Microsoft Docs - Latest Articles
As the new home for Microsoft technical documentation, docs.microsoft.com has not only modernized the web experience for content, but also how we create and support the content you use to learn, manage and deploy solutions. It is the one-stop shop for everything related to Microsoft technologies. In order to make sure you can keep up to date on what’s new and exciting on docs.microsoft.com, we’ve created a dedicated feed for you.
Selected Feed: Microsoft 365
What's new May- Bot Composer
https://docs.microsoft.com/en-us/composer/what-is-new Learn about improvements and new features in the May 2021 release of Bot Framework Composer, including authoring improvements, new user and getting started experience, packages, testing and debugging updates, ABS handoff, skills, and Orchestrator.Published Date : Wednesday, May 19, 2021
Governance overview - Microsoft Service Assurance
https://docs.microsoft.com/en-us/compliance/assurance/assurance-governance Learn about governance in Microsoft 365Published Date : Thursday, April 1, 2021
In development - Microsoft Intune
https://docs.microsoft.com/en-us/mem/intune/fundamentals/in-development Microsoft Intune features in developmentPublished Date : Friday, May 28, 2021
Microsoft 365 Apps health - Deploy Office
https://docs.microsoft.com/en-us/deployoffice/admincenter/microsoft-365-apps-health Provides Office admins information about Microsoft 365 Apps health within their environmentPublished Date : Thursday, April 1, 2021
Get started with sensitivity labels - Microsoft 365 Compliance
https://docs.microsoft.com/en-us/microsoft-365/compliance/get-started-with-sensitivity-labels Ready to deploy sensitivity labels to help protect your organization's data, but not sure where to start? Read some practical guidance to help get you on your labeling journey.Published Date : Thursday, April 1, 2021
Admin submissions - Office 365
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/admin-submission Admins can learn how to use the Submissions portal in the Microsoft 365 Defender portal to submit suspicious emails, suspected phishing mails, spam, and other potentially harmful messages, URLs, and email attachments to Microsoft for rescanning.Published Date : Thursday, April 1, 2021
Set the password expiration policy for your organization - Microsoft 365 admin
https://docs.microsoft.com/en-us/microsoft-365/admin/manage/set-password-expiration-policy Learn how an admin can set a password expiration policy for your business, school, or nonprofit in Microsoft 365 admin center.Published Date : Thursday, April 1, 2021
Manage sensitivity labels in Office apps - Microsoft 365 Compliance
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-office-apps Information for IT administrators to manage sensitivity labels in Office apps for desktop, mobile, and the web.Published Date : Thursday, April 1, 2021
Incidents in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/incidents-overview Investigate incidents seen across devices, users, and mailboxes in the Microsoft 365 Defender portal.Published Date : Thursday, April 1, 2021
User reported message settings - Office 365
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/user-submission Admins can learn how to configure a mailbox to collect spam and phishing email that are reported by users.Published Date : Thursday, April 1, 2021
Investigate alerts in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/investigate-alerts Investigate alerts seen across devices, users, and mailboxes.Published Date : Thursday, April 1, 2021
Prioritize incidents in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/incident-queue Learn how to filter incidents from the incident queue in Microsoft 365 DefenderPublished Date : Thursday, April 1, 2021
Learn the advanced hunting query language in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-query-language Create your first threat hunting query and learn about common operators and other aspects of the advanced hunting query languagePublished Date : Thursday, April 1, 2021
Get started with Microsoft Compliance Manager - Microsoft 365 Compliance
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-setup Set Microsoft Compliance Manager user permissions and roles, and configure automated testing of actions. Manage user history and filter your dashboard view.Published Date : Thursday, April 1, 2021
Investigate incidents in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/investigate-incidents Investigate incidents related to devices, users, and mailboxes.Published Date : Thursday, April 1, 2021
Web protection
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/web-protection-overview Learn about the web protection in Microsoft Defender for Endpoint and how it can protect your organizationPublished Date : Thursday, April 1, 2021
Create and manage custom detection rules in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/custom-detection-rules Learn how to create and manage custom detections rules based on advanced hunting queriesPublished Date : Thursday, April 1, 2021
Microsoft Defender for Endpoint on Mac
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-mac Learn how to install, configure, update, and use Microsoft Defender for Endpoint on Mac.Published Date : Thursday, April 1, 2021
Overview - Advanced hunting
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-overview Learn about advanced hunting queries in Microsoft 365 and how to use them to proactively find threats and weaknesses in your networkPublished Date : Thursday, April 1, 2021
Overview of advanced hunting in Microsoft Defender for Endpoint
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/advanced-hunting-overview Use threat hunting capabilities in Microsoft Defender for Endpoint to build queries that find threats and weaknesses in your networkPublished Date : Thursday, April 1, 2021
Enable attack surface reduction rules
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/enable-attack-surface-reduction Enable attack surface reduction (ASR) rules to protect your devices from attacks that use macros, scripts, and common injection techniques.Published Date : Wednesday, June 2, 2021
Investigate users in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/investigate-users Investigate users for an incident in the Microsoft 365 security center.Published Date : Thursday, April 1, 2021
Data tables in the Microsoft 365 Defender advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-schema-tables Learn about the tables in the advanced hunting schema to understand the data you can run threat hunting queries onPublished Date : Thursday, April 1, 2021
Learn about retention policies & labels to automatically retain or delete content - Microsoft 365 Compliance
https://docs.microsoft.com/en-us/microsoft-365/compliance/retention Learn about retention policies and retention labels that help you to retain what you need and delete what you don't.Published Date : Thursday, April 1, 2021
Work with advanced hunting query results in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-query-results Make the most of the query results returned by advanced hunting in Microsoft 365 DefenderPublished Date : Thursday, April 1, 2021
Manage incidents in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/manage-incidents Learn how to assign, update the status,Published Date : Thursday, April 1, 2021
Get incident notifications by email in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/get-incident-notifications Learn how to create rules to get email notifications for incidents in Microsoft 365 DefenderPublished Date : Thursday, April 1, 2021
Overview of custom detections in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/custom-detections-overview Understand how you can use advanced hunting to create custom detections and generate alertsPublished Date : Thursday, April 1, 2021
Migrate advanced hunting queries from Microsoft Defender for Endpoint
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-migrate-from-mde Learn how to adjust your Microsoft Defender for Endpoint queries so you can use them in Microsoft 365 DefenderPublished Date : Thursday, April 1, 2021
Use shared queries in Microsoft 365 Defender advanced hunting
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-shared-queries Start threat hunting immediately with predefined and shared queries. Share your queries to the public or to your organization.Published Date : Thursday, April 1, 2021
View and organize the Incidents queue
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/view-incidents-queue See the list of incidents and learn how to apply filters to limit the list and get a more focused view.Published Date : Thursday, April 1, 2021
Get exposure score
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/get-exposure-score Retrieves the organizational exposure score.Published Date : Thursday, April 1, 2021
Prerequisites & permissions - threat and vulnerability management
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/tvm-prerequisites Before you begin using threat and vulnerability management, make sure you have the relevant configurations and permissions.Published Date : Thursday, April 1, 2021
List exposure score by device group
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/get-machine-group-exposure-score Retrieves a list of exposure scores by device group.Published Date : Thursday, April 1, 2021
FileProfile() function in advanced hunting for Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-fileprofile-function Learn how to use the FileProfile() to enrich information about files in your advanced hunting query resultsPublished Date : Thursday, April 1, 2021
Get expert training on advanced hunting
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-expert-training Free training and guidance from advanced hunting expertsPublished Date : Thursday, April 1, 2021
AssignedIPAddresses() function in advanced hunting for Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-assignedipaddresses-function Learn how to use the AssignedIPAddresses() function to get the latest IP addresses assigned to a devicePublished Date : Thursday, April 1, 2021
Protect information subject to data privacy regulation
https://docs.microsoft.com/en-us/microsoft-365/solutions/information-protection-deploy-protect-information Deploy Microsoft 365 security and compliance features and protect your personal information.Published Date : Tuesday, June 9, 2020
Naming changes in the Microsoft 365 Defender advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-schema-changes Track and review naming changes tables and columns in the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Set device value API
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/set-device-value Learn how to specify the value of a device using a Microsoft Defender for Endpoint API.Published Date : Thursday, April 1, 2021
EmailPostDeliveryEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-emailpostdeliveryevents-table Learn about post-delivery actions taken on Microsoft 365 emails in the EmailPostDeliveryEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Remediate vulnerabilities with threat and vulnerability management
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/tvm-remediation Remediate security weaknesses discovered through security recommendations, and create exceptions if needed, in threat and vulnerability management.Published Date : Thursday, April 1, 2021
EmailUrlInfo table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-emailurlinfo-table Learn about URL or link information in the EmailUrlInfo table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
EmailEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-emailevents-table Learn about events associated with Microsoft 365 emails in the EmailEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Get relevant info about an entity with go hunt
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-go-hunt Learn how to use the go hunt tool on to quickly query for relevant information about an entity or event using advanced hunting.Published Date : Thursday, April 1, 2021
DeviceTvmSecureConfigurationAssessment table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-devicetvmsecureconfigurationassessment-table Learn about security assessment events in the DeviceTvmSecureConfigurationAssessment table of the advanced hunting schema. These threat & vulnerability management events provide device information as well as security configuration details, impact, and compliance information.Published Date : Thursday, April 1, 2021
EmailAttachmentInfo table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-emailattachmentinfo-table Learn about email attachment information in the EmailAttachmentInfo table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
DeviceInfo table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-deviceinfo-table Learn about OS, computer name, and other machine information in the DeviceInfo table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Advanced hunting schema reference
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/advanced-hunting-schema-reference Learn about the tables in the advanced hunting schema to understand the data you can run threat hunting queries on.Published Date : Tuesday, January 14, 2020
Find ransomware with advanced hunting
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-find-ransomware Use advanced hunting to locate devices potentially affected by ransomware.Published Date : Thursday, April 1, 2021
CloudAppEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-cloudappevents-table Learn about events from cloud apps and services in the CloudAppEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Track and respond to emerging threats with threat analytics
https://docs.microsoft.com/en-us/microsoft-365/security/defender/threat-analytics Learn about emerging threats and attack techniques and how to stop them. Assess their impact to your organization and evaluate your organizational resilience.Published Date : Thursday, April 1, 2021
IdentityInfo table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-identityinfo-table Learn about user account information in the IdentityInfo table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
IdentityLogonEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-identitylogonevents-table Learn about authentication events recorded by Active Directory in the IdentityLogonEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Import, export, and deploy exploit protection configurations
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/import-export-exploit-protection-emet-xml Use Group Policy to deploy mitigations configuration.Published Date : Thursday, April 1, 2021
DeviceFileCertificateInfo table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-devicefilecertificateinfo-table Learn about file signing information in the DeviceFileCertificateInfo table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
IdentityDirectoryEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-identitydirectoryevents-table Learn about domain controller and Active Directory events in the IdentityDirectoryEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
IdentityQueryEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-identityqueryevents-table Learn about Active Directory query events in the IdentityQueryEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
DeviceNetworkEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-devicenetworkevents-table Learn about network connection events you can query from the DeviceNetworkEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Build and manage assessments in Microsoft Compliance Manager - Microsoft 365 Compliance
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-assessments Build assessments in Microsoft Compliance Manager to help you meet the requirements of regulations and certifications that are important to your organization.Published Date : Thursday, April 1, 2021
DeviceRegistryEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-deviceregistryevents-table Learn about registry events you can query from the DeviceRegistryEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Protect your organization against web threats
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/web-threat-protection Learn about web protection in Microsoft Defender for Endpoint and how it can protect your organization.Published Date : Thursday, April 1, 2021
DeviceImageLoadEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-deviceimageloadevents-table Learn about DLL loading events in the DeviceImageLoadEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
DeviceFileEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-devicefileevents-table Learn about file-related events in the DeviceFileEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Understand the analyst report section in threat analytics.
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/threat-analytics-analyst-reports How the report section of threat analytics reports provides information about threats, mitigation, detections, advanced hunting queries, and more.Published Date : Thursday, April 1, 2021
DeviceEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-deviceevents-table Learn about antivirus, firewall, and other event types in the miscellaneous device events (DeviceEvents) table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Experience Microsoft Defender for Endpoint through simulated attacks
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-simulations Run the provided attack scenario simulations to experience how Microsoft Defender for Endpoint can detect, investigate, and respond to breaches.Published Date : Tuesday, November 20, 2018
Mitigate zero-day vulnerabilities - threat and vulnerability management
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/tvm-zero-day-vulnerabilities Learn how to find and mitigate zero-day vulnerabilities in your environment through threat and vulnerability management.Published Date : Thursday, April 1, 2021
Vulnerable devices report - threat and vulnerability management
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/tvm-vulnerable-devices-report A report showing vulnerable device trends and current statistics. The goal is for you to understand the breath and scope of your device exposure.Published Date : Thursday, April 1, 2021
Hunt for exposed devices
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/tvm-hunt-exposed-devices Learn how threat and vulnerability management can be used to help security admins, IT admins, and SecOps collaborate.Published Date : Thursday, April 1, 2021
Dashboard insights - threat and vulnerability management
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/tvm-dashboard-insights The threat and vulnerability management dashboard can help SecOps and security admins address cybersecurity threats and build their organization's security resilience.Published Date : Thursday, April 1, 2021
Restrict access to topics in Microsoft Viva Topics
https://docs.microsoft.com/en-us/microsoft-365/knowledge/restrict-access-to-topics How to exclude topics to prevent them from being discovered.Published Date : Thursday, April 1, 2021
Create and view exceptions for security recommendations - threat and vulnerability management
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/tvm-exception Create and monitor exceptions for security recommendations in threat and vulnerability management.Published Date : Thursday, April 1, 2021
Working with assessment templates in Microsoft Compliance Manager - Microsoft 365 Compliance
https://docs.microsoft.com/en-us/microsoft-365/compliance/compliance-manager-templates Understand how to use and manage templates for building assessments in Microsoft Compliance Manager. Create and modify templates using a formatted Excel file.Published Date : Thursday, April 1, 2021
Deployment with a different Mobile Device Management (MDM) system for Microsoft Defender for Endpoint on Mac
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/mac-install-with-other-mdm Install Microsoft Defender for Endpoint on Mac on other management solutions.Published Date : Thursday, April 1, 2021
Set up the Microsoft Defender for Endpoint on macOS policies in Jamf Pro
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/mac-jamfpro-policies Learn how to set up the Microsoft Defender for Endpoint on macOS policies in Jamf ProPublished Date : Thursday, April 1, 2021
Get missing KBs by device ID
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/get-missing-kbs-machine Retrieves missing security updates by device IDPublished Date : Thursday, April 1, 2021
Get missing KBs by software ID
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/get-missing-kbs-software Retrieves missing security updates by software IDPublished Date : Thursday, April 1, 2021
Web content filtering
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/web-content-filtering Use web content filtering in Microsoft Defender for Endpoint to track and regulate access to websites based on their content categories.Published Date : Thursday, April 1, 2021
Hunt for threats across devices, emails, apps, and identities with advanced hunting
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-query-emails-devices Study common hunting scenarios and sample queries that cover devices, emails, apps, and identities.Published Date : Thursday, April 1, 2021
Microsoft Defender for Endpoint on Linux
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint-linux Describes how to install and use Microsoft Defender for Endpoint on Linux.Published Date : Thursday, April 1, 2021
Supported operating systems platforms and capabilities
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/tvm-supported-os Ensure that you meet the operating system or platform requisites for threat and vulnerability management, so the activities in your all devices are properly accounted for.Published Date : Thursday, April 1, 2021
Evaluate Microsoft Defender for Office 365 - Office 365
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/office-365-evaluation Defender for Office 365 in evaluation mode creates Defender for Office 365 email policies that log verdicts, such as malware, but don't act on messages.Published Date : Wednesday, April 21, 2021
Learn about sensitivity labels - Microsoft 365 Compliance
https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels Use sensitivity labels from Microsoft Information Protection (MIP) to classify and protect sensitive content.Published Date : Thursday, April 1, 2021
Score methods and properties
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/score Retrieves your organization's exposure score, device secure score, and exposure score by device groupPublished Date : Thursday, April 1, 2021
Advanced hunting query best practices in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-best-practices Learn how to construct fast, efficient, and error-free threat hunting queries with advanced huntingPublished Date : Thursday, April 1, 2021
Advanced hunting quotas and usage parameters in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-limits Understand various quotas and usage parameters (service limits) that keep the advanced hunting service responsivePublished Date : Thursday, April 1, 2021
Take action on advanced hunting query results in Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-take-action Quickly address threats and affected assets in your advanced hunting query resultsPublished Date : Thursday, April 1, 2021
Handle errors in advanced hunting for Microsoft 365 Defender
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-errors Understand errors displayed when using advanced huntingPublished Date : Thursday, April 1, 2021
DeviceNetworkInfo table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-devicenetworkinfo-table Learn about network configuration information in the DeviceNetworkInfo table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Extend advanced hunting coverage with the right settings
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-extend-data Check auditing settings on Windows devices and other settings to help ensure that you get the most comprehensive data in advanced huntingPublished Date : Thursday, April 1, 2021
AlertInfo table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-alertinfo-table Learn about alert generation events in the AlertInfo table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
DeviceTvmSoftwareVulnerabilitiesKB table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table Learn about the software vulnerabilities tracked by Threat & Vulnerability Management in the DeviceTvmSoftwareVulnerabilitiesKB table of the advanced hunting schema.Published Date : Thursday, April 1, 2021
Track and respond to emerging threats with Microsoft Defender for Endpoint threat analytics
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/threat-analytics Understand emerging threats and attack techniques and how to stop them. Assess their impact to your organization and evaluate your organizational resilience.Published Date : Thursday, April 1, 2021
DeviceTvmSecureConfigurationAssessmentKB table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table Learn about the various secure configurations assessed by Threat & Vulnerability Management in the DeviceTvmSecureConfigurationAssessmentKB table of the advanced hunting schema.Published Date : Thursday, April 1, 2021
DeviceLogonEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-devicelogonevents-table Learn about authentication or sign-in events in the DeviceLogonEvents table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
AlertEvidence table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-alertevidence-table Learn about information associated with alerts in the AlertEvidence table of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Understand the analyst report section in threat analytics
https://docs.microsoft.com/en-us/microsoft-365/security/defender/threat-analytics-analyst-reports Learn about the analyst report section of each threat analytics report. Understand how it provides information about threats, mitigations, detections, advanced hunting queries, and more.Published Date : Thursday, April 1, 2021
DeviceProcessEvents table in the advanced hunting schema
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-deviceprocessevents-table Learn about the process spawning or creation events in the DeviceProcessEventstable of the advanced hunting schemaPublished Date : Thursday, April 1, 2021
Exposure score in threat and vulnerability management
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/tvm-exposure-score The threat and vulnerability management exposure score reflects how vulnerable your organization is to cybersecurity threats.Published Date : Thursday, April 1, 2021