deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 13:23:36 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update auto-investigation-action-center.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT
2021-01-27 16:11:24 -08:00
parent 0e57f3793b
commit d862f7d4c6
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md
View File

@ -25,7 +25,6 @@ ms.technology: mde
[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
During and after an automated investigation, certain remediation actions can be identified. Depending on the threat and how [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection) is configured for your organization, some remediation actions are taken automatically. During and after an automated investigation, certain remediation actions can be identified. Depending on the threat and how [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection) is configured for your organization, some remediation actions are taken automatically.
If you're part of your organization's security operations team, you can view pending and completed [remediation actions](manage-auto-investigation.md#remediation-actions) in the **Action center** ([https://securitycenter.windows.com/action-center](https://securitycenter.windows.com/action-center)). You can also use the **Investigations** page ([https://securitycenter.windows.com/investigations](https://securitycenter.windows.com/investigations)) to view details about an investigation. If you're part of your organization's security operations team, you can view pending and completed [remediation actions](manage-auto-investigation.md#remediation-actions) in the **Action center** ([https://securitycenter.windows.com/action-center](https://securitycenter.windows.com/action-center)). You can also use the **Investigations** page ([https://securitycenter.windows.com/investigations](https://securitycenter.windows.com/investigations)) to view details about an investigation.
@ -49,6 +48,12 @@ Use the **Customize columns** menu to select columns that you'd like to show or
You can also download the entire list in CSV format using the **Export** feature, specify the number of items to show per page, and navigate between pages. You can also download the entire list in CSV format using the **Export** feature, specify the number of items to show per page, and navigate between pages.
### (NEW!) The Action center now unifies automated investigations across services
In the Microsoft 365 security center, the improved Action center unifies automated investigations across Microsoft Defender for Endpoint and Microsoft Defender for Office 365. The improved Action center defines the common language and provides a unified investigation experience, regardless of whether you are using Defender for Endpoint, Defender for Office 365, or Microsoft 365 Defender.
The improved Microsoft 365 security center includes details for all automated investigations, including the alerts that were triggered, any impacted assets, pieces of evidence with their verdicts and remediation status, entities, investigation logs, and the ability to approve pending actions in one central location.
## The Investigations page ## The Investigations page
![Image of Auto investigations page](images/atp-auto-investigations-list.png) ![Image of Auto investigations page](images/atp-auto-investigations-list.png)