polish

.openpublishing.redirection.json

@@ -1712,6 +1712,11 @@
 "redirect_document_id": true
 },
 {
+"source_path": "windows/security/threat-protection/microsoft-defender-atp/overview.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection",
+"redirect_document_id": false
+},
+{
 "source_path": "windows/security/threat-protection/windows-defender-atp/overview-attack-surface-reduction.md",
 "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction",
 "redirect_document_id": true
@@ -15577,6 +15582,11 @@
 "redirect_document_id": true
 },
 {
+"source_path": "windows/security/threat-protection/microsoft-defender-atp/product-brief.md",
+"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview",
+"redirect_document_id": false
+},
+{
 "source_path": "windows/release-information/status-windows-10-1703.yml",
 "redirect_url": "https://docs.microsoft.com/windows/release-information/windows-message-center",
 "redirect_document_id": true

windows/security/threat-protection/TOC.md

@@ -2,8 +2,6 @@
 
 ## [Overview]()
 ### [What is Microsoft Defender Advanced Threat Protection?](microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md)
-### [Overview of Microsoft Defender ATP capabilities](microsoft-defender-atp/overview.md)
-### [Product brief](microsoft-defender-atp/product-brief.md)
 ### [Minimum requirements](microsoft-defender-atp/minimum-requirements.md)
 ### [What's new in Microsoft Defender ATP](microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md)
 ### [Preview features](microsoft-defender-atp/preview.md)
@@ -12,7 +10,7 @@
 
 ## [Evaluate capabilities](microsoft-defender-atp/evaluation-lab.md)
 
-## [Plan deployment strategy](microsoft-defender-atp/deployment-strategy.md)
+## [Deployment strategy](microsoft-defender-atp/deployment-strategy.md)
 
 
 ## [Deployment guide]()
@@ -126,17 +124,16 @@
 
 
 ### [Security administration]()
-#### [Threat & Vulnerability Management]()
-##### [Threat & Vulnerability Management overview](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)
-##### [Supported operating systems and platforms](microsoft-defender-atp/tvm-supported-os.md)
-##### [What's in the dashboard and what it means for my organization](microsoft-defender-atp/tvm-dashboard-insights.md)
-##### [Exposure score](microsoft-defender-atp/tvm-exposure-score.md)
-##### [Configuration score](microsoft-defender-atp/configuration-score.md)
-##### [Security recommendation](microsoft-defender-atp/tvm-security-recommendation.md)
-##### [Remediation and exception](microsoft-defender-atp/tvm-remediation.md)
-##### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md)
-##### [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md)
-##### [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md)
+#### [Threat & Vulnerability Management overview](microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)
+#### [Supported operating systems and platforms](microsoft-defender-atp/tvm-supported-os.md)
+#### [What's in the dashboard and what it means for my organization](microsoft-defender-atp/tvm-dashboard-insights.md)
+#### [Exposure score](microsoft-defender-atp/tvm-exposure-score.md)
+#### [Configuration score](microsoft-defender-atp/configuration-score.md)
+#### [Security recommendation](microsoft-defender-atp/tvm-security-recommendation.md)
+#### [Remediation and exception](microsoft-defender-atp/tvm-remediation.md)
+#### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md)
+#### [Weaknesses](microsoft-defender-atp/tvm-weaknesses.md)
+#### [Scenarios](microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md)
 
 
 

windows/security/threat-protection/index.md

@@ -31,7 +31,7 @@ ms.topic: conceptual
 </tr>
 <tr>
 <td colspan="7">
-<a href="#apis"><center><b>Management and APIs</a></b></center></td>
+<a href="#apis"><center><b>Centratlized configuration and administration, APIs</a></b></center></td>
 </tr>
 <tr>
 <td colspan="7"><a href="#mtp"><center><b>Microsoft Threat Protection</a></center></b></td>
@@ -124,7 +124,7 @@ Microsoft Defender ATP's new managed threat hunting service provides proactive h
 
 <a name="apis"></a>
 
-**[Management and APIs](microsoft-defender-atp/management-apis.md)**<br>
+**[Centralized configuration and administration, APIs](microsoft-defender-atp/management-apis.md)**<br>
 Integrate Microsoft Defender Advanced Threat Protection into your existing workflows.
 - [Onboarding](microsoft-defender-atp/onboard-configure.md)
 - [API and SIEM integration](microsoft-defender-atp/configure-siem.md)

windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md

@@ -1,7 +1,7 @@
 ---
-title: Plan the Microsoft Defender ATP deployment strategy
-description: 
-keywords: 
+title: Plan your Microsoft Defender ATP deployment strategy
+description: Select the best Microsoft Defender ATP deployment strategy for your environment
+keywords: deploy, plan, deployment strategy, cloud native, management, on prem, evaluation, onboarding, local, group policy, gp, endpoint manager, mem
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
 ms.mktglfcycl: deploy
@@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Plan the Microsoft Defender ATP deployment strategy
+# Plan your Microsoft Defender ATP deployment strategy
 Depending on the requirements of your environment, we've put together material to help guide you through the various options you can adopt to deploy Microsoft Defender ATP. 
 
 
@@ -28,7 +28,7 @@ You can deploy Microsoft Defender ATP using various management tools. In general
 - Local script
 
 Some tools are better suited for certain architectures. The architectural material helps you plan your deployment for the following architectures:
-- Cloud-based 
+- Cloud-native
 - Co-management
 - On-premise
 - Evaluation and local onboarding

windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md

@@ -24,6 +24,7 @@ ms.topic: conceptual
 > For more info about Windows 10 Enterprise Edition features and functionality, see [Windows 10 Enterprise edition](https://www.microsoft.com/WindowsForBusiness/buy).
 
 Microsoft Defender Advanced Threat Protection is a platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
+<p></p>
 
 > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4obJq]
 
@@ -58,7 +59,7 @@ Microsoft Defender ATP uses the following combination of technology built into W
 </tr>
 <tr>
 <td colspan="7">
-<a href="#apis"><center><b>Management and APIs</a></b></center></td>
+<a href="#apis"><center><b>Centratlized configuration and administration, APIs</a></b></center></td>
 </tr>
 <tr>
 <td colspan="7"><a href="#mtp"><center><b>Microsoft Threat Protection</a></center></b></td>
@@ -115,7 +116,7 @@ Microsoft Defender ATP's new managed threat hunting service provides proactive h
 
 <a name="apis"></a>
 
-**[Management and APIs](management-apis.md)**<br>
+**[Centralized configuration and administration, APIs](management-apis.md)**<br>
 Integrate Microsoft Defender Advanced Threat Protection into your existing workflows.
 
 <a name="mtp"></a>
@@ -132,15 +133,6 @@ Integrate Microsoft Defender Advanced Threat Protection into your existing workf
 **[Microsoft Threat Protection](https://docs.microsoft.com/microsoft-365/security/mtp/microsoft-threat-protection)**<br>
  With Microsoft Threat Protection, Microsoft Defender ATP and various Microsoft security solutions form a unified pre- and post-breach enterprise defense suite that natively integrates across endpoint, identity, email, and applications to detect, prevent, investigate and automatically respond to sophisticated attacks.
 
-## In this section
-To help you maximize the effectiveness of the security platform, you can configure individual capabilities that surface in Microsoft Defender Security Center. 
-
-Topic | Description
-:---|:---
-[Overview](overview.md) | Understand the concepts behind the capabilities in Microsoft Defender ATP so you take full advantage of the complete threat protection platform. 
-[Minimum requirements](minimum-requirements.md) | Learn about the requirements of the platform and the initial steps you need to take to get started with Microsoft Defender ATP.
-[Configure and manage capabilities](onboard.md)| Configure and manage the individual capabilities in Microsoft Defender ATP. 
-[Troubleshoot Microsoft Defender ATP](troubleshoot-mdatp.md) | Learn how to address issues that you might encounter while using the platform.
 
 ## Related topic
 [Microsoft Defender ATP helps detect sophisticated threats](https://www.microsoft.com/itshowcase/Article/Content/854/Windows-Defender-ATP-helps-detect-sophisticated-threats)

windows/security/threat-protection/microsoft-defender-atp/overview.md

@@ -1,46 +0,0 @@
----
-title: Overview of Microsoft Defender ATP 
-ms.reviewer: 
-description: Understand the concepts behind the capabilities in Microsoft Defender ATP so you take full advantage of the complete threat protection platform
-keywords: atp, microsoft defender atp, defender, mdatp, threat protection, platform, threat, vulnerability, asr, attack, surface, reduction, next-gen, protection, edr, endpoint, detection, response, automated, air, cyber threat hunting, advanced hunting
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance 
-ms.topic: conceptual
----
-
-# Overview of Microsoft Defender ATP capabilities
-**Applies to:**
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-Understand the concepts behind the capabilities in Microsoft Defender ATP so you take full advantage of the complete threat protection platform.
-
->[!TIP]
->- Learn about the latest enhancements in Microsoft Defender ATP: [What's new in Microsoft Defender ATP](https://cloudblogs.microsoft.com/microsoftsecure/2018/11/15/whats-new-in-windows-defender-atp/).
->- Microsoft Defender ATP demonstrated industry-leading optics and detection capabilities in the recent MITRE evaluation. Read: [Insights from the MITRE ATT&CK-based evaluation](https://cloudblogs.microsoft.com/microsoftsecure/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp/).
-
-## In this section
-
-Topic | Description
-:---|:---
-[Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) | Reduce organizational vulnerability exposure and increase threat resilience while seamlessly connecting workflows across security stakeholders—security administrators, security operations, and IT administrators in remediating threats.
-[Attack surface reduction](overview-attack-surface-reduction.md) | Leverage exploit protection, attack surface reduction rules, and other capabilities to protect the perimeter of your organization. This set of capabilities also includes [network protection](network-protection.md) and [web protection](web-protection-overview.md), which regulate access to malicious IP addresses, domains, and URLs.
-[Next generation protection](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md) | Learn about the antivirus capabilities in Microsoft Defender ATP so you can protect desktops, portable computers, and servers.
-[Endpoint detection and response](overview-endpoint-detection-response.md) | Understand how Microsoft Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization and the features you can use to mitigate and remediate threats.
-[Automated investigation and remediation](automated-investigations.md) | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
-[Configuration score](configuration-score.md) | Your configuration score shows the collective security configuration state of your machines across application, operating system, network, accounts, and security controls.
-[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.  
-[Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
-[Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
-[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. 
-[Portal overview](portal-overview.md) |Learn to navigate your way around Microsoft Defender Security Center.

windows/security/threat-protection/microsoft-defender-atp/product-brief.md

@@ -1,75 +0,0 @@
----
-title: Microsoft Defender Advanced Threat Protection product brief
-description: Learn about the Microsoft Defender Advanced Threat Protection capabilities and licensing requirements
-keywords: Microsoft Defender Security Center, product brief, brief, capabilities, licensing
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance 
-ms.topic: conceptual 
----
-
-# Microsoft Defender Advanced Threat Protection product brief 
-
-**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-
-Microsoft Defender ATP is a platform designed to
-help enterprise networks prevent, detect, investigate, and respond to advanced
-threats.
-
-![Image of the Microsoft Defender ATP components](images/mdatp-platform.png)
-
-## Platform capabilities
-
-Capability | Description 
-:---|:---
-**Threat and Vulnerability Management**  | This built-in capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
-**Attack Surface Reduction** |  The attack surface reduction set of capabilities provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitations.
-**Next Generation Protection** |  To further reinforce the security perimeter of the organizations network, Microsoft Defender ATP uses next generation protection designed to catch all types of emerging threats.
-**Endpoint Detection & Response** | Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars.
-**Auto Investigation & Remediation** | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
-**Microsoft Threat Experts** | Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately.
-**Configuration Score** | Microsoft Defender ATP includes configuration score to help dynamically assess the security state of the enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of the organization.
- **Advance Hunting** | Create custom threat intelligence and use a powerful search and query tool to hunt for possible threats in the organization.
-**Management and API** | Integrate Microsoft Defender Advanced Threat Protection into existing workflows.  
- **Microsoft Threat Protection** | Microsoft Defender ATP is part of the Microsoft Threat Protection solution that helps implement end-to-end security across possible attack surfaces in the modern workplace. Bring the power of Microsoft threat protection to the organization.             |   |
-
-Microsoft Defender ATP uses the following combination of technology built into Windows 10 and Microsoft's robust cloud service:
-
-- **Endpoint behavioral sensors**: Embedded in Windows 10, these sensors
-    collect and process behavioral signals from the operating system and sends this sensor data to your private, isolated, cloud instance of Microsoft Defender ATP.
-
-- **Cloud security analytics**: Leveraging big-data, machine-learning, and
-    unique Microsoft optics across the Windows ecosystem,
-    enterprise cloud products (such as Office 365), and online assets, behavioral signals
-    are translated into insights, detections, and recommended responses
-    to advanced threats.
-
-- **Threat intelligence**: Generated by Microsoft hunters, security teams,
-    and augmented by threat intelligence provided by partners, threat
-    intelligence enables Microsoft Defender ATP to identify attacker
-    tools, techniques, and procedures, and generate alerts when these
-    are observed in collected sensor data.
-
-## Licensing requirements
-
-Microsoft Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers:
-
-- Windows 10 Enterprise E5
-- Windows 10 Education A5
-- Microsoft 365 E5 (M365 E5) which includes Windows 10 Enterprise E5
-- Microsoft 365 A5 (M365 A5)
-
-## Related topic
-
-- [Prepare deployment](prepare-deployment.md)

windows/security/threat-protection/microsoft-defender-atp/production-deployment.md

@@ -164,7 +164,7 @@ under:
     Preview Builds \> Configure Authenticated Proxy usage for the Connected User
     Experience and Telemetry Service
 
-    -   Set it to **Enabled** and select<EFBFBD>**Disable Authenticated Proxy usage**
+    -   Set it to **Enabled** and select **Disable Authenticated Proxy usage**
 
 1. Open the Group Policy Management Console.
 2. Create a policy or edit an existing policy based off the organizational practices.
@@ -258,3 +258,7 @@ You can find the Azure IP range on [Microsoft Azure Datacenter IP Ranges](https:
 > [!NOTE]
 > As a cloud-based solution, the IP range can change. It's recommended you move to DNS resolving setting.
 
+## Next step
+|||
+|:-------|:-----|
+|![Phase 3: Onboard](images/onboard.png) <br>[Phase 3: Onboard](onboarding.md) | Onboard devices to the service so the Microsoft Defender ATP service can get sensor data from them