deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-18 20:03:40 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update threat-indicator-concepts-windows-defender-advanced-threat-protection.md

Browse Source
This commit is contained in:
DulceMV
2017-02-13 14:43:12 +11:00
committed by GitHub
parent c8923fbb11
commit e629614733
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/keep-secure/threat-indicator-concepts-windows-defender-advanced-threat-protection.md
View File

@ -41,7 +41,7 @@ In the context of Windows Defender ATP, alert definitions are containers for IOC
Each IOC defines the concrete detection logic based on its type and value as well as its action, which determines how it is matched. It is bound to a specific alert definition that defines how a detection is displayed as an alert on the Windows Defender ATP console. Each IOC defines the concrete detection logic based on its type and value as well as its action, which determines how it is matched. It is bound to a specific alert definition that defines how a detection is displayed as an alert on the Windows Defender ATP console.
Here is an example of an IOC: Here is an example of an IOC:
- Type: SHA-1 - Type: Sha1
- Value: 92cfceb39d57d914ed8b14d0e37643de0797ae56 - Value: 92cfceb39d57d914ed8b14d0e37643de0797ae56
- Action: Equals - Action: Equals