From ff172a1f9fd53897e5999230fa10384240bb1972 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 17 Mar 2020 16:24:10 -0700 Subject: [PATCH] add videos --- .../threat-protection/microsoft-defender-atp/evaluation-lab.md | 2 ++ .../microsoft-defender-atp/investigate-incidents.md | 3 +++ .../threat-protection/microsoft-defender-atp/live-response.md | 2 ++ .../microsoft-cloud-app-security-integration.md | 3 +++ .../microsoft-defender-atp/raw-data-export.md | 3 +++ 5 files changed, 13 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md index 42ce3aa2b6..779b617625 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md +++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md @@ -26,6 +26,8 @@ Conducting a comprehensive security product evaluation can be a complex process The Microsoft Defender ATP evaluation lab is designed to eliminate the complexities of machine and environment configuration so that you can focus on evaluating the capabilities of the platform, running simulations, and seeing the prevention, detection, and remediation features in action. +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4qLUM] + When you get started with the lab, you'll be guided through a simple set-up process where you can specify the type of configuration that best suits your needs. After the lab setup process is complete, you can add Windows 10 or Windows Server 2019 machines. These test machines come pre-configured to have the latest and greatest OS versions with the right security components in place and Office 2019 Standard installed. diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md index 379a0c8d3e..664d337477 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md +++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md @@ -30,6 +30,9 @@ When you investigate an incident, you'll see: - Incident comments and actions - Tabs (alerts, machines, investigations, evidence, graph) +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4qLUV] + + ## Analyze incident details Click an incident to see the **Incident pane**. Select **Open incident page** to see the incident details and related information (alerts, machines, investigations, evidence, graph). diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response.md b/windows/security/threat-protection/microsoft-defender-atp/live-response.md index ddd34985a3..80231ef03d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/live-response.md +++ b/windows/security/threat-protection/microsoft-defender-atp/live-response.md @@ -27,6 +27,8 @@ Live response is a capability that gives you instantaneous access to a machine u Live response is designed to enhance investigations by enabling you to collect forensic data, run scripts, send suspicious entities for analysis, remediate threats, and proactively hunt for emerging threats. +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4qLUW] + With live response, analysts will have the ability to: - Run basic and advanced commands to do investigative work - Download files such as malware samples and outcomes of PowerShell scripts diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md index b005d81545..1dd8377db2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md @@ -34,6 +34,9 @@ Microsoft Cloud App Security (Cloud App Security) is a comprehensive solution th Cloud App Security discovery relies on cloud traffic logs being forwarded to it from enterprise firewall and proxy servers. Microsoft Defender ATP integrates with Cloud App Security by collecting and forwarding all cloud app networking activities, providing unparalleled visibility to cloud app usage. The monitoring functionality is built into the device, providing complete coverage of network activity. +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4r4yQ] + + The integration provides the following major improvements to the existing Cloud App Security discovery: - Available everywhere - Since the network activity is collected directly from the endpoint, it's available wherever the device is, on or off corporate network, as it's no longer depended on traffic routed through the enterprise firewall or proxy servers. diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md index 54dc6d37fa..1aabe438b0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md +++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md @@ -29,6 +29,9 @@ ms.topic: article Microsoft Defender ATP supports streaming all the events available through [Advanced Hunting](advanced-hunting-overview.md) to an [Event Hubs](https://docs.microsoft.com/azure/event-hubs/) and/or [Azure storage account](https://docs.microsoft.com/azure/event-hubs/). +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4r4ga] + + ## In this section Topic | Description