From db11efe21780f32a1036542b77eddcdb9d824e0b Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Sun, 5 Feb 2017 13:41:00 -0800
Subject: [PATCH] investigate alerts content

---
 ...ows-defender-advanced-threat-protection.md |   3 ++
 .../images/atp-alert-process-tree.png         | Bin 0 -> 17231 bytes
 ...ows-defender-advanced-threat-protection.md |  40 +++++++-----------
 ...ows-defender-advanced-threat-protection.md |   2 -
 4 files changed, 18 insertions(+), 27 deletions(-)
 create mode 100644 windows/keep-secure/images/atp-alert-process-tree.png
diff --git a/windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md b/windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md
index 07643b9003..95064abbf7 100644
--- a/windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md
@@ -91,6 +91,9 @@ You can take the following management actions on an alert from the **Alert manag
 - See related activity on the machine
 - Add and view comments about the alert
 
+>[!NOTE]
+>You can also access the **Alert management** pane from the machine details view by selecting an alert in the **Alerts related to this machine** section.
+
 ### Bulk edit alerts
 Select multiple alerts (Ctrl or Shift select) and manage or edit alerts together, which allows resolving multiple similar alerts in one go.
 
diff --git a/windows/keep-secure/images/atp-alert-process-tree.png b/windows/keep-secure/images/atp-alert-process-tree.png
new file mode 100644
index 0000000000000000000000000000000000000000..51d001984b15cb25aa2eee154f03a6e122e0bb48
GIT binary patch
literal 17231
zcmc({2UJvBw<d~;5d}R*K|nx{7?32A1O!wBED;bSLxD)n86*}S11ix{az=8NoJ&Q5
zK#`%yK{5rDP^2PN&+WPIzoY-#J;v+N-S0UNie0<*UTe*{=KSV2zs=i6O7bU;u^gkJ
zp*exNe@~T$=72H0UOjRM`EEMJ2tSV6-`94cp`rhd{NESKP0tDk4?Ck2We<<<KX~RU
zN0{Y-Q@;<%YB}F=aW=Peq{+x_xeteqJHw%SCQe3<7WU2-cD6Ks9=&i8jvqsg%h=hw
zJ6f2TJJVz{w1~q|`rk(#O$?D!&pTV#n9vAsFdT(<jw0_owlj5hGjueeLEBT2)9HR+
z+``Go+7M24q$&MU6by%tAcr*#9c?Xa&1k-`PW!>J!~cBV#nH%wW{vuS`2U<HV`pPy
zV(Uz^-V%m`V~3E_)GVB>O=!}WI<L^soTowEyQB6jW^vg2nc7+`m8yC5GUr`dvtx%E
z?Kch_|2yi4wQPv(U)IH+)77q=vH13&_;pxFj*sl%<;z566}^krUo)RYdS%$kg_mTg
zoL02tytW_Th<=)I{^6I?Ei|kr@6%3i%delCHoh#%`TWABm!4)Wx7dtRt9!g)tqb12
z4gZqjB^3`NqoJ8W2R~x^{c2Q$_6G9e$f^Cz$j_HYo*zek-kpp&T(CURKr9)wl^}%g
zgG0WyX=d^aF`{;HQoE~<16f6t@~T!IX!bfQNp6n4*cyAmz%%%*w)PAwYZkMh>FiP^
ziC)o=DT1Kysn{m9ZCyEFJ5;uOPV)d<N-swIT;q^!>4IxzW>!{ZL0qATS?f7A3D<{w
z;l%79R#Dp+YmsQqITD6i>AEzOVHWSLAs=+EV|QZ|!}nlO<MnaoBzSK-%!b43*Yl)L
zpF%@IPDUjmgY<vsx4)l`zbc`=UT$|aO}eMBO)9I-pNW|0$38zlFksRg#>;Z+*)MGl
zQJVoF1-rgMJ6ui!2S)GU!Gp9nP@+TjFKo-k4>gy-<hjMgb=q!`AHK=l50~cSV~di}
z(9y~K`r<GVW*0VWi@W+dd)Tp=_g!$XrjgMneb2?>N8!i>$8^WCJsV+e#ZEIyVzEl7
z&W)N4$umq$#81Ie$7WS5@bVnq$!EAV(km)-0s{l5AC<-LE|{@MdKC5B?rbi@2=n7S
z=D8$ye$@_Cy5(U%d|2x@i?<++RAZB?JvS`j9BeYO1Z+!R-v$I6@9XVc<M3P%AiMLR
zE7a80)id+*!a4gFU59<P7kSr<s@Dgsu3fvPs;C&q!pe#lv)-%a8{GCnMrhvgS0Osz
zsW?qh)10VXyb;%0!V6PqN5{IH-_E0M@uNC}eO51`6lJLI{QcKPJW0h8A<VT0JlEz^
zP#-R%uvPkbQk!E3c6Uh_LOgY6#@8r-VH4}TI;%2lUwdKzhrxWQN_7&(Wl+|3NuNG{
z?znL!Cn@PJfAuO>#BL-TETY|7_-y%UxgMXaynOVA?KvZJ5;-F`xAy?Ut%N_XC|#A3
z(trQ{{fb9*n7j9)MOTlGr^cc?USeer#z|B0sgT~7*qhV!=G4U&{dcUkWp`XF(HuUT
zhLvs0KmGZyffW_Pcs{SXp5;DY1M3h*K_8|+cYQFv*<JC>nKQ>27#OrHKBo|In?L=r
z$wNbWh)KhYY%3Q<ytn4k!aUs<iwTpC<;JCh2bP8nJmcF8_EwmB2n3>;^mb&5=n~lU
z2F6Y~I=6eE(2`{3Q$k{ZaV1oWXNeix;dV>r=jU6-pT8z~lRUvJc7&m<(or8>&yA&?
z#nMssllOhr3*%7*>x?K>BO{~s>%HnDKHE0Ku7fskHeq$H>%jWq${Gib<>lplh7Yme
zdQzy~F)|neh4tAU94$Fp-#Sh4+Fc`Hjp;*$HVOT4BIt}_vz|E5`NnO;9cOb}GyN8F
zN=LBHre#TAF?~;UC7Fl>@Q~`&P6dy-l<>bxmSJ^qhZ)$1rpT}3yx04EN&Q=U8#udG
zH%sDHy?4=RYuoZEMiUbgi_seIX_%8`|KhqvZF~Q%`1qa4D>{XyfqH!5uB4HiN>Yu)
z*bvw$6tPozT2PfVjKOzlK6`)U;9?jjK1!H-b`LI~uBlnd5*HvQyXTY}#d`h8m;R4E
z7xoCG;mXof#b{TJJ9TBjg&lo;>H5_k#l)&bcd1YE!M#80{EMCER1wo`t#&C3Kl}A$
z*lpC?G!N}L5MyQLq|DUxd(t;K2G|+{NbFW~FC4+`kvM|enc`pEQYx4pJ>XjNYHQ2J
z!p^&X<CXVnhr9>acy%r<etx-ugJ2SlHa*m`UL?lRIvr^+n}?XQ{mg)*Uv^QE8n(!O
z{H`RqMR1>Vd3iZ@K%eKE*1=^x-fIpuMJ^nOy*Vw~6YflxK%B6G4V#l|-`6qYRC_|y
zyuZN2Q9Rbt+PXV_Z#9j+Sd6K4I*u=F<1li4_Qhky^=`qGyxhK_*^W=bPrn~ogq7%F
z=z`gmLXewst;Dzg#Kej@O~=Sm6qRCbI`lR;Yglbuh}C}HfeUY#4b&+zSMh5d+@a7`
z+B!QIC8rujEZR8b#^NPo{eR!ZKGBj8B0Evp5QW@kb9n*@P`h)=7)zI{F<o=r3jEc{
zNHnyoUJLu{;zgI8O$P`ju`XpS0#9EeOXyCX=DKl16=D#5#r1~rUl8_@CDYW<2pf4e
zaiV!61U5$VoU=|`tqg-?a#Pa-oBjgXw{PE?+J!if<oJy}<CQHeGUD8)nd|E6A`L8e
z;nUo=Zs|!=ekczNPkY^rCRA~ca=?mwd6kWRZarM#g59sFX}u&bz4cy?Pcyn1JBp$1
z&Ud8+zkBx%G1&vl`C{f9#&4!uV+Z4~56Lra1n`kHc;^~i7q;5AHrpt3>5!v8U**D$
z9IelHdwP1n2p_vo|1r}V%j!(u&7D`31W6(*Ir$!vQIb<VgZ=#l2a7f+oSdAqNE+(D
z4A(;3Z>Zb}ANL==AxvueXH_rIkttp^kC>1=Ni!;EwpQ1Uyz<SJIgji=-;)<YkhgBX
zIoXIDKY#BCf{bWR{`Eh}zAtYhn2F}X-T%8EmmKUecbdv|LL&}HqxUhFU9hUo8~hOK
z+%ubajE;!)K;9TjnjxbGGu=uDQiq@O@I0LFcyTHSd83^@O*!7S@WfF%<hQ&3AC3C|
z-!=Q!-L<cj>G55<bcu_X7e6$;{A|+x=EulLuHc40D}Ex&q4(>EF<ZVD#Zl}WeM(A7
zMoo=AU<}8~VQez&;QLsO9G#SoPx9PcTyLKs);@oAzxLs51Drlq4UNt@!74HvB(c<<
ztzGyrIyx&@dQVGMR(9ptEsx3f@@hId*ZgWv{d|WwmEIeV*A>34SGl-U&}ek!fOu>x
zU*!^BbTs?t&!>XsQ&Ur17cSi4*2oU&np5-gs_GZv<I8Q%WxZxws(bY4(Fcl(>OMX`
z(Tixla8*^+j~_mK%FfPqGB^*HZdZH-n9)EtP(*X7vya;^Q$Cn3OU9-pLO|SOHQi%l
zY1pzdGxJ*Ugoy6c@BA40@uTsfkMG_cQ`ofR<KjZ8KDJ+dcIz4+pN6C3N@+m@4|vb3
zSFg}40Wfl3y8gMYwBj}LaD_+9FUCP<BKr-LPSrDqXpWWIZ{NhdV~dJ}VsAR!#Tpm(
zpJrv{j>h-S3p`F!Qg?MN0q6+0gVUlRh^?u)ndmGD!=<Uf(PcFg_lLrQK_F9;idQD#
zs5Pc-aXBk1jta`*%~ROssT)iiA<5a<JiNLk4<UdL6q*G)Iyx3PPBrmmfGrh`>I06Z
zcfsQ9(bLfhVj!taJ)?T>x%j<$r5zN?Svi~w5P_^8NT$Ts#(y5Y8O)iIoJ_0NJmy--
zJ99%LS14#BPm+u4ha(AvLh<(gHc{gd<Hh`^b;s~=lDev0e$=X}TY>?wSdF%&RwGsJ
zO+S99+`ap^X={uHdvsh}?&_*DI1S|5Ibt5JcV()%%^lAduF&7#ze4eXuWLL!LK}!r
zm6i1knRPF=QTxIsCnqCpe*XN~av^H3prD||=`<r_(+v6Gak9{BUzTlesrX~Zjv=lD
zQ%^}vy>{hFLsed9r>eS!#sf<aNlPm${DkV`$GnNBVIj*x(5IibOe{x8s_jXC^>`}o
zxMb82WYLqUevOOkXkU0tOm=^vSypbYQfO#sW_o)2>l3Uzql%{2UrR3aeg4$tQk+sz
zF>oWfbIv(RMuP6xu~k4Tk=rmXFl7t-b(ATMB|a;!#&RzXi%n9D7I8`MJ<Q?tC?g{y
zEHMqfo4#pjYtvL$4~69i>$D6&wQwnh*```QFGc<YGQvm52#IT!Yx6z(qz6mwNUP;+
z^nQSGKSo5PN848X_@iiLWktxk?|O4g{^sU0Uj3@RKaTuUbUaW{P}kCWrav9RoW;sg
z%dl(pKKbQK+UD!hMnTbrtFs+8`n9+;D|oSQ#yoFeK<CWq(^~UfSFh$5{Qy%vc<^p&
zB!EDm-h9mil|h2U+`7NVeZ{W{lFgspKGu#O@z|5`qqq3^{q4TNSfw;(_JFM_eY?u=
zS<*EZ7nf=KFAEFS>S}5c+v1h;#+p`EZ@n&_umApCt7Oo+guJJRY>iw;mDP|~EB0V{
z3k!>V)grrFYl1k=f%xVr)ja*`7TmCHDO5=3=;gytq_9ePmC>KO`J}(ZijeE;3NUf{
zTpp}u`$A7e$m`X*@88p5NB4-3r}2*s4HHFd28?^9EW59|SC8;9M<M0<%l*%@Pr$t(
z99-k&?b#;b?B=+dTUxrA47?IsS{^z@4=(mXIya7FIK#n_S5YB;>GI`kmoC+H)_k(9
zUej=|)_1y@G`LtoTR${3<l7E4AUDdCZSQa1#*R=JCzKg@Ttfh}QSQfQquv`CMMd2=
ziaK$7$;q5(C%iCVq9|!h%``sxO2%AyeO;Z!K#|4Fnm&xoH@9=qkEaHZxlXmmnwSKx
zcKnf=+DF(a%)jo8j@ze~m1!xZJ?7TTRip0h0#r$nSSq_Xd$M6?#|!F-z;j{+T`qME
z4cu3*$iwz&YHba}n?6=j3JT*xTb95E6?mcf^l6gzV-)Ibxmwi)Vd3H~;o{3;V*S}Y
znAv1b!K&2c<f{@Ax}A}UZ@?6=Ji@_0nwnH$A?pK}KLNgh4P*%sG0fAV?Qc#P@|RcV
zTL?iv?nQIESuBLg^n7Y~)sq+&9nE_EA&G;!=?9U^W4*`}-`XP3jK}wMrYHaoPQzmV
zfbx)AP*8Bpvk`Ec^PWHYtisThD_6LsrAKce2-Meq@ZaL)ZN`=^W$7HGR22~TtkA~F
z%$x!B(tXSM>bDStHyvlE9i5!;Biu#@za6Awj0sm~M8eTa4bT1kuj2FhPEsfo59;p5
z6q$l-(2Ug7RJ_SZb5j$thrr5<{e|*SFB7p8Bls8%A3be>D;R6~T*2aCX|rizq|Bd^
z?7=XhbM$^wo=vGrv6--0P>N)HXIGc*q6&h2el6ZTPxS4{(&WB&?E(0hYL}(|?)C-&
za1`VWp5}bm<*zayBG+dsv&A(%z4|cbrV0c%q!_LbV#@-iArs0)aO-Q_++6|8f}AJ=
z@3qiB{`_-l`PnQpa*va~>;?4qm6gLACRBWUY7jyoD$0`Hz-ua0lM^Lq)~e>>QvBe-
zgCoDE@pqD6_Mb6IX;X9wDXHa8>mSJ>H#a{a`R|xan@QYdUM*b#dAmLEWMf6+Ogtvn
zV0T_Kkq^1;ZPEW@_{>EHmL@VX((&dw$nn$bkof>w{Frilm5<O<G>fw5iE_8tgRxkw
zkjJWdj!y9dtPpS}DD2>(#+^IQ=ZVD7u&~R1wTV;B;eG{r$Y*TIX7~4tj(YuxCF;9R
zg;r4aw%g`}!Bi0b)*3GcH%=_4r>EcN!0dbmFA=ut<r#KpU>nFcd;$CQ5(?@=>9jTE
zLbEY(iF^r#LFdGhARwp!ZXc*}FQjL`brtpQ?c0t((UJ7YN#kLsHp!Wku(Gl;vPU2U
zT%bJ=tPKgeOM+B&F@viNA$VXsWU)L1Z{BWjA>J;r?74=Imo|U`VT;m+$%TBUFCZXb
zX>Q&gZs3#QHsUT1$fdn0l)KpY#~)~z2HFuF-0(?Rijs`Bkq=}^+1%VzLT5o3fXEE1
z2Ln>k){ZQfhJRycO9y%L2w5th<WN{JznZ4zm9(z@aq-sh&+e6+C|yB6zp_7IC}Ts!
zu;&Zk-~Ne&q26rmPq2tqu)VR#)c*By%e{&R<KFyTW5nE!9ST_(v*#tb{QXZLL%Oh+
z6ofE)J4y!B56V(1IyzC12YW3m4;-eyDkdgoZf=<enO<^Z$SDeFGYEtLSs<I~NY<Mc
za*2p&bfqeOAP_@2A%|t@{sxv~gUPyw3LyWlE%ZNzaP}@BpxZ2Xr&0>Dv?1=2^tCgW
z;7htT9;qj}HTx+_%Dcj6t1CX!0Ou1W>FJtgbymbW0(Ob6&4;kC-Z^5nUb!la1ML0S
z!Qpdq>b7Xvu&vE#4I10>Wy=1hn!bK6jPDY}7{F>kngASXYHFHyRz$2`Ay-Og45$N`
zl*G);Oy|um+}w)*d6)dBh2^8~rQ~09sXA9As!0Cz&1Jq(#e1jAS#b;3jF<^5uNW_d
zK5*#xk#TfU8{n6<HG)C(g(m4YsLqy1!L<hIJrxHB2XXr`UnJ;<Hv@v=1jGYaHPXfm
z;2JPv&f4c$qe~SA*W-_VsgYH58vMqnF_*dT)O1K~%g<ep+?|9leA!*hu**Y|t#qd6
zmDL`nsl#}qa5y+e*sxmG>FDnf@3a>;-_GD)=uoozv?b>wKe#SBTW_dxtrGLb9bFsT
zAWIC?e!+=)5#N`1s>Hq=cPsJYiL~M;D^pDhB{dv6;v;2t6Fz}kKM${~_V3E<pJzKg
z{MeI&tv^m4(x$InqHS^0&qNu&kMG|nUQ!5~#VYW1Y`HV&ev9C&Yk3&9om;LWI;A0e
zF1>5LfsyDRnrCHH|0znuCTgjAL*K;M_~k5pYikgjgfl>e1W6mnFUal#45Oy4odNL|
zfs5eQVWi6+qNYQTO%J<?u8(lai0nG|Yx(gC@4F9nDlxX_7*l2!QbXC0$-@-QDOdbB
zQT%o{vpItOMGkbof8FI_<WxP?=PpY%U)C|C%Q`KcAKt&$Fp(sjH_I_ixnyCmi|S9R
zxj341Q{k+x$iy)UW1U5R0Qc&s?tG|r)#$D1TK=H9k)z&Ix~B<G&(gW>^tOz%z+yZ$
z=!2boQciv~|D^!cBXH&*cn)n>&i;Oq&xXYAth{t517=f3{np2v+UQd4b&1ZI+3(@o
zE?#bdTZ)u8&bjsh7i{u;3jcg_>FDpW9q0g}9cEiMyjx9G^{?>eGrzjd0FYDD(n<%k
z3XEp?u&oo|piZdqdFftHPEA?#<r{{@eTI-Z?A)dJ;Ne3xS=m<rjnXW2_I_Nj8615w
zx5fn)4-$&eFkSXZF&I_WJn^P|#l_EgCTsgNTSx6e<P9O|66Jdg!<6|NUn@m#!{9@*
z8$z`~oYewWA@K5}l~Z+jPO!mwY_g~bLHBNgN|&cZjmV&$@cF;azbW3>l*kL}^)op4
zq5Jd#`>vU1*E+S@fU2`pB|gyk;Rr0rCQ(C%(I4njA{?%HoTj$cQsBEQAo!t}GI9``
zJkCH>t&H1JZr+<8&1wIlYx{fE5WcvAm`ik4<nUg7@49$wVV{N7zCZ+G*?fKdr+6$v
zEkik_{f+SU&ntiH8-W{%JI{ug=vrD@rZF-um(~tm&B&O^yabVs+uAU+WYMm@fLT*(
zeeLa$9cka$H|*l}tHxhkNuM9H7}7EHNquAFgV$jbyFH>Yy%@U;&Ax9Q&Ffi*?nU4R
zlWMx2?%J@$hu^wQTHHju$ay0Fs$d!0O%K)WdF7HVYb0u5hOdPHwl#11$hBg-!}BB_
zL(-aT*FrmL7s*L4Tdln@-?~kzvC5_2%b6=fqCIAh9ABB78r1ruVlFj$pr>`paSph8
zEZ+3P;G&3(Ho#rrUiaVa-&!NC@l#j$!)&08#zx(JVuk>vN9yr{6?hSO7Nt^g(G~;h
z2zp!NxCnnXcd+PwG`V7TrVT+nHgh5}jJU0NZnWc%OY?+0gZA5uf`ZzEnC)cFxy>b(
zoM^`^5xkOS?Q`*RQdHJNrIqu~+p#t43q4<+A6T0TH;5zY=0^xwsD4p)f-L<2g;D|3
z2)r(jq%pux2FcYBle0#qrm28b=}b&bqXt*V<h8wRQWg+~fU0BTWJEd{b0N6!I+aC5
zZ+&AI+tN>B^^-l=62D>)Q=6Z+mwd>8@ob~D%4kO`b@4s9v}>@>l0nn?9)tRVM8|+l
zQD)9WIL7flhmS)`jIQbIXl2?hKiu3e7nt6!#V(uu+HG-?Yj{yb4p&b(S)FyU&YARZ
zqx@X$ay_bA!2|4RF(C~jpVIrGIIVP;UTe&iYpRfn1Nq7)v1CoJ!+?}k0bw5#AG$6r
zZSd#ihmW8jg%o%Z>fKOo&CIg0n+Z%jkR}i`1^?1K8$0tzX?Hp#i+{x)2wRl<)x<NB
z$AG(;niE;8?n*t0>^tp;wYZ$+?S$F5JD#7KmN=5U*RJ3X3MHqy>ww4TOj`)M?S@?S
z-mDX7c1f$rPwP3!T$0~ZrKH=y?=|Bq*06xY``s$ogRpl?hDKME>9yw(?6Bh!eZe1U
zqOMEfdP$IN8%6eXnx)!SG$*z9-sO5t3&<Xy9esMX()oV&Ukf5Vy}g!WU!KQi&VV&-
zeA@cJm4qFBey2CMC@G27*4A#q<4<f!8fR(b9D^U&$>nD}qcSB3BS2BL&ahAk`l`H;
z-x9jDTxQNooeYWNmQDxTX_rWA`aHTwb>q{Df5ToN>)mjxBxgLhM%Lk&u9iu87!^zY
zii~~9OC3p9<<7gX5R2?m{R7L8a12Y{x3+{Mt`Isb&1qhZpXoq6_4W1mwi&Cej_D>e
zi|5p%wb@ex^u-oksa(Rs>VPAH_qhL(OJmKct-YLs(NxDZ_5Sk1FrTdF{2@TrP^6GF
zg#g9{a!8NdC?Z)yvgg$<0Gwo3Lzxy~+B8=L4~_F&5<?-oi$GLYQc}utA^@zstQ?mO
z1^y4>+5^idCs*h$(Gxn(EP1)aj|}@1;VEV?vM+UG(2E$@qS&G(Q>TOvRVXq<at?bC
zbGFFw)NIeCa`|Ot6QW%tPGAE~X)zLC>W576A^9_oBI>=?qX{RLuJ#!PyOae1WaHB<
z&gX@l#3JUH49zV7BOgD0Oa^{HBN!SHnHd=>5W{~?OsK1>CRJ2akX89%1itG;5vN8@
zi@hDnK(ST0zQ^1pbotl}%QJFh=&{8vs`jY^HG@yj`eUx??&h+kL0fFtlT;12Fuom4
z_Z})o50475jjWOq4Iq((H_}p4evI1#1rtr@`n{pycRj=W0gDyyQ9yibY-m>F`9mxe
zikTGhj1`bwQLC76i`ikpOQ<PL<(>+z(nBYV2s>0<Zv>UBFf}t{1+~&vFm*GSjCKvr
z$P^b8{juoUJmqMyG*mu6io=P~c1<i_g)%5hGml<9@(v`IleK3Mt4j~_g($||(q@p_
zO!$rH3hF<x>U-ZI%utm|FcnIMl5GKB0`k$h5g1fAgGg20=U~%$NUSez+_*6yxk0=O
zE{oJ`SK_@?>HTB`O<UTNQ6D~rhNfs5c&lS}COCu*ztIM=51;lBFHArZlCM*qF7Ny}
zKR>@Rb={7dD(lZUH}1zFQp&Mqo%L;7j@X%~D6>P)CY}t-Xw#Q}2U=(yV1F5P$8Z6S
zM|#DUp}@Q0#{&SgfVn!nH-;Nd%EE=ue;+7JmoGhGj4iSm6akQv4lEIXn5df$Nr&jq
zr9*w14i+HQZ0C-6kre^?ITPaq;Da>7ZL%DV$4S*2aR9B0-N~kleV=8Z(a@W3SS#ed
zVhlKy7-f}v)a5O5c8v*Ng$YUb26S<OKT^c5LNCY)92fHcaR+tejP?q;!sg%1bj`sd
z#!S!Qv{x0h$UAJe&sQD+erz6^!*njc8{e&e{72*af1AX9EdmGyA0ze{0JWi^;W0Y8
z54Gd%0DGZ-BZK}*n+){TKUx5GWRNze8rw60W4Xl12{g?^SSeulx(iI2g}`FKu32;@
zqmcOI5(#JDF6|cVKIj|@*bqnqD`0fCrlakg`%S{<04UJ8Xb<Z^5duVC(UY(H0ZnVK
zr=+Dt+Y}TQUP3{fo2f=h-2@5Zx}-70gjCy#xy#-gm80sgF@OMEYn31&efwVMf2C>{
znpzNY(TRM8gAV0-*REcD1kvL5S#o%Md>(KKz==eU`@_|~XwR2CU+B(wyj92VlZf<x
zD>g<v*QBXrX<%_aK-pE~x~PMUcA`EI+3vtmu5OP~rMfS<aYJ`K0DcEYy;M4w)7W@l
zR!;8F3ADSrJ5pV}V32w?GOqyDi<VZOEXV$?&Q2lImWW5;9a9MR0)P+o)j+{WS4%4b
zX_f;La<MeGR#k-}87r<U0?QQ+bsf?{Las(Iz~lf~y*qhDy5sYjt&MKcJuA|VW=?eF
zZ3&<Fyk-WD9;0B%RM>*I`Eff1wz%E(N8uy9&u+2X43(+iHtYB~QNS}IPz&(-Q7EG%
zX9c*pxPTIpv=e4zVuAo-@dJBlW-%&O_UaKnNTWbN18sqgVtfzW;UkD>Ai!XU#x#)X
zufOjHLPxbUMkWl32V_AZ6^*Q&@erL*>B$*1w<sh}N#DoH4S5D%=5fEvDq`Ip>o$_%
z$Kj);EV-t3wP{I2iZb~pO4ZS^fb++kvn9-On)Ee*T~Y@Nz}c}?#t+zTPK4wJFOf(i
ze507X^tqS-(MGSO0?p8mU~IHQ-I)i<%7k?jeqt;p%J!&H(5hHe(H`2{ZZR79*-xrL
z+ts7<kTMtvgrn5GjhW&rX%bF1&rOrSOgXKW1iO2BVw<s0aMWxjK`h7Ho6`zmfLfal
zDb3Hnt`IF?RIjzpEHee%t4XCma_bnbP1<=YzRkAuaE=%>1c2*-H9T>%lu9^SBz(N9
zjGsF0$=hRc+-;R(k1+5{eqs;Jr+M3xI@7;XzFBHF$FkR!?*2qHNYqjZ2s~2rO-(Z4
zx~OPr9ih~{nrR|LnTE!G8G?6qRh1s%VaUiYO1N4;@wLz9sp;irZ-O3z_*m$>Ew+vP
zU9wH%MNDsHMns&2ba{`NnfXF`&GuPg%a6%pchWBD=V@Y{p}8LaA!-LWmU-B4VZUih
zkL5Zh-fc)2MHXF`!KCnYhLJI9JAh%Pz9uH-97@rU6FM*8meVzV|Gi&uvv1LL3RwE>
zr$$D2E1+c~1_Sl$roktG%L<K%xEkM<2DBwg@y<oyA61p_-o4xY2#CWhgrx_%xOU^)
zw{JWyHUmXJ{)m8zoM%H<UA<>oFB^KY+5^y@u$b@8m@eeGdi6RHm_>D<sl}?=XUN)d
zPWfi+tgKeOJ$k^7Q9NLvKw2L1rUynej35d;ZgvKRh^g`G0yaD5jDdvpKuMPyTx?xP
zGR<e%-(b^+96h=T1I?Q}>_*u;A3ZfwyL#ALSEIrU6N2C9{m8ME`EK;{!svRpD!>;q
z+HKgSrgX%E`(tTm3L~H1ET|OrrX?VT`}zF+x!<}5NZL=s!b3neNug>$)Pu{i<xc<h
z?QT5Yv~XvUDw3O?{tLANlctp{Nh$RLtj#Yh+*7~{-<X(~W}w*$pM%x#oq*`EKgbG&
zoB_PiEJas5t)o7D827rnTdf&Ri|2<%hnE!6STH-2eF#%uNXE%Mefso^*v?>|wTJ-(
zwRSS#*`m!B8<A-DVEiDhL@Gr%8pl{KXf?M6ZD6bA8rU?gp@11EA~u8lmeIDtehbiF
z`v_$Gi;V=!QRs+pKs6CfLZ3&m?ET^|CT38J7Djc8bd2`e_(P#t0-ZQSR5FvY<g|#i
zba2#doZIFmU>@IcLxi|0*Mr93VpQ{o@bENf{YA8`>)|g7zUF2Do)RdMG-x>??I5_T
znx39sdz5CLe$Myr-xFqXa&pw6pAI3PXAl;H69qFx$`hctQwW!VxJDurc!a0lKvrt1
z9Aw|)eNqlT@AY(dM_@Q^+TTXr=iw=;QW6#xo<4aWBNC0@sm4(E!n{9!{;Y%Z@y>E#
zmQ0r09vB$#C2MMGDp<}lSFiQz@@`K|Oqdk*7kO{HLUfOAYd0WQw7v#ZiTGVn$91>~
zLN$p*^Ny_rzkNIR3*i!5Q*8fiREiZ(k@Q?QA1ZSY*V?oA;v>IxE_Txq7evZc`R{7Q
zBjKD-j&YOfQ!gNGISaCkh1(y%af5hDjiBeG=obXq9frOzNJ+3q@DTzskn_SQ#(M#V
zPZ7SDpPw-K<3pRpRl(PB!VE~M9IO8d93rjGX>w);A=YE)fGN&|T?dskd^yEwAj@m$
ziZ(?0N?-faCk9iKlKwKEm5Mejf$=l_Z7b-v(9Dlh0~HL2hc1!o+xD+Fv^?xxAC=-l
ziPu!h5mSdU6$`t1>=TrhDyQe6x{S5mk@G86yLS2V<uS}|Wg)wy2SOF8JbU)c&qqg9
zU!O0-;$R(^*!>o}Q#^3kki#!4Mj7)-lKvs-fJ>=-proXMLOtO(HJhBCZUXMz>4le%
z(;J8bldhG*9;>sAGgnS<Na;n3*c_|izkFE^{KcmC5fDi+F)_ZkBVdi7B><FSvBc@3
zZrx&^T@R<AsP67)H5HXa2v5yB`Rl8$u~s6{iU>3?ftF7gf!LF-@=3=_QpY1u+(WSz
zewkeJI50g{yjlSS_)DGAqsD-8{1`ZTe|)&&qCIrASqf~q=6JkUm^+*p|3CwU{mZZ3
zvW3K$vBE^>;<XVuZqT6_^pQZcaS*;0V@S)B)|G*PR+-nw1vGP6Zy4WiA9LW7(FWku
zE-MJmPl-heY#<B6WG_K45Wf1ir$(K^qocV2F>EhYDnt4RJIIgpIXtaL2F;Gs9q*-^
zm7Z)fAdh39zX1zW@G=_~7p8u2)dPA#(R7w)g-wl(Y0r@y%f;6YHknyLMFFj$650en
zJzN3;D&RcRRuj}1@j<63h~)N)6EScIK@rf8Z}A4qJDntmxI>h!ps@hxVUSw1HC94+
zQ=Hg->%Y{YL^r(FTG`|uizC(1VwV;Xr2v=%#^k;7;|eskiaF<ytkN|n<cDENJb&@x
zM9gsm=W;z5yQ-_JYx{1!OLD3{kCA!e*N9QrY-W6d{K5y3POj6YE^IgV6VZ56zKKz<
z+%Sh4=)g3uLu_Q683Ocu^}>a(Hzqq~$Xq-;Eu9m+oq9sB<RHE>F*Ab;JcKR-^lzcq
zzgrn3%@hz49TM`yR^j2pBHCpDnSzZ9iZU`1T{1Q=d!`9OY8o0k`V-yV-HbEzkSbp4
zMC7r>kNl@Npxrec=>mWpl91=K#$7FDik;6Y(Op;8q2^}#gysOvb>n;hsxy5R)AQ0q
znV1@F3td1WZXVIJ#ZScx2H#qF14hpUxgyzTF;dVBR^WkrFuOVkxJ<^60`U)iMuf((
zcp9BItUnD?QdgR?6>+B0Wi4Wyw*;YiQd0Fppf*Hdg$(CDgn4U9kt2dU*Ne~AZ|z`e
zg?xVeiAYt8e0H}Oas0>3%%G>8nVsDYY~q1+3WEVC#4yZ%&%>pC>2ynv8AEtPDi^4;
zoa+=H3r{B+L~JkoQ);pb!BjRcDPPStQ-+l`2kiGQC`c+k1!I*AO+#4km|7@o&+;Ma
zj-rIYmJ5PBfG;%l-BVJP<8wKrb|ba|SP}!t94eHa$1h4s72goxa*aN_w34gsGKjau
zh&i=7^)TU}gMknL*t<0=h%%}j?Ob`gH_t$t7sQ^BK0Ma@%|at1Ga@WT2~3!0GKZ-p
zsFA?<Ic#&12`eVYdLpkU-F;&o$vn_@TO;81)S>I+kZw1gbee<1j;|ynEG!iwsMD*v
zRDLmJxb_J753M?<PjZ2(a&oVcrU)?H<_mdLUh_d|P>dn15<q*ft9s@)Y!iv#6;}aC
z>`3tO@xAPUOVBW-+A;$}#~#Tbz4HhJEM=D;MkJiNC}$2;8qzlcAg!jWn+2UuG)NG)
z+Ne9qi0CnqkD_}K>E3u2Ay=V=@}lKe^yrQpj)J#ag%Tybpg<J~QHM^jK#_ZyOHi<|
zj`Z?doz+xRD9iOHzOcCL^QsS-o+^&ITJ>gk?Cov~d#*1$3U~avjKS6HtTY!4E=CC$
zz2=+)W={izyK(_%6QiP7nrqfQ0O*}Lbqa)a`)KS1=GWoYFF1B?OK*N<a9){20kaYp
zy36+zxh!n=7fYUF&kuvrwS#U+X8n~`SKTaSCLYN-!XS1Q8Dy98(t<9?O$K!re%%u5
z&s7Fc-Re7yLOTmu<b!imtzRD1QMcS3(^~fdzw$HbsPX3db*baFAen<q<^dOP@rHZ7
z$D7irTiijv5k?0fmKdq_EaeVBDJG8PRxXJ*sJlp40z16rGhATe5At3Kw))m}m;E$j
zPvy_cl&b6Mvi|z&0PS&PapEw0?oQE|C!R3TsWp#FC}7X59U37CyoZ%hK$xK}fNv?#
z4opu?tzQthKJXBT2^bBFgll$*?eI0!Jg5@;YoBzV&OSul>di%GK{Gf@IbO<?;ai!*
zM9YPzSRvO1Eyc(ib?0oa2(Q&pMn5_5eG2>a%O0U)Onrr0t%?L%nHR+Il=xEj%IWO@
zq7bP=$P!)dm=eS;c@2eV4Jmg<F_p_Kps^|A!0a__ZeS^P8`7;u4!(vStkjs8a9%0&
zE>D~|0j<L8ZOqxCxfJ^<ASyxaJ8)x?ADU~R80M8ypl;aZ6TX$nq0zC3@OdNMA%?o0
zM<D}=6on(Ovakp_&ps;bg$<TbQqt?y#?s~nv780KzqYOd^y>+^ZlsZSZ{8%BL8DNb
z_J*_W_6A8*`sM?(*E-Dm>NcNLLv<@?|GmC`9&B;!2*X|gL;K!LA6NoVW(z|Ym`_DU
z<^}t+v3-CSP*_mNve^e1v*pejyl?;=^j`>UDK0JsK_Y@FTnK143*eE$>{Zm%l7}nZ
ztbj=e4K)r{hGn(Z1MCF7Ui|sxm1ce`P|_kjK!^l+wSEi;{WMVHU8!xSK(J^nlmE2-
z;xNMl%VS6C$=Bn8Prdo;ufKQ(Q&Jh$_QpFmEoqIGu$YMJ-^|GEbEE;Qyc4s$YdAUb
z%#)YK6W(JS>{gbRJR9a!QgWNi4EZp=JDwgO2*nQsvrAeY3PIchOpe@LBUg`kRlCHj
zFXdDa!XqLh0XeqE9%W|j%K--3s#0A~`aIlT1*g@0Tadnf<a&%S0;n6ox?u3v^lU8o
zdG75S7^)D4pM}bNrwv3DW~)bB_T830JKiiU)ZN>g2{zcrF_iW&G6|}9v}@(?!mBx`
z#oP041D#f|YI~OBT|*#in!`jr7sxb0D2J>VC9wcBcNgUXuFJfn9=4$BS4|7wR|Q!t
zW&8a_dBjJZs0b4bFUVftEnwx4?$awUhjS;R5Wj{5sE}}!fkE`Z-FPW)=U-!YLc_zO
zt2uMfY30-8F+SXmqhQPyDH;}m!m}&w#d^p1`<qjyi*PLvm5Um5K}FdtyiOXmb65I$
zHm^F7A{^i;dbV0t?kXER;!tAUpA;+MrsEL|mO0JLY(Y;z!U@leP+S)7_3K0A4Twn!
z{7VpMfE?~DJkG#iCmfK2uGAPGA2%Jww%|_G7n(1Moz07;68~glvssdU_A3F@7|DXQ
zX9CHaB&)gIKNqU|O6?4qiNJf!UXT&(>9m)nvI~B~hw<w2)aD%jI{o9UOzF-b1>?H_
zidw|A7$Uz;_hh3hdt)w=k!KEO+Y?Ps;A@|Hdsl<8EPWc+Ii`C+l%1nns^cL6q0_Jx
zMYo>lji>>wt&6((W9O!32TSunEo?FO*>X-CFU-+o)@`*KBLw9`8bp1a5|~8qLfvYf
z1JLp;uoSL~11TWU%Q3)>9G8<LX_DjEF?)2*Fba`by|jz+L09?sS{G8t96r}jka4i5
ze=R`aS7b%tJ8|x2`w9=|!5mr3W0w#w6B}yV9DJ6`E2)sdbx)GIL!Q3=eHzFuB;d}E
z%8?AL+P*%s+sewy>H;|1G8#y*1DeZ}hCE6b*iLgttB(Cb19No#Kh}z&vEEPm(?)WR
zI(^`yZZ99~*RxUPtGV|TIn;JN^`ZYH^yCYTf+Bu~hnXPg!KRPdby47NAFuV(jhQe#
zPNb`!6{BP9MZ5__FQ9WCI#=I6;1V_J30loBUYSqYhRec|eZ@gc(f71H#5mH-<am~#
z#}!@H2XoTLm&U%n*q8Sf)7Aw~z?ky&+a8zy*t+`YkOWS^py}j-i>Q!@$UKO+vBrlq
zpwHJbD|URH=R~1dTgh=xo4w;8mYeeL)!mZN3aobuIsL1G!XRV4w?#QDO!bCU<gLLV
z*+2n}*R%uoP&`}k#x{-ei;L@7a6brB@gw_;K0hxh>Tca^_kySt`CQI&eq7vf@=brM
zmbKy5>Reb9L<HVDwn*HmaLMXF;4s;E3TlucM@1^b9Pe<r^X00u^c+&>>;pbOX<X<p
z#2fnCpc@Rx43h>vl$77`abb_Z56`7Q<O82Fmr4V|D#B*Ksk*+t-Z#-7;`<#xJ`sjW
z*ivBx<HdpEfpVubX4-%mCg3yH->?LnpW@fD)AIKAzU{rY<5%=RQRZS^^|}s<S6TrB
zbqT$=a|dptI0rZAL0>O2!Cq=RY`OloFh}kzl(^f;y#{Rnm&qI8dm5|<Y0e+<Xl!4k
z-HxXsJC8vQf-PmdZPRhEL?bu)hRHjK-8L3xtI03@{GvIGw^!#r!KVe!4lKHo&r(PB
z!>8g0F|Eq^?lMrYOkbCL@!9tc)o)<BwiB3db7m>iqBRb_e%Oyrrvk%ryY!wtE1Rm?
zlUYD`afk#_GuMOiGBa-kFO%H8Abj!?qHnnuz}_%9D!=C+xQS!@8m1@uE%$S}ESWHf
z(KpQBr~@bg;KsVHzFudkc2*r2&H~z#)HwVT$acIkYXKW?s9t$b+Bz|pz5{AFyqF>E
zVK7K`gH13yyn^wD2ew=&Q{f8Oa*y<6-|daxn}D*N1Oay*39x2|XugzcM*yc&+yhc^
zzQAh7bdS}tUlQGMK3j8k!%Q;LD~%TsO&Imd#Lh30Frtf!lJMRtD)Fh&)eL4Hc^XY8
zZMcsK<YW~ZemO|9!v@6gZ0$P|QSjO~=m|Y@`@YAi4=*5+;DoN(3&<7zHw5#w+CWzW
z>#PbzbUA)vxpCb7s-WOw_TVedb;#X^k3T=YSn&T|mR)oJIUlNJlq!hGM6CM~fV`3^
zG{vjh+U82_Z5lyV|1q&V`(B=11&A2X9lYU25Hz0`?Tw;lM1~EGwa7c%&}f0Dj@sXy
z;huCB2Nk7VNua+!o%%nlekZW{W8eOzp-u)k0=>AVMOSWk^a&a|ARFD+04zBd)b*-e
zLj}MmK{v!rJGdWOq89oc(maER8U}<fL@e3udpFbiEC@EVOV-}bCT_)a#7b?9U2!#k
z$*X6w!7#U44#Tq_zYvlr3x%w>!_SwTKmO4piA3l07$GV?5U7IE0%V=2PLQX33=b#F
zdED^dAeOJZ2%~WY)kIP4VBegRTQ77p2exM$A0bZ&`r5v}{W<{(aTj=?2nkD|6$Y8l
z=Np28ypo_USHKE^>eQ+6DLg9zS&EZOOiUXJbe#%ki*VY44Og!m5E^KC)Q&_5r+57p
zlH7d-7u3ksN(8a70>bJ8VP?DpVx{+8b00a^NTUW2#wsR)B#J;rhEjztM!yI*w*n##
z3*$Gi?H@T+l1?%=W34uHtEo_?R;P^Ycz&I14h0EAXXH3WqB?Lu6QhbnbPUb*U-Dn6
zPm>U32xwcd`~4n>NatPxl>^VrGHGg?m}}(WwyiQOk(dYVUvu`Z-jgk}3zlpaH`$7I
z`>N2`<k|*hL`JjwOs@!;0lKYjcj_p-Z_{sPKDP;ivmzVJ3orlH7S@2)T#cPC`qSj)
zyzsbtU<_`?wc9jM-2Sg=tf6mw4{4*{{UCi&Xp^z-N9k21y2}Q+GffPZpa5zS0j<D8
zH+{eb)L;Ha(|a&nWN_|Pyz>&+)|a0Te&83~K$`D}>P5s#A7npB(_VjK>V)6gghPj^
zFX*Rq?5w38lLKp$_D?rb=ybJGHlJ6wtV^>q<$#zde`um)_e6!y{f}P$KY0wZb7mY#
zFKa-RWF-)AP{PM*+Wy45r3}ztz3&!^=MzuzyA(hnaK|1EggKuNxo`yJioi*MmUteR
zfCAba5TgP4*>Zzc0Nmc6iC@I;`U4O+!jqPo2**iBS83ds#0lCYL<j~=c2GT8HrKe7
za`gQDBRoDs*xmQHR)-uJ7mH|Co?qm5_uaa;+HT+`%-iUYJYICjz%{k2@5q^E0$V4{
ziRaD~sKK_3+ah1x3P>>DIh%NKcgv^3^7hNHJc(opgW)ug$n2}-+4T%S)C*FlB>#S0
zjmXKs?Ze{AMNLl}D{BA=1TW#{;7q5UZo{a%OHq0H4^RSieWDHt8TXVKP(4Uh;yR$p
zqOGQfZdvIm8Akp;U~U?1acrJIIi?|x)isO2Qta&P_?Gz5vvq<H@kQLl-^DbngMOaq
z?1O+<ljBs@o$vIoc(ZT#Er46)fSGk(Q&F8qbjv7}9Ym8iL9>Ym<lBxLc!Ahpq)*T8
zD9SH5z7q_zPtxf{lBbT3oyFA=@NHz_Y_?g8tn1H&d3*o0pQ`*FcNsHcl*Y616NCJ0
z!EMXwkUn2*o3ajSQ(#X(wkB+j3J0x^{o8J1vp+OEg<!u!6ZI;OR(`_c28OdI`viYN
z3mO{EKqbQC1yO_BYs55oa7{F!`rkF{evJJ3)~#a12cV?OK=y^#@C89yXVarzpRP23
zcAoq_pj?Zs=Sq?vs6K4nY<4}}7Nzm6KEk(k8(5#`x)1M>XTX6@zPaGf^nBleL(cPQ
zVz7B$zNAIkGw_UX>FP(&;LQ8;*E|BjLpgrY6?yu%;AJkTQsL1rgx~{OCu|-4183HN
z*)%j;@ODo2xwX`Cy{hK@s7lZCAcn&Ku|~&aHaRgxR?*diRd;cGe!<CtxH%Pnt`o60
zqN`%u`|or)H7AZ39~ra1dHT$m6yUOSG&F_QLDPls6u>~R2$}}`@y8#~=6#tUbB;_V
zgGQP^@LWG7bgh1Rv4H2^1!27QJ0iyg)H{wo1tfTNPFpjEn2+?HRk~?2nKDp<`+6gf
z*s8g~Rrm}OJ=5}E^fxE%W2i0-(~F&m0B6RD*+1$mo%vapg)Hg*`FFu=?tBp4T8Kq1
zJKx;sBj`dw%=T?)qdxl%Z2N&uR|p|IYmkh+1_g{y-NDC75O((Rr$=SNK&S!9JYiJk
zGO9V8KiqlRvyl&;BUR#e=NDc(iRa$(GdXjYn)niOO$THmtpT`j((sI(lyZyKnf4>{
zZJ``$ecw{q6JS57#S0Etvs&kVB+r|dix7yg9m720L0|KpDnZQzMINXUjo1fws_?Mu
zBkBBv@(M4-dh_M5NpHSQ?GX$le2L%}U3(=7iq8A(9?@-|V8ELqzn{h{VX?^_O8Klw
zuO7_K<l{H+pGtXw?i6QFK$QPVeIUs|8VCG-wtS+Zn$Q(1=(mQajj>VFWiCC}{Fy!=
zp#Z{+jj%5QQntnag>Nj}m3Bc%fAYqEQPS5R*XHHo=6?K-POQkRjUAxvLJXb*!8a8W
z`<ZnnJ9YU1DeT{m{9OQNalDu@Ag*w{si5Cwk6Y}Je?bx3yzx;nR$LwGZx~E8H1kUb
zJ|XDBE82x9W{e=+FC~CgV{f^uQa2l<_pc9w5M$<3wtpu`ijn?AaKl9iEub$zvL$%E
z2Qbc|@827~F3!AG<CZBYUKk(+*W;rf77vLPce(Z?dO4-;>w4nEWu+KIa2W^<Wk^ds
z^?|JF&?tZ%glH0={f<q}tJ!*hJlJWE%&5J<-&TboMi<gN(g#LboF+@~Z~(#xfbU0f
z3jkqEGwQmi-TmS=G6R|!nk?k$8JaH#1O7SifBR|2e?7VPTk!F(zjW~Lf{(fWk=Ii3
z&QRYtY5!J_=m~k%lnfS0gxF+_48MgxYXSf8@L=5H4;$pAZ*Kj$|MA~Y`1dRS&mID$
ZGUW8G9cdnG*g&p_l2y8wd-uuT{|#zoxLE)I

literal 0
HcmV?d00001

diff --git a/windows/keep-secure/investigate-alerts-windows-defender-advanced-threat-protection.md b/windows/keep-secure/investigate-alerts-windows-defender-advanced-threat-protection.md
index 6fcbe0cb47..d47bfa08d9 100644
--- a/windows/keep-secure/investigate-alerts-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/investigate-alerts-windows-defender-advanced-threat-protection.md
@@ -21,32 +21,9 @@ localizationpriority: high
 - Windows 10 Pro Education
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
-Alerts in Windows Defender ATP indicate possible security breaches on endpoints in your organization.
+<span style="color:#ED1C24;">[Some information relates to pre-released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
 
-There are three alert severity levels, described in the following table.
-
-Alert severity | Description
-:---|:---
-High (Red) | Threats often associated with advanced persistent threats (APT). These alerts indicate a high risk due to the severity of damage they can inflict on endpoints.
-Medium (Orange) | Threats rarely observed in the organization, such as anomalous registry change, execution of suspicious files, and observed behaviors typical of attack stages.
-Low (Yellow) | Threats associated with prevalent malware and hack-tools that do not appear to indicate an advanced threat targeting the organization.
-
-Reviewing the various alerts and their severity can help you decide on the appropriate action to protect your organization's endpoints.
-
-Alerts are organized in three queues, by their workflow status:
-
-- **New**
-- **In progress**
-- **Resolved**
-
-To begin investigating, click on an alert in [any of the alert queues](alerts-queue-windows-defender-advanced-threat-protection.md).
-
-Details displayed about the alert include:
-- When the alert was last observed
-- Alert description
-- Recommended actions
-- The incident graph
-- The indicators that triggered the alert
+You can click an alert in any of the [alert queues](alerts-queue-windows-defender-advanced-threat-protection.md) to begin an investigation. Selecting an alert brings up the **Alert management pane**, while clicking an alert brings you the alert details view where general information about the alert, some recommended actions, an alert process tree, an incident graph, and an alert timeline is shown.  
 
 Alerts attributed to an adversary or actor display a colored tile with the actor name.
 
@@ -56,6 +33,19 @@ Some actor profiles include a link to download a more comprehensive threat intel
 
 ![A detailed view of an alert when clicked](images/alert-details.png)
 
+## Alert process tree
+The **Alert process tree** takes alert triage and investigation to the next level by displaying the alert and its evidence with other events that occurred in the same execution context and time. This broad triage context of the alert and surrounding events is available on the alert page.
+
+![Image of the alert process tree](images/atp-alert-process-tree.png)
+
+The alert process tree expands to display the execution path of the alert, its evidence, and related events that occurred in proximity - before and after - the alert.
+
+You’ll see markers (thunderbolt icon) that indicate related events.
+
+>[!NOTE]
+>The alert process tree might not be available in some alerts.
+
+
 ## Incident graph
 The incident graph provides a visual representation of where an alert was seen, events that triggered the alert, and which other machines are affected by the event. It provides an illustrated alert footprint on the original machine and expands to show the footprint of each alert event on other machines.
 
diff --git a/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md b/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
index 128ba65c86..23dd994d46 100644
--- a/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md
@@ -23,8 +23,6 @@ localizationpriority: high
 
 <span style="color:#ED1C24;">[Some information relates to pre-released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
 
-
-
 ## Investigate machines
 Investigate the details of an alert raised on a specific machine to identify other behaviors or events that might be related to the alert or the potential scope of breach.
 
