security analytics

windows/threat-protection/TOC.md

@@ -17,6 +17,7 @@
 ### [Portal overview](windows-defender-atp\portal-overview-windows-defender-advanced-threat-protection.md)
 ### [Use the Windows Defender ATP portal](windows-defender-atp\use-windows-defender-advanced-threat-protection.md)
 #### [View the Dashboard](windows-defender-atp\dashboard-windows-defender-advanced-threat-protection.md)
+#### [View the Security Analytics dashboard](windows-defender-atp\security-analytics-windows-defender-advanced-threat-protection.md)
 #### [View and organize the Alerts queue](windows-defender-atp\alerts-queue-windows-defender-advanced-threat-protection.md)
 #### [Investigate alerts](windows-defender-atp\investigate-alerts-windows-defender-advanced-threat-protection.md)
 ##### [Alert process tree](windows-defender-atp\investigate-alerts-windows-defender-advanced-threat-protection.md#alert-process-tree)
@@ -48,6 +49,7 @@
 ####### [Submit files for analysis](windows-defender-atp\respond-file-alerts-windows-defender-advanced-threat-protection.md#submit-files-for-analysis)
 ####### [View deep analysis reports](windows-defender-atp\respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports)
 ####### [Troubleshoot deep analysis](windows-defender-atp\respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis)
+##### [Optimize security products](optimize-security-windows-defender-advanced-threat-protection.md)
 ### [Pull alerts to your SIEM tools](windows-defender-atp\configure-siem-windows-defender-advanced-threat-protection.md)
 #### [Enable SIEM integration](windows-defender-atp\enable-siem-integration-windows-defender-advanced-threat-protection.md)
 #### [Configure Splunk to pull alerts](windows-defender-atp\configure-splunk-windows-defender-advanced-threat-protection.md)

windows/threat-protection/windows-defender-atp/optimize-security-windows-defender-advanced-threat-protection.md

@@ -0,0 +1,22 @@
+---
+title: Optimize Windows Defender security products
+description:
+keywords:
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+author: mjcaparas
+localizationpriority: high
+---
+
+# Optimize Windows Defender security products
+
+**Applies to:**
+
+- Windows 10 Enterprise
+- Windows 10 Education
+- Windows 10 Pro
+- Windows 10 Pro Education
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)

windows/threat-protection/windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection.md

@@ -0,0 +1,59 @@
+---
+title: View the Security Analytics dashboard
+description: Use the Security Analytics dashboard to assess and improve the security state of your organization by analyzing various security control tiles. Use the recommended improvement actions and retrieve list of machines that need remediation.
+keywords: security analytics, dashboard, antivirus recommendations, security control state, security score, score improvement
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+author: mjcaparas
+localizationpriority: high
+---
+
+# View the Security Analytics dashboard
+
+**Applies to:**
+
+- Windows 10 Enterprise
+- Windows 10 Education
+- Windows 10 Pro
+- Windows 10 Pro Education
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
+The Security Analytics dashboard provides valuable information about the overall security posture of your organization. From this dashboard, you'll gain visibility across a wide spectrum of security controls from the various tiles. You'll be able to quickly assess where attention is required, identify specific areas where you can improve the overall security score of your organization, and take action based on the recommended optimal configuration settings.
+
+The **Security Analytics Dashboard** displays a snapshot of:
+- Organizational security score
+- Security controls
+- Improvement opportunities
+- Antivirus - optimization
+
+Visibility on the following Windows Defender security controls are supported:
+- Advanced threat protection
+- Antivirus
+- Security updates
+
+## Organizational security score / Your organizational security score [JOEY TO UPDATE ONCE FINAL UI UPDATE IS DONE]
+The organization security score is reflective of the average score of all the Windows Defender security control properties that are configured according to the recommended baseline. You can improve this score by taking the steps in configuring each of the security controls in the optimal settings.
+
+[JOEY: INSERT SCREENSHOT OF TILE HERE]
+
+## Security controls / Windows Defender security control state [JOEY TO UPDATE ONCE FINAL UI UPDATE IS DONE]
+The security controls shows a bar graph where each bar represents a Windows Defender security control. Bars represent the various products with an indicator of the total number of machines where protection is deployed and where attention is required. You can click on the each of the bars or states to look into the details of the security control.
+[EVALD: I ASSUMPED THE BARS ARE CLICKABLE, AND IF CLICKED, USERS WILL BE TAKEN TO SPECIFIC VIEW? IF THIS ASSUMPTION IS WRONG, I CAN REMOVE THE SENTENCE ABOVE.]
+
+[JOEY: INSERT SCREENSHOT OF TILE HERE]
+
+## Improvement opportunities / Your score improvement opportunity [JOEY TO UPDATE ONCE FINAL UI UPDATE IS DONE]
+Improve your organizational security by taking the recommended improvement actions listed on this tile. This tile provides percentage values for each security control. The percentage values are ????? [EVALD / RAN I NEED SOME HELP HERE. I DON'T REALLY UNDERSTAND THE WHOLE PERCENTAGE THING. CAN YOU PROVIDE IN LAYMAN TERMS PLEASE.]
+
+[JOEY: INSERT SCREENSHOT OF TILE HERE]
+
+For more information on how to optimize Windows Defender security products based on the Windows Defender ATP recommendations, see [Optimize security products](optimize-security-windows-defender-advanced-threat-protection.md). (EVALD/RAN/SMES - NOTE THAT TOPIC IS JUST A PLACEHOLDER FOR NOW. IT DOESN'T CONTAIN ANYTHING AT THE MOMENT.)
+
+## Antivirus recommendations
+This tile provides a specific list of recommendations for each security product and the total number of machines affected. You can click on the link to be taken to the Machines list and take action from there. [EVALD / RAN / DANIEL - I DON'T UNDERSTAND WHAT THE GREEN TRIANGLE IS REPRESENTING AND THE +5% ETC. CAN YOU ]
+
+
+[JOEY: INSERT SCREENSHOT OF TILE HERE]