From ab633eaf5804865e58ed567956c4dcb0cf2e849f Mon Sep 17 00:00:00 2001 From: arcarley <52137849+arcarley@users.noreply.github.com> Date: Tue, 23 Jun 2020 11:19:09 -0700 Subject: [PATCH 01/11] Update waas-wu-settings.md Updating the chart to add the MDM corresponding to the WU UX GP. Additionally removing false information. --- windows/deployment/update/waas-wu-settings.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/windows/deployment/update/waas-wu-settings.md b/windows/deployment/update/waas-wu-settings.md index 8fa731dc2a..badac422e6 100644 --- a/windows/deployment/update/waas-wu-settings.md +++ b/windows/deployment/update/waas-wu-settings.md @@ -26,16 +26,13 @@ ms.topic: article You can use Group Policy settings or mobile device management (MDM) to configure the behavior of Windows Update (WU) on your Windows 10 devices. You can configure the update detection frequency, select when updates are received, specify the update service location and more. ->[!IMPORTANT] ->In Windows 10, any Group Policy user configuration settings for Windows Update are no longer supported on this platform. - ## Summary of Windows Update settings | Group Policy setting | MDM setting | Supported from version | | --- | --- | --- | | [Specify Intranet Microsoft update service location](#specify-intranet-microsoft-update-service-location) | [UpdateServiceUrl](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-updateserviceurl) and [UpdateServiceUrlAlternate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-updateserviceurlalternate) | All | | [Automatic Updates Detection Frequency](#automatic-updates-detection-frequency) | [DetectionFrequency](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-detectionfrequency) | 1703 | -| [Remove access to use all Windows Update features](#remove-access-to-use-all-windows-update-features) | | All | +| [Remove access to use all Windows Update features](#remove-access-to-use-all-windows-update-features) | [Update/SetDisableUXWUAccess](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-setdisableuxwuaccess)| All | | [Do not connect to any Windows Update Internet locations](#do-not-connect-to-any-windows-update-internet-locations) | | All | | [Enable client-side targeting](#enable-client-side-targeting) | | All | | [Allow signed updates from an intranet Microsoft update service location](#allow-signed-updates-from-an-intranet-microsoft-update-service-location) | [AllowNonMicrosoftSignedUpdate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-allownonmicrosoftsignedupdate) | All | From a0fdcac5c16cd3d1add557261f9bf677b74334cb Mon Sep 17 00:00:00 2001 From: Kurt Sarens <56369685+kurtsarens@users.noreply.github.com> Date: Tue, 23 Jun 2020 15:59:05 -0700 Subject: [PATCH 02/11] Update collect-diagnostic-data.md adding ref to KB for identifying Defender client version --- .../windows-defender-antivirus/collect-diagnostic-data.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md index 195c50060b..d02d11ab90 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md +++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md @@ -38,7 +38,7 @@ On at least two devices that are experiencing the same issue, obtain the .cab di 2. Navigate to the Microsoft Defender directory. By default, this is `C:\Program Files\Windows Defender`. > [!NOTE] -> If you're running an updated Microsoft Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`. +> If you're running an [updated Microsoft Defender Platform version](https://support.microsoft.com/help/4052623/update-for-microsoft-defender-antimalware-platform), please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`. 3. Type the following command, and then press **Enter** From 8c3db485bed0c0a1181e371ae2660fe5272e0bb2 Mon Sep 17 00:00:00 2001 From: Rick Munck <33725928+jmunck@users.noreply.github.com> Date: Fri, 26 Jun 2020 09:23:42 -0500 Subject: [PATCH 03/11] Update microsoft-defender-antivirus-compatibility.md --- .../microsoft-defender-antivirus-compatibility.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md index 07b211d997..1c06747e7f 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md @@ -84,7 +84,7 @@ If you are enrolled in Microsoft Defender ATP and you are using a third party an When Microsoft Defender Antivirus is automatic disabled, it can automatically re-enable if the protection offered by a third-party antivirus product expires or otherwise stops providing real-time protection from viruses, malware or other threats. This is to ensure antivirus protection is maintained on the endpoint. It also allows you to enable [limited periodic scanning](limited-periodic-scanning-microsoft-defender-antivirus.md), which uses the Microsoft Defender Antivirus engine to periodically check for threats in addition to your main antivirus app. -In passive and automatic disabled mode, you can still [manage updates for Microsoft Defender Antivirus](manage-updates-baselines-microsoft-defender-antivirus.md); however, you can't move Microsoft Defender Antivirus into the normal active mode if your endpoints have an up-to-date third-party product providing real-time protection from malware. +In passive mode, you can still [manage updates for Microsoft Defender Antivirus](manage-updates-baselines-microsoft-defender-antivirus.md); however, you can't move Microsoft Defender Antivirus into the normal active mode if your endpoints have an up-to-date third-party product providing real-time protection from malware. If you uninstall the other product, and choose to use Microsoft Defender Antivirus to provide protection to your endpoints, Microsoft Defender Antivirus will automatically return to its normal active mode. From 1d192862386aea932392f418ae3868357d662274 Mon Sep 17 00:00:00 2001 From: Jaime Ondrusek Date: Mon, 29 Jun 2020 15:47:22 -0700 Subject: [PATCH 04/11] Update waas-wu-settings.md Removed a stray en-us. --- windows/deployment/update/waas-wu-settings.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/waas-wu-settings.md b/windows/deployment/update/waas-wu-settings.md index badac422e6..83cc19c6e9 100644 --- a/windows/deployment/update/waas-wu-settings.md +++ b/windows/deployment/update/waas-wu-settings.md @@ -32,7 +32,7 @@ You can use Group Policy settings or mobile device management (MDM) to configure | --- | --- | --- | | [Specify Intranet Microsoft update service location](#specify-intranet-microsoft-update-service-location) | [UpdateServiceUrl](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-updateserviceurl) and [UpdateServiceUrlAlternate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-updateserviceurlalternate) | All | | [Automatic Updates Detection Frequency](#automatic-updates-detection-frequency) | [DetectionFrequency](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-detectionfrequency) | 1703 | -| [Remove access to use all Windows Update features](#remove-access-to-use-all-windows-update-features) | [Update/SetDisableUXWUAccess](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-setdisableuxwuaccess)| All | +| [Remove access to use all Windows Update features](#remove-access-to-use-all-windows-update-features) | [Update/SetDisableUXWUAccess](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-setdisableuxwuaccess)| All | | [Do not connect to any Windows Update Internet locations](#do-not-connect-to-any-windows-update-internet-locations) | | All | | [Enable client-side targeting](#enable-client-side-targeting) | | All | | [Allow signed updates from an intranet Microsoft update service location](#allow-signed-updates-from-an-intranet-microsoft-update-service-location) | [AllowNonMicrosoftSignedUpdate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-allownonmicrosoftsignedupdate) | All | From c2d42eb946d91801242054275fc276d8035f14b8 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 29 Jun 2020 15:49:49 -0700 Subject: [PATCH 05/11] Update collect-diagnostic-data.md --- .../microsoft-defender-antivirus/collect-diagnostic-data.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md index 990a685d98..840b26d06e 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md @@ -12,7 +12,7 @@ ms.localizationpriority: medium author: denisebmsft ms.author: deniseb ms.custom: nextgen -ms.date: 06/10/2020 +ms.date: 06/29/2020 ms.reviewer: manager: dansimp --- From ff6441d6fd2ff969c5cdaed28692a5c8250c12ef Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Mon, 29 Jun 2020 15:51:05 -0700 Subject: [PATCH 06/11] Corrected broken "Warning" note... and made a couple of other corrections. --- .../mdm/mdm-enrollment-of-windows-devices.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md b/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md index 8d199d824e..7b8e606d40 100644 --- a/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md +++ b/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md @@ -324,7 +324,7 @@ To connect your devices to MDM using deep links: 1. Starting with Windows 10, version 1607, create a link to launch the built-in enrollment app using the URI **ms-device-enrollment:?mode=mdm**, and user-friendly display text, such as **Click here to connect Windows to work**: - > (Be aware that this will launch the flow equivalent to the Enroll into the device management option in Windows 10, version 1511.) + (Be aware that this will launch the flow equivalent to the Enroll into the device management option in Windows 10, version 1511.) - IT admins can add this link to a welcome email that users can select to enroll into MDM. @@ -340,7 +340,8 @@ To connect your devices to MDM using deep links: 3. If the device finds an endpoint that only supports on-premises authentication, this page will change and ask you for your password. If the device finds an MDM endpoint that supports federated authentication, you’ll be presented with a new window that will ask you for additional authentication information. Based on IT policy, you may also be prompted to provide a second factor of authentication at this point. -After you complete the flow, your device will be connected to your organization’s MDM. + After you complete the flow, your device will be connected to your organization's MDM. + ![corporate sign in](images/deeplinkenrollment4.png) ## Manage connections @@ -374,7 +375,7 @@ The **Disconnect** button can be found on all work connections. Generally, selec - Devices that enforce the AllowManualMDMUnenrollment policy will not allow users to remove MDM enrollments. These connections must be removed by a server-initiated unenroll command. - On mobile devices, you cannot disconnect from Azure AD. These connections can only be removed by wiping the device. -> [!WARNING]   +> [!WARNING] > Disconnecting might result in the loss of data on the device. ## Collecting diagnostic logs From ba077bafa64a46bfd8d30791ad538ec5134a43ef Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Mon, 29 Jun 2020 17:36:36 -0700 Subject: [PATCH 07/11] move sections around --- .../next-gen-threat-and-vuln-mgt.md | 14 +++++- .../threat-and-vuln-mgt-scenarios.md | 45 ------------------- .../tvm-security-recommendation.md | 40 ++++++++++++++++- 3 files changed, 51 insertions(+), 48 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index b51e526c2d..882bfcb8b0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -91,7 +91,19 @@ Ensure that your devices: - Are onboarded to Microsoft Intune and Microsoft Endpoint Configuration Manager. If you are using Configuration Manager, update your console to the latest version. - Have at least one security recommendation that can be viewed in the device page -- Are tagged or marked as co-managed +- Are tagged or marked as co-managed + +## APIs + +Run Threat & Vulnerability Management-related API calls such as get your organization's threat exposure score or device secure score, software and device vulnerability inventory, software version distribution, device vulnerability information, security recommendation information. Learn more from this [Microsoft Tech Community blog post](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/threat-amp-vulnerability-management-apis-are-now-generally/ba-p/1304615). +See the following topics for related APIs: + +- [Supported Microsoft Defender ATP APIs](exposed-apis-list.md) +- [Machine APIs](machine.md) +- [Recommendation APIs](vulnerability.md) +- [Score APIs](score.md) +- [Software APIs](software.md) +- [Vulnerability APIs](vulnerability.md) ## Related topics diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md index b099ac0a4c..7580afe46e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md @@ -27,18 +27,6 @@ ms.topic: article [!include[Prerelease information](../../includes/prerelease.md)] -## APIs - -Run Threat & Vulnerability Management-related API calls such as get your organization's threat exposure score or device secure score, software and device vulnerability inventory, software version distribution, device vulnerability information, security recommendation information. Learn more from this [Microsoft Tech Community blog post](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/threat-amp-vulnerability-management-apis-are-now-generally/ba-p/1304615). -See the following topics for related APIs: - -- [Supported Microsoft Defender ATP APIs](exposed-apis-list.md) -- [Machine APIs](machine.md) -- [Recommendation APIs](vulnerability.md) -- [Score APIs](score.md) -- [Software APIs](software.md) -- [Vulnerability APIs](vulnerability.md) - ## Use advanced hunting query to search for devices with High active alerts or critical CVE public exploit 1. Go to **Advanced hunting** from the left-hand navigation pane of the Microsoft Defender Security Center. @@ -62,40 +50,7 @@ DeviceName=any(DeviceName) by DeviceId, AlertId ``` -## Find and remediate software or software versions which have reached end-of-support (EOS) -End-of-support (otherwise known as end-of-life) for software or software versions means that they will no longer be supported or serviced, and will not receive security updates. When you use software or software versions which have reached end-of-support, you're exposing your organization to security vulnerabilities, legal, and financial risks. - -It is crucial for Security and IT Administrators to work together and ensure that the organization's software inventory is configured for optimal results, compliance, and a healthy network ecosystem. They should examine the options to remove or replace apps that have reached end of support, and update versions that have reached end of support. It is best to create and implement a plan **before** the end of support dates. - -To find software or software versions which have reached end-of-support: - -1. From the Threat & Vulnerability Management menu, navigate to **Security recommendations**. -2. Go to the **Filters** panel and look for the tags section. Select one or more of the EOS tag options. Then **Apply**. - - ![Screenshot tags that say EOS software, EOS versions, and Upcoming EOS versions](images/tvm-eos-tag.png) - -3. You will see a list recommendations related to software that is end of support, software versions that are end of support, or upcoming end of support versions. These tags are also visible in the [software inventory](tvm-software-inventory.md) page. - - ![Screenshot tags that say EOS software, EOS versions, and Upcoming EOS versions](images/tvm-eos-tags-column.png) - -### List of versions and dates - -To view a list of version that have reached end of support, or end or support soon, and those dates, follow the below steps: - -1. For software that has versions which have reached end of support, or will reach end of support soon, a message will appear in the flyout once the security recommendation is selected. - - ![Screenshot of version distribution link](images/eos-upcoming-eos.png) - -2. Select the **version distribution** link to go to the software drill down page. There, you can see a filtered list of versions with tags identifying them as end of support, or upcoming end of support. - - ![Screenshot of version distribution link](images/software-drilldown-eos.png) - -3. Select one of the versions in the table to open. For example, version 10.0.18362.1. A flyout will appear with the end of support date. - - ![Screenshot of version distribution link](images/version-eos-date.png) - -After you have identified which software and software versions are vulnerable due to its end-of-support status, remediate them to lower your organizations exposure to vulnerabilities and advanced persistent threats. See [Remediation and exception](tvm-remediation.md) for details. ## Related topics diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md index f32f8abb06..e940efeeed 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md @@ -90,9 +90,9 @@ From the flyout, you can do any of the following: - **Open software page** - Open the software page to get more context on the software and how it is distributed. The information can include threat context, associated recommendations, weaknesses discovered, number of exposed devices, discovered vulnerabilities, names and detailed of devices with the software installed, and version distribution. -- **Remediation options** - Submit a remediation request to open a ticket in Microsoft Intune for your IT Administrator to pick up and address. +- [**Remediation options**](tvm-security-recommendation.md#request-remediation) - Submit a remediation request to open a ticket in Microsoft Intune for your IT Administrator to pick up and address. -- **Exception options** - Submit an exception, provide justification, and set exception duration if you can't remediate the issue just yet. +- [**Exception options**](tvm-security-recommendation.md#file-for-exception) - Submit an exception, provide justification, and set exception duration if you can't remediate the issue just yet. >[!NOTE] >When a change is made on a device, it may take up to two hours for the data to be reflected in the Microsoft Defender Security Center. @@ -163,6 +163,42 @@ You can report a false positive when you see any vague, inaccurate, incomplete, 4. Select **Submit**. Your feedback is immediately sent to the Threat & Vulnerability Management experts. +## Find and remediate software or software versions which have reached end-of-support (EOS) + +End-of-support (otherwise known as end-of-life) for software or software versions means that they will no longer be supported or serviced, and will not receive security updates. When you use software or software versions which have reached end-of-support, you're exposing your organization to security vulnerabilities, legal, and financial risks. + +It is crucial for Security and IT Administrators to work together and ensure that the organization's software inventory is configured for optimal results, compliance, and a healthy network ecosystem. They should examine the options to remove or replace apps that have reached end of support, and update versions that have reached end of support. It is best to create and implement a plan **before** the end of support dates. + +To find software or software versions which have reached end-of-support: + +1. From the Threat & Vulnerability Management menu, navigate to **Security recommendations**. +2. Go to the **Filters** panel and look for the tags section. Select one or more of the EOS tag options. Then **Apply**. + + ![Screenshot tags that say EOS software, EOS versions, and Upcoming EOS versions](images/tvm-eos-tag.png) + +3. You will see a list recommendations related to software that is end of support, software versions that are end of support, or upcoming end of support versions. These tags are also visible in the [software inventory](tvm-software-inventory.md) page. + + ![Screenshot tags that say EOS software, EOS versions, and Upcoming EOS versions](images/tvm-eos-tags-column.png) + +### List of versions and dates + +To view a list of version that have reached end of support, or end or support soon, and those dates, follow the below steps: + +1. For software that has versions which have reached end of support, or will reach end of support soon, a message will appear in the flyout once the security recommendation is selected. + + ![Screenshot of version distribution link](images/eos-upcoming-eos.png) + +2. Select the **version distribution** link to go to the software drill down page. There, you can see a filtered list of versions with tags identifying them as end of support, or upcoming end of support. + + ![Screenshot of version distribution link](images/software-drilldown-eos.png) + +3. Select one of the versions in the table to open. For example, version 10.0.18362.1. A flyout will appear with the end of support date. + + ![Screenshot of version distribution link](images/version-eos-date.png) + +After you have identified which software and software versions are vulnerable due to its end-of-support status, remediate them to lower your organizations exposure to vulnerabilities and advanced persistent threats. + + ## Related topics - [Threat & Vulnerability Management overview](next-gen-threat-and-vuln-mgt.md) From de8c42f97fd680a9ddc6396e7c5145682e0a02be Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Mon, 29 Jun 2020 17:37:02 -0700 Subject: [PATCH 08/11] delete space --- .../microsoft-defender-atp/tvm-security-recommendation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md index e940efeeed..14ffe3083e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md @@ -196,7 +196,7 @@ To view a list of version that have reached end of support, or end or support so ![Screenshot of version distribution link](images/version-eos-date.png) -After you have identified which software and software versions are vulnerable due to its end-of-support status, remediate them to lower your organizations exposure to vulnerabilities and advanced persistent threats. +After you have identified which software and software versions are vulnerable due to its end-of-support status, remediate them to lower your organizations exposure to vulnerabilities and advanced persistent threats. ## Related topics From fc3e88b88108dd5994dd5a23ece7541af399c4cf Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Mon, 29 Jun 2020 17:37:26 -0700 Subject: [PATCH 09/11] delete more spaces --- .../microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md index 7580afe46e..791dcee0ba 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md @@ -50,8 +50,6 @@ DeviceName=any(DeviceName) by DeviceId, AlertId ``` - - ## Related topics - [Threat & Vulnerability Management overview](next-gen-threat-and-vuln-mgt.md) From 706a02383293dc996d5cca9d361a7afff2892294 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Mon, 29 Jun 2020 17:54:22 -0700 Subject: [PATCH 10/11] moved apis link --- .../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md | 2 +- .../microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md | 2 +- .../microsoft-defender-atp/tvm-dashboard-insights.md | 2 +- .../microsoft-defender-atp/tvm-exposure-score.md | 2 +- .../threat-protection/microsoft-defender-atp/tvm-remediation.md | 2 +- .../microsoft-defender-atp/tvm-security-recommendation.md | 2 +- .../microsoft-defender-atp/tvm-software-inventory.md | 2 +- .../microsoft-defender-atp/tvm-supported-os.md | 2 +- .../threat-protection/microsoft-defender-atp/tvm-weaknesses.md | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md index 882bfcb8b0..7a336fa1a5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md +++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md @@ -116,6 +116,6 @@ See the following topics for related APIs: - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) - [Scenarios](threat-and-vuln-mgt-scenarios.md) -- [APIs](threat-and-vuln-mgt-scenarios.md#apis) +- [APIs](next-gen-threat-and-vuln-mgt.md#apis) - [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) - [BLOG: Microsoft's Threat & Vulnerability Management now helps thousands of customers to discover, prioritize, and remediate vulnerabilities in real time](https://www.microsoft.com/security/blog/2019/07/02/microsofts-threat-vulnerability-management-now-helps-thousands-of-customers-to-discover-prioritize-and-remediate-vulnerabilities-in-real-time/) diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md index 791dcee0ba..aa09248fe1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md @@ -61,7 +61,7 @@ DeviceName=any(DeviceName) by DeviceId, AlertId - [Remediation and exception](tvm-remediation.md) - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) -- [APIs](threat-and-vuln-mgt-scenarios.md#apis) +- [APIs](next-gen-threat-and-vuln-mgt.md#apis) - [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) - [Advanced hunting overview](overview-hunting.md) - [All advanced hunting tables](advanced-hunting-reference.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md index 907fbf1634..f3e37477b9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md @@ -94,5 +94,5 @@ See [Microsoft Defender ATP icons](portal-overview.md#microsoft-defender-atp-ico - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) - [Scenarios](threat-and-vuln-mgt-scenarios.md) -- [APIs](threat-and-vuln-mgt-scenarios.md#apis) +- [APIs](next-gen-threat-and-vuln-mgt.md#apis) - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md index 3e920228a6..43b92d5790 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md @@ -62,5 +62,5 @@ Lower your threat and vulnerability exposure by remediating [security recommenda - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) - [Scenarios](threat-and-vuln-mgt-scenarios.md) -- [APIs](threat-and-vuln-mgt-scenarios.md#apis) +- [APIs](next-gen-threat-and-vuln-mgt.md#apis) - [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md index bb9818de99..b896af9637 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md @@ -104,5 +104,5 @@ Select **Show exceptions** at the bottom of the **Top security recommendations** - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) - [Scenarios](threat-and-vuln-mgt-scenarios.md) -- [APIs](threat-and-vuln-mgt-scenarios.md#apis) +- [APIs](next-gen-threat-and-vuln-mgt.md#apis) - [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md index 14ffe3083e..f6fa46930d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md @@ -210,5 +210,5 @@ After you have identified which software and software versions are vulnerable du - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) - [Scenarios](threat-and-vuln-mgt-scenarios.md) -- [APIs](threat-and-vuln-mgt-scenarios.md#apis) +- [APIs](next-gen-threat-and-vuln-mgt.md#apis) - [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) \ No newline at end of file diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md index 381bdcdf15..71a557d488 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md @@ -85,5 +85,5 @@ You can report a false positive when you see any vague, inaccurate version, inco - [Remediation and exception](tvm-remediation.md) - [Weaknesses](tvm-weaknesses.md) - [Scenarios](threat-and-vuln-mgt-scenarios.md) -- [APIs](threat-and-vuln-mgt-scenarios.md#apis) +- [APIs](next-gen-threat-and-vuln-mgt.md#apis) - [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md index 0842174b9a..849743a1aa 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md @@ -52,5 +52,5 @@ Some of the above prerequisites might be different from the [Minimum requirement - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) - [Scenarios](threat-and-vuln-mgt-scenarios.md) -- [APIs](threat-and-vuln-mgt-scenarios.md#apis) +- [APIs](next-gen-threat-and-vuln-mgt.md#apis) - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md index 86a8667ca9..29ac035edd 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md @@ -132,5 +132,5 @@ You can report a false positive when you see any vague, inaccurate, incomplete, - [Remediation and exception](tvm-remediation.md) - [Software inventory](tvm-software-inventory.md) - [Scenarios](threat-and-vuln-mgt-scenarios.md) -- [APIs](threat-and-vuln-mgt-scenarios.md#apis) +- [APIs](next-gen-threat-and-vuln-mgt.md#apis) - [Configure data access for Threat & Vulnerability Management roles](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) \ No newline at end of file From 172aa1b5dcb4a97d4a4cf67982c3492d547463df Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Mon, 29 Jun 2020 18:09:54 -0700 Subject: [PATCH 11/11] change link in config score --- .../microsoft-defender-atp/configuration-score.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md index 0577df46b2..4cfed0c928 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configuration-score.md @@ -91,5 +91,5 @@ You can improve your security configuration when you remediate issues from the s - [Software inventory](tvm-software-inventory.md) - [Weaknesses](tvm-weaknesses.md) - [Scenarios](threat-and-vuln-mgt-scenarios.md) -- [APIs](threat-and-vuln-mgt-scenarios.md#apis) +- [APIs](next-gen-threat-and-vuln-mgt.md#apis) - [Configure data access for Threat & Vulnerability Management roles](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/user-roles#create-roles-and-assign-the-role-to-an-azure-active-directory-group)