deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 19:03:46 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

reinsert wdatp stuff

Browse Source 
Apparently it cut ATP out after I put in AV
This commit is contained in:
Iaan D'Souza-Wiltshire
2017-03-20 13:23:40 -07:00
committed by GitHub
parent b8187ef947
commit c3a140cde5
1 changed files with 23 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
windows/whats-new/whats-new-windows-10-version-1703.md
View File

@ -69,11 +69,31 @@ Using Azure AD also means that you can remove an employees profile (for examp
### Windows Defender Advanced Threat Protection (Windows Defender ATP) ### Windows Defender Advanced Threat Protection (Windows Defender ATP)
The following features have been added to Windows Defender ATP in Windows 10, version 1703. The following features have been added to Windows Defender ATP in Windows 10, version 1703.
- Detection - **Response**<br>
When detecting an attack, security response teams can now take immediate action to contain a breach:
- [Take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) - Quickly respond to detected attacks by isolating machines or collecting an investigation package.
- [Isolate machines from the network](respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network)
- [Undo machine isolation](respond-machine-alerts-windows-defender-advanced-threat-protection.md#undo-machine-isolation)
- [Collect investigation package](respond-machine-alerts-windows-defender-advanced-threat-protection.md#collect-investigation-package-from-machines)
- [Take response actions on a file](respond-file-alerts-windows-defender-advanced-threat-protection.md) - Quickly respond to detected attacks by stopping and quarantining files or blocking a file.
- [Stop and quarantine files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#stop-and-quarantine-files-in-your-network)
- [Remove file from quarantine](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-quarantine)
- [Block files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#block-files-in-your-network)
- **Investigation**<br>
Enterprise customers can now take advantage of the entire Windows security stack with Windows Defender Antivirus detections and Device Guard blocks being surfaced in the Windows Defender ATP portal.
- Investigation Other investigation capabilities include:
- Response - [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection.md) - Identify user accounts with the most active alerts and investigate cases of potential compromised credentials.
- [Alert process tree](investigate-alerts-windows-defender-advanced-threat-protection.md#alert-process-tree) - Aggregates multiple detections and related events into a single view to reduce case resolution time.
- **Detection**<br>
Windows Creators Update improves OS memory and kernel sensors to enable detection of attackers who are using in-memory and kernel-level attacks.
Other detection capabilities include:
- [Use the threat intelligence API to create custom alerts](use-custom-ti-windows-defender-advanced-threat-protection.md) - Understand threat intelligence concepts, enable the threat intel application, and create custom threat intelligence alerts for your organization.
### Windows Defender Antivirus (Windows Defender AV) ### Windows Defender Antivirus (Windows Defender AV)
New features for Windows Defender AV in Windows 10, version 1703 include: New features for Windows Defender AV in Windows 10, version 1703 include: