deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 11:53:37 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into App-v-revision

Browse Source
This commit is contained in:
Heidi Lohr
2018-06-19 13:41:52 -07:00
parent b0a003d6a3 ed7560a0d6
commit c421826077
9 changed files with 124 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
store-for-business/distribute-apps-from-your-private-store.md
View File

@ -21,7 +21,7 @@ ms.date: 3/19/2018
- Windows 10 - Windows 10
- Windows 10 Mobile - Windows 10 Mobile
The private store is a feature in Microsoft Store for Business and Education that organizations receive during the signup process. When admins add apps to the private store, all employees in the organization can view and download the apps. Your private store is available as a tab in Micrsoft Store app, and is usually named for your company or organization. Only apps with online licenses can be added to the private store. The private store is a feature in Microsoft Store for Business and Education that organizations receive during the signup process. When admins add apps to the private store, all employees in the organization can view and download the apps. Your private store is available as a tab in Microsoft Store app, and is usually named for your company or organization. Only apps with online licenses can be added to the private store.
You can make an app available in your private store when you acquire the app, or you can do it later from your inventory. Once the app is in your private store, employees can claim and install the app. You can make an app available in your private store when you acquire the app, or you can do it later from your inventory. Once the app is in your private store, employees can claim and install the app.

3
windows/configuration/change-history-for-configure-windows-10.md
View File

@ -10,7 +10,7 @@ ms.localizationpriority: high
author: jdeckerms author: jdeckerms
ms.author: jdecker ms.author: jdecker
ms.topic: article ms.topic: article
ms.date: 06/05/2018 ms.date: 06/19/2018
--- ---
# Change history for Configure Windows 10 # Change history for Configure Windows 10
@ -22,6 +22,7 @@ This topic lists new and updated topics in the [Configure Windows 10](index.md)
New or changed topic | Description New or changed topic | Description
--- | --- --- | ---
[Set up a kiosk or digital signage on Windows 10 Pro, Enterprise, or Education](setup-kiosk-digital-signage.md) and [Create a Windows 10 kiosk that runs multiple apps](lock-down-windows-10-to-specific-apps.md) | Updated instructions for using Microsoft Intune to configure a kiosk. [Set up a kiosk or digital signage on Windows 10 Pro, Enterprise, or Education](setup-kiosk-digital-signage.md) and [Create a Windows 10 kiosk that runs multiple apps](lock-down-windows-10-to-specific-apps.md) | Updated instructions for using Microsoft Intune to configure a kiosk.
[Manage Windows 10 Start and taskbar layout](windows-10-start-layout-options-and-policies.md) | Added new Group Policy to remove "Recently added" list from Start menu.
## May 2018 ## May 2018

4
windows/configuration/windows-10-start-layout-options-and-policies.md
View File

@ -10,7 +10,7 @@ author: jdeckerms
ms.author: jdecker ms.author: jdecker
ms.topic: article ms.topic: article
ms.localizationpriority: high ms.localizationpriority: high
ms.date: 05/24/2018 ms.date: 06/19/2018
--- ---
# Manage Windows 10 Start and taskbar layout # Manage Windows 10 Start and taskbar layout
@ -51,7 +51,7 @@ The following table lists the different parts of Start and any applicable policy
| User tile | MDM: **Start/HideUserTile**</br>**Start/HideSwitchAccount**</br>**Start/HideSignOut**</br>**Start/HideLock**</br>**Start/HideChangeAccountSettings**</br></br>Group Policy: **Remove Logoff on the Start menu** | none | | User tile | MDM: **Start/HideUserTile**</br>**Start/HideSwitchAccount**</br>**Start/HideSignOut**</br>**Start/HideLock**</br>**Start/HideChangeAccountSettings**</br></br>Group Policy: **Remove Logoff on the Start menu** | none |
| Most used | MDM: **Start/HideFrequentlyUsedApps**</br></br>Group Policy: **Remove frequent programs from the Start menu** | **Settings** &gt; **Personalization** &gt; **Start** &gt; **Show most used apps** | | Most used | MDM: **Start/HideFrequentlyUsedApps**</br></br>Group Policy: **Remove frequent programs from the Start menu** | **Settings** &gt; **Personalization** &gt; **Start** &gt; **Show most used apps** |
| Suggestions</br>-and-</br>Dynamically inserted app tile | MDM: **Allow Windows Consumer Features**</br></br>Group Policy: **Computer Configuration\Administrative Templates\Windows Components\Cloud Content\Turn off Microsoft consumer experiences**</br></br>**Note:** This policy also enables or disables notifications for a user's Microsoft account and app tiles from Microsoft dynamically inserted in the default Start menu. | **Settings** &gt; **Personalization** &gt; **Start** &gt; **Occasionally show suggestions in Start** | | Suggestions</br>-and-</br>Dynamically inserted app tile | MDM: **Allow Windows Consumer Features**</br></br>Group Policy: **Computer Configuration\Administrative Templates\Windows Components\Cloud Content\Turn off Microsoft consumer experiences**</br></br>**Note:** This policy also enables or disables notifications for a user's Microsoft account and app tiles from Microsoft dynamically inserted in the default Start menu. | **Settings** &gt; **Personalization** &gt; **Start** &gt; **Occasionally show suggestions in Start** |
| Recently added | MDM: **Start/HideRecentlyAddedApps** | **Settings** &gt; **Personalization** &gt; **Start** &gt; **Show recently added apps** | | Recently added | MDM: **Start/HideRecentlyAddedApps**<br>Group Policy: **Computer configuration**\\**Administrative Template**\\**Start Menu and Taskbar**\\**Remove "Recently Added" list from Start Menu** (for Windows 10, version 1803) | **Settings** &gt; **Personalization** &gt; **Start** &gt; **Show recently added apps** |
| Pinned folders | MDM: **AllowPinnedFolder** | **Settings** &gt; **Personalization** &gt; **Start** &gt; **Choose which folders appear on Start** | | Pinned folders | MDM: **AllowPinnedFolder** | **Settings** &gt; **Personalization** &gt; **Start** &gt; **Choose which folders appear on Start** |
| Power | MDM: **Start/HidePowerButton**</br>**Start/HideHibernate**</br>**Start/HideRestart**</br>**Start/HideShutDown**</br>**Start/HideSleep**</br></br>Group Policy: **Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands** | none | | Power | MDM: **Start/HidePowerButton**</br>**Start/HideHibernate**</br>**Start/HideRestart**</br>**Start/HideShutDown**</br>**Start/HideSleep**</br></br>Group Policy: **Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands** | none |
| Start layout | MDM: **Start layout**</br>**ImportEdgeAssets**</br></br>Group Policy: **Prevent users from customizing their Start screen**</br></br>**Note:** When a full Start screen layout is imported with Group Policy or MDM, the users cannot pin, unpin, or uninstall apps from the Start screen. Users can view and open all apps in the **All Apps** view, but they cannot pin any apps to the Start screen. When a partial Start screen layout is imported, users cannot change the tile groups applied by the partial layout, but can modify other tile groups and create their own.</br></br>**Start layout** policy can be used to pin apps to the taskbar based on an XML File that you provide. Users will be able to change the order of pinned apps, unpin apps, and pin additional apps to the taskbar. | none | | Start layout | MDM: **Start layout**</br>**ImportEdgeAssets**</br></br>Group Policy: **Prevent users from customizing their Start screen**</br></br>**Note:** When a full Start screen layout is imported with Group Policy or MDM, the users cannot pin, unpin, or uninstall apps from the Start screen. Users can view and open all apps in the **All Apps** view, but they cannot pin any apps to the Start screen. When a partial Start screen layout is imported, users cannot change the tile groups applied by the partial layout, but can modify other tile groups and create their own.</br></br>**Start layout** policy can be used to pin apps to the taskbar based on an XML File that you provide. Users will be able to change the order of pinned apps, unpin apps, and pin additional apps to the taskbar. | none |

2
windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
View File

@ -1974,7 +1974,7 @@ You can turn off Windows Update by setting the following registry entries:
-and- -and-
- Apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Windows Update** &gt; **Specify intranet Microsoft update service location** and set the **Set the alternate download server** to "". - Apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Windows Update** &gt; **Specify intranet Microsoft update service location** and set the **Set the alternate download server** to " ".
You can turn off automatic updates by doing one of the following. This is not recommended. You can turn off automatic updates by doing one of the following. This is not recommended.

1
windows/security/hardware-protection/tpm/trusted-platform-module-services-group-policy-settings.md
View File

@ -88,6 +88,7 @@ The following table shows the TPM owner authorization values in the registry.
| 2 | Delegated | | 2 | Delegated |
| 4 | Full | | 4 | Full |
A value of 5 means discard the **Full** TPM owner authorization for TPM 1.2 but keep it for TPM 2.0.
   
If you enable this policy setting, the Windows operating system will store the TPM owner authorization in the registry of the local computer according to the TPM authentication setting you choose. If you enable this policy setting, the Windows operating system will store the TPM owner authorization in the registry of the local computer according to the TPM authentication setting you choose.

24
windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune.md
View File

@ -193,18 +193,16 @@ In this example, you'd get the following info:
Where the text, `O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US` is the publisher name to enter in the **Publisher Name** box. Where the text, `O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US` is the publisher name to enter in the **Publisher Name** box.
### Add an AppLocker policy file ### Add an AppLocker policy file
Now were going to add an AppLocker XML file to the **App Rules** list. Youll use this option if you want to add multiple apps at the same time. The first example shows how to create a Publisher rule for packaged apps. The second example shows how to create a Path rule for unsigned apps. For more info, see [AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview). Now were going to add an AppLocker XML file to the **App Rules** list. Youll use this option if you want to add multiple apps at the same time. The first example shows how to create a Packaged App rule for Store apps. The second example shows how to create an Executable rule by using a path for unsigned apps. For more info, see [AppLocker](https://technet.microsoft.com/itpro/windows/keep-secure/applocker-overview).
**To create a Publisher rule and xml file for packaged apps using the AppLocker tool** **To create a Packaged App rule rule and xml file**
1. Open the Local Security Policy snap-in (SecPol.msc). 1. Open the Local Security Policy snap-in (SecPol.msc).
2. In the left pane, expand **Application Control Policies**, expand **AppLocker**, and then click **Packaged App Rules**. 2. In the left pane, click **Application Control Policies** > **AppLocker** > **Packaged App Rules**.
![Local security snap-in, showing the Packaged app Rules](images/intune-local-security-snapin.png) ![Local security snap-in, showing the Packaged app Rules](images/intune-local-security-snapin.png)
3. Right-click in the right-hand pane, and then click **Create New Rule**. 3. Right-click **Packaged App Rules** > **Create New Rule**.
The **Create Packaged app Rules** wizard appears.
4. On the **Before You Begin** page, click **Next**. 4. On the **Before You Begin** page, click **Next**.
@ -262,15 +260,15 @@ Now were going to add an AppLocker XML file to the **App Rules** list. You
``` ```
12. After youve created your XML file, you need to import it by using Microsoft Intune. 12. After youve created your XML file, you need to import it by using Microsoft Intune.
**To create a Path rule and xml file for unsigned apps using the AppLocker tool** **To create an Executable rule and xml file for unsigned apps**
1. Open the Local Security Policy snap-in (SecPol.msc). 1. Open the Local Security Policy snap-in (SecPol.msc).
2. In the left pane, expand **Application Control Policies**, expand **AppLocker**, and then click **Executable Rules**. 2. In the left pane, click **Application Control Policies** > **AppLocker** > **Executable Rules**.
3. Right-click **Executable Rules** > **Create New Rule**.
![Local security snap-in, showing the Executable Rules](images/create-new-path-rule.png) ![Local security snap-in, showing the Executable Rules](images/create-new-path-rule.png)
3. Right-click in the right-hand pane, and then click **Create New Rule**.
4. On the **Before You Begin** page, click **Next**. 4. On the **Before You Begin** page, click **Next**.
5. On the **Permissions** page, make sure the **Action** is set to **Allow** and the **User or group** is set to **Everyone**, and then click **Next**. 5. On the **Permissions** page, make sure the **Action** is set to **Allow** and the **User or group** is set to **Everyone**, and then click **Next**.
@ -287,11 +285,7 @@ Now were going to add an AppLocker XML file to the **App Rules** list. You
9. On the **Name** page, type a name and description for the rule and then click **Create**. 9. On the **Name** page, type a name and description for the rule and then click **Create**.
10. In the left pane, right-click on **AppLocker**, and then click **Export policy**. 10. In the left pane, right-click **AppLocker** > **Export policy**.
The **Export policy** box opens, letting you export and save your new policy as XML.
![Local security snap-in, showing the Export Policy option](images/intune-local-security-export.png)
11. In the **Export policy** box, browse to where the policy should be stored, give the policy a name, and then click **Save**. 11. In the **Export policy** box, browse to where the policy should be stored, give the policy a name, and then click **Save**.

2
windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md
View File

@ -10,7 +10,7 @@ ms.pagetype: security
ms.author: macapara ms.author: macapara
author: mjcaparas author: mjcaparas
ms.localizationpriority: high ms.localizationpriority: high
ms.date: 06/06/2018 ms.date: 06/18/2018
--- ---
# Configure alert notifications in Windows Defender ATP # Configure alert notifications in Windows Defender ATP

176
windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection.md
View File

@ -1,71 +1,107 @@
--- ---
title: Onboard machines to the Windows Defender ATP service title: Onboard machines to the Windows Defender ATP service
description: Onboard Windows 10 machines, servers, non-Windows machines and learn how to run a detection test. description: Onboard Windows 10 machines, servers, non-Windows machines and learn how to run a detection test.
keywords: onboarding, windows defender advanced threat protection onboarding, windows atp onboarding, sccm, group policy, mdm, local script, detection test keywords: onboarding, windows defender advanced threat protection onboarding, windows atp onboarding, sccm, group policy, mdm, local script, detection test
search.product: eADQiWindows 10XVcnh search.product: eADQiWindows 10XVcnh
ms.prod: w10 ms.prod: w10
ms.mktglfcycl: deploy ms.mktglfcycl: deploy
ms.sitesec: library ms.sitesec: library
ms.pagetype: security ms.pagetype: security
ms.author: macapara ms.author: macapara
author: mjcaparas author: mjcaparas
ms.localizationpriority: high ms.localizationpriority: high
ms.date: 06/18/2018 ms.date: 06/19/2018
--- ---
# Onboard machines to the Windows Defender ATP service # Onboard machines to the Windows Defender ATP service
**Applies to:** **Applies to:**
- Windows 10 Enterprise - Windows 7 SP1 Enterprise
- Windows 10 Education - Windows 7 SP1 Pro
- Windows 10 Pro - Windows 8.1 Enterprise
- Windows 10 Pro Education - Windows 8.1 Pro
- macOS - Windows 10 Enterprise
- Linux - Windows 10 Education
- Windows Server 2012 R2 - Windows 10 Pro
- Windows Server 2016 - Windows 10 Pro Education
- Windows Defender Advanced Threat Protection (Windows Defender ATP) - Windows Server 2012 R2
- Windows Server 2016
[!include[Prerelease information](prerelease.md)] - macOS
- Linux
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink) - Windows Defender Advanced Threat Protection (Windows Defender ATP)
You need to onboard to Windows Defender ATP before you can use the service. [!include[Prerelease information](prerelease.md)]
For more information, see [Onboard your Windows 10 machines to Windows Defender ATP](https://www.youtube.com/watch?v=JT7VGYfeRlA&feature=youtu.be). >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
## Licensing requirements You need to onboard to Windows Defender ATP before you can use the service.
Windows Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers:
For more information, see [Onboard your Windows 10 machines to Windows Defender ATP](https://www.youtube.com/watch?v=JT7VGYfeRlA&feature=youtu.be).
- Windows 10 Enterprise E5
- Windows 10 Education E5 ## Licensing requirements
- Microsoft 365 Enterprise E5 which includes Windows 10 Enterprise E5 Windows Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers:
For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2). - Windows 10 Enterprise E5
- Windows 10 Education E5
## Windows Defender Antivirus configuration requirement - Microsoft 365 Enterprise E5 which includes Windows 10 Enterprise E5
The Windows Defender ATP agent depends on the ability of Windows Defender Antivirus to scan files and provide information about them.
For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2).
You must configure the signature updates on the Windows Defender ATP machines whether Windows Defender Antivirus is the active antimalware or not. For more information, see [Manage Windows Defender Antivirus updates and apply baselines](../windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md).
## Hardware and software requirements
When Windows Defender Antivirus is not the active antimalware in your organization and you use the Windows Defender ATP service, Windows Defender Antivirus goes on passive mode. If your organization has disabled Windows Defender Antivirus through group policy or other methods, machines that are onboarded to Windows Defender ATP must be excluded from this group policy. ### Supported Windows versions
- Windows 7 SP1 Enterprise
If you are onboarding servers and Windows Defender Antivirus is not the active antimalware on your servers, you shouldn't uninstall Windows Defender Antivirus. You'll need to configure it to run on passive mode. For more information, see [Onboard servers](configure-server-endpoints-windows-defender-advanced-threat-protection.md). - Windows 7 SP1 Pro
- Windows 8.1 Enterprise
- Windows 8.1 Pro
For more information, see [Windows Defender Antivirus compatibility](../windows-defender-antivirus/windows-defender-antivirus-compatibility.md). - Windows 10
- Windows 10 Enterprise
- Windows 10 Education
## In this section - Windows 10 Pro
Topic | Description - Windows 10 Pro Education
:---|:--- - Windows server
[Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md) | You'll need to onboard machines for it to report to the Windows Defender ATP service. Learn about the tools and methods you can use to configure machines in your enterprise. - Windows Server 2012 R2
[Onboard previous versions of Windows](onboard-downlevel-windows-defender-advanced-threat-protection.md)| Onboard Windows 7 and Windows 8.1 machines to Windows Defender ATP - Windows Server 2016
[Onboard servers](configure-server-endpoints-windows-defender-advanced-threat-protection.md) | Onboard Windows Server 2012 R2 and Windows Server 2016 to Windows Defender ATP - Windows Server, version 1803
[Onboard non-Windows machines](configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md) | Windows Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in the Windows Defender ATP portal and better protect your organization's network. This experience leverages on a third-party security products' sensor data.
[Run a detection test on a newly onboarded machine](run-detection-test-windows-defender-advanced-threat-protection.md) | Run a script on a newly onboarded machine to verify that it is properly reporting to the Windows Defender ATP service. Machines on your network must be running one of these editions.
[Configure proxy and Internet settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)| Enable communication with the Windows Defender ATP cloud service by configuring the proxy and Internet connectivity settings.
[Troubleshoot onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) | Learn about resolving issues that might arise during onboarding. The hardware requirements for Windows Defender ATP on machines is the same as those for the supported editions.
> [!NOTE]
> Machines that are running mobile versions of Windows are not supported.
### Other supported operating systems
>[!NOTE]
>You'll need to know the exact Linux distros and macOS X versions that are compatible with Windows Defender ATP for the integration to work.
- macOS X
- Linux
## Windows Defender Antivirus configuration requirement
The Windows Defender ATP agent depends on the ability of Windows Defender Antivirus to scan files and provide information about them.
You must configure the signature updates on the Windows Defender ATP machines whether Windows Defender Antivirus is the active antimalware or not. For more information, see [Manage Windows Defender Antivirus updates and apply baselines](../windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md).
When Windows Defender Antivirus is not the active antimalware in your organization and you use the Windows Defender ATP service, Windows Defender Antivirus goes on passive mode. If your organization has disabled Windows Defender Antivirus through group policy or other methods, machines that are onboarded to Windows Defender ATP must be excluded from this group policy.
If you are onboarding servers and Windows Defender Antivirus is not the active antimalware on your servers, you shouldn't uninstall Windows Defender Antivirus. You'll need to configure it to run on passive mode. For more information, see [Onboard servers](configure-server-endpoints-windows-defender-advanced-threat-protection.md).
For more information, see [Windows Defender Antivirus compatibility](../windows-defender-antivirus/windows-defender-antivirus-compatibility.md).
## In this section
Topic | Description
:---|:---
[Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md) | You'll need to onboard machines for it to report to the Windows Defender ATP service. Learn about the tools and methods you can use to configure machines in your enterprise.
[Onboard previous versions of Windows](onboard-downlevel-windows-defender-advanced-threat-protection.md)| Onboard Windows 7 and Windows 8.1 machines to Windows Defender ATP.
[Onboard servers](configure-server-endpoints-windows-defender-advanced-threat-protection.md) | Onboard Windows Server 2012 R2 and Windows Server 2016 to Windows Defender ATP.
[Onboard non-Windows machines](configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md) | Windows Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in the Windows Defender ATP portal and better protect your organization's network. This experience leverages on a third-party security products' sensor data.
[Run a detection test on a newly onboarded machine](run-detection-test-windows-defender-advanced-threat-protection.md) | Run a script on a newly onboarded machine to verify that it is properly reporting to the Windows Defender ATP service.
[Configure proxy and Internet settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)| Enable communication with the Windows Defender ATP cloud service by configuring the proxy and Internet connectivity settings.
[Troubleshoot onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) | Learn about resolving issues that might arise during onboarding.
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink) >Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)

2
windows/security/threat-protection/windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md
View File

@ -114,7 +114,7 @@ This tile shows statistics related to automated investigations in the last 30 da
![Image of automated investigations statistics](images/atp-automated-investigations-statistics.png) ![Image of automated investigations statistics](images/atp-automated-investigations-statistics.png)
You can click on **Automated investigations**, **Remidated investigations**, and **Alerts investigated** to navigate to the **Invesgations** page, filtered by the appropriate category. This lets you see a detailed breakdown of investigations in context. You can click on **Automated investigations**, **Remidated investigations**, and **Alerts investigated** to navigate to the **Investigations** page, filtered by the appropriate category. This lets you see a detailed breakdown of investigations in context.
## Users at risk ## Users at risk
The tile shows you a list of user accounts with the most active alerts and the number of alerts seen on high, medium, or low alerts. The tile shows you a list of user accounts with the most active alerts and the number of alerts seen on high, medium, or low alerts.