity, category search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md index 4c54f0a6d7..2e1e4ccfe6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md @@ -1,7 +1,7 @@ --- title: DeviceFileCertificateInfo table in the advanced hunting schema description: Learn about file signing information in the DeviceFileCertificateInfo table of the advanced hunting schema -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, digital signature, certificate, file signing, DeviceFileCertificateInfo +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, digital signature, certificate, file signing, DeviceFileCertificateInfo search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md index 507af8bb7b..41857037ef 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md @@ -1,7 +1,7 @@ --- title: DeviceTvmSecureConfigurationAssessment table in the advanced hunting schema description: Learn about Threat & Vulnerability Management security assessment events in the DeviceTvmSecureConfigurationAssessment table of the Advanced hunting schema. These events provide device information as well as security configuration details, impact, and compliance information. -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, threat & vulnerability management, TVM, device management, security configuration, DeviceTvmSecureConfigurationAssessment +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, threat & vulnerability management, TVM, device management, security configuration, DeviceTvmSecureConfigurationAssessment search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md index f30af239df..9381ed9722 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md @@ -1,7 +1,7 @@ --- title: DeviceTvmSecureConfigurationAssessmentKB table in the advanced hunting schema description: Learn about the various secure configurations assessed by Threat & Vulnerability Management in the DeviceTvmSecureConfigurationAssessmentKB table of the Advanced hunting schema. -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, threat & vulnerability management, TVM, device management, security configuration, MITRE ATT&CK framework, knowledge base, KB, DeviceTvmSecureConfigurationAssessmentKB +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, threat & vulnerability management, TVM, device management, security configuration, MITRE ATT&CK framework, knowledge base, KB, DeviceTvmSecureConfigurationAssessmentKB search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md index c70518d2e1..50afa668fd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md @@ -1,7 +1,7 @@ --- title: DeviceTvmSoftwareInventoryVulnerabilities table in the advanced hunting schema description: Learn about the inventory of software in your devices and their vulnerabilities in the DeviceTvmSoftwareInventoryVulnerabilities table of the advanced hunting schema. -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, threat & vulnerability management, TVM, device management, software, inventory, vulnerabilities, CVE ID, OS DeviceTvmSoftwareInventoryVulnerabilities +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, threat & vulnerability management, TVM, device management, software, inventory, vulnerabilities, CVE ID, OS DeviceTvmSoftwareInventoryVulnerabilities search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md index 2ba11df0c9..255fb53dc3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md @@ -1,7 +1,7 @@ --- title: DeviceTvmSoftwareVulnerabilitiesKB table in the advanced hunting schema description: Learn about the software vulnerabilities tracked by Threat & Vulnerability Management in the DeviceTvmSoftwareVulnerabilitiesKB table of the advanced hunting schema. -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, threat & vulnerability management, TVM, device management, software, inventory, vulnerabilities, CVE ID, CVSS, DeviceTvmSoftwareVulnerabilitiesKB +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, threat & vulnerability management, TVM, device management, software, inventory, vulnerabilities, CVE ID, CVSS, DeviceTvmSoftwareVulnerabilitiesKB search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md index 7617113067..5cd3f15a09 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md @@ -1,7 +1,7 @@ --- title: Overview of advanced hunting in Microsoft Defender ATP description: Use threat hunting capabilities in Microsoft Defender ATP to build queries that find threats and weaknesses in your network -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp, search, query, telemetry, custom detections, schema, kusto +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp, search, query, telemetry, custom detections, schema, kusto search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md index 3570732cf5..947c3638f3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md @@ -1,7 +1,7 @@ --- title: Learn the advanced hunting query language description: Create your first threat hunting query and learn about common operators and other aspects of the advanced hunting query language -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, language, learn, first query, telemetry, events, telemetry, custom detections, schema, kusto, operators, data types +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, language, learn, first query, telemetry, events, telemetry, custom detections, schema, kusto, operators, data types search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md index 2ac9237205..34716e8296 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md @@ -1,7 +1,7 @@ --- title: Work with advanced hunting query results in Microsoft Defender ATP description: Make the most of the query results returned by advanced hunting in Microsoft Defender ATP -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, custom detections, schema, kusto, visualization, chart, filters, drill down +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, custom detections, schema, kusto, visualization, chart, filters, drill down search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 @@ -77,8 +77,8 @@ These results are best visualized using a stacked column chart: ![Image of advanced hunting query results displayed as a stacked chart](images/advanced-hunting-stacked-chart.jpg) *Query results for alerts by OS and severity displayed as a stacked chart* -#### Top ten machine groups with alerts -If you're dealing with a list of values that isn’t finite, you can use the `Top` operator to chart only the values with the most instances. For example, to get the top ten machine groups with the most alerts, use the query below: +#### Top ten device groups with alerts +If you're dealing with a list of values that isn’t finite, you can use the `Top` operator to chart only the values with the most instances. For example, to get the top ten device groups with the most alerts, use the query below: ```kusto DeviceAlertEvents @@ -89,7 +89,7 @@ DeviceAlertEvents Use the pie chart view to effectively show distribution across the top groups: ![Image of advanced hunting query results displayed as a pie chart](images/advanced-hunting-pie-chart.jpg) -*Pie chart showing distribution of alerts across machine groups* +*Pie chart showing distribution of alerts across device groups* #### Malware detections over time Using the `summarize` operator with the `bin()` function, you can check for events involving a particular indicator over time. The query below counts detections of an EICAR test file at 30 minute intervals to show spikes in detections of that file: @@ -113,7 +113,7 @@ After running a query, select **Export** to save the results to local file. Your - **Any chart** — the query results are exported as a JPEG image of the rendered chart ## Drill down from query results -To view more information about entities, such as machines, files, users, IP addresses, and URLs, in your query results, simply click the entity identifier. This opens a detailed profile page for the selected entity. +To view more information about entities, such as devices, files, users, IP addresses, and URLs, in your query results, simply click the entity identifier. This opens a detailed profile page for the selected entity. ## Tweak your queries from the results Right-click a value in the result set to quickly enhance your query. You can use the options to: diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md index 57475908e5..94c74051a1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md @@ -1,7 +1,7 @@ --- title: Advanced hunting schema reference description: Learn about the tables in the advanced hunting schema to understand the data you can run threat hunting queries on -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, data +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, schema reference, kusto, table, data search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md index b661399a57..677a74ca65 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md @@ -1,7 +1,7 @@ --- title: Use shared queries in advanced hunting description: Start threat hunting immediately with predefined and shared queries. Share your queries to the public or to your organization. -keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, custom detections, schema, kusto, github repo, my queries, shared queries +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, custom detections, schema, kusto, github repo, my queries, shared queries search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md b/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md index 891d09df60..09f3293f1a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md +++ b/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md @@ -22,7 +22,7 @@ ms.topic: conceptual **Applies to:** -- [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) The Microsoft Defender ATP API Explorer is a tool that helps you explore various Microsoft Defender ATP APIs interactively. diff --git a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md index c837df60ee..aac9695165 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md +++ b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md @@ -2,7 +2,7 @@ title: Access the Microsoft Defender Advanced Threat Protection APIs ms.reviewer: description: Learn how you can use APIs to automate workflows and innovate based on Microsoft Defender ATP capabilities -keywords: apis, api, wdatp, open api, windows defender atp api, public api, supported apis, alerts, device, user, domain, ip, file, advanced hunting, query +keywords: apis, api, wdatp, open api, microsoft defender atp api, public api, supported apis, alerts, device, user, domain, ip, file, advanced hunting, query search.product: eADQiWindows 10XVcnh ms.prod: w10 ms.mktglfcycl: deploy diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md b/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md index d456f6a1f3..492d7037dc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md +++ b/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md @@ -1,7 +1,7 @@ --- title: Experience Microsoft Defender ATP through simulated attacks description: Run the provided attack scenario simulations to experience how Microsoft Defender ATP can detect, investigate, and respond to breaches. -keywords: wdatp, test, scenario, attack, simulation, simulated, diy, windows defender advanced threat protection +keywords: wdatp, test, scenario, attack, simulation, simulated, diy, microsoft defender advanced threat protection search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md index 821f4b2698..b7800036ff 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md @@ -1,7 +1,7 @@ --- title: Configure alert notifications in Microsoft Defender ATP description: You can use Microsoft Defender Advanced Threat Protection to configure email notification settings for security alerts, based on severity and other criteria. -keywords: email notifications, configure alert notifications, windows defender atp notifications, windows defender atp alerts, windows 10 enterprise, windows 10 education +keywords: email notifications, configure alert notifications, microsoft defender atp notifications, microsoft defender atp alerts, windows 10 enterprise, windows 10 education search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md index 024cf5216b..c189165c5f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md @@ -1,6 +1,6 @@ --- title: Get devices onboarded to Microsoft Defender ATP -description: Track onboarding of Intune-managed devices to Windows Defender ATP and increase onboarding rate. +description: Track onboarding of Intune-managed devices to Microsoft Defender ATP and increase onboarding rate. keywords: onboard, Intune management, MDATP, WDATP, Microsoft Defender, Windows Defender, advanced threat protection, configuration management search.product: eADQiWindows 10XVcnh search.appverid: met150 diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md index 7f7ce8196d..852f5ff3b8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md @@ -1,7 +1,7 @@ --- title: Configure managed security service provider support -description: Take the necessary steps to configure the MSSP integration with Windows Defender ATP +description: Take the necessary steps to configure the MSSP integration with Microsoft Defender ATP keywords: managed security service provider, mssp, configure, integration search.product: eADQiWindows 10XVcnh @@ -24,9 +24,9 @@ ms.date: 09/03/2018 **Applies to:** -- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) ->Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink) +>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink) [!include[Prerelease information](../../includes/prerelease.md)] @@ -44,7 +44,7 @@ The integration will allow MSSPs to take the following actions: - Get email notifications, and - Fetch alerts through security information and event management (SIEM) tools -Before MSSPs can take these actions, the MSSP customer will need to grant access to their Windows Defender ATP tenant so that the MSSP can access the portal. +Before MSSPs can take these actions, the MSSP customer will need to grant access to their Microsoft Defender ATP tenant so that the MSSP can access the portal. Typically, MSSP customers take the initial configuration steps to grant MSSPs access to their Windows Defender Security Central tenant. After access is granted, other configuration steps can be done by either the MSSP customer or the MSSP. @@ -54,7 +54,7 @@ In general, the following configuration steps need to be taken: - **Grant the MSSP access to Microsoft Defender Security Center**
-This action needs to be done by the MSSP customer. It grants the MSSP access to the MSSP customer's Windows Defender ATP tenant. +This action needs to be done by the MSSP customer. It grants the MSSP access to the MSSP customer's Microsoft Defender ATP tenant. - **Configure alert notifications sent to MSSPs**
@@ -97,7 +97,7 @@ Granting access to guest user is done the same way as granting access to a user If you're using basic permissions to access the portal, the guest user must be assigned a Security Administrator role in **your** tenant. For more information, see [Use basic permissions to access the portal](basic-permissions.md). -If you're using role-based access control (RBAC), the guest user must be to added to the appropriate group or groups in **your** tenant. Fore more information on RBAC in Windows Defender ATP, see [Manage portal access using RBAC](rbac.md). +If you're using role-based access control (RBAC), the guest user must be to added to the appropriate group or groups in **your** tenant. Fore more information on RBAC in Microsoft Defender ATP, see [Manage portal access using RBAC](rbac.md). >[!NOTE] @@ -166,7 +166,7 @@ Step 3: allow your application on Microsoft Defender Security Center ### Step 1: Create an application in Azure Active Directory (Azure AD) -You'll need to create an application and grant it permissions to fetch alerts from your customer's Windows Defender ATP tenant. +You'll need to create an application and grant it permissions to fetch alerts from your customer's Microsoft Defender ATP tenant. 1. Sign in to the [Azure AD portal](https://aad.portal.azure.com/). @@ -296,7 +296,7 @@ You'll need to have **Manage portal system settings** permission to allow the ap 5. Click **Authorize application**. -You can now download the relevant configuration file for your SIEM and connect to the Windows Defender ATP API. For more information see, [Pull alerts to your SIEM tools](configure-siem.md). +You can now download the relevant configuration file for your SIEM and connect to the Microsoft Defender ATP API. For more information see, [Pull alerts to your SIEM tools](configure-siem.md). - In the ArcSight configuration file / Splunk Authentication Properties file – you will have to write your application key manually by settings the secret value. diff --git a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md index 2d543f5b2d..bc7f7201e2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md +++ b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md @@ -20,7 +20,7 @@ ms.topic: conceptual # Connected applications in Microsoft Defender ATP **Applies to:** -- [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) Connected applications integrates with the Microsoft Defender ATP platform using APIs. diff --git a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md index 977fd10236..50ce80ff33 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md +++ b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md @@ -1,7 +1,7 @@ --- title: Microsoft Defender Antivirus compatibility with Microsoft Defender ATP description: Learn about how Windows Defender works with Microsoft Defender ATP and how it functions when a third-party antimalware client is used. -keywords: windows defender compatibility, defender, windows defender atp +keywords: windows defender compatibility, defender, microsoft defender atp search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md index 81696518d6..6cb3a21fd1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md +++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md @@ -18,7 +18,7 @@ ms.topic: article # Microsoft Defender ATP evaluation lab **Applies to:** -- [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) Conducting a comprehensive security product evaluation can be a complex process requiring cumbersome environment and device configuration before an end-to-end attack simulation can actually be done. Adding to the complexity is the challenge of tracking where the simulation activities, alerts, and results are reflected during the evaluation. diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md index c7231fab8e..3ab170260a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md @@ -1,7 +1,7 @@ --- title: Investigate Microsoft Defender Advanced Threat Protection domains description: Use the investigation options to see if devices and servers have been communicating with malicious domains. -keywords: investigate domain, domain, malicious domain, windows defender atp, alert, URL +keywords: investigate domain, domain, malicious domain, microsoft defender atp, alert, URL search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md index 4174aba520..81a124863d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md @@ -1,7 +1,7 @@ --- title: Investigate an IP address associated with an alert description: Use the investigation options to examine possible communication between devices and external IP addresses. -keywords: investigate, investigation, IP address, alert, windows defender atp, external IP +keywords: investigate, investigation, IP address, alert, microsoft defender atp, external IP search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md index 7f3d3a510f..4ce4ce083c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md @@ -1,7 +1,7 @@ --- title: Investigate a user account in Microsoft Defender ATP description: Investigate a user account for potential compromised credentials or pivot on the associated user account during an investigation. -keywords: investigate, account, user, user entity, alert, windows defender atp +keywords: investigate, account, user, user entity, alert, microsoft defender atp search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 0725a7b0cf..b51e526c2d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -1,7 +1,7 @@ --- title: Threat & Vulnerability Management description: This new capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations. -keywords: threat & vulnerability management, threat and vulnerability management, MDATP TVM, MDATP-TVM, vulnerability management, vulnerability assessment, threat and vulnerability scanning, secure configuration assessment, windows defender atp, microsoft defender atp, endpoint vulnerabilities, next generation +keywords: threat & vulnerability management, threat and vulnerability management, MDATP TVM, MDATP-TVM, vulnerability management, vulnerability assessment, threat and vulnerability scanning, secure configuration assessment, microsoft defender atp, microsoft defender atp, endpoint vulnerabilities, next generation search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md index b500b5ea0b..65e82f7f8a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md +++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md @@ -1,7 +1,7 @@ --- title: Offboard devices from the Microsoft Defender ATP service description: Onboard Windows 10 devices, servers, non-Windows devices from the Microsoft Defender ATP service -keywords: offboarding, windows defender advanced threat protection offboarding, windows atp offboarding +keywords: offboarding, microsoft defender advanced threat protection offboarding, windows atp offboarding search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md index 86d80a5f4c..23072e7fd3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md +++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md @@ -1,7 +1,7 @@ --- title: Onboard devices to the Microsoft Defender ATP service description: Onboard Windows 10 devices, servers, non-Windows devices and learn how to run a detection test. -keywords: onboarding, windows defender advanced threat protection onboarding, windows atp onboarding, sccm, group policy, mdm, local script, detection test +keywords: onboarding, microsoft defender advanced threat protection onboarding, windows atp onboarding, sccm, group policy, mdm, local script, detection test search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md b/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md index b79820fb4a..0d98b91181 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md +++ b/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md @@ -1,7 +1,7 @@ --- title: Run a detection test on a newly onboarded Microsoft Defender ATP device description: Run the detection script on a newly onboarded device to verify that it is properly onboarded to the Microsoft Defender ATP service. -keywords: detection test, detection, powershell, script, verify, onboarding, windows defender advanced threat protection onboarding, clients, servers, test +keywords: detection test, detection, powershell, script, verify, onboarding, microsoft defender advanced threat protection onboarding, clients, servers, test search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md index 87e244ec24..11ac7f37c9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md +++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md @@ -1,7 +1,7 @@ --- title: Troubleshoot onboarding issues and error messages description: Troubleshoot onboarding issues and error message while completing setup of Microsoft Defender Advanced Threat Protection. -keywords: troubleshoot, troubleshooting, Azure Active Directory, onboarding, error message, error messages, windows defender atp +keywords: troubleshoot, troubleshooting, Azure Active Directory, onboarding, error message, error messages, microsoft defender atp search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10