diff --git a/windows/security/threat-protection/windows-defender-atp/images/atp-dashboard-security-analytics-9.png b/windows/security/threat-protection/windows-defender-atp/images/atp-dashboard-security-analytics-9.png new file mode 100644 index 0000000000..134d280e80 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/atp-dashboard-security-analytics-9.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/atp-improv-opps-9.png b/windows/security/threat-protection/windows-defender-atp/images/atp-improv-opps-9.png new file mode 100644 index 0000000000..20e3b19174 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/atp-improv-opps-9.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/atp-ms-secure-score-9.png b/windows/security/threat-protection/windows-defender-atp/images/atp-ms-secure-score-9.png new file mode 100644 index 0000000000..3d3330a2db Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/atp-ms-secure-score-9.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/atp-security-controls-9.png b/windows/security/threat-protection/windows-defender-atp/images/atp-security-controls-9.png new file mode 100644 index 0000000000..a012ca259c Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/atp-security-controls-9.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/images/atp-security-score-over-time-9.png b/windows/security/threat-protection/windows-defender-atp/images/atp-security-score-over-time-9.png new file mode 100644 index 0000000000..8afeee9566 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-atp/images/atp-security-score-over-time-9.png differ diff --git a/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md index efb7628eff..19bea7898d 100644 --- a/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection.md @@ -156,7 +156,7 @@ Expand an event to view associated processes related to the event. Click on the The details pane enriches the ‘in-context’ information across investigation and exploration activities, reducing the need to switch between contexts. It lets you focus on the task of tracing associations between attributes without leaving the current context. ## Add machine tags -While investigating a machine, you can add tags on machines. Machine tags support proper mapping of the network, enabling you to attach different tags to machines to capture context and to enable dynamic list creation as part of an incident. +You can add tags on machines during an investigation. Machine tags support proper mapping of the network, enabling you to attach different tags to capture context and to enable dynamic list creation as part of an incident. You can add tags on machines using the following ways: - By setting a registry key value diff --git a/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md index 6a1d9fe9f5..4e072700f8 100644 --- a/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection.md @@ -39,12 +39,12 @@ The **Secure Score dashboard** displays a snapshot of: - Improvement opportunities - Security score over time -![Secure Score dashboard](images/atp-dashboard-security-analytics-full.png) +![Secure Score dashboard](images/atp-dashboard-security-analytics-9.png) ## Microsoft secure score The Microsoft secure score tile is reflective of the sum of all the Windows Defender security controls that are configured according to the recommended baseline and Office 365 controls. It allows you to drill down into each portal for further analysis. You can also improve this score by taking the steps in configuring each of the security controls in the optimal settings. -![Image of Microsoft secure score tile](images/atp-ms-secure-score.png) +![Image of Microsoft secure score tile](images/atp-ms-secure-score-9.png) Each Windows Defender security control contributes 100 points to the score. The total number is reflective of the score potential and calculated by multiplying the number of supported security controls (Windows Defender security controls pillars) by the maximum points that each pillar contributes (maximum of 100 points for each pillar). @@ -58,14 +58,14 @@ You can set the baselines for calculating the score of Windows Defender security The security controls tile shows a bar graph where each bar represents a Windows Defender security control. Each bar reflects the number of machines that are well configured and those that require **any kind of attention** for each security control. Hovering on top of the individual bars will show exact numbers for each category. Machines that are green are well configured, while machines that are orange require some level of attention. -![Windows Defender security controls](images/atp-security-controls.png) +![Windows Defender security controls](images/atp-security-controls-9.png) ## Improvement opportunities Improve your score by taking the recommended improvement actions listed on this tile. The goal is to reduce the gap between the perfect score and the current score for each control. Click on each control to see the recommended optimizations. -![Improvement opportunities](images/atp-improv-opps.png) +![Improvement opportunities](images/atp-improv-opps-9.png) The numbers beside the green triangle icon on each recommended action represents the number of points you can gain by taking the action. When added together, the total number makes up the numerator in the fraction for each segment in the Improvement opportunities tile. @@ -81,7 +81,7 @@ The following image shows an example list of machines where the EDR sensor is no ## Security score over time You can track the progression of your organizational security posture over time using this tile. It displays the overall and individual control scores in a historical trend line enabling you to see how taking the recommended actions increase your overall security posture. -![Image of the security score over time tile](images/atp-security-score-over-time.png) +![Image of the security score over time tile](images/atp-security-score-over-time-9.png) You can click on specific date points to see the total score for that security control is on a particular date. @@ -294,23 +294,6 @@ You can take the following actions to increase the overall security score of you For more information, see [Windows Defender Firewall with Advanced Security](https://docs.microsoft.com/en-us/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security). - - ### BitLocker optimization For a machine to be considered "well configured", it must comply to a minimum baseline configuration setting. This tile shows you a specific list of actions you must apply on endpoints so that the minimum baseline configuration setting for BitLocker is fulfilled.