diff --git a/windows/security/threat-protection/windows-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/windows-defender-atp/threat-and-vuln-mgt-scenarios.md index df12df6ba5..068a96ab4b 100644 --- a/windows/security/threat-protection/windows-defender-atp/threat-and-vuln-mgt-scenarios.md +++ b/windows/security/threat-protection/windows-defender-atp/threat-and-vuln-mgt-scenarios.md @@ -53,13 +53,13 @@ You can reduce the exposure score by remediating issues based on prioritized sec To lower down your threat and vulnerability exposure: 1. Review the **Top security recommendations** from your **Threat & Vulnerability Management dashboard**, and select the first item on the list. This opens the **Security recommendation** page. -![threat insight](images/tvm_bug_icon.png) icon. +![top security recommendations](images/tvm_security_recommendations.png) >[!NOTE] > There are two types of recommendations: > - Security update which refers to recommendations that require a package installation > - Configuration change which refers to recommendations that require a registry or GPO modification -> Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight ![top security recommendations](images/tvm_security_recommendations.png) +> Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight ![threat insight](images/tvm_bug_icon.png) icon. 2. In the **Security recommendations** page, you will see the description of what needs to be done and why. It shows the vulnerability details, such as the associated exploits affecting what machines and its business impact. Click **Open software page** option from the flyout menu. ![details in security recommendations page](images/tvm_security_recommendations_page.png) @@ -78,14 +78,12 @@ To lower down your threat and vulnerability exposure: Remediating issues in the security recommendations list will improve your configuration. As you do so, your configuration score improves, which means building your organization's resilience against cybersecurity threats and vulnerabilities stronger. 1. From the Configuration score widget, select **Security controls**. This opens the **Security recommendations** page showing the list of issues related to security controls. - ![configuration score widget](images/tvm_config_score.png) 2. Select the first item on the list. This opens the flyout menu with the description of the security controls issue, a short description of the potential risk, insights, configuration ID, exposed machines, and business impact. Click **Remediation options**. ![security controls related security recommendations](images/tvm_security_controls.png) 3. Read the description to understand the context of the issue and what to do next. Select a due date, add notes, and select **Export all remediation activity data to CSV** so you can attach it to the email that you can send to your IT Administrator for follow-up. - ![request remediation](images/tvm_request_remediation.png). You will see a confirmation message that the remediation task has been created.