From c8371fb9841ed62c4605e00a4e9400088ba677fb Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 9 May 2018 11:12:41 -0700 Subject: [PATCH] update automation level descriptions --- ...gations-windows-defender-advanced-threat-protection.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md index 4fb169c9e0..71189cdf90 100644 --- a/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection.md @@ -73,12 +73,12 @@ You can configure the following levels of automation: Automation level | Description :---|:--- Semi - require approval for any remediation | This is the default automation level.

An approval is needed for any remediation action. -Semi - require approval for non-temp folders remediation | An approval is required on files or executables that are not in temporary folders.

Files or executables in temporary folders, such as the user's download folder or the user's temp folder, will get automatically remediated if needed. -Semi - require approval for non-temp folders remediation | An approval is required on files or executables that are in the operating system directories such as Windows folder and Program files folder.

Files or executables in all other folders will get automatically remediated if needed. -Semi - require approval for core folders remediation | An approval is required on files or executables that are in the operating system directories such as Windows folder and Program files folder.

Files or executables in all other folders will get automatically remediated if needed. +Semi - require approval for non-temp folders remediation | An approval is required on files or executables that are not in temporary folders.

Files or executables in temporary folders, such as the user's download folder or the user's temp folder, will automatically be remediated if needed. +Semi - require approval for non-temp folders remediation | An approval is required on files or executables that are in the operating system directories such as Windows folder and Program files folder.

Files or executables in all other folders will automatically be remediated if needed. +Semi - require approval for core folders remediation | An approval is required on files or executables that are in the operating system directories such as Windows folder and Program files folder.

Files or executables in all other folders will automatically be remediated if needed. Full - remediate threats automatically | All remediation actions will be performed automatically. -For more information, see [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md). +For more information on how to configure these automation levels, see [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md). The default machine group is configured for semi-automatic remediation. This means that any malicious entity that needs to be remediated requires an approval and the investigation is added to the **Pending actions** section, this can be changed to fully automatic so that no user approval is needed.