deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-30 22:27:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

fix link

Browse Source
This commit is contained in:
Beth Levin 2019-05-16 11:07:13 -07:00
parent ff7125a664
commit b846412493
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
View File

@ -15,7 +15,6 @@ manager: dansimp
audience: ITPro audience: ITPro
ms.collection: M365-security-compliance ms.collection: M365-security-compliance
ms.topic: article ms.topic: article
ms.date: 02/28/2019
--- ---
# Configure and manage Microsoft Threat Experts capabilities # Configure and manage Microsoft Threat Experts capabilities
@ -54,8 +53,7 @@ You can receive targeted attack notification from Microsoft Threat Experts throu
To receive targeted attack notifications through email, you need to create an email notification rule. To receive targeted attack notifications through email, you need to create an email notification rule.
### Create an email notification rule ### Create an email notification rule
You can create rules to send email notifications for notification recipients. See [Configure alert notifications](configure-email-notifications-windows-defender-advanced-threat-protection.md) to create, edit, delete, or troubleshoot email notification, for details. You can create rules to send email notifications for notification recipients. See [Configure alert notifications](configure-email-notifications.md) to create, edit, delete, or troubleshoot email notification, for details.
## View the targeted attack notification ## View the targeted attack notification
You'll start receiving targeted attack notification from Microsoft Threat Experts in your email after you have configured your system to receive email notification. You'll start receiving targeted attack notification from Microsoft Threat Experts in your email after you have configured your system to receive email notification.
@ -104,6 +102,7 @@ You can partner with Microsoft Threat Experts who can be engaged directly from w
f. Review the summary of your support request, and update if necessary. Make sure that you read and understand the **Microsoft Services Agreement** and **Privacy Statement**. Then, click **Submit**. You will see the confirmation page indicating the response time and your support request number. <br> f. Review the summary of your support request, and update if necessary. Make sure that you read and understand the **Microsoft Services Agreement** and **Privacy Statement**. Then, click **Submit**. You will see the confirmation page indicating the response time and your support request number. <br>
## Sample questions to ask Microsoft Threat Experts ## Sample questions to ask Microsoft Threat Experts
**Alert information** **Alert information**
- We see a new type of alert for a living-off-the-land binary: [AlertID]. Can you tell us something more about this alert and how we can investigate further? - We see a new type of alert for a living-off-the-land binary: [AlertID]. Can you tell us something more about this alert and how we can investigate further?
- Weve observed two similar attacks which try to execute malicious PowerShell scripts but generate different alerts. One is "Suspicious Powershell command line" and the other is "A malicious file was detected based on indication provided by O365". What is the difference? - Weve observed two similar attacks which try to execute malicious PowerShell scripts but generate different alerts. One is "Suspicious Powershell command line" and the other is "A malicious file was detected based on indication provided by O365". What is the difference?