deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 22:07:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge pull request #139 from MicrosoftDocs/air-edit

Browse Source 
update supported versions
This commit is contained in:
jcaparas 2019-05-08 16:38:29 -07:00 committed by GitHub
commit bad627bc77
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md
View File

@ -15,7 +15,6 @@ manager: dansimp
audience: ITPro audience: ITPro
ms.collection: M365-security-compliance ms.collection: M365-security-compliance
ms.topic: conceptual ms.topic: conceptual
ms.date: 12/04/2018
--- ---
# Overview of Automated investigations # Overview of Automated investigations
@ -34,8 +33,10 @@ The Automated investigations list shows all the investigations that have been in
Entities are the starting point for Automated investigations. When an alert contains a supported entity for Automated investigation (for example, a file) that resides on a machine that has a supported operating system for Automated investigation then an Automated investigation can start. Entities are the starting point for Automated investigations. When an alert contains a supported entity for Automated investigation (for example, a file) that resides on a machine that has a supported operating system for Automated investigation then an Automated investigation can start.
>[!NOTE] >[!NOTE]
>Currently, Automated investigation only supports Windows 10, version 1709 or later. >Currently, Automated investigation only supports the following OS versions:
>Some investigation playbooks, like memory investigations, require Windows 10, version 1709 or later. >- Windows 10, version 1709 (OS Build 16299.1085 with [KB4493441](https://support.microsoft.com/en-us/help/4493441/windows-10-update-kb4493441)) or later
>- Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/en-us/help/4493464/windows-10-update-kb4493464)) or later
>- Later versions of Windows 10
The alerts start by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view. The alerts start by analyzing the supported entities from the alert and also runs a generic machine playbook to see if there is anything else suspicious on that machine. The outcome and details from the investigation is seen in the Automated investigation view.