mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-27 20:57:23 +00:00
Merged PR 7466: Fixing WD ATP ToC
This commit is contained in:
Justin Hall
commit
bb779c2f7d
@ -509,7 +509,7 @@ If you set this policy, the GroupID policy will be ignored.
|
||||
|
||||
The options set in this policy only apply to Group (2) download mode. If Group (2) isn't set as Download mode, this policy will be ignored.
|
||||
|
||||
For option 4 - DHCP Option ID, the client will query DHCP Option ID 234 and use the returned GUID value as the Group ID.
|
||||
For option 3 - DHCP Option ID, the client will query DHCP Option ID 234 and use the returned GUID value as the Group ID.
|
||||
|
||||
<!--/Description-->
|
||||
<!--ADMXMapped-->
|
||||
|
||||
@ -1,173 +1,200 @@
|
||||
# [Windows Defender Advanced Threat Protection](windows-defender-advanced-threat-protection.md)
|
||||
|
||||
##Get started
|
||||
## [Minimum requirements](minimum-requirements-windows-defender-advanced-threat-protection.md)
|
||||
## [Validate licensing and complete setup](licensing-windows-defender-advanced-threat-protection.md)
|
||||
## [Troubleshoot subscription and portal access issues](troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md)
|
||||
## [Preview features](preview-windows-defender-advanced-threat-protection.md)
|
||||
## [Data storage and privacy](data-storage-privacy-windows-defender-advanced-threat-protection.md)
|
||||
## [Assign user access to the portal](assign-portal-access-windows-defender-advanced-threat-protection.md)
|
||||
## [Onboard endpoints and set up access](onboard-configure-windows-defender-advanced-threat-protection.md)
|
||||
## [Configure client endpoints](configure-endpoints-windows-defender-advanced-threat-protection.md)
|
||||
### [Configure endpoints using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md)
|
||||
### [Configure endpoints using System Center Configuration Manager](configure-endpoints-sccm-windows-defender-advanced-threat-protection.md)
|
||||
### [Configure endpoints using Mobile Device Management tools](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md)
|
||||
#### [Configure endpoints using Microsoft Intune](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md#configure-endpoints-using-microsoft-intune)
|
||||
### [Configure endpoints using a local script](configure-endpoints-script-windows-defender-advanced-threat-protection.md)
|
||||
### [Configure non-persistent virtual desktop infrastructure (VDI) machines](configure-endpoints-vdi-windows-defender-advanced-threat-protection.md)
|
||||
## [Configure server endpoints](configure-server-endpoints-windows-defender-advanced-threat-protection.md)
|
||||
## [Configure non-Windows endpoints](configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md)
|
||||
## [Run a detection test on a newly onboarded endpoint](run-detection-test-windows-defender-advanced-threat-protection.md)
|
||||
## [Configure proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)
|
||||
## [Troubleshoot onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md)
|
||||
### [Minimum requirements](minimum-requirements-windows-defender-advanced-threat-protection.md)
|
||||
### [Validate licensing and complete setup](licensing-windows-defender-advanced-threat-protection.md)
|
||||
### [Troubleshoot subscription and portal access issues](troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md)
|
||||
### [Preview features](preview-windows-defender-advanced-threat-protection.md)
|
||||
### [Data storage and privacy](data-storage-privacy-windows-defender-advanced-threat-protection.md)
|
||||
### [Assign user access to the portal](assign-portal-access-windows-defender-advanced-threat-protection.md)
|
||||
## [Onboard machines](onboard-configure-windows-defender-advanced-threat-protection.md)
|
||||
### [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md)
|
||||
#### [Onboard machines using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md)
|
||||
#### [Onboard machines using System Center Configuration Manager](configure-endpoints-sccm-windows-defender-advanced-threat-protection.md)
|
||||
#### [Onboard machines using Mobile Device Management tools](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md)
|
||||
##### [Onboard machines using Microsoft Intune](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md#onboard-windows-10-machines-using-microsoft-intune)
|
||||
#### [Onboard machines using a local script](configure-endpoints-script-windows-defender-advanced-threat-protection.md)
|
||||
#### [Onboard non-persistent virtual desktop infrastructure (VDI) machines](configure-endpoints-vdi-windows-defender-advanced-threat-protection.md)
|
||||
### [Onboard servers](configure-server-endpoints-windows-defender-advanced-threat-protection.md)
|
||||
### [Onboard non-Windows machines](configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md)
|
||||
### [Run a detection test on a newly onboarded machine](run-detection-test-windows-defender-advanced-threat-protection.md)
|
||||
### [Run simulated attacks on machines](attack-simulations-windows-defender-advanced-threat-protection.md)
|
||||
### [Configure proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)
|
||||
### [Troubleshoot onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md)
|
||||
## [Understand the Windows Defender ATP portal](use-windows-defender-advanced-threat-protection.md)
|
||||
## [Portal overview](portal-overview-windows-defender-advanced-threat-protection.md)
|
||||
## [View the Security operations dashboard](dashboard-windows-defender-advanced-threat-protection.md)
|
||||
## [View the Security analytics dashboard](security-analytics-dashboard-windows-defender-advanced-threat-protection.md)
|
||||
### [Portal overview](portal-overview-windows-defender-advanced-threat-protection.md)
|
||||
### [View the Security operations dashboard](security-operations-dashboard-windows-defender-advanced-threat-protection.md)
|
||||
### [View the Secure Score dashboard and improve your secure score](secure-score-dashboard-windows-defender-advanced-threat-protection.md)
|
||||
### [View the Threat analytics dashboard and take recommended mitigation actions](threat-analytics-dashboard-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
##Investigate and remediate threats
|
||||
##Alerts queue
|
||||
### [View and organize the Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md)
|
||||
### [Manage alerts](manage-alerts-windows-defender-advanced-threat-protection.md)
|
||||
### [Investigate alerts](investigate-alerts-windows-defender-advanced-threat-protection.md)
|
||||
### [Investigate files](investigate-files-windows-defender-advanced-threat-protection.md)
|
||||
### [Investigate machines](investigate-machines-windows-defender-advanced-threat-protection.md)
|
||||
### [Investigate an IP address](investigate-ip-windows-defender-advanced-threat-protection.md)
|
||||
### [Investigate a domain](investigate-domain-windows-defender-advanced-threat-protection.md)
|
||||
### [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
##Machines list
|
||||
### [View and organize the Machines list](machines-view-overview-windows-defender-advanced-threat-protection.md)
|
||||
### [Manage machine group and tags](investigate-machines-windows-defender-advanced-threat-protection.md#manage-machine-group-and-tags)
|
||||
### [Alerts related to this machine](investigate-machines-windows-defender-advanced-threat-protection.md#alerts-related-to-this-machine)
|
||||
### [Machine timeline](investigate-machines-windows-defender-advanced-threat-protection.md#machine-timeline)
|
||||
#### [Search for specific events](investigate-machines-windows-defender-advanced-threat-protection.md#search-for-specific-events)
|
||||
#### [Filter events from a specific date](investigate-machines-windows-defender-advanced-threat-protection.md#filter-events-from-a-specific-date)
|
||||
#### [Export machine timeline events](investigate-machines-windows-defender-advanced-threat-protection.md#export-machine-timeline-events)
|
||||
#### [Navigate between pages](investigate-machines-windows-defender-advanced-threat-protection.md#navigate-between-pages)
|
||||
###Alerts queue
|
||||
#### [View and organize the Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md)
|
||||
#### [Manage alerts](manage-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#### [Investigate alerts](investigate-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#### [Investigate files](investigate-files-windows-defender-advanced-threat-protection.md)
|
||||
#### [Investigate machines](investigate-machines-windows-defender-advanced-threat-protection.md)
|
||||
#### [Investigate an IP address](investigate-ip-windows-defender-advanced-threat-protection.md)
|
||||
#### [Investigate a domain](investigate-domain-windows-defender-advanced-threat-protection.md)
|
||||
#### [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
## [Take response actions](response-actions-windows-defender-advanced-threat-protection.md)
|
||||
### [Take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#### [Collect investigation package](respond-machine-alerts-windows-defender-advanced-threat-protection.md#collect-investigation-package-from-machines)
|
||||
### [Run antivirus scan](respond-machine-alerts-windows-defender-advanced-threat-protection.md#run-windows-defender-antivirus-scan-on-machines)
|
||||
### [Restrict app execution](respond-machine-alerts-windows-defender-advanced-threat-protection.md#restrict-app-execution)
|
||||
### [Remove app restriction](respond-machine-alerts-windows-defender-advanced-threat-protection.md#remove-app-restriction)
|
||||
### [Isolate machines from the network](respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network)
|
||||
### [Release machine from isolation](respond-machine-alerts-windows-defender-advanced-threat-protection.md#release-machine-from-isolation)
|
||||
### [Check activity details in Action center](respond-machine-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center)
|
||||
### [Take response actions on a file](respond-file-alerts-windows-defender-advanced-threat-protection.md)
|
||||
### [Stop and quarantine files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#stop-and-quarantine-files-in-your-network)
|
||||
### [Remove file from quarantine](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-quarantine)
|
||||
### [Block files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#block-files-in-your-network)
|
||||
### [Remove file from blocked list](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-blocked-list)
|
||||
### [Check activity details in Action center](respond-file-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center)
|
||||
### [Deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#deep-analysis)
|
||||
#### [Submit files for analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#submit-files-for-analysis)
|
||||
#### [View deep analysis reports](respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports)
|
||||
#### [Troubleshoot deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis)
|
||||
|
||||
|
||||
###Machines list
|
||||
#### [View and organize the Machines list](machines-view-overview-windows-defender-advanced-threat-protection.md)
|
||||
#### [Manage machine group and tags](investigate-machines-windows-defender-advanced-threat-protection.md#manage-machine-group-and-tags)
|
||||
#### [Alerts related to this machine](investigate-machines-windows-defender-advanced-threat-protection.md#alerts-related-to-this-machine)
|
||||
#### [Machine timeline](investigate-machines-windows-defender-advanced-threat-protection.md#machine-timeline)
|
||||
##### [Search for specific events](investigate-machines-windows-defender-advanced-threat-protection.md#search-for-specific-events)
|
||||
##### [Filter events from a specific date](investigate-machines-windows-defender-advanced-threat-protection.md#filter-events-from-a-specific-date)
|
||||
##### [Export machine timeline events](investigate-machines-windows-defender-advanced-threat-protection.md#export-machine-timeline-events)
|
||||
##### [Navigate between pages](investigate-machines-windows-defender-advanced-threat-protection.md#navigate-between-pages)
|
||||
|
||||
|
||||
### [Take response actions](response-actions-windows-defender-advanced-threat-protection.md)
|
||||
#### [Take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md)
|
||||
##### [Collect investigation package](respond-machine-alerts-windows-defender-advanced-threat-protection.md#collect-investigation-package-from-machines)
|
||||
##### [Run antivirus scan](respond-machine-alerts-windows-defender-advanced-threat-protection.md#run-windows-defender-antivirus-scan-on-machines)
|
||||
##### [Restrict app execution](respond-machine-alerts-windows-defender-advanced-threat-protection.md#restrict-app-execution)
|
||||
##### [Remove app restriction](respond-machine-alerts-windows-defender-advanced-threat-protection.md#remove-app-restriction)
|
||||
##### [Isolate machines from the network](respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network)
|
||||
##### [Release machine from isolation](respond-machine-alerts-windows-defender-advanced-threat-protection.md#release-machine-from-isolation)
|
||||
##### [Check activity details in Action center](respond-machine-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center)
|
||||
#### [Take response actions on a file](respond-file-alerts-windows-defender-advanced-threat-protection.md)
|
||||
##### [Stop and quarantine files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#stop-and-quarantine-files-in-your-network)
|
||||
##### [Remove file from quarantine](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-quarantine)
|
||||
##### [Block files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#block-files-in-your-network)
|
||||
##### [Remove file from blocked list](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-blocked-list)
|
||||
##### [Check activity details in Action center](respond-file-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center)
|
||||
##### [Deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#deep-analysis)
|
||||
###### [Submit files for analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#submit-files-for-analysis)
|
||||
###### [View deep analysis reports](respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports)
|
||||
###### [Troubleshoot deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis)
|
||||
|
||||
### [Use Automated investigation to investigate and remediate threats](automated-investigations-windows-defender-advanced-threat-protection.md)
|
||||
### [Query data using Advanced hunting](advanced-hunting-windows-defender-advanced-threat-protection.md)
|
||||
#### [Advanced hunting reference](advanced-hunting-reference-windows-defender-advanced-threat-protection.md)
|
||||
#### [Advanced hunting query language best practices](advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
##API and SIEM support
|
||||
## [Pull alerts to your SIEM tools](configure-siem-windows-defender-advanced-threat-protection.md)
|
||||
### [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md)
|
||||
### [Configure Splunk to pull alerts](configure-splunk-windows-defender-advanced-threat-protection.md)
|
||||
### [Configure HP ArcSight to pull alerts](configure-arcsight-windows-defender-advanced-threat-protection.md)
|
||||
### [Windows Defender ATP alert API fields](api-portal-mapping-windows-defender-advanced-threat-protection.md)
|
||||
### [Pull alerts using REST API](pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md)
|
||||
### [Troubleshoot SIEM tool integration issues](troubleshoot-siem-windows-defender-advanced-threat-protection.md)
|
||||
### [Pull alerts to your SIEM tools](configure-siem-windows-defender-advanced-threat-protection.md)
|
||||
#### [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md)
|
||||
#### [Configure Splunk to pull alerts](configure-splunk-windows-defender-advanced-threat-protection.md)
|
||||
#### [Configure HP ArcSight to pull alerts](configure-arcsight-windows-defender-advanced-threat-protection.md)
|
||||
#### [Windows Defender ATP alert API fields](api-portal-mapping-windows-defender-advanced-threat-protection.md)
|
||||
#### [Pull alerts using REST API](pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md)
|
||||
#### [Troubleshoot SIEM tool integration issues](troubleshoot-siem-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
## [Use the threat intelligence API to create custom alerts](use-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
### [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
|
||||
### [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
### [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md)
|
||||
### [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
|
||||
### [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)
|
||||
### [Experiment with custom threat intelligence alerts](experiment-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
### [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
## [Use the Windows Defender ATP exposed APIs](exposed-apis-windows-defender-advanced-threat-protection.md)
|
||||
### [Supported Windows Defender ATP APIs](supported-apis-windows-defender-advanced-threat-protection.md)
|
||||
###Actor
|
||||
#### [Get actor information](get-actor-information-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get actor related alerts](get-actor-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###Alerts
|
||||
#### [Get alerts](get-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get alert information by ID](get-alert-info-by-id-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get alert related actor information](get-alert-related-actor-info-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get alert related domain information](get-alert-related-domain-info-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get alert related file information](get-alert-related-files-info-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get alert related IP information](get-alert-related-ip-info-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get alert related machine information](get-alert-related-machine-info-windows-defender-advanced-threat-protection.md)
|
||||
###Domain
|
||||
#### [Get domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get domain related machines](get-domain-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get domain statistics](get-domain-statistics-windows-defender-advanced-threat-protection.md)
|
||||
#### [Is domain seen in organization](is-domain-seen-in-org-windows-defender-advanced-threat-protection.md)
|
||||
### [Use the threat intelligence API to create custom alerts](use-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
#### [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
|
||||
#### [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
#### [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md)
|
||||
#### [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
|
||||
#### [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)
|
||||
#### [Experiment with custom threat intelligence alerts](experiment-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
#### [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
### [Use the Windows Defender ATP exposed APIs](exposed-apis-windows-defender-advanced-threat-protection.md)
|
||||
#### [Supported Windows Defender ATP APIs](supported-apis-windows-defender-advanced-threat-protection.md)
|
||||
#####Actor
|
||||
###### [Get actor information](get-actor-information-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get actor related alerts](get-actor-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#####Alerts
|
||||
###### [Get alerts](get-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert information by ID](get-alert-info-by-id-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert related actor information](get-alert-related-actor-info-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert related domain information](get-alert-related-domain-info-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert related file information](get-alert-related-files-info-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert related IP information](get-alert-related-ip-info-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get alert related machine information](get-alert-related-machine-info-windows-defender-advanced-threat-protection.md)
|
||||
#####Domain
|
||||
###### [Get domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get domain related machines](get-domain-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get domain statistics](get-domain-statistics-windows-defender-advanced-threat-protection.md)
|
||||
###### [Is domain seen in organization](is-domain-seen-in-org-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
###File
|
||||
#### [Block file API](block-file-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get file information](get-file-information-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get file related alerts](get-file-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get file related machines](get-file-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get file statistics](get-file-statistics-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get FileActions collection API](get-fileactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
#### [Unblock file API](unblock-file-windows-defender-advanced-threat-protection.md)
|
||||
#####File
|
||||
###### [Block file API](block-file-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get file information](get-file-information-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get file related alerts](get-file-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get file related machines](get-file-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get file statistics](get-file-statistics-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get FileActions collection API](get-fileactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
###### [Unblock file API](unblock-file-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
###IP
|
||||
#### [Get IP related alerts](get-ip-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get IP related machines](get-ip-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get IP statistics](get-ip-statistics-windows-defender-advanced-threat-protection.md)
|
||||
#### [Is IP seen in organization](is-ip-seen-org-windows-defender-advanced-threat-protection.md)
|
||||
###Machines
|
||||
#### [Collect investigation package API](collect-investigation-package-windows-defender-advanced-threat-protection.md)
|
||||
#### [Find machine information by IP](find-machine-info-by-ip-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get FileMachineAction object API](get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get FileMachineActions collection API](get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get machine by ID](get-machine-by-id-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get machine log on users](get-machine-log-on-users-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get machine related alerts](get-machine-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get MachineAction object API](get-machineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get MachineActions collection API](get-machineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get package SAS URI API](get-package-sas-uri-windows-defender-advanced-threat-protection.md)
|
||||
#### [Isolate machine API](isolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
#### [Release machine from isolation API](unisolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
#### [Remove app restriction API](unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
#### [Request sample API](request-sample-windows-defender-advanced-threat-protection.md)
|
||||
#### [Restrict app execution API](restrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
#### [Run antivirus scan API](run-av-scan-windows-defender-advanced-threat-protection.md)
|
||||
#### [Stop and quarantine file API](stop-quarantine-file-windows-defender-advanced-threat-protection.md)
|
||||
#####IP
|
||||
###### [Get IP related alerts](get-ip-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get IP related machines](get-ip-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get IP statistics](get-ip-statistics-windows-defender-advanced-threat-protection.md)
|
||||
###### [Is IP seen in organization](is-ip-seen-org-windows-defender-advanced-threat-protection.md)
|
||||
#####Machines
|
||||
###### [Collect investigation package API](collect-investigation-package-windows-defender-advanced-threat-protection.md)
|
||||
###### [Find machine information by IP](find-machine-info-by-ip-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get FileMachineAction object API](get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get FileMachineActions collection API](get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get machine by ID](get-machine-by-id-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get machine log on users](get-machine-log-on-users-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get machine related alerts](get-machine-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get MachineAction object API](get-machineaction-object-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get MachineActions collection API](get-machineactions-collection-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get package SAS URI API](get-package-sas-uri-windows-defender-advanced-threat-protection.md)
|
||||
###### [Isolate machine API](isolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
###### [Release machine from isolation API](unisolate-machine-windows-defender-advanced-threat-protection.md)
|
||||
###### [Remove app restriction API](unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
###### [Request sample API](request-sample-windows-defender-advanced-threat-protection.md)
|
||||
###### [Restrict app execution API](restrict-code-execution-windows-defender-advanced-threat-protection.md)
|
||||
###### [Run antivirus scan API](run-av-scan-windows-defender-advanced-threat-protection.md)
|
||||
###### [Stop and quarantine file API](stop-quarantine-file-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
|
||||
###User
|
||||
#### [Get alert related user information](get-alert-related-user-info-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get user information](get-user-information-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
#### [Get user related machines](get-user-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
#####User
|
||||
###### [Get alert related user information](get-alert-related-user-info-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get user information](get-user-information-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection.md)
|
||||
###### [Get user related machines](get-user-related-machines-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
##Reporting
|
||||
## [Create and build Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md)
|
||||
### [Create and build Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
##Check service health and sensor state
|
||||
## [Check sensor state](check-sensor-status-windows-defender-advanced-threat-protection.md)
|
||||
### [Check sensor state](check-sensor-status-windows-defender-advanced-threat-protection.md)
|
||||
### [Fix unhealthy sensors](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md)
|
||||
### [Inactive machines](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#inactive-machines)
|
||||
### [Misconfigured machines](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#misconfigured-machines)
|
||||
## [Check service health](service-status-windows-defender-advanced-threat-protection.md)
|
||||
## [Configure Windows Defender ATP preferences settings](preferences-setup-windows-defender-advanced-threat-protection.md)
|
||||
## [Update general settings](general-settings-windows-defender-advanced-threat-protection.md)
|
||||
## [Enable advanced features](advanced-features-windows-defender-advanced-threat-protection.md)
|
||||
## [Enable preview experience](preview-settings-windows-defender-advanced-threat-protection.md)
|
||||
## [Configure email notifications](configure-email-notifications-windows-defender-advanced-threat-protection.md)
|
||||
## [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md)
|
||||
## [Enable Threat intel API](enable-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
## [Enable and create Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md)
|
||||
## [Enable Security Analytics security controls](enable-security-analytics-windows-defender-advanced-threat-protection.md)
|
||||
### [Check service health](service-status-windows-defender-advanced-threat-protection.md)
|
||||
### [Configure Windows Defender ATP Settings](preferences-setup-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
###General
|
||||
#### [Update data retention settings](data-retention-settings-windows-defender-advanced-threat-protection.md)
|
||||
#### [Configure alert notifications](configure-email-notifications-windows-defender-advanced-threat-protection.md)
|
||||
#### [Enable and create Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md)
|
||||
#### [Enable Secure score security controls](enable-secure-score-windows-defender-advanced-threat-protection.md)
|
||||
#### [Configure advanced features](advanced-features-windows-defender-advanced-threat-protection.md)
|
||||
#### [Protect data with conditional access](conditional-access-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
###Permissions
|
||||
#### [Manage portal access using RBAC](rbac-windows-defender-advanced-threat-protection.md)
|
||||
#### [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
###APIs
|
||||
#### [Enable Threat intel](enable-custom-ti-windows-defender-advanced-threat-protection.md)
|
||||
#### [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
###Rules
|
||||
#### [Manage suppression rules](manage-suppression-rules-windows-defender-advanced-threat-protection.md)
|
||||
#### [Manage automation allowed/blocked](manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md)
|
||||
#### [Manage automation file uploads](manage-automation-file-uploads-windows-defender-advanced-threat-protection.md)
|
||||
#### [Manage automation folder exclusions](manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
###Machine management
|
||||
#### [Onboarding machines](onboard-configure-windows-defender-advanced-threat-protection.md)
|
||||
#### [Offboarding machines](offboard-machines-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
## [Configure Windows Defender ATP time zone settings](time-settings-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
## [Configure Windows Defender ATP time zone settings](settings-windows-defender-advanced-threat-protection.md)
|
||||
## [Access the Windows Defender ATP Community Center](community-windows-defender-advanced-threat-protection.md)
|
||||
## [Troubleshoot Windows Defender ATP](troubleshoot-windows-defender-advanced-threat-protection.md)
|
||||
## [Review events and errors on endpoints with Event Viewer](event-error-codes-windows-defender-advanced-threat-protection.md)
|
||||
### [Review events and errors on machines with Event Viewer](event-error-codes-windows-defender-advanced-threat-protection.md)
|
||||
## [Windows Defender Antivirus compatibility with Windows Defender ATP](defender-compatibility-windows-defender-advanced-threat-protection.md)
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user