deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 13:57:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

update to reflect new UI

Browse Source 
update to reflect new UI
This commit is contained in:
Joey Caparas 2016-04-22 16:00:53 +10:00
parent d7edc29ddb
commit d94e407f50
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
windows/keep-secure/dashboard-windows-advanced-threat-protection.md
View File

@ -58,9 +58,9 @@ The **Machines reporting** tile shows a bar graph that represents the number of
![The Machines reporting tile shows the number of machines reporting each day for the past 30 days](images/machines-reporting-tile.png)
## Investigate machines with active malware detections
The **Machines with active malware detections** tile will only appear if your endpoints are using Windows Defender.
The **Active malware** tile will only appear if your endpoints are using Windows Defender.
Active malware detection is defined as threats that are actively executing at the time of detection.
Active malware is defined as threats that are actively executing at the time of detection.
Hover over each bar to see the number of active malware detections (as **Malware detections**) and the number of endpoints with at least one active detection (as **Machines**) over the past 30 days.
@ -74,11 +74,11 @@ The chart is sorted into five categories:
- **Threat** - all other threats that don't fit into the **Password stealer**, **Ransomware**, or **Exploit** categories. This includes trojans, worms, backdoors, and viruses.
- **Low severity** - threats with low severity, including adware and potentially unwanted software such as browser modifiers.
Threats are considered "Active" if there is a very high probability that the malware was executing on your network, as opposed to statically located on-disk.
Threats are considered "active" if there is a very high probability that the malware was executing on your network, as opposed to statically located on-disk.
Clicking on any of these categories will navigate to the [Machines view](machines-view-windows-advanced-threat-protection.md), filtered by the appropriate category. This lets you see a detailed breakdown of which machines have active malware detections, and how many threats were detected per machine.
> **Note**  The **Active malware detections** tile will only appear if your endpoints are using [Windows Defender](https://technet.microsoft.com/en-us/library/mt622091(v=vs.85).aspx) as the default real-time protection antimalware product.
> **Note**  The **Active malware** tile will only appear if your endpoints are using [Windows Defender](https://technet.microsoft.com/en-us/library/mt622091(v=vs.85).aspx) as the default real-time protection antimalware product.
### Related topics
- [View and organize the Windows Defender Advanced Threat Protection Alerts queue](alerts-queue-windows-advanced-threat-protection.md)

BIN
windows/keep-secure/images/machines-view.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 69 KiB

After

Width:  |  Height:  |  Size: 110 KiB

2
windows/keep-secure/use-windows-defender-advanced-threat-protection.md
View File

@ -53,7 +53,7 @@ Topic | Description
:---|:---
[View the Dashboard](dashboard-windows-advanced-threat-protection.md) | The Windows Defender ATP **Dashboard** provides a snapshot of your network. You can view aggregates of alerts, the overall status of the service of the endpoints on your network, investigate machines, files, and URLs, and see snapshots of threats seen on machines.
[View and organize the Alerts queue](alerts-queue-windows-advanced-threat-protection.md) | You can sort and filter alerts across your network, and drill down on individual alert queues such as new, in progress, or resolved queues.
[Investigate alerts](investigate-alerts-windows-advanced-threat-protection.md) Investigate alerts in Windows Defender ATP which might indicate possible security breaches on endpoints in your organization.
[Investigate alerts](investigate-alerts-windows-advanced-threat-protection.md)| Investigate alerts in Windows Defender ATP which might indicate possible security breaches on endpoints in your organization.
[Investigate machines](machines-view-windows-advanced-threat-protection.md) | The **Machines view** shows a list of the machines in your network, the corresponding number of active alerts for each machine categorized by alert severity levels, as well as the number of threats.
[Submit files to the Deep analysis feature](deep-analysis-windows-advanced-threat-protection.md) | You can submit files for deep analysis to see detailed information about the files activities, observed behaviors, and associated artifacts (such as dropped files, registry modifications, and communications with IPs).
[Manage alerts](manage-alerts-windows-advanced-threat-protection.md) | The **Manage Alert** menu on every alert lets you change an alert's status, resolve it, suppress it, or contribute comments about the alert.