deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-14 14:27:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update threat-and-vuln-mgt-scenarios.md

Browse Source
This commit is contained in:
DulceMV 2019-04-15 21:16:54 -07:00 committed by GitHub
parent 0acd233dec
commit c25b93c34e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
windows/security/threat-protection/windows-defender-atp/threat-and-vuln-mgt-scenarios.md
View File

@ -53,13 +53,13 @@ You can reduce the exposure score by remediating issues based on prioritized sec
To lower down your threat and vulnerability exposure: To lower down your threat and vulnerability exposure:
1. Review the **Top security recommendations** from your **Threat & Vulnerability Management dashboard**, and select the first item on the list. This opens the **Security recommendation** page. 1. Review the **Top security recommendations** from your **Threat & Vulnerability Management dashboard**, and select the first item on the list. This opens the **Security recommendation** page.
![threat insight](images/tvm_bug_icon.png) icon. ![top security recommendations](images/tvm_security_recommendations.png)
>[!NOTE] >[!NOTE]
> There are two types of recommendations: > There are two types of recommendations:
> - <i>Security update</i> which refers to recommendations that require a package installation > - <i>Security update</i> which refers to recommendations that require a package installation
> - <i>Configuration</i> change which refers to recommendations that require a registry or GPO modification > - <i>Configuration</i> change which refers to recommendations that require a registry or GPO modification
> Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight ![top security recommendations](images/tvm_security_recommendations.png) > Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight ![threat insight](images/tvm_bug_icon.png) icon.
2. In the **Security recommendations** page, you will see the description of what needs to be done and why. It shows the vulnerability details, such as the associated exploits affecting what machines and its business impact. Click **Open software page** option from the flyout menu. ![details in security recommendations page](images/tvm_security_recommendations_page.png) 2. In the **Security recommendations** page, you will see the description of what needs to be done and why. It shows the vulnerability details, such as the associated exploits affecting what machines and its business impact. Click **Open software page** option from the flyout menu. ![details in security recommendations page](images/tvm_security_recommendations_page.png)
@ -78,14 +78,12 @@ To lower down your threat and vulnerability exposure:
Remediating issues in the security recommendations list will improve your configuration. As you do so, your configuration score improves, which means building your organization's resilience against cybersecurity threats and vulnerabilities stronger. Remediating issues in the security recommendations list will improve your configuration. As you do so, your configuration score improves, which means building your organization's resilience against cybersecurity threats and vulnerabilities stronger.
1. From the Configuration score widget, select **Security controls**. This opens the **Security recommendations** page showing the list of issues related to security controls. 1. From the Configuration score widget, select **Security controls**. This opens the **Security recommendations** page showing the list of issues related to security controls.
![configuration score widget](images/tvm_config_score.png) ![configuration score widget](images/tvm_config_score.png)
2. Select the first item on the list. This opens the flyout menu with the description of the security controls issue, a short description of the potential risk, insights, configuration ID, exposed machines, and business impact. Click **Remediation options**. 2. Select the first item on the list. This opens the flyout menu with the description of the security controls issue, a short description of the potential risk, insights, configuration ID, exposed machines, and business impact. Click **Remediation options**.
![security controls related security recommendations](images/tvm_security_controls.png) ![security controls related security recommendations](images/tvm_security_controls.png)
3. Read the description to understand the context of the issue and what to do next. Select a due date, add notes, and select **Export all remediation activity data to CSV** so you can attach it to the email that you can send to your IT Administrator for follow-up. 3. Read the description to understand the context of the issue and what to do next. Select a due date, add notes, and select **Export all remediation activity data to CSV** so you can attach it to the email that you can send to your IT Administrator for follow-up.
![request remediation](images/tvm_request_remediation.png). ![request remediation](images/tvm_request_remediation.png).
You will see a confirmation message that the remediation task has been created. You will see a confirmation message that the remediation task has been created.