deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-23 22:33:41 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

add emet compare topic

Browse Source
This commit is contained in:
Iaan D'Souza-Wiltshire
2017-12-06 17:33:41 -08:00
parent e5896f3e4c
commit b922d5bd9d
7 changed files with 80 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
windows/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md
View File

@ -29,13 +29,13 @@ ms.author: iawilt
- Enterprise security administrators
Each of the four features in Windows Defender Exploit Guard allow you to review events in the Windos Event log. This is useful so you can monitor what rules or settings are working, and determine if any settings are too "noisy" or impacting your day to day workflow.
Each of the four features in Windows Defender Exploit Guard allow you to review events in the Windows Event log. This is useful so you can monitor what rules or settings are working, and determine if any settings are too "noisy" or impacting your day to day workflow.
Reviewing the events is also handy when you are evaluating the features, as you can enable audit mode for the features or settings, and then review what would have happened if they were fully enabled.
This topic lists all the events, their associated feature or setting, and describes how to create custom views to filter to specific events.
You can also get detailed reporting into Windows Defender EG events and blocks as part of the usual [alert investigation scenarios](../windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md) in the Windows Defender Security Center console, which you gain access to if you have an E5 subsciption and use [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md).
You can also get detailed reporting into Windows Defender EG events and blocks as part of the usual [alert investigation scenarios](../windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md) in the Windows Defender Security Center console, which you gain access to if you have an E5 subscription and use [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md).
## Use custom views to review Windows Defender Exploit Guard features