From cd4f7c47809f2d8820cd643124166df8cc6fada3 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Wed, 24 Jul 2019 13:31:21 -0700 Subject: [PATCH] Master to live (#762) * Updated with note and TVM references * Update overview-secure-score.md * Update overview-secure-score.md * Updated links * Update overview-secure-score.md * Updated TVM topics and added SecureScore note * Added deprecation note and TVM topic links * add new issues (#745) * add an announcement message (#749) * New announcement change july (#751) * Change in announcement links * Fixed quote issue * remove pdf - not supported * update author * acrolinx * Updated with SecureScore note * remove an announcement message (#754) * Quickfix2 (#758) * New announcement added july (#729) (#730) * New Announcement added * Fixed date * add new issues (#745) (#746) * add new message --- .../windows-message-center.yml | 3 ++- windows/security/threat-protection/index.md | 9 +++++++ ...nformation-protection-in-windows-config.md | 24 ++++++++++--------- ...oft-defender-advanced-threat-protection.md | 3 +++ .../overview-secure-score.md | 16 +++++++++++-- .../secure-score-dashboard.md | 13 ++++++++++ 6 files changed, 54 insertions(+), 14 deletions(-) diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 8c72153bd3..9d2980d85a 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -49,7 +49,8 @@ sections: - type: markdown text: " - + + diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md index 8ef02bab91..da60a14421 100644 --- a/windows/security/threat-protection/index.md +++ b/windows/security/threat-protection/index.md @@ -39,9 +39,15 @@ ms.localizationpriority: medium **[Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)**
This built-in capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations. + - [Risk-based Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md) - [What's in the dashboard and what it means for my organization](microsoft-defender-atp/tvm-dashboard-insights.md) +- [Exposure score](microsoft-defender-atp/tvm-exposure-score.md) - [Configuration score](microsoft-defender-atp/configuration-score.md) +- [Security recommendations](microsoft-defender-atp/tvm-security-recommendation.md) +- [Remediation](microsoft-defender-atp/tvm-remediation.md) +- [Software inventory](microsoft-defender-atp/tvm-software-inventory.md) +- [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md) - [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md) @@ -97,6 +103,9 @@ In conjunction with being able to quickly respond to advanced attacks, Microsoft **[Secure score](microsoft-defender-atp/overview-secure-score.md)**
+>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md) as [Configuration score](microsoft-defender-atp/configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + Microsoft Defender ATP includes a secure score to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization. - [Asset inventory](microsoft-defender-atp/secure-score-dashboard.md) - [Recommended improvement actions](microsoft-defender-atp/secure-score-dashboard.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md index 95b79f587e..507fe16a4d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md +++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-config.md @@ -1,14 +1,14 @@ --- title: Configure information protection in Windows ms.reviewer: -description: Learn how to expand the coverage of WIP to protect files based on their label, regardless of their origin. +description: Learn how to expand the coverage of Windows Information Protection (WIP) to protect files based on their label, regardless of their origin. keywords: information, protection, data, loss, prevention, wip, policy, scc, compliance, labels, dlp search.product: eADQiWindows 10XVcnh ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -ms.author: mjcaparas +ms.author: macapara author: mjcaparas ms.localizationpriority: medium manager: dansimp @@ -34,34 +34,36 @@ If a file meets the criteria set in the policy settings and endpoint data loss p ## Prerequisites - Endpoints need to be on Windows 10, version 1809 or later -- You'll need the appropriate license to leverage the Microsoft Defender ATP and Azure Information Protection integration -- Your tenant needs to be onboarded to Azure Information Protection analytics, for more information see, [Configure a Log Analytics workspace for the reports](https://docs.microsoft.com/azure/information-protection/reports-aip#configure-a-log-analytics-workspace-for-the-reports) +- You need the appropriate license to use the Microsoft Defender ATP and Azure Information Protection integration +- Your tenant needs to be onboarded to Azure Information Protection analytics, for more information, see [Configure a Log Analytics workspace for the reports](https://docs.microsoft.com/azure/information-protection/reports-aip#configure-a-log-analytics-workspace-for-the-reports) ## Configure endpoint data loss prevention +Complete the following steps so that Microsoft Defender ATP can automatically identify labeled documents stored on the device and enable WIP on them. + +>[!NOTE] +>- The Microsoft Defender ATP configuration is pulled every 15 minutes. Allow up to 30 minutes for the new policy to take effect and ensure that the endpoint is online. Otherwise, it will not receive the policy. +>- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data. + 1. Define a WIP policy and assign it to the relevant devices. For more information, see [Protect your enterprise data using Windows Information Protection (WIP)](https://docs.microsoft.com/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip). If WIP is already configured on the relevant devices, skip this step. 2. Define which labels need to get WIP protection in Office 365 Security and Compliance. 1. Go to: **Classifications > Labels**. - 2. Create a new label or edit an existing one. + 2. Create a label or edit an existing one. 3. In the configuration wizard, go to 'Data loss prevention' tab and enable WIP. ![Image of Office 365 Security and Compliance sensitivity label](images/endpoint-data-loss-protection.png) 4. Repeat for every label that you want to get WIP applied to in Windows. -After completing these steps Microsoft Defender ATP will automatically identify labeled documents stored on the device and enable WIP on them. ->[!NOTE] ->- The Microsoft Defender ATP configuration is pulled every 15 minutes. Allow up to 30 minutes for the new policy to take effect and ensure that the endpoint is online. Otherwise, it will not receive the policy. ->- Data forwarded to Azure Information Protection is stored in the same location as your other Azure Information Protection data. ## Configure auto labeling -Windows automatically detects when an Office file, PDF, CSV or TXT files are being created on a device and inspects it based on context to identify sensitive information types. +Windows automatically detects when an Office file, CSV, or TXT files are being created on a device and inspects it based on context to identify sensitive information types. -Those information types are evaluated against the auto-labeling policy. If a match is found, it is processed in the same way as if the file was labeled; the file is protected with Endpoint data loss prevention. +Those information types are evaluated against the auto-labeling policy. If a match is found, it is processed in the same way as if the file was labeled. The file is protected with Endpoint data loss prevention. >[!NOTE] > Auto-labeling requires Windows 10, version 1903. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md index c72919ffb8..70561d13b0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md @@ -99,6 +99,9 @@ In conjunction with being able to quickly respond to advanced attacks, Microsoft **[Secure score](overview-secure-score.md)**
+>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + Microsoft Defender ATP includes a secure score to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization. diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md index cb57adc063..1d466fca97 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md @@ -21,6 +21,9 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + The Secure score dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. From there you can take action based on the recommended configuration baselines. >[!IMPORTANT] @@ -37,11 +40,11 @@ The **Secure score dashboard** displays a snapshot of: ![Secure score dashboard](images/new-secure-score-dashboard.png) ## Microsoft secure score -The Microsoft secure score tile is reflective of the sum of all the Windows Defender security controls that are configured according to the recommended baseline and Office 365 controls. It allows you to drill down into each portal for further analysis. You can also improve this score by taking the steps in configuring each of the security controls in the optimal settings. +The Microsoft secure score tile is reflective of the sum of all the Microsoft Defender security controls that are configured according to the recommended baseline and Office 365 controls. It allows you to drill down into each portal for further analysis. You can also improve this score by taking the steps in configuring each of the security controls in the optimal settings. ![Image of Microsoft secure score tile](images/mss.png) -Each Windows Defender security control contributes 100 points to the score. The total number is reflective of the score potential and calculated by multiplying the number of supported security controls (Microsoft Defender security controls pillars) by the maximum points that each pillar contributes (maximum of 100 points for each pillar). +Each Windows Defender security control contributes 100 points to the score. The total number is reflective of the score potential and calculated by multiplying the number of supported security controls (Windows Defender security controls pillars) by the maximum points that each pillar contributes (maximum of 100 points for each pillar). The Office 365 Secure Score looks at your settings and activities and compares them to a baseline established by Microsoft. For more information, see [Introducing the Office 365 Secure Score](https://support.office.com/en-us/article/introducing-the-office-365-secure-score-c9e7160f-2c34-4bd0-a548-5ddcc862eaef#howtoaccess). @@ -77,5 +80,14 @@ Within the tile, you can click on each control to see the recommended optimizati Clicking the link under the **Misconfigured machines** column opens up the **Machines list** with filters applied to show only the list of machines where the recommendation is applicable. You can export the list in Excel to create a target collection and apply relevant policies using a management solution of your choice. ## Related topic +- [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) +- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) +- [Exposure score](tvm-exposure-score.md) +- [Configuration score](configuration-score.md) +- [Security recommendations](tvm-security-recommendation.md) +- [Remediation](tvm-remediation.md) +- [Software inventory](tvm-software-inventory.md) +- [Weaknesses](tvm-weaknesses.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) - [Threat analytics](threat-analytics.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md index ad43e002b8..b98230426d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md @@ -20,6 +20,9 @@ ms.topic: article **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) +>[!NOTE] +> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. + Each security control lists recommendations that you can take to increase the security posture of your organization. ### Endpoint detection and response (EDR) optimization @@ -281,6 +284,16 @@ For more information, see [Manage Windows Defender Credential Guard](https://doc ## Related topics - [Overview of Secure score](overview-secure-score.md) +- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) +- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) +- [Exposure score](tvm-exposure-score.md) +- [Configuration score](configuration-score.md) +- [Security recommendations](tvm-security-recommendation.md) +- [Remediation](tvm-remediation.md) +- [Software inventory](tvm-software-inventory.md) +- [Weaknesses](tvm-weaknesses.md) +- [Scenarios](threat-and-vuln-mgt-scenarios.md) +
MessageDate
Status update: Windows 10, version 1903 ā€œDā€ release
The optional monthly ā€œDā€ release for Windows 10, version 1903 will be available in the near term. Follow @WindowsUpdate for the latest on the availability of this release.
July 24, 2019
12:00 AM PT
Plan for change: Microsoft Silverlight will reach end of support on October 12, 2021
After this date, Silverlight will not receive any future quality or security updates. Microsoft will continue to ship updates to the Silverlight 5 Developer Runtime for supported browsers and versions (Internet Explorer 10 and Internet Explorer 11); however, please note that support for Internet Explorer 10 will end on 31 January 2020. See the Silverlight end of support FAQ for more details.
July 19, 2019
12:00 AM PT
Evolving Windows 10 servicing and quality
Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the Windows IT Pro Blog for more details on how to plan for this new update option in your environment.
July 01, 2019
02:00 PM PT
Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier
We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.
June 18, 2019
02:00 PM PT