mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-25 15:23:40 +00:00
359 lines
32 KiB
Markdown
359 lines
32 KiB
Markdown
# [Windows Defender Advanced Threat Protection](windows-defender-advanced-threat-protection.md)
|
|
|
|
## [Overview](overview.md)
|
|
### [Attack surface reduction](overview-attack-surface-reduction.md)
|
|
#### [Hardware-based isolation](overview-hardware-based-isolation.md)
|
|
##### [Application isolation](../windows-defender-application-guard/wd-app-guard-overview.md)
|
|
##### [System isolation](how-hardware-based-containers-help-protect-windows.md)
|
|
#### [Application control](../windows-defender-application-control/windows-defender-application-control.md)
|
|
#### [Exploit protection](../windows-defender-exploit-guard/exploit-protection-exploit-guard.md)
|
|
#### [Network protection](../windows-defender-exploit-guard/network-protection-exploit-guard.md)
|
|
#### [Controlled folder access](../windows-defender-exploit-guard/controlled-folders-exploit-guard.md)
|
|
#### [Attack surface reduction](../windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md)
|
|
#### [Network firewall](../windows-firewall/windows-firewall-with-advanced-security.md)
|
|
### [Next generation protection](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
|
|
### [Endpoint detection and response](overview-endpoint-detection-response.md)
|
|
#### [Security operations dashboard](security-operations-dashboard-windows-defender-advanced-threat-protection.md)
|
|
|
|
|
|
#### Alerts queue
|
|
##### [View and organize the Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md)
|
|
##### [Manage alerts](manage-alerts-windows-defender-advanced-threat-protection.md)
|
|
##### [Investigate alerts](investigate-alerts-windows-defender-advanced-threat-protection.md)
|
|
##### [Investigate files](investigate-files-windows-defender-advanced-threat-protection.md)
|
|
##### [Investigate machines](investigate-machines-windows-defender-advanced-threat-protection.md)
|
|
##### [Investigate an IP address](investigate-ip-windows-defender-advanced-threat-protection.md)
|
|
##### [Investigate a domain](investigate-domain-windows-defender-advanced-threat-protection.md)
|
|
##### [Investigate a user account](investigate-user-windows-defender-advanced-threat-protection.md)
|
|
|
|
#### Machines list
|
|
##### [View and organize the Machines list](machines-view-overview-windows-defender-advanced-threat-protection.md)
|
|
##### [Manage machine group and tags](investigate-machines-windows-defender-advanced-threat-protection.md#manage-machine-group-and-tags)
|
|
##### [Alerts related to this machine](investigate-machines-windows-defender-advanced-threat-protection.md#alerts-related-to-this-machine)
|
|
##### [Machine timeline](investigate-machines-windows-defender-advanced-threat-protection.md#machine-timeline)
|
|
###### [Search for specific events](investigate-machines-windows-defender-advanced-threat-protection.md#search-for-specific-events)
|
|
###### [Filter events from a specific date](investigate-machines-windows-defender-advanced-threat-protection.md#filter-events-from-a-specific-date)
|
|
###### [Export machine timeline events](investigate-machines-windows-defender-advanced-threat-protection.md#export-machine-timeline-events)
|
|
###### [Navigate between pages](investigate-machines-windows-defender-advanced-threat-protection.md#navigate-between-pages)
|
|
|
|
|
|
#### [Take response actions](response-actions-windows-defender-advanced-threat-protection.md)
|
|
##### [Take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md)
|
|
###### [Collect investigation package](respond-machine-alerts-windows-defender-advanced-threat-protection.md#collect-investigation-package-from-machines)
|
|
###### [Run antivirus scan](respond-machine-alerts-windows-defender-advanced-threat-protection.md#run-windows-defender-antivirus-scan-on-machines)
|
|
###### [Restrict app execution](respond-machine-alerts-windows-defender-advanced-threat-protection.md#restrict-app-execution)
|
|
###### [Remove app restriction](respond-machine-alerts-windows-defender-advanced-threat-protection.md#remove-app-restriction)
|
|
###### [Isolate machines from the network](respond-machine-alerts-windows-defender-advanced-threat-protection.md#isolate-machines-from-the-network)
|
|
###### [Release machine from isolation](respond-machine-alerts-windows-defender-advanced-threat-protection.md#release-machine-from-isolation)
|
|
###### [Check activity details in Action center](respond-machine-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center)
|
|
|
|
##### [Take response actions on a file](respond-file-alerts-windows-defender-advanced-threat-protection.md)
|
|
###### [Stop and quarantine files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#stop-and-quarantine-files-in-your-network)
|
|
###### [Remove file from quarantine](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-quarantine)
|
|
###### [Block files in your network](respond-file-alerts-windows-defender-advanced-threat-protection.md#block-files-in-your-network)
|
|
###### [Remove file from blocked list](respond-file-alerts-windows-defender-advanced-threat-protection.md#remove-file-from-blocked-list)
|
|
###### [Check activity details in Action center](respond-file-alerts-windows-defender-advanced-threat-protection.md#check-activity-details-in-action-center)
|
|
###### [Deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#deep-analysis)
|
|
###### [Submit files for analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#submit-files-for-analysis)
|
|
###### [View deep analysis reports](respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports)
|
|
###### [Troubleshoot deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis)
|
|
|
|
### [Automated investigation and remediation](automated-investigations-windows-defender-advanced-threat-protection.md)
|
|
#### [Learn about the automated investigation and remediation dashboard](manage-auto-investigation-windows-defender-advanced-threat-protection.md)
|
|
|
|
|
|
### [Secure score](overview-secure-score-windows-defender-advanced-threat-protection.md)
|
|
#### [Threat analytics](threat-analytics.md)
|
|
#### [Threat analytics for Spectre and Meltdown](threat-analytics-dashboard-windows-defender-advanced-threat-protection.md)
|
|
|
|
|
|
### [Advanced hunting](overview-hunting-windows-defender-advanced-threat-protection.md)
|
|
#### [Query data using Advanced hunting](advanced-hunting-windows-defender-advanced-threat-protection.md)
|
|
##### [Advanced hunting reference](advanced-hunting-reference-windows-defender-advanced-threat-protection.md)
|
|
##### [Advanced hunting query language best practices](advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md)
|
|
#### [Custom detections](overview-custom-detections.md)
|
|
#####[Create custom detections rules](custom-detection-rules.md)
|
|
|
|
|
|
### [Management and APIs](management-apis.md)
|
|
#### [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md)
|
|
#### [Supported Windows Defender ATP APIs](supported-apis-windows-defender-advanced-threat-protection.md)
|
|
#####Actor
|
|
###### [Get actor information](get-actor-information-windows-defender-advanced-threat-protection.md)
|
|
###### [Get actor related alerts](get-actor-related-alerts-windows-defender-advanced-threat-protection.md)
|
|
#####Alerts
|
|
###### [Get alerts](get-alerts-windows-defender-advanced-threat-protection.md)
|
|
###### [Get alert information by ID](get-alert-info-by-id-windows-defender-advanced-threat-protection.md)
|
|
###### [Get alert related actor information](get-alert-related-actor-info-windows-defender-advanced-threat-protection.md)
|
|
###### [Get alert related domain information](get-alert-related-domain-info-windows-defender-advanced-threat-protection.md)
|
|
###### [Get alert related file information](get-alert-related-files-info-windows-defender-advanced-threat-protection.md)
|
|
###### [Get alert related IP information](get-alert-related-ip-info-windows-defender-advanced-threat-protection.md)
|
|
###### [Get alert related machine information](get-alert-related-machine-info-windows-defender-advanced-threat-protection.md)
|
|
######Domain
|
|
####### [Get domain related alerts](get-domain-related-alerts-windows-defender-advanced-threat-protection.md)
|
|
####### [Get domain related machines](get-domain-related-machines-windows-defender-advanced-threat-protection.md)
|
|
####### [Get domain statistics](get-domain-statistics-windows-defender-advanced-threat-protection.md)
|
|
####### [Is domain seen in organization](is-domain-seen-in-org-windows-defender-advanced-threat-protection.md)
|
|
|
|
#####File
|
|
###### [Block file API](block-file-windows-defender-advanced-threat-protection.md)
|
|
###### [Get file information](get-file-information-windows-defender-advanced-threat-protection.md)
|
|
###### [Get file related alerts](get-file-related-alerts-windows-defender-advanced-threat-protection.md)
|
|
###### [Get file related machines](get-file-related-machines-windows-defender-advanced-threat-protection.md)
|
|
###### [Get file statistics](get-file-statistics-windows-defender-advanced-threat-protection.md)
|
|
###### [Get FileActions collection API](get-fileactions-collection-windows-defender-advanced-threat-protection.md)
|
|
###### [Unblock file API](unblock-file-windows-defender-advanced-threat-protection.md)
|
|
|
|
#####IP
|
|
###### [Get IP related alerts](get-ip-related-alerts-windows-defender-advanced-threat-protection.md)
|
|
###### [Get IP related machines](get-ip-related-machines-windows-defender-advanced-threat-protection.md)
|
|
###### [Get IP statistics](get-ip-statistics-windows-defender-advanced-threat-protection.md)
|
|
###### [Is IP seen in organization](is-ip-seen-org-windows-defender-advanced-threat-protection.md)
|
|
#####Machines
|
|
###### [Collect investigation package API](collect-investigation-package-windows-defender-advanced-threat-protection.md)
|
|
###### [Find machine information by IP](find-machine-info-by-ip-windows-defender-advanced-threat-protection.md)
|
|
###### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
|
|
###### [Get FileMachineAction object API](get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
|
|
###### [Get FileMachineActions collection API](get-filemachineactions-collection-windows-defender-advanced-threat-protection.md)
|
|
###### [Get machine by ID](get-machine-by-id-windows-defender-advanced-threat-protection.md)
|
|
###### [Get machine log on users](get-machine-log-on-users-windows-defender-advanced-threat-protection.md)
|
|
###### [Get machine related alerts](get-machine-related-alerts-windows-defender-advanced-threat-protection.md)
|
|
###### [Get MachineAction object API](get-machineaction-object-windows-defender-advanced-threat-protection.md)
|
|
###### [Get MachineActions collection API](get-machineactions-collection-windows-defender-advanced-threat-protection.md)
|
|
###### [Get machines](get-machines-windows-defender-advanced-threat-protection.md)
|
|
###### [Get package SAS URI API](get-package-sas-uri-windows-defender-advanced-threat-protection.md)
|
|
###### [Isolate machine API](isolate-machine-windows-defender-advanced-threat-protection.md)
|
|
###### [Release machine from isolation API](unisolate-machine-windows-defender-advanced-threat-protection.md)
|
|
###### [Remove app restriction API](unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
|
|
###### [Request sample API](request-sample-windows-defender-advanced-threat-protection.md)
|
|
###### [Restrict app execution API](restrict-code-execution-windows-defender-advanced-threat-protection.md)
|
|
###### [Run antivirus scan API](run-av-scan-windows-defender-advanced-threat-protection.md)
|
|
###### [Stop and quarantine file API](stop-quarantine-file-windows-defender-advanced-threat-protection.md)
|
|
|
|
#####User
|
|
###### [Get alert related user information](get-alert-related-user-info-windows-defender-advanced-threat-protection.md)
|
|
###### [Get user information](get-user-information-windows-defender-advanced-threat-protection.md)
|
|
###### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection.md)
|
|
###### [Get user related machines](get-user-related-machines-windows-defender-advanced-threat-protection.md)
|
|
|
|
|
|
#### [Managed service provider provider support](mssp-support-windows-defender-advanced-threat-protection.md)
|
|
|
|
|
|
### [Microsoft threat protection](threat-protection-integration.md)
|
|
#### [Protect users, data, and devices with conditional access](conditional-access-windows-defender-advanced-threat-protection.md)
|
|
#### [Microsoft Cloud App Security integration overview](microsoft-cloud-app-security-integration.md)
|
|
|
|
|
|
### [Portal overview](portal-overview-windows-defender-advanced-threat-protection.md)
|
|
|
|
|
|
## [Get started](get-started.md)
|
|
### [Minimum requirements](minimum-requirements-windows-defender-advanced-threat-protection.md)
|
|
### [Validate licensing and complete setup](licensing-windows-defender-advanced-threat-protection.md)
|
|
### [Preview features](preview-windows-defender-advanced-threat-protection.md)
|
|
### [Data storage and privacy](data-storage-privacy-windows-defender-advanced-threat-protection.md)
|
|
### [Assign user access to the portal](assign-portal-access-windows-defender-advanced-threat-protection.md)
|
|
|
|
### [Evaluate Windows Defender ATP](evaluate-atp.md)
|
|
####Evaluate attack surface reduction
|
|
##### [Hardware-based isolation](../windows-defender-application-guard/test-scenarios-wd-app-guard.md)
|
|
##### [Application control](../windows-defender-application-control/audit-windows-defender-application-control-policies.md)
|
|
##### [Exploit protection](../windows-defender-exploit-guard/evaluate-exploit-protection.md)
|
|
##### [Network Protection](../windows-defender-exploit-guard/evaluate-network-protection.md)
|
|
##### [Controlled folder access](../windows-defender-exploit-guard/evaluate-controlled-folder-access.md)
|
|
##### [Attack surface reduction](../windows-defender-exploit-guard/evaluate-attack-surface-reduction.md)
|
|
##### [Network firewall](../windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md)
|
|
#### [Evaluate next generation protection](../windows-defender-antivirus/evaluate-windows-defender-antivirus.md)
|
|
|
|
### [Access the Windows Defender Security Center Community Center](community-windows-defender-advanced-threat-protection.md)
|
|
|
|
## [Configure and manage capabilities](onboard.md)
|
|
### [Configure attack surface reduction](configure-attack-surface-reduction.md)
|
|
#### [Hardware-based isolation](../windows-defender-application-guard/install-wd-app-guard.md)
|
|
##### Configuration settings](../windows-defender-application-guard/configure-wd-app-guard.md)
|
|
#### [Application control](../windows-defender-application-control/windows-defender-application-control.md)
|
|
#### [Exploit protection](../windows-defender-exploit-guard/enable-exploit-protection.md)
|
|
##### [Customize exploit protection](../windows-defender-exploit-guard/customize-exploit-protection.md)
|
|
##### [Import/export configurations](../windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md)
|
|
#### [Network protection](../windows-defender-exploit-guard/enable-network-protection.md)
|
|
#### [Controlled folder access](../windows-defender-exploit-guard/enable-controlled-folders-exploit-guard.md)
|
|
##### [Customize controlled folder access](../windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md)
|
|
#### [Attack surface reduction controls](../windows-defender-exploit-guard/enable-attack-surface-reduction.md)
|
|
##### [Customize attack surface reduction](../windows-defender-exploit-guard/customize-attack-surface-reduction.md)
|
|
#### [Network firewall](../windows-firewall/windows-firewall-with-advanced-security-deployment-guide.md)
|
|
|
|
|
|
|
|
### [Configure next generation protection](../windows-defender-antivirus/configure-windows-defender-antivirus-features.md)
|
|
#### [Utilize Microsoft cloud-delivered protection](../windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md)
|
|
##### [Enable cloud-delivered protection](../windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md)
|
|
##### [Specify the cloud-delivered protection level](../windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md)
|
|
##### [Configure and validate network connections](../windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md)
|
|
##### [Enable Block at first sight](../windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md)
|
|
##### [Configure the cloud block timeout period](../windows-defender-antivirus/configure-cloud-block-timeout-period-windows-defender-antivirus.md)
|
|
#### [Configure behavioral, heuristic, and real-time protection](../windows-defender-antivirus/configure-protection-features-windows-defender-antivirus.md)
|
|
##### [Detect and block Potentially Unwanted Applications](../windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md)
|
|
##### [Enable and configure always-on protection and monitoring](../windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md)
|
|
#### [Antivirus on Windows Server 2016](../windows-defender-antivirus/windows-defender-antivirus-on-windows-server-2016.md)
|
|
#### [Antivirus compatibility](../windows-defender-antivirus/windows-defender-antivirus-compatibility.md)
|
|
##### [Use limited periodic antivirus scanning](../windows-defender-antivirus/limited-periodic-scanning-windows-defender-antivirus.md)
|
|
|
|
#### [Deploy, manage updates, and report on antivirus](../windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md)
|
|
##### [Deploy and enable antivirus](../windows-defender-antivirus/deploy-windows-defender-antivirus.md)
|
|
###### [Deployment guide for VDI environments](../windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md)
|
|
##### [Report on antivirus protection](../windows-defender-antivirus/report-monitor-windows-defender-antivirus.md)
|
|
###### [Troubleshoot antivirus reporting in Update Compliance](../windows-defender-antivirus/troubleshoot-reporting.md)
|
|
##### [Manage updates and apply baselines](../windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md)
|
|
###### [Manage protection and definition updates](../windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md)
|
|
###### [Manage when protection updates should be downloaded and applied](../windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md)
|
|
###### [Manage updates for endpoints that are out of date](../windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md)
|
|
###### [Manage event-based forced updates](../windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md)
|
|
###### [Manage updates for mobile devices and VMs](../windows-defender-antivirus/manage-updates-mobile-devices-vms-windows-defender-antivirus.md)
|
|
|
|
#### [Customize, initiate, and review the results of scans and remediation](../windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md)
|
|
##### [Configure and validate exclusions in antivirus scans](../windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md)
|
|
###### [Configure and validate exclusions based on file name, extension, and folder location](../windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md)
|
|
###### [Configure and validate exclusions for files opened by processes](../windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md)
|
|
###### [Configure antivirus exclusions Windows Server 2016](../windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md)
|
|
##### [Configure scanning antivirus options](../windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md)
|
|
##### [Configure remediation for scans](../windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md)
|
|
##### [Configure scheduled scans](../windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md)
|
|
##### [Configure and run scans](../windows-defender-antivirus/run-scan-windows-defender-antivirus.md)
|
|
##### [Review scan results](../windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md)
|
|
##### [Run and review the results of an offline scan](../windows-defender-antivirus/windows-defender-offline.md)
|
|
#### [Restore quarantined files](../windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md)
|
|
#### [Manage antivirus in your business](../windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md)
|
|
##### [Use Group Policy settings to configure and manage antivirus](../windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md)
|
|
##### [Use System Center Configuration Manager and Microsoft Intune to configure and manage antivirus](../windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md)
|
|
##### [Use PowerShell cmdlets to configure and manage antivirus](../windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md)
|
|
##### [Use Windows Management Instrumentation (WMI) to configure and manage antivirus](../windows-defender-antivirus/use-wmi-windows-defender-antivirus.md)
|
|
##### [Use the mpcmdrun.exe commandline tool to configure and manage antivirus](../windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md)
|
|
|
|
#### [Manage scans and remediation](../windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md)
|
|
##### [Configure and validate exclusions in antivirus scans](../windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md)
|
|
###### [Configure and validate exclusions based on file name, extension, and folder location](../windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md)
|
|
###### [Configure and validate exclusions for files opened by processes](../windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md)
|
|
###### [Configure antivirus exclusions on Windows Server 2016](../windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md)
|
|
##### [Configure scanning options](../windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md)
|
|
##### [Configure remediation for scans](../windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md)
|
|
##### [Configure scheduled scans](../windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md)
|
|
##### [Configure and run scans](../windows-defender-antivirus/run-scan-windows-defender-antivirus.md)
|
|
##### [Review scan results](../windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md)
|
|
##### [Run and review the results of an offline scan](../windows-defender-antivirus/windows-defender-offline.md)
|
|
##### [Restore quarantined files](../windows-defender-antivirus/restore-quarantined-files-windows-defender-antivirus.md)
|
|
#### [Manage next generation protection in your business](../windows-defender-antivirus/configuration-management-reference-windows-defender-antivirus.md)
|
|
##### [Use Microsoft Intune and System Center Configuration Manager to manage next generation protection](../windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md)
|
|
##### [Use Group Policy settings to manage next generation protection](../windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md)
|
|
##### [Use PowerShell cmdlets to manage next generation protection](../windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md)
|
|
##### [Use Windows Management Instrumentation (WMI) to manage next generation protection](../windows-defender-antivirus/use-wmi-windows-defender-antivirus.md)
|
|
##### [Use the mpcmdrun.exe command line tool to manage next generation protection](../windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md)
|
|
|
|
|
|
### [Configure Secure score dashboard security controls](secure-score-dashboard-windows-defender-advanced-threat-protection.md)
|
|
|
|
### Management and API support
|
|
#### [Onboard machines](onboard-configure-windows-defender-advanced-threat-protection.md)
|
|
##### [Onboard previous versions of Windows](onboard-downlevel-windows-defender-advanced-threat-protection.md)
|
|
##### [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md)
|
|
###### [Onboard machines using Group Policy](configure-endpoints-gp-windows-defender-advanced-threat-protection.md)
|
|
###### [Onboard machines using System Center Configuration Manager](configure-endpoints-sccm-windows-defender-advanced-threat-protection.md)
|
|
###### [Onboard machines using Mobile Device Management tools](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md)
|
|
####### [Onboard machines using Microsoft Intune](configure-endpoints-mdm-windows-defender-advanced-threat-protection.md#onboard-machines-using-microsoft-intune)
|
|
###### [Onboard machines using a local script](configure-endpoints-script-windows-defender-advanced-threat-protection.md)
|
|
###### [Onboard non-persistent virtual desktop infrastructure (VDI) machines](configure-endpoints-vdi-windows-defender-advanced-threat-protection.md)
|
|
##### [Onboard servers](configure-server-endpoints-windows-defender-advanced-threat-protection.md)
|
|
##### [Onboard non-Windows machines](configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md)
|
|
##### [Run a detection test on a newly onboarded machine](run-detection-test-windows-defender-advanced-threat-protection.md)
|
|
##### [Run simulated attacks on machines](attack-simulations-windows-defender-advanced-threat-protection.md)
|
|
##### [Configure proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)
|
|
##### [Troubleshoot onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md)
|
|
###### [Troubleshoot subscription and portal access issues](troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md)
|
|
|
|
#### API for custom alerts
|
|
##### [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)
|
|
##### [Use the Windows Defender ATP exposed APIs](exposed-apis-windows-defender-advanced-threat-protection.md)
|
|
###### [Use the threat intelligence API to create custom alerts](use-custom-ti-windows-defender-advanced-threat-protection.md)
|
|
###### [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md)
|
|
###### [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md)
|
|
###### [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md)
|
|
###### [Experiment with custom threat intelligence alerts](experiment-custom-ti-windows-defender-advanced-threat-protection.md)
|
|
###### [Troubleshoot custom threat intelligence issues](troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
|
|
|
|
|
|
#### [Pull alerts to your SIEM tools](configure-siem-windows-defender-advanced-threat-protection.md)
|
|
##### [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md)
|
|
##### [Configure Splunk to pull alerts](configure-splunk-windows-defender-advanced-threat-protection.md)
|
|
##### [Configure HP ArcSight to pull alerts](configure-arcsight-windows-defender-advanced-threat-protection.md)
|
|
##### [Windows Defender ATP alert API fields](api-portal-mapping-windows-defender-advanced-threat-protection.md)
|
|
##### [Pull alerts using REST API](pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md)
|
|
##### [Troubleshoot SIEM tool integration issues](troubleshoot-siem-windows-defender-advanced-threat-protection.md)
|
|
|
|
|
|
#### Reporting
|
|
##### [Create and build Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md)
|
|
|
|
#### Role-based access control
|
|
##### [Manage portal access using RBAC](rbac-windows-defender-advanced-threat-protection.md)
|
|
###### [Create and manage roles](user-roles-windows-defender-advanced-threat-protection.md)
|
|
###### [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md)
|
|
####### [Create and manage machine tags](machine-tags-windows-defender-advanced-threat-protection.md)
|
|
|
|
#### [Configure managed security service provider (MSSP) support](configure-mssp-support-windows-defender-advanced-threat-protection.md)
|
|
|
|
### Configure Microsoft threat protection integration
|
|
#### [Configure conditional access](configure-conditional-access-windows-defender-advanced-threat-protection.md)
|
|
#### [Configure Microsoft Cloud App Security integration](microsoft-cloud-app-security-config.md)
|
|
|
|
|
|
### [Configure Windows Defender Security Center settings](preferences-setup-windows-defender-advanced-threat-protection.md)
|
|
#### General
|
|
##### [Update data retention settings](data-retention-settings-windows-defender-advanced-threat-protection.md)
|
|
##### [Configure alert notifications](configure-email-notifications-windows-defender-advanced-threat-protection.md)
|
|
##### [Enable and create Power BI reports using Windows Defender Security center data](powerbi-reports-windows-defender-advanced-threat-protection.md)
|
|
##### [Enable Secure score security controls](enable-secure-score-windows-defender-advanced-threat-protection.md)
|
|
##### [Configure advanced features](advanced-features-windows-defender-advanced-threat-protection.md)
|
|
|
|
#### Permissions
|
|
##### [Use basic permissions to access the portal](basic-permissions-windows-defender-advanced-threat-protection.md)
|
|
##### [Manage portal access using RBAC](rbac-windows-defender-advanced-threat-protection.md)
|
|
###### [Create and manage roles](user-roles-windows-defender-advanced-threat-protection.md)
|
|
###### [Create and manage machine groups](machine-groups-windows-defender-advanced-threat-protection.md)
|
|
####### [Create and manage machine tags](machine-tags-windows-defender-advanced-threat-protection.md)
|
|
|
|
#### APIs
|
|
##### [Enable Threat intel](enable-custom-ti-windows-defender-advanced-threat-protection.md)
|
|
##### [Enable SIEM integration](enable-siem-integration-windows-defender-advanced-threat-protection.md)
|
|
|
|
####Rules
|
|
##### [Manage suppression rules](manage-suppression-rules-windows-defender-advanced-threat-protection.md)
|
|
##### [Manage automation allowed/blocked](manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md)
|
|
##### [Manage automation file uploads](manage-automation-file-uploads-windows-defender-advanced-threat-protection.md)
|
|
##### [Manage automation folder exclusions](manage-automation-folder-exclusions-windows-defender-advanced-threat-protection.md)
|
|
|
|
####Machine management
|
|
##### [Onboarding machines](onboard-configure-windows-defender-advanced-threat-protection.md)
|
|
##### [Offboarding machines](offboard-machines-windows-defender-advanced-threat-protection.md)
|
|
|
|
#### [Configure Windows Defender Security Center time zone settings](time-settings-windows-defender-advanced-threat-protection.md)
|
|
|
|
|
|
|
|
|
|
## [Troubleshoot Windows Defender ATP](troubleshoot-wdatp.md)
|
|
###Troubleshoot sensor state
|
|
#### [Check sensor state](check-sensor-status-windows-defender-advanced-threat-protection.md)
|
|
#### [Fix unhealthy sensors](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md)
|
|
#### [Inactive machines](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#inactive-machines)
|
|
#### [Misconfigured machines](fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md#misconfigured-machines)
|
|
#### [Review sensor events and errors on machines with Event Viewer](event-error-codes-windows-defender-advanced-threat-protection.md)
|
|
|
|
### [Troubleshoot Windows Defender ATP service issues](troubleshoot-windows-defender-advanced-threat-protection.md)
|
|
#### [Check service health](service-status-windows-defender-advanced-threat-protection.md)
|
|
|
|
###Troubleshoot attack surface reduction
|
|
#### [Network protection](../windows-defender-exploit-guard/troubleshoot-np.md)
|
|
#### [Attack surface reduction rules](../windows-defender-exploit-guard/troubleshoot-asr.md)
|
|
|
|
### [Troubleshoot next generation protection](../windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md)
|