diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 8b579bcc9a..3a1adba324 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -70,7 +70,6 @@ ##### [Threat analytics dashboard](windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection.md) #### [Advanced hunting](windows-defender-atp/overview-hunting-windows-defender-advanced-threat-protection.md) #### [Management and APIs](windows-defender-atp/management-apis.md) - ##### [Supported Windows Defender ATP APIs](windows-defender-atp/supported-apis-windows-defender-advanced-threat-protection.md) ######Actor ####### [Get actor information](windows-defender-atp/get-actor-information-windows-defender-advanced-threat-protection.md) @@ -262,7 +261,7 @@ #### [Configure Security score dashboard security controls](windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md) - +#### API and SIEM support ##### [Pull alerts to your SIEM tools](windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md) ###### [Enable SIEM integration](windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection.md) ###### [Configure Splunk to pull alerts](windows-defender-atp/configure-splunk-windows-defender-advanced-threat-protection.md) @@ -272,8 +271,6 @@ ###### [Troubleshoot SIEM tool integration issues](windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md) - - ##### [Use the threat intelligence API to create custom alerts](windows-defender-atp/use-custom-ti-windows-defender-advanced-threat-protection.md) ###### [Understand threat intelligence concepts](windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection.md) @@ -284,12 +281,12 @@ ###### [Experiment with custom threat intelligence alerts](windows-defender-atp/experiment-custom-ti-windows-defender-advanced-threat-protection.md) ###### [Troubleshoot custom threat intelligence issues](windows-defender-atp/troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md) -#####Reporting +##### Reporting ###### [Create and build Power BI reports using Windows Defender ATP data](windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md) #### [Configure Windows Defender Security Center settings](windows-defender-atp/preferences-setup-windows-defender-advanced-threat-protection.md) -#####General +##### General ###### [Update data retention settings](windows-defender-atp/data-retention-settings-windows-defender-advanced-threat-protection.md) ###### [Configure alert notifications](windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md) ###### [Enable and create Power BI reports using Windows Defender Security center data](windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection.md) @@ -300,7 +297,7 @@ ###### [Manage portal access using RBAC](windows-defender-atp/rbac-windows-defender-advanced-threat-protection.md) ###### [Create and manage machine groups](windows-defender-atp/machine-groups-windows-defender-advanced-threat-protection.md) -#####APIs +##### APIs ###### [Enable Threat intel](windows-defender-atp/enable-custom-ti-windows-defender-advanced-threat-protection.md) ###### [Enable SIEM integration](windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection.md) diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md index 780e22f0db..70d9e98f1f 100644 --- a/windows/security/threat-protection/windows-defender-atp/TOC.md +++ b/windows/security/threat-protection/windows-defender-atp/TOC.md @@ -12,8 +12,7 @@ #### [Network firewall](../windows-firewall/windows-firewall-with-advanced-security.md) ### [Next generation protection](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md) ### [Endpoint detection and response](overview-endpoint-detection-response.md) -#### [Security operations dashboard](security-operations-dashboard-windows-defender-advanced-threat-protection.md) -####Alerts queue +#### Alerts queue ##### [View and organize the Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md) ##### [Manage alerts](manage-alerts-windows-defender-advanced-threat-protection.md) ##### [Investigate alerts](investigate-alerts-windows-defender-advanced-threat-protection.md) @@ -22,7 +21,7 @@ ##### [Investigate an IP address](investigate-ip-windows-defender-advanced-threat-protection.md) ##### [Investigate a domain](investigate-domain-windows-defender-advanced-threat-protection.md) ##### [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection.md) -####Machines list +#### Machines list ##### [View and organize the Machines list](machines-view-overview-windows-defender-advanced-threat-protection.md) ##### [Manage machine group and tags](investigate-machines-windows-defender-advanced-threat-protection.md#manage-machine-group-and-tags) ##### [Alerts related to this machine](investigate-machines-windows-defender-advanced-threat-protection.md#alerts-related-to-this-machine) @@ -56,6 +55,8 @@ ###### [View deep analysis reports](respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports) ###### [Troubleshoot deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis) +#### [Security operations dashboard](security-operations-dashboard-windows-defender-advanced-threat-protection.md) + ### [Auto investigation](automated-investigations-windows-defender-advanced-threat-protection.md) ### [Secure score](overview-secure-score-windows-defender-advanced-threat-protection.md) #### [Threat analytics](threat-analytics-dashboard-windows-defender-advanced-threat-protection.md) @@ -276,7 +277,8 @@ ### [Configure Security score dashboard security controls](secure-score-dashboard-windows-defender-advanced-threat-protection.md) -### [Management and APIs](management-apis.md) + +### API and SIEM support #### [Pull alerts to your SIEM tools](configure-siem-windows-defender-advanced-threat-protection.md) ##### [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md) ##### [Configure Splunk to pull alerts](configure-splunk-windows-defender-advanced-threat-protection.md) diff --git a/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md index d35ae789e5..6c6075aecc 100644 --- a/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md @@ -13,7 +13,7 @@ ms.localizationpriority: medium ms.date: 05/21/2018 --- -# Use Automated investigations to investigate and remediate threats +# Overview of Automated investigations >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-automated-investigations-abovefoldlink)