1.8 KiB
title, description, keywords, search.product, ms.prod, ms.mktglfcycl, ms.sitesec, ms.pagetype, ms.author, author, ms.localizationpriority, ms.date
| title | description | keywords | search.product | ms.prod | ms.mktglfcycl | ms.sitesec | ms.pagetype | ms.author | author | ms.localizationpriority | ms.date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Overview of endpoint detection and response capabilities | Learn about the endpoint detection and response capability in Windows Defender ATP | eADQiWindows 10XVcnh | w10 | deploy | library | security | macapara | mjcaparas | high | 09/12/2018 |
Overview of endpoint detection and response
The endpoint detection and response capabilities in Windows Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization. It helps detect, investigate, and quickly respond to threats.
The detection capability finds the attacks that made it past all other defenses and surfaces them through alerts.
The platform provides various ways for you to investigate an incident and allows you to pivot in various views to help you approach an investigation through multiple possible vectors.
The response capabilities gives you the power to promptly remediate threats by taking action on the affected entities.
In this section
Alerts queue| View the alerts surfaced in Windows Defender Security Center. Machines list | Learn how you can view and manage the machines list, manage machine groups, and investigate machine related alerts. Take response actions| Take response actions on machines and files to quickly respond to detected attacks and contain threats. Query data using advanced hunting| Pr actively hunt for possible threats across your organization using a powerful search and query tool.