From fbad195cdede1c83701aebe574e76b22d89a61e9 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Thu, 30 Aug 2018 16:41:22 -0700 Subject: [PATCH] update threat analytics content --- .../windows-defender-atp/threat-analytics.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-atp/threat-analytics.md b/windows/security/threat-protection/windows-defender-atp/threat-analytics.md index e2c9ef7f39..984ce79e9c 100644 --- a/windows/security/threat-protection/windows-defender-atp/threat-analytics.md +++ b/windows/security/threat-protection/windows-defender-atp/threat-analytics.md @@ -51,7 +51,9 @@ The **Machine with alerts over time**, shows the number of distinct machines wit ## Organizational resilience The **Mitigation recommendations** section provides specific actionable recommendations to improve your visibility into this threat and increase your organizational resilience. - +>![IMPORTANT] +> - The chart only reflects the mitigations that are measurable and where an evaluation can be made on the machine state as being compliant or non-compliant. There can be additional mitigations or compliance actions that currently cannot be computed or measured that are not reflected in the charts and are covered in the threat description under **Mitigation recommendations** section. +> - Even if all mitigations were measurable, there is no absolute guarantee of complete resilience but reflects the best possible actions that need to be taken to improve resiliency. The **Mitigation status** and **Mitigation status over time** shows the endpoint configuration status assessed based on the recommended mitigations. Clicking on the **Mitigated** or **Unmitigated** parts of the pies brings you to the Machines list filtered based on the machines that are missing at least one specific threat mitigation.