From cf403eb6ddac58fd955889fad11cc14337a2e5c3 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 12 Aug 2020 10:20:06 -0700 Subject: [PATCH] Update automated-investigations.md --- .../microsoft-defender-atp/automated-investigations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md index e8c5ee8d44..c10120c70d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md +++ b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md @@ -30,7 +30,7 @@ Automated investigation leverages various inspection algorithms, and processes u ## How the automated investigation starts -When an alert is triggered, a security playbook goes into effect. Depending on the security playbook, an automated investigation can start. For example, suppose a malicious file resides on a device. When that file is detected, an alert is triggered. The automated investigation process begins. Microsoft Defender ATP checks to see if the malicious file is present on any other devices in the organization. Details from the investigation, including verdicts (*Malicious*, *Suspicious*, and *No threats found*) are available during and after the automated investigation. +When an alert is triggered, a security playbook goes into effect. Depending on the security playbook, an automated investigation can start. For example, suppose a malicious file resides on a device. When that file is detected, an alert is triggered, and the automated investigation process begins. Microsoft Defender ATP checks to see if the malicious file is present on any other devices in the organization. Details from the investigation, including verdicts (*Malicious*, *Suspicious*, and *No threats found*) are available during and after the automated investigation. >[!NOTE] >Currently, automated investigation only supports the following OS versions: