diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md index 957ebd3b79..eb4585489e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md @@ -134,7 +134,15 @@ When an exception is created for a recommendation, the recommendation is no long 2. Select your justification for the exception you need to file instead of remediating the security recommendation in question. Fill out the justification context, then set the exception duration. -> ![Screenshot of exception flyout page which details justification and context](images/tvm-exception-flyout.png) + The following list details the justifications behind the exception options: + + - **Compensating/alternate control** - A 3rd party control that mitigates this recommendation exists, for example, if Network Firewall - - prevents access to a machine, third party antivirus + - **Productivity/business need** - Remediation will impact productivity or interrupt business-critical workflow + - **Accept risk** - Poses low risk and/or implementing a compensating control is too expensive + - **Planned remediation (grace)** - Already planned but is awaiting execution or authorization + - **Other** - False positive + +![Screenshot of exception reason dropdown menu](images/tvm-exception-dropdown.png) 3. Select **Submit**. A confirmation message at the top of the page indicates that the exception has been created. @@ -152,8 +160,6 @@ You can report a false positive when you see any vague, inaccurate, incomplete, 3. From the flyout pane, select the inaccuracy category from the drop-down menu, fill in your email address, and details regarding the inaccuracy. -![Screenshot of Report inaccuracy flyout pane](images/report-inaccuracy-flyout500.png) - 4. Select **Submit**. Your feedback is immediately sent to the Threat & Vulnerability Management experts. diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md index cc8fca0b6d..84165fe568 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md @@ -60,13 +60,10 @@ Once you are in the Software inventory page and have opened the flyout panel by You can report a false positive when you see any vague, inaccurate version, incomplete, or already remediated software inventory information. -1. Once you are in the Software inventory page and have opened the flyout panel by selecting a software to investigate, select **Report inaccuracy** - -2. Select the inaccuracy category from the drop-down menu, fill in your email address, and details regarding the inaccuracy. - -3. Select **Submit**. Your feedback is immediately sent to the Threat & Vulnerability Management experts. - -![Screenshot of Report inaccuracy flyout pane](images/report-inaccuracy-flyout500.png) +1. Open the software flyout on the Software inventory page. +2. Select **Report inaccuracy**. +3. From the flyout pane, select the inaccuracy category from the drop-down menu, fill in your email address, and details regarding the inaccuracy. +4. Select **Submit**. Your feedback is immediately sent to the Threat & Vulnerability Management experts. ## Related topics diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md index f19a6acd1d..7df8d6c770 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md @@ -27,7 +27,7 @@ ms.topic: conceptual Threat & Vulnerability Management leverages the same signals in Microsoft Defender ATP's endpoint protection to scan and detect vulnerabilities. -The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization, their severity, Common Vulnerability Scoring System (CVSS) rating, its prevalence in your organization, corresponding breach, and threat insights. +The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization by listing the Common Vulnerabilities and Exposures (CVE) ID, the severity, Common Vulnerability Scoring System (CVSS) rating, prevalence in your organization, corresponding breach, and threat insights. >[!IMPORTANT] >To boost your vulnerability assessment detection rates, you can download the following mandatory security updates and deploy them in your network: @@ -43,6 +43,10 @@ Access the Weaknesses page a few different ways: - Selecting **Weaknesses** from the Threat & Vulnerability Management navigation menu in the [Microsoft Defender Security Center](portal-overview.md) - Global search +### Navigation menu + +Go to the Threat & Vulnerability Management navigation menu and select **Weaknesses** to open the list of CVEs. + ### Vulnerabilities in global search 1. Go to the global search drop-down menu.