Docs update tracker

Updates from: 02/15/2023 02:23:41

Category	Microsoft Docs article	Related commit history on GitHub	Change details
admin	Test And Deploy Microsoft 365 Apps	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/test-and-deploy-microsoft-365-apps.md	You can control how users install these apps from the store on Integrated Apps i 1. Sign in to Microsoft 365 Admin Center as a Global Administrator. 2. Select Settings, then select Integrated Apps. 3. Select the Available Apps or Blocked Apps list. Here you can view the status of all Enhanced Teams Apps in the public catalog and any custom line-of-business apps uploaded from Teams Admin Center or Microsoft 365 Admin Center.+ + :::image type="content" alt-text="Available apps list." source="../../media/apps-status.png" lightbox="../../media/apps-status.png"::: + + :::image type="content" alt-text="Blocked apps list." source="../../media/blocked-apps.png" lightbox="../../media/blocked-apps.png"::: + 4. Select an Enhanced Teams App to view more details about the app, applicable host products, and availability status within your organization. Custom line-of-business Enhanced Teams Apps uploaded from Teams Admin Center or Microsoft 365 Admin Center can be viewed on Integrated Apps. These apps will appear in the store for Teams, Microsoft 365, and Outlook based on the policies set for the app, similar to public apps submitted via the Partner Center. You can block an app for all users in your organization to restrict them from do When you choose to block an app, it will be blocked for all users in your organization. Blocking an app overrides any previous admin deployment or user installation in Microsoft 365 and Outlook so that the app can no longer be used. + > [!NOTE] > Currently, the Enhanced Teams App will only be blocked in Microsoft 365 and Outlook. Teams will continue to honor the current setting for Teams Apps made in the Teams Admin Center and for Outlook add-ins made in the Exchange Admin Center. You can unblock an Enhanced Teams App so that it can start showing up in Microso 6. Read the availability and deployment status that the app will revert to after unblocking. These are the last saved statuses of the app before it was blocked. 7. Select Unblock. You can now see this app in the Available Apps list and/or the Deployed Apps list. + :::image type="content" alt-text="How to unblock an app." source="../../media/to-unblock-app.png" lightbox="../../media/to-unblock-app.png"::: + ### What happens to your existing settings for Teams and Outlook? Any existing settings made from the Teams Admin Center will continue to be honored on the Teams client.
business	Manage Protected Devices	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business/manage-protected-devices.md	ms.localizationpriority: medium - Tier2 - scotvorg-- M365-subscription-management +- M365-subscription-management - M365-identity-device-management - Adm_O365 description: "Learn to remove company data from devices managed through protecti # Manage protected devices with Microsoft 365 Business Premium -After a user connects their device to your organization by signing in with their work account to the device or to Office apps on the device, you can protect the device with the policies you set up. Connected devices are listed on the Devices page. If a device is lost or stolen, you can manage it from this page to remove any company data. You can also reset Windows 10 devices to their factory settings to wipe out any custom settings. +After a user connects their device to your organization by signing in with their work account to the device or to Office apps on the device, you can protect the device with the policies you set up. Connected devices are listed on the Devices page. If a device is lost or stolen, you can manage it from this page to remove any company data. You can also reset Windows 10 devices to their factory settings to wipe out any custom settings. ## Related content - -[Remove company data from devices](/business-premium/m365bp-remove-company-data.md) (article)\ -[Reset Windows 10 devices to their factory settings](reset-devices-to-factory-settings.md) (article)\ -[Add a managed device](/business-premium/m365bp-app-protection-settings-for-android-and-ios.md) (article) + +[Remove company data from devices](../business-premium/m365bp-remove-company-data.md) (article)\ +[Reset Windows 10 devices to their factory settings](../business-premium/m365bp-reset-devices-to-factory-settings.md) (article)
compliance	Data Classification Activity Explorer	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/data-classification-activity-explorer.md	Here's a list of applicable role groups that you can use. To learn more about th <!-- > [!IMPORTANT] -> Access to Activity explorer via the Security reader or Device Management role groups or other has been removed--> +> Access to Activity explorer via the Security Reader or Device Management role groups or other has been removed--> Microsoft 365 role groups Here's a list of applicable role groups that you can use. To learn more about th - Security administrator - Security Reader +> [!NOTE] +> Roles other than Global Admin and/or Compliance Admin, can only view activities and are not allowed to view the sensitive content. + ## Activity types Activity explorer gathers activity information from the audit logs on multiple sources of activities. For more detailed information on what labeling activity makes it to Activity explorer, see [Labeling events available in Activity explorer](data-classification-activity-explorer-available-events.md).
compliance	Dlp Learn About Dlp	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-learn-about-dlp.md	A DLP implementation typically follows these major phases. ### Plan for DLP -DLP monitoring and protection are native to the applications that users use every day. This helps to protect your organizations' sensitive items from risky activities even if your users are unaccustomed to data loss prevention thinking and practices. If your organization and your users are new to data loss prevention practices, the adoption of DLP may require a change to your business processes and there will be a culture shift for your users. But, with proper planning, testing and tuning, your DLP policies will protect your sensitive items while minimizing any potential business process disruptions. +DLP monitoring and protection are native to the applications that users use every day. This helps to protect your organization's sensitive items from risky activities, even if your users are unaccustomed to data loss prevention thinking and practices. If your organization and your users are new to data loss prevention practices, the adoption of DLP may require a change to your business processes and there will be a culture shift for your users. But, with proper planning, testing and tuning, your DLP policies will protect your sensitive items while minimizing any potential business process disruptions. Technology planning for DLP
compliance	Named Entities Learn	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/named-entities-learn.md	Named entity SITs come in two flavors, bundled and unbundled Bundled named entity SITs detect all possible matches. Use them as broad criteria in your DLP policies for detecting sensitive items. Unbundled named entity SITs have a narrower focus, like a single country. Use them when you need a DLP policy with a narrower detection scope.+ +> [!Note] +> To use bundled SITs, you must activate [Advanced scanning and protection](dlp-configure-endpoint-settings.md) for the relevant [data loss prevention endpoints](dlp-configure-endpoint-settings.md) before they will be discoverable. Here are some examples of named entity SITs. You can find all of them in [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md).
compliance	Sit Defn All Creds	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-defn-all-creds.md	recommendations: false description: "All credentials sensitive information type entity definition." -# All credential sensitive information types +# All credentials sensitive information types + +"All credentials" is a bundled-entity sensitive information type (SIT). It detects credentials from all supported services and environments, which include Amazon, Azure, GitHub, Google, Microsoft general, Slack and more. + +For information about implementing bundled SITs, see [Learn about named entities](named-entities-learn.md). For information about configuring endpoints and the supported file types, see [Configure endpoint data loss prevention settings](dlp-configure-endpoint-settings.md#advanced-classification-scanning-and-protection). -All credentials is a bundled entity sensitive information type (SIT). It detects credentials from all supported services and environments, which include Amazon, Azure, GitHub, Google, Microsoft general, Slack and more. [!INCLUDE [purview-preview](../includes/purview-preview.md)] No The All credentials SIT is a bundled SIT that scans for individual credential types. This includes checksum evaluated values and keyword/pattern combinations. The All credential entity scans for any of the underlying credential information type checksums and/or patterns are detected in a document. ++ ## Contains This bundled entity SIT contains these individual SITs: This bundled entity SIT contains these individual SITs: - Slovenian - Spanish - Swedish-- Turkish +- Turkish
compliance	Sit Learn About Exact Data Match Based Sits	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sit-learn-about-exact-data-match-based-sits.md	Every SIT has a rule package. You use the rule package in an EDM SIT to define: ### You supply your own schema and data -[Microsoft Purview comes with many predefined SITS](sensitive-information-type-entity-definitions.md). These SITS come with schemas, regex patterns, keywords and confidence levels. But, with EDM SITs, you are responsible for defining the schema as well as primary and secondary fields that identify sensitive items. Because the schema and primary and secondary data values are highly sensitive, you'll be encrypting them via a [hash](/dotnet/standard/security/ensuring-data-integrity-with-hash-codes) function that includes a randomly generated or self-supplied [salt](https://en.wikipedia.org/wiki/Salt_(cryptography)#:~:text=The%20salt%20value%20is%20generated%20at%20random%20and,the%20salt%20value%20and%20hashed%20value%20are%20stored.) value. Only the hashed values are uploaded to the service, so your sensitive data is never in the open. +[Microsoft Purview comes with many predefined SITs](sensitive-information-type-entity-definitions.md). These SITs come with schemas, regex patterns, keywords and confidence levels. But, with EDM SITs, you are responsible for defining the schema as well as primary and secondary fields that identify sensitive items. Because the schema and primary and secondary data values are highly sensitive, you'll be encrypting them via a [hash](/dotnet/standard/security/ensuring-data-integrity-with-hash-codes) function that includes a randomly generated or self-supplied [salt](https://en.wikipedia.org/wiki/Salt_(cryptography)#:~:text=The%20salt%20value%20is%20generated%20at%20random%20and,the%20salt%20value%20and%20hashed%20value%20are%20stored.) value. Only the hashed values are uploaded to the service, so your sensitive data is never in the open. ### Primary and secondary support elements -When you create an EDM SIT, you define a primary element field in the rule package. All content will be search for the primary element. EDM requires that the primary element be discoverable through an existing SIT. +When you create an EDM SIT, you define a primary element field in the rule package. All content will be searched for the primary element. EDM requires that the primary element be discoverable through an existing SIT. > [!NOTE] > See, [Sensitive information type entity definitions](sensitive-information-type-entity-definitions.md) for a complete list of the available SITs. -You'll have to find a predefined SIT that detects the sensitive information that you want your EDM SIT to detect. For example, if your EDM SIT schema has U.S. social security number as the primary element, when you create your EDM schema, you'd associated it with the [U.S. social security number (SSN)](sit-defn-us-social-security-number.md) SIT. Primary elements need to follow a defined pattern in order to be detected. +You'll have to find a predefined SIT that detects the sensitive information that you want your EDM SIT to detect. For example, if your EDM SIT schema has U.S. social security number as the primary element, when you create your EDM schema, you'd associated it with the [U.S. social security number (SSN)](sit-defn-us-social-security-number.md) SIT. Primary elements need to follow a defined pattern in order to be detected. When the primary element is found in a scanned item, EDM will then look for secondary or supporting elements. Secondary elements don't need to follow a pattern unless they contain multiple tokens (which requires association to a SIT, similar to primary elements), but do need to be within a certain proximity to the primary element. EDM works by comparing strings in your documents and emails against values in th > [!TIP] -> You can use both EDM SITs and the predefined SITs that they are based on, together, in DLP rules for better detection. Use the EDM SIT with higher confidence levels, and the predefined SIT with lower confidence levels. For example use an EDM SIT that looks for social security number and other supporting data with strict requirements with high confidence. Using the high confidence will generate a DLP match when few instances are detected. Then use a predefined SIT, like the U.S. Social Security Number, with lower confidence levels that will trigger a DLP match when higher numbers of occurrences are detected. +> You can use both EDM SITs, and the predefined SITs that they are based on, together in DLP rules for better detection. Use the EDM SIT with higher confidence levels, and the predefined SIT with lower confidence levels. For example use an EDM SIT that looks for social security number and other supporting data with strict requirements with high confidence. Using the high confidence will generate a DLP match when few instances are detected. Then use a predefined SIT, like the U.S. Social Security Number, with lower confidence levels that will trigger a DLP match when higher numbers of occurrences are detected. ## Services that EDM supports
security	TOC	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/TOC.md	-# [Microsoft Defender for Endpoint](index.yml) - -## [Overview]() -### [What is Microsoft Defender for Endpoint?](microsoft-defender-endpoint.md) -### [Trial user guide: Microsoft Defender for Endpoint](defender-endpoint-trial-user-guide.md) -### [Compare Microsoft endpoint security plans](defender-endpoint-plan-1-2.md) -### [Minimum requirements](minimum-requirements.md) -### [Supported Microsoft Defender for Endpoint capabilities by platform](supported-capabilities-by-platform.md) -### [What's new in Microsoft Defender for Endpoint?](whats-new-in-microsoft-defender-endpoint.md) -### [What's new in Microsoft Defender for Endpoint on Windows](windows-whatsnew.md) -### [What's new in Microsoft Defender for Endpoint on other platforms]() -#### [What's new in Defender for Endpoint on macOS](mac-whatsnew.md) -#### [What's new in Defender for Endpoint on Linux](linux-whatsnew.md) -#### [What's new in Defender for Endpoint on Android](android-whatsnew.md) -#### [What's new in Defender for Endpoint on iOS](ios-whatsnew.md) -- -### [Preview features](preview.md) -### [Data storage and privacy](data-storage-privacy.md) -### [Overview of Microsoft Defender Security Center](use.md) -### [Defender for Endpoint Plan 1]() -#### [Overview](defender-endpoint-plan-1.md) -#### [Setup and configuration](mde-p1-setup-configuration.md) -#### [Get started](mde-plan1-getting-started.md) -#### [Maintenance and operations](mde-p1-maintenance-operations.md) -### [Microsoft Defender for Endpoint for US Government customers](gov.md) -### [Overview of Microsoft Defender for Endpoint on other platforms](non-windows.md) -#### [Microsoft Defender for Endpoint on macOS](microsoft-defender-endpoint-mac.md) -#### [Microsoft Defender for Endpoint on Linux](microsoft-defender-endpoint-linux.md) -#### [Microsoft Defender for Endpoint on Android](microsoft-defender-endpoint-android.md) -#### [Microsoft Defender for Endpoint on iOS](microsoft-defender-endpoint-ios.md) - -### [Antivirus solution compatibility with Defender for Endpoint](defender-compatibility.md) - -## [Evaluate capabilities]() -### [Evaluate capabilities overview](evaluation-lab.md) -### [Microsoft defender for endpoint demonstrations]() -#### [Microsoft Defender for Endpoint demonstration scenarios](defender-endpoint-demonstrations.md) -#### [App reputation demonstration](defender-endpoint-demonstration-app-reputation.md) -#### [Attack surface reduction rules demonstrations](defender-endpoint-demonstration-attack-surface-reduction-rules.md) -#### [Block at First Sight (BAFS) demonstration](defender-endpoint-demonstration-block-at-first-sight-bafs.md) -#### [Cloud-delivered protection demonstration](defender-endpoint-demonstration-cloud-delivered-protection.md) -#### [Controlled folder access (CFA) demonstration (block script)](defender-endpoint-demonstration-controlled-folder-access-test-tool.md) -#### [Controlled folder access (CFA) demonstrations (block ransomware)](defender-endpoint-demonstration-controlled-folder-access.md) -#### [Exploit protection (EP) demonstrations](defender-endpoint-demonstration-exploit-protection.md) -#### [Network protection demonstrations](defender-endpoint-demonstration-network-protection.md) -#### [Potentially unwanted applications (PUA) demonstration](defender-endpoint-demonstration-potentially-unwanted-applications.md) -#### [URL reputation demonstrations](defender-endpoint-demonstration-smartscreen-url-reputation.md) - -## [Plan deployment](deployment-strategy.md) - -## [Deployment guide]() -### [Deployment phases](deployment-phases.md) -### [Phase 1: Prepare](prepare-deployment.md) -### [Phase 2: Set up](production-deployment.md) -### [Phase 3: Onboard]() -#### [Onboarding overview](onboarding.md) -#### [Deployment rings](deployment-rings.md) -#### [Onboarding using Microsoft Endpoint Configuration Manager](onboarding-endpoint-configuration-manager.md) -#### [Onboarding using Microsoft Endpoint Manager](onboarding-endpoint-manager.md) - -## [Migration guides]() -### [Migration guides overview](migration-guides.md) -### [Migrate Defender for Endpoint servers to Defender for Cloud](migrating-mde-server-to-cloud.md) -### [Migrate to Defender for Endpoint](switch-to-mde-overview.md) -#### [Phase 1: Prepare](switch-to-mde-phase-1.md) -#### [Phase 2: Setup](switch-to-mde-phase-2.md) -#### [Phase 3: Onboard](switch-to-mde-phase-3.md) - -### [Manage Defender for Endpoint after migration]() -#### [Overview](manage-mde-post-migration.md) -#### [Use Intune (recommended)](manage-mde-post-migration-intune.md) -#### [Use Configuration Manager](manage-mde-post-migration-configuration-manager.md) -#### [Use Group Policy](manage-mde-post-migration-group-policy-objects.md) -#### [Use PowerShell, WMI, or MPCmdRun.exe](manage-mde-post-migration-other-tools.md) -#### [Updating MMA on Windows devices](update-agent-mma-windows.md) -#### [Server migration scenarios]() -##### [Overview](server-migration.md) -##### [Migrating servers from Microsoft Monitoring Agent to the unified solution](application-deployment-via-mecm.md) - -## [Onboard and configure devices]() -### [Onboard devices and configure Microsoft Defender for Endpoint capabilities](onboard-configure.md) -### [Onboarding Windows Client]() -#### [Onboarding Windows Client overview](onboard-windows-client.md) -#### [Onboard Windows devices to Defender for Endpoint using Intune](configure-endpoints-mdm.md) -#### [Onboard Windows devices to Defender for Endpoint using Microsoft Endpoint Configuration Manager](configure-endpoints-sccm.md) -#### [Onboard Windows devices to Defender for Endpoint using Group Policy](configure-endpoints-gp.md) -#### [Onboard Windows devices to Defender for Endpoint using a local script](configure-endpoints-script.md) -#### [Onboard non-persistent virtual desktop infrastructure (VDI) devices](configure-endpoints-vdi.md) -#### [Onboard Windows 10 multi-session devices in Azure Virtual Desktop](onboard-windows-multi-session-device.md) -#### [Onboard previous versions of Windows](onboard-downlevel.md) - -### [Onboarding Windows Server]() -#### [Onboarding Windows Server overview](onboard-windows-server.md) -#### [Onboard Windows Server 2012 R2, 2016, Semi-Annual Channel, 2019, and 2022](configure-server-endpoints.md) -#### [Onboard Windows devices using Configuration Manager](configure-endpoints-sccm.md) -#### [Onboard Windows devices using Group Policy](configure-endpoints-gp.md) -#### [Onboard Windows devices using a local script](configure-endpoints-script.md) -#### [Onboard non-persistent virtual desktop infrastructure (VDI) devices](configure-endpoints-vdi.md) -- -### [Microsoft Defender for Endpoint on other platforms]() -#### [Onboard non-Windows devices](configure-endpoints-non-windows.md) -#### [Microsoft Defender for Endpoint on macOS]() -##### [Deploy]() -###### [Deployment with Microsoft Endpoint Manager](mac-install-with-intune.md) -###### [JAMF Pro-based deployment]() -####### [Deploying Microsoft Defender for Endpoint on macOS using Jamf Pro](mac-install-with-jamf.md) -####### [Login to Jamf Pro](mac-install-jamfpro-login.md) -####### [Set up device groups](mac-jamfpro-device-groups.md) -####### [Set up policies](mac-jamfpro-policies.md) -####### [Enroll devices](mac-jamfpro-enroll-devices.md) - -###### [Deployment with Mobile Device Management (MDM) systems](mac-install-with-other-mdm.md) -###### [Manual deployment](mac-install-manually.md) -##### [Update](mac-updates.md) - -#### [Microsoft Defender for Endpoint on Linux]() -##### [Deploy]() -###### [Puppet based deployment](linux-install-with-puppet.md) -###### [Ansible based deployment](linux-install-with-ansible.md) -###### [Chef based deployment](linux-deploy-defender-for-endpoint-with-chef.md) -###### [Manual deployment](linux-install-manually.md) -###### [Saltstack based deployment](linux-install-with-saltack.md) -- -##### [Update](linux-updates.md) - -#### [Mobile Threat Defense]() -##### [Mobile Threat Defense Overview](mtd.md) -##### [Deploy]() -###### [Deployment on Android with Microsoft Endpoint Manager](android-intune.md) -###### [Deployment on iOS via Microsoft Endpoint Manager](ios-install.md) -###### [Deployment on iOS with Mobile Application Manager](ios-install-unmanaged.md) - -### [Integration with Microsoft Defender for Cloud](azure-server-integration.md) -### [Run a detection test on a newly onboarded Microsoft Defender for Endpoint](run-detection-test.md) -### [Run simulated attacks on devices](attack-simulations.md) -### [Onboard devices without Internet access](onboard-offline-machines.md) -### [Configure proxy and Internet connectivity settings](configure-proxy-internet.md) - -### [Configure Microsoft Defender for Endpoint on macOS]() -#### [Configure and validate exclusions](mac-exclusions.md) -#### [Set preferences](mac-preferences.md) -#### [Detect and block Potentially Unwanted Applications](mac-pua.md) -#### [Protect macOS security settings using tamper protection](tamperprotection-macos.md) -#### [Device control]() -##### [Device control overview](mac-device-control-overview.md) -##### [JAMF examples](mac-device-control-jamf.md) -##### [Intune examples](mac-device-control-intune.md) - -#### [Schedule scans](mac-schedule-scan.md) - -### [Configure Microsoft Defender for Endpoint on Linux]() -#### [Configure and validate exclusions](linux-exclusions.md) -#### [Static proxy configuration](linux-static-proxy-configuration.md) -#### [Set preferences](linux-preferences.md) -#### [Detect and block Potentially Unwanted Applications](linux-pua.md) -#### [Schedule scans with Microsoft Defender for Endpoint on Linux](linux-schedule-scan-mde.md) -#### [Schedule antivirus scan in Defender for Endpoint on Linux](schedule-antivirus-scan-in-mde.md) -#### [Schedule an update of the Microsoft Defender for Endpoint (Linux)](linux-update-MDE-Linux.md) - -### [Configure Mobile Threat Defense]() -#### [Configure Microsoft Defender for Endpoint on Android features](android-configure.md) -#### [Configure Microsoft Defender for Endpoint on Android risk signals using app protection policy](android-configure-mam.md) -#### [Configure Microsoft Defender for Endpoint on iOS features](ios-configure-features.md) - -### [Create an onboarding or offboarding notification rule](onboarding-notification.md) - -### [Manage Microsoft Defender for Endpoint configuration settings on devices with Microsoft Endpoint Manager](security-config-management.md) -- -### [Configure portal settings]() -#### [Configure general Defender for Endpoint settings](preferences-setup.md) -#### [General]() -##### [Configure alert notifications](../defender/configure-email-notifications.md) -##### [Configure vulnerability email notifications](configure-vulnerability-email-notifications.md) -##### [Configure advanced features](advanced-features.md) - -#### [Permissions]() -##### [Use basic permissions to access the portal](basic-permissions.md) -##### [Assign user access to Microsoft Defender Security Center](assign-portal-access.md) -##### [Manage portal access using RBAC](rbac.md) -###### [Create and manage roles](user-roles.md) -###### [Create and manage device groups](machine-groups.md) -###### [Create and manage device tags](machine-tags.md) - -#### [Rules]() -##### [Manage suppression rules](manage-suppression-rules.md) -##### [Create indicators](manage-indicators.md) -###### [Create indicators for files](indicator-file.md) -###### [Create indicators for IPs and URLs/domains](indicator-ip-domain.md) -###### [Create indicators for certificates](indicator-certificates.md) -###### [Manage indicators](indicator-manage.md) -##### [Manage automation file uploads](manage-automation-file-uploads.md) -##### [Manage automation folder exclusions](manage-automation-folder-exclusions.md) - -#### [Device management]() -##### [Onboarding devices](onboard-configure.md) -##### [Offboarding devices](offboard-machines.md) -##### [Ensure your devices are configured properly](configure-machines.md) -##### [Monitor and increase device onboarding](configure-machines-onboarding.md) - -#### [Configure Microsoft Defender Security Center time zone settings](time-settings.md) - -## [Detect threats and protect endpoints]() -### [Microsoft Defender Vulnerability Management](../defender-vulnerability-management/index.yml) -### [Device discovery]() -#### [Device discovery overview](device-discovery.md) -#### [Configure device discovery](configure-device-discovery.md) -#### [Enable Corelight as a data source](corelight-integration.md) -#### [Enterprise IoT security]() -##### [Securing IoT devices in the enterprise](/azure/defender-for-iot/organizations/concept-enterprise/) -##### [Enable Enterprise IoT security with Defender for Endpoint](/azure/defender-for-iot/organizations/eiot-defender-for-endpoint/) -##### [Manage Defender for IoT plans](/azure/defender-for-iot/organizations/manage-subscriptions-enterprise/) -##### [Enhance Enterprise IoT discovery](/azure/defender-for-iot/organizations/eiot-sensor/) -#### [Device discovery FAQ](device-discovery-faq.md) - -### [Authenticated scans]() -#### [Network devices](network-devices.md) -#### [Windows authenticated scan](../defender-vulnerability-management/windows-authenticated-scan.md) - -### [Devices]() -#### [Device inventory](machines-view-overview.md) -#### [Exclude devices](exclude-devices.md) -#### [Device timeline](device-timeline-event-flag.md) -#### [Manage device group and tags](machine-tags.md) - -### [Host firewall reporting in Microsoft Defender for Endpoint](host-firewall-reporting.md) - -### [Built-in protection](built-in-protection.md) - -### [Attack surface reduction]() -#### [Attack surface reduction overview](overview-attack-surface-reduction.md) -#### [Attack surface reduction (ASR) rules]() -##### [Learn about ASR rules](attack-surface-reduction.md) -##### [Attack surface reduction (ASR) rules deployment guide]() -###### [Attack surface reduction (ASR) rules deployment overview](attack-surface-reduction-rules-deployment.md) -###### [Plan attack surface reduction (ASR) rules deployment](attack-surface-reduction-rules-deployment-plan.md) -###### [Test attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-test.md) -###### [Enable attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-implement.md) -###### [Operationalize attack surface reduction (ASR) rules](attack-surface-reduction-rules-deployment-operationalize.md) -##### [Attack surface reduction (ASR) rules reference](attack-surface-reduction-rules-reference.md) -##### [Attack surface reduction rules report](attack-surface-reduction-rules-report.md) -##### [Troubleshoot attack surface reduction (ASR) rules](troubleshoot-asr-rules.md) -##### [Enable ASR rules alternate configuration methods](enable-attack-surface-reduction.md) -#### [Attack surface reduction FAQ](attack-surface-reduction-faq.yml) -#### [Controlled folder access]() -##### [Protect folders](controlled-folders.md) -##### [Evaluate controlled folder access](evaluate-controlled-folder-access.md) -##### [Enable controlled folder access](enable-controlled-folders.md) -##### [Customize controlled folder access](customize-controlled-folders.md) -#### [Device Control]() -##### [Removable Storage Protection](device-control-removable-storage-protection.md) -##### [Removable Storage Access Control]() -###### [Overview](device-control-removable-storage-access-control.md) -###### [Deploy and manage using Intune](deploy-manage-removable-storage-intune.md) -###### [Deploy and manage using group policy](deploy-manage-removable-storage-group-policy.md) -###### [Frequently asked questions](device-control-removable-storage-access-control-faq.md) -##### [Device Installation](mde-device-control-device-installation.md) -##### [Device Control Printer Protection](printer-protection.md) -###### [Printer Protection Overview](printer-protection-overview.md) -###### [Deploy and manage using group policy](deploy-and-manage-using-group-policy.md) -###### [Deploy and manage using Intune](deploy-and-manage-using-intune.md) -###### [Printer Protection frequently asked questions](printer-protection-frequently-asked-questions.md) -##### [Device Control Reports](device-control-report.md) -#### [Exploit protection]() -##### [Protect devices from exploits](exploit-protection.md) -##### [Exploit protection evaluation](evaluate-exploit-protection.md) -##### [Enable exploit protection](enable-exploit-protection.md) -##### [Customize exploit protection](customize-exploit-protection.md) -##### [Import, export, and deploy exploit protection configurations](import-export-exploit-protection-emet-xml.md) -##### [Troubleshoot exploit protection mitigations](troubleshoot-exploit-protection-mitigations.md) -##### [Exploit protection reference](exploit-protection-reference.md) -#### [Network protection]() -##### [Protect your network](network-protection.md) -##### [Evaluate network protection](evaluate-network-protection.md) -##### [Turn on network protection](enable-network-protection.md) -##### [Network protection for Linux](network-protection-linux.md) -##### [Network protection for MacOS](network-protection-macos.md) -#### [Web protection]() -##### [Web protection overview](web-protection-overview.md) -##### [Web threat protection]() -###### [Web threat protection overview](web-threat-protection.md) -###### [Monitor web security](web-protection-monitoring.md) -###### [Respond to web threats](web-protection-response.md) -##### [Web content filtering](web-content-filtering.md) - -### Next-generation protection -#### [Next-generation protection overview](next-generation-protection.md) -##### [Overview of Microsoft Defender Antivirus](microsoft-defender-antivirus-windows.md) -##### [Microsoft Defender Antivirus on Windows Server](microsoft-defender-antivirus-on-windows-server.md) -##### [Enable and update Microsoft Defender Antivirus on Windows Server](enable-update-mdav-to-latest-ws.md) -##### [Better together: Microsoft Defender Antivirus and Microsoft Defender for Endpoint](why-use-microsoft-defender-antivirus.md) -##### [Better together: Microsoft Defender Antivirus and Office 365](office-365-microsoft-defender-antivirus.md) -#### [Evaluate Microsoft Defender Antivirus](evaluate-microsoft-defender-antivirus.md) -#### [Configure Microsoft Defender Antivirus features](configure-microsoft-defender-antivirus-features.md) -#### [Manage exclusions for Defender for Endpoint and Microsoft Defender Antivirus](defender-endpoint-antivirus-exclusions.md) -#### [Cloud protection and Microsoft Defender Antivirus](cloud-protection-microsoft-defender-antivirus.md) -##### [Why cloud protection should be on](why-cloud-protection-should-be-on-mdav.md) -##### [Turn on cloud protection](enable-cloud-protection-microsoft-defender-antivirus.md) -##### [Specify the cloud protection level](specify-cloud-protection-level-microsoft-defender-antivirus.md) -##### [Cloud protection and sample submission](cloud-protection-microsoft-antivirus-sample-submission.md) -#### [Configure and validate Microsoft Defender Antivirus network connections](configure-network-connections-microsoft-defender-antivirus.md) -#### [Specify additional definition sets for network traffic inspection](specify-additional-definitions-network-traffic-inspection-mdav.md) -#### [Tamper protection]() -##### [Protect security settings with tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md) -##### [Manage tamper protection using Microsoft 365 Defender](manage-tamper-protection-microsoft-365-defender.md) -##### [Manage tamper protection using Microsoft Intune](manage-tamper-protection-microsoft-endpoint-manager.md) -##### [Manage tamper protection with Configuration Manager](manage-tamper-protection-configuration-manager.md) -##### [Manage tamper protection on an individual device](manage-tamper-protection-individual-device.md) -##### [FAQs on tamper protection](faqs-tamper-protection.md) -#### [Turn on block at first sight](configure-block-at-first-sight-microsoft-defender-antivirus.md) -#### [Configure the cloud block timeout period](configure-cloud-block-timeout-period-microsoft-defender-antivirus.md) -#### [Configure behavioral, heuristic, and real-time protection](configure-protection-features-microsoft-defender-antivirus.md) -#### [Detect and block potentially unwanted applications](detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md) -#### [Enable and configure Microsoft Defender Antivirus always-on protection in Group Policy](configure-real-time-protection-microsoft-defender-antivirus.md) -#### [Configure remediation for Microsoft Defender Antivirus detections](configure-remediation-microsoft-defender-antivirus.md) -#### [Configure Microsoft Defender Antivirus scans](schedule-antivirus-scans.md) -##### [Schedule scans using Group Policy](schedule-antivirus-scans-group-policy.md) -##### [Schedule scans using PowerShell](schedule-antivirus-scans-powershell.md) -##### [Schedule scans using WMI](schedule-antivirus-scans-wmi.md) -#### [Use limited periodic scanning in Microsoft Defender Antivirus](limited-periodic-scanning-microsoft-defender-antivirus.md) -#### [Compatibility with other security products](microsoft-defender-antivirus-compatibility.md) -#### [Find malware detection names for Microsoft Defender for Endpoint](find-defender-malware-name.md) - -#### [Get your antivirus and antimalware updates](manage-updates-baselines-microsoft-defender-antivirus.md) -##### [Manage the sources for Microsoft Defender Antivirus protection updates](manage-protection-updates-microsoft-defender-antivirus.md) -##### [Manage the schedule for when protection updates should be downloaded and applied](manage-protection-update-schedule-microsoft-defender-antivirus.md) -##### [Manage gradual rollout process for Microsoft Defender updates](manage-gradual-rollout.md) -##### [Configure gradual rollout process for Microsoft Defender updates](configure-updates.md) -##### [Manage Microsoft Defender Antivirus updates and scans for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md) -##### [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md) -##### [Manage updates for mobile devices and virtual machines (VMs)](manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md) - -#### [Manage Microsoft Defender Antivirus for your organization](configuration-management-reference-microsoft-defender-antivirus.md) -##### [Use Microsoft Endpoint Manager to manage Microsoft Defender Antivirus](use-intune-config-manager-microsoft-defender-antivirus.md) -##### [Use Group Policy settings to manage Microsoft Defender Antivirus](use-group-policy-microsoft-defender-antivirus.md) -##### [Use PowerShell cmdlets to manage Microsoft Defender Antivirus](use-powershell-cmdlets-microsoft-defender-antivirus.md) -##### [Use Windows Management Instrumentation (WMI) to manage Microsoft Defender Antivirus](use-wmi-microsoft-defender-antivirus.md) -##### [Use the mpcmdrun.exe tool to manage Microsoft Defender Antivirus](command-line-arguments-microsoft-defender-antivirus.md) -##### [Configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md) -##### [Specify whether users can locally modify Microsoft Defender Antivirus policy settings](configure-local-policy-overrides-microsoft-defender-antivirus.md) -##### [Specify whether users can see or interact with Microsoft Defender Antivirus user interface](prevent-end-user-interaction-microsoft-defender-antivirus.md) -##### [Turn on definition retirement](turn-on-definition-retirement.md) - -#### [Deploy and report on Microsoft Defender Antivirus](deploy-manage-report-microsoft-defender-antivirus.md) -##### [Deploy and enable Microsoft Defender Antivirus](deploy-microsoft-defender-antivirus.md) -##### [Configure Microsoft Defender Antivirus in a remote desktop or virtual desktop infrastructure environment](deployment-vdi-microsoft-defender-antivirus.md) -##### [Report on Microsoft Defender Antivirus](report-monitor-microsoft-defender-antivirus.md) - -#### [Scans and remediation](review-scan-results-microsoft-defender-antivirus.md) -##### [Configure and run on-demand Microsoft Defender Antivirus scans](run-scan-microsoft-defender-antivirus.md) -##### [Run and review the results of a Microsoft Defender Offline scan](microsoft-defender-offline.md) -##### [Configure Microsoft Defender Antivirus scanning options](configure-advanced-scan-types-microsoft-defender-antivirus.md) -##### [Restore quarantined files in Microsoft Defender Antivirus](restore-quarantined-files-microsoft-defender-antivirus.md) - -#### [Microsoft Defender Antivirus exclusions](configure-exclusions-microsoft-defender-antivirus.md) -##### [Exclusions based on file extension and folder location](configure-extension-file-exclusions-microsoft-defender-antivirus.md) -##### [Exclusions for files opened by processes](configure-process-opened-file-exclusions-microsoft-defender-antivirus.md) -##### [Contextual file and folder exclusions](configure-contextual-file-folder-exclusions-microsoft-defender-antivirus.md) -##### [Exclusions for Windows Server](configure-server-exclusions-microsoft-defender-antivirus.md) -##### [Common mistakes to avoid](common-exclusion-mistakes-microsoft-defender-antivirus.md) - -#### Troubleshooting mode for Defender for Endpoint -##### [Get started with troubleshooting mode](enable-troubleshooting-mode.md) -##### [Troubleshooting mode scenarios](troubleshooting-mode-scenarios.md) - -#### Diagnostics and performance for Microsoft Defender Antivirus -##### [Device health reports](device-health-reports.md) -###### [Microsoft Defender Antivirus health report](device-health-microsoft-defender-antivirus-health.md) -###### [Sensor health and OS report](device-health-sensor-health-os.md) -##### [Troubleshoot performance issues related to real-time protection](troubleshoot-performance-issues.md) -##### [Troubleshoot Microsoft Defender Antivirus reporting in Update Compliance](troubleshoot-reporting.md) -##### [Collect diagnostic data of Microsoft Defender Antivirus](collect-diagnostic-data.md) -##### [Collect diagnostic data for Update Compliance and Microsoft Defender Antivirus](collect-diagnostic-data-update-compliance.md) -##### [Improve performance of Microsoft Defender Antivirus](tune-performance-defender-antivirus.md) - -#### Troubleshooting Microsoft Defender Antivirus -##### [Review event logs and error codes to troubleshoot issues with Microsoft Defender Antivirus](troubleshoot-microsoft-defender-antivirus.md) -##### [Troubleshoot Microsoft Defender Antivirus while migrating from a third-party solution](troubleshoot-microsoft-defender-antivirus-when-migrating.md) - -#### [Behavioral blocking and containment]() -##### [Behavioral blocking and containment](behavioral-blocking-containment.md) -##### [Client behavioral blocking](client-behavioral-blocking.md) -##### [Feedback-loop blocking](feedback-loop-blocking.md) - -### [Address false positives/negatives in Microsoft Defender for Endpoint](defender-endpoint-false-positives-negatives.md) - -### [Manage device configuration]() - -#### [Increase compliance to the security baseline](configure-machines-security-baseline.md) -#### [Optimize attack surface reduction rule deployment and detections](configure-machines-asr.md) - -## [Investigate and respond to threats]() -### [Endpoint detection and response]() -#### [Endpoint detection and response overview](overview-endpoint-detection-response.md) -#### [Submit files](admin-submissions-mde.md) -#### [Incidents queue]() -##### [View and organize the Incidents queue](view-incidents-queue.md) -##### [Manage incidents](manage-incidents.md) -##### [Investigate incidents](investigate-incidents.md) - -#### [Alerts queue]() -##### [Alerts queue in Microsoft 365 Defender](alerts-queue-endpoint-detection-response.md) -##### [View and organize the Alerts queue](alerts-queue.md) -##### [Review alerts](review-alerts.md) -##### [Manage alerts](manage-alerts.md) -##### [Investigate alerts](investigate-alerts.md) -##### [Investigate files](investigate-files.md) -##### [Investigate devices](investigate-machines.md) -##### [Investigate an IP address](investigate-ip.md) -###### [Investigate connection events that occur behind forward proxies](investigate-behind-proxy.md) -##### [Investigate a user account](investigate-user.md) - -#### [Take response actions]() -##### [Take response actions on a device]() -###### [Response actions on devices](respond-machine-alerts.md) -###### [Manage tags](respond-machine-alerts.md#manage-tags) -###### [Start an automated investigation](respond-machine-alerts.md#initiate-automated-investigation) -###### [Start a Live Response session](respond-machine-alerts.md#initiate-live-response-session) -###### [Collect investigation package](respond-machine-alerts.md#collect-investigation-package-from-devices) -###### [Run antivirus scan](respond-machine-alerts.md#run-microsoft-defender-antivirus-scan-on-devices) -###### [Restrict app execution](respond-machine-alerts.md#restrict-app-execution) -###### [Isolate devices from the network](respond-machine-alerts.md#isolate-devices-from-the-network) -###### [Contain devices from the network](respond-machine-alerts.md#contain-devices-from-the-network) -###### [Consult a threat expert](respond-machine-alerts.md#consult-a-threat-expert) -###### [Check activity details in Action center](respond-machine-alerts.md#check-activity-details-in-action-center) - -##### [Take response actions on a file]() -###### [Response actions on files](respond-file-alerts.md) -###### [Stop and quarantine files in your network](respond-file-alerts.md#stop-and-quarantine-files-in-your-network) -###### [Restore file from quarantine](respond-file-alerts.md#restore-file-from-quarantine) -###### [Add indicators to block or allow a file](respond-file-alerts.md#add-indicator-to-block-or-allow-a-file) -###### [Consult a threat expert](respond-file-alerts.md#consult-a-threat-expert) -###### [Check activity details in Action center](respond-file-alerts.md#check-activity-details-in-action-center) -###### [Download or collect file](respond-file-alerts.md#download-or-collect-file) -###### [Deep analysis](respond-file-alerts.md#deep-analysis) - -#### [View and approve remediation actions](manage-auto-investigation.md) -##### [View details and results of automated investigations](auto-investigation-action-center.md) - -#### [Investigate entities using Live response]() -##### [Investigate entities on devices](live-response.md) -##### [Live response command examples](live-response-command-examples.md) - -#### [Use sensitivity labels to prioritize incident response](information-protection-investigation.md) - -#### [Reporting]() -##### [Power BI - How to use API - Samples](api-power-bi.md) -##### [Threat protection reports](threat-protection-reports.md) - -### [Advanced hunting](/microsoft-365/security/defender/advanced-hunting-overview) - -### [Threat analytics overview](threat-analytics.md) -#### [Read the analyst report](threat-analytics-analyst-reports.md) - -### [EDR in block mode](edr-in-block-mode.md) - -### [Automated investigation and response (AIR)]() -#### [Overview of AIR](automated-investigations.md) -#### [Automation levels in AIR](automation-levels.md) -#### [Configure AIR capabilities](configure-automated-investigations-remediation.md) -#### [View the details and results of an automated investigation](autoir-investigation-results.md) - -### [Next generation protection]() -#### [Run and customize scheduled and on-demand scans](customize-run-review-remediate-scans-microsoft-defender-antivirus.md) - -### [Endpoint Attack Notifications](endpoint-attack-notifications.md) - -### [Experts on Demand](experts-on-demand.md) - -## Reference -### [Understand threat intelligence concepts](threat-indicator-concepts.md) -### [Advanced deployment guidance - Microsoft Defender for Endpoint on Linux](comprehensive-guidance-on-linux-deployment.md) - -### [Configure integration with other Microsoft solutions]() -#### [Configure conditional access](configure-conditional-access.md) -#### [Configure Microsoft Defender for Cloud Apps integration](microsoft-cloud-app-security-config.md) -### [Management and APIs]() -#### [Overview of management and APIs](management-apis.md) -#### [API release notes](api-release-notes.md) -#### [Microsoft Defender for Endpoint API]() -##### [Get started]() -###### [Microsoft Defender for Endpoint API license and terms](api-terms-of-use.md) -###### [Access the Microsoft Defender for Endpoint APIs](apis-intro.md) -###### [Hello World](api-hello-world.md) -###### [Get access with application context](exposed-apis-create-app-webapp.md) -###### [Get access with user context](exposed-apis-create-app-nativeapp.md) - -##### [Microsoft Defender for Endpoint APIs Schema]() -###### [Supported Microsoft Defender for Endpoint APIs](exposed-apis-list.md) -###### [Common REST API error codes](common-errors.md) -###### [Advanced Hunting](run-advanced-query-api.md) - -###### [Alert]() -####### [Alert methods and properties](alerts.md) -####### [List alerts](get-alerts.md) -####### [Create alert](create-alert-by-reference.md) -####### [Batch update alerts](batch-update-alerts.md) -####### [Update Alert](update-alert.md) -####### [Get alert information by ID](get-alert-info-by-id.md) -####### [Get alert related domains information](get-alert-related-domain-info.md) -####### [Get alert related file information](get-alert-related-files-info.md) -####### [Get alert related IPs information](get-alert-related-ip-info.md) -####### [Get alert related device information](get-alert-related-machine-info.md) -####### [Get alert related user information](get-alert-related-user-info.md) - -###### [Assessments of vulnerabilities and secure configurations]() -####### [Export assessment methods and properties](get-assessment-methods-properties.md) -####### [Export secure configuration assessment](get-assessment-secure-config.md) -####### [Export software inventory assessment](get-assessment-software-inventory.md) -####### [Export non product code software inventory assessment](get-assessment-non-cpe-software-inventory.md) -####### [Export software vulnerabilities assessment](get-assessment-software-vulnerabilities.md) - -###### [Authenticated scan]() -####### [Authenticated scan methods and properties](get-authenticated-scan-properties.md) -####### [Get all scan definitions](get-all-scan-definitions.md) -####### [Add, delete or update a scan definition](add-a-new-scan-definition.md) -####### [Get all scan agents](get-all-scan-agents.md) -####### [Get scan history by definition](get-scan-history-by-definition.md) -####### [Get scan history by session](get-scan-history-by-session.md) - -###### [Browser extensions]() -####### [Export browser extensions assessment](get-assessment-browser-extensions.md) -####### [Get browser extensions permission information](get-browser-extensions-permission-info.md) - -###### [Automated investigation]() -####### [Investigation methods and properties](investigation.md) -####### [List Investigation](get-investigation-collection.md) -####### [Get Investigation](get-investigation-object.md) -####### [Start Investigation](initiate-autoir-investigation.md) - -###### [Device Health]() -####### [Export device health methods and properties](device-health-api-methods-properties.md) -####### [Export device antivirus health report](device-health-export-antivirus-health-report-api.md) - -###### [Certificate inventory]() -####### [Export certificate inventory assessment](export-certificate-inventory-assessment.md) - -###### [Domain]() -####### [Get domain related alerts](get-domain-related-alerts.md) -####### [Get domain related machines](get-domain-related-machines.md) -####### [Get domain statistics](get-domain-statistics.md) - -###### [File]() -####### [File methods and properties](files.md) -####### [Get file information](get-file-information.md) -####### [Get file related alerts](get-file-related-alerts.md) -####### [Get file related machines](get-file-related-machines.md) -####### [Get file statistics](get-file-statistics.md) - -###### [Indicators]() -####### [Indicators methods and properties](ti-indicator.md) -####### [List Indicators](get-ti-indicators-collection.md) -####### [Submit Indicator](post-ti-indicator.md) -####### [Import Indicator](import-ti-indicators.md) -####### [Delete Indicator](delete-ti-indicator-by-id.md) - -###### [Information gathering]() -####### [Export information gathering assessment](get-assessment-information-gathering.md) - -###### [IP]() -####### [Get IP related alerts](get-ip-related-alerts.md) -####### [Get IP statistics](get-ip-statistics.md) - -###### [Live response library]() -####### [Live response library methods and properties](live-response-library-methods.md) -####### [List library files](list-library-files.md) -####### [Upload to live response library](upload-library.md) -####### [Delete from library](delete-library.md) - -###### [Machine]() -####### [Machine methods and properties](machine.md) -####### [List machines](get-machines.md) -####### [Get machine by ID](get-machine-by-id.md) -####### [Get machine log on users](get-machine-log-on-users.md) -####### [Get machine related alerts](get-machine-related-alerts.md) -####### [Get installed software](get-installed-software.md) -####### [Get discovered vulnerabilities](get-discovered-vulnerabilities.md) -####### [Get security recommendations](get-security-recommendations.md) -####### [Add or Remove machine tags](add-or-remove-machine-tags.md) -####### [Find machines by IP](find-machines-by-ip.md) -####### [Find device information by internal IP](find-machine-info-by-ip.md) -####### [Find machines by tag](find-machines-by-tag.md) -####### [Get missing KBs](get-missing-kbs-machine.md) -####### [Set device value](set-device-value.md) -####### [Update machine](update-machine-method.md) - -###### [Machine Action]() -####### [Machine Action methods and properties](machineaction.md) -####### [List Machine Actions](get-machineactions-collection.md) -####### [Get Machine Action](get-machineaction-object.md) -####### [Collect investigation package](collect-investigation-package.md) -####### [Get investigation package SAS URI](get-package-sas-uri.md) -####### [Get live response result](get-live-response-result.md) -####### [Isolate machine](isolate-machine.md) -####### [Release machine from isolation](unisolate-machine.md) -####### [Restrict app execution](restrict-code-execution.md) -####### [Remove app restriction](unrestrict-code-execution.md) -####### [Run antivirus scan](run-av-scan.md) -####### [Run live response](run-live-response.md) -####### [Offboard machine](offboard-machine-api.md) -####### [Stop and quarantine file](stop-and-quarantine-file.md) -####### [Cancel machine action](cancel-machine-action.md) - -###### [Recommendation]() -####### [Recommendation methods and properties](recommendation.md) -####### [List all recommendations](get-all-recommendations.md) -####### [Get recommendation by ID](get-recommendation-by-id.md) -####### [Get recommendation by software](list-recommendation-software.md) -####### [List machines by recommendation](get-recommendation-machines.md) -####### [List vulnerabilities by recommendation](get-recommendation-vulnerabilities.md) - -###### [Remediation activity]() -####### [Remediation activity methods and properties](get-remediation-methods-properties.md) -####### [Get one remediation activity by ID](get-remediation-one-activity.md) -####### [List all remediation activities](get-remediation-all-activities.md) -####### [List exposed devices of one remediation activity](get-remediation-exposed-devices-activities.md) - -###### [Score]() -####### [Score methods and properties](score.md) -####### [List exposure score by machine group](get-machine-group-exposure-score.md) -####### [Get exposure score](get-exposure-score.md) -####### [Get device secure score](get-device-secure-score.md) - -###### [Security baselines]() -####### [Export security baselines assessment](export-security-baseline-assessment.md) -####### [List security baselines assessment profiles](get-security-baselines-assessment-profiles.md) -####### [List security baselines assessment configurations](get-security-baselines-assessment-configurations.md) - -###### [Software]() -####### [Software methods and properties](software.md) -####### [List software](get-software.md) -####### [Get software by ID](get-software-by-id.md) -####### [List software version distribution](get-software-ver-distribution.md) -####### [List machines by software](get-machines-by-software.md) -####### [List vulnerabilities by software](get-vuln-by-software.md) -####### [Get missing KBs](get-missing-kbs-software.md) -####### [Get KB collection API](get-machinegroups-collection.md) - -###### [User]() -####### [User methods](user.md) -####### [Get user related alerts](get-user-related-alerts.md) -####### [Get user related machines](get-user-related-machines.md) - -###### [Vulnerability]() -####### [Vulnerability methods and properties](vulnerability.md) -####### [List vulnerabilities](get-all-vulnerabilities.md) -####### [List vulnerabilities by machine and software](get-all-vulnerabilities-by-machines.md) -####### [Get vulnerability by ID](get-vulnerability-by-id.md) -####### [List machines by vulnerability](get-machines-by-vulnerability.md) - -##### [How to use APIs - Samples]() -###### [Power Automate](api-microsoft-flow.md) -###### [Power BI](api-power-bi.md) -###### [Advanced Hunting using Python](run-advanced-query-sample-python.md) -###### [Advanced Hunting using PowerShell](run-advanced-query-sample-powershell.md) -###### [Using OData Queries](exposed-apis-odata-samples.md) -###### [Advanced Hunting with PowerShell API Guide](exposed-apis-full-sample-powershell.md) - -#### [Raw data streaming API]() -##### [Raw data streaming](raw-data-export.md) -##### [Stream advanced hunting events to Azure Events hub](raw-data-export-event-hub.md) -##### [Stream advanced hunting events to your storage account](raw-data-export-storage.md) - -#### [SIEM integration]() -##### [Migrate from the MDE SIEM API to the Microsoft 365 Defender alerts API](configure-siem.md) -##### [Troubleshoot SIEM tool integration issues](troubleshoot-siem.md) - -#### [Partners & APIs]() -##### [Partner applications](partner-applications.md) -##### [Connected applications](connected-applications.md) -##### [API explorer](api-explorer.md) - -#### [Role-based access control]() -##### [Manage portal access using RBAC](rbac.md) -##### [Create and manage roles](user-roles.md) -##### [Create and manage device groups]() -###### [Using device groups](machine-groups.md) -###### [Create and manage device tags](machine-tags.md) - -### [Managed security service provider (MSSP) integration]() -#### [Configure managed security service provider integration](configure-mssp-support.md) -#### [Grant MSSP access to the portal](grant-mssp-access.md) -#### [Access the MSSP customer portal](access-mssp-portal.md) -#### [Configure alert notifications](configure-mssp-notifications.md) -#### [Get partner application access](exposed-apis-create-app-partners.md) -#### [Fetch alerts from customer tenant](fetch-alerts-mssp.md) -#### [Managed security service provider opportunity](mssp-support.md) -### [Partner integration scenarios]() -#### [Technical partner opportunities](partner-integration.md) -#### [Become a Microsoft Defender for Endpoint partner](get-started-partner-integration.md) -### [Integrations]() -#### [Microsoft Defender for Endpoint integrations](threat-protection-integration.md) -#### [Protect users, data, and devices with conditional access](conditional-access.md) -#### [Microsoft Defender for Cloud Apps integration overview](microsoft-cloud-app-security-integration.md) - -### [Access the Microsoft Defender for Endpoint Community Center](community.md) - -### [Privacy for Microsoft Defender for Endpoint on macOS](mac-privacy.md) -### [Privacy for Microsoft Defender for Endpoint on Linux](linux-privacy.md) -### [Privacy for Microsoft Defender for Endpoint on Android](android-privacy.md) -### [Privacy for Microsoft Defender for Endpoint on iOS](ios-privacy.md) -### [Helpful resources](helpful-resources.md) -### [Resources for Microsoft Defender for Endpoint on macOS](mac-resources.md) -### [Resources for Microsoft Defender for Endpoint on Linux](linux-resources.md) - -## [Troubleshoot]() -### [Troubleshoot onboarding issues]() -#### [Troubleshoot issues during onboarding](troubleshoot-onboarding.md) -#### [Troubleshoot subscription and portal access issues](troubleshoot-onboarding-error-messages.md) -#### [Troubleshoot security configuration management onboarding issues](troubleshoot-security-config-mgt.md) - -### [Troubleshooting migration issues](switch-to-mde-troubleshooting.md) - -### [Troubleshoot sensor state]() -#### [Check sensor state](check-sensor-status.md) -#### [Fix unhealthy sensors](fix-unhealthy-sensors.md) -#### [Inactive devices](fix-unhealthy-sensors.md#inactive-devices) -#### [Misconfigured devices](fix-unhealthy-sensors.md#misconfigured-devices) -#### [Review sensor events and errors on machines using Event Viewer](event-error-codes.md) - -### [Troubleshoot Microsoft Defender for Endpoint on macOS]() -#### [Troubleshoot installation issues](mac-support-install.md) -#### [Troubleshoot performance issues](mac-support-perf.md) -#### [Troubleshoot cloud connectivity](troubleshoot-cloud-connect-mdemac.md) -#### [Troubleshoot kernel extension issues](mac-support-kext.md) -#### [Troubleshoot license issues](mac-support-license.md) - -### [Troubleshoot Microsoft Defender for Endpoint on Linux]() -#### [Troubleshoot installation issues](linux-support-install.md) -#### [Investigate agent health issues](health-status.md) -#### [Troubleshoot cloud connectivity issues](linux-support-connectivity.md) -#### [Troubleshoot RHEL 6 installation issues](linux-support-rhel.md) -#### [Troubleshoot performance issues](linux-support-perf.md) -#### [Troubleshoot missing events issues](linux-support-events.md) --- -### [Troubleshoot Mobile Threat Defense]() -#### [Troubleshoot Microsoft Defender for Endpoint on Android issues](android-support-signin.md) -#### [Troubleshoot Microsoft Defender for Endpoint on iOS issues](ios-troubleshoot.md) - -### [Troubleshoot sensor health issues using Client Analyzer]() -#### [Client analyzer overview](overview-client-analyzer.md) -#### [Download and run the client analyzer](download-client-analyzer.md) -#### [Run the client analyzer on Windows](run-analyzer-windows.md) -#### [Run the client analyzer on macOS or Linux](run-analyzer-macos-linux.md) -#### [Data collection for advanced troubleshooting on Windows](data-collection-analyzer.md) -#### [Understand the analyzer HTML report](analyzer-report.md) -#### [Provide feedback on the client analyzer tool](analyzer-feedback.md) - -### [Troubleshoot Microsoft Defender for Endpoint service issues]() -#### [Troubleshoot service issues](troubleshoot-mdatp.md) -#### [Contact Microsoft Defender for Endpoint support](contact-support.md) - -### [Troubleshoot live response issues](troubleshoot-live-response.md) - -### [Collect support logs using LiveAnalyzer](troubleshoot-collect-support-log.md) - -### [Troubleshoot attack surface reduction issues]() -#### [Network protection](troubleshoot-np.md) -#### [Attack surface reduction rules](troubleshoot-asr.md) -#### [Migrate to Attack surface reduction rules](migrating-asr-rules.md) - -# [Microsoft 365 Defender docs]() -## [Microsoft 365 Defender](../defender/index.yml) -## [Defender for Office 365](../office-365-security/index.yml) -## [Defender for Identity](/defender-for-identity/) -## [Defender for Cloud Apps](/cloud-app-security/) -## [Defender for Business](../defender-business/index.yml) -## [Defender Vulnerability Management](../defender-vulnerability-management/index.yml) ------------------------------------------------------ - -------
security	Deploy And Manage Using Group Policy	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/deploy-and-manage-using-group-policy.md	You can download the files here, [Printer Protection Samples](https://github.com 2. Create policy to allow authorized USB printer only when the machine is Corporate Network OR VPN connected. - :::image type="content" source="media/audit-write.png" alt-text="This is the deafult audit write access screenshot." lightbox="media/audit-write.png"::: + :::image type="content" source="media/audit-write.png" alt-text="This is the default audit write access screenshot." lightbox="media/audit-write.png"::: 3. Create Default Deny custom policy for any other printers. - :::image type="content" source="images/create-default.png" alt-text="This is create default." lightbox="images/create-default.png"::: + :::image type="content" source="images/create-default.png" alt-text="This is create default screenshot." lightbox="images/create-default.png"::: Combine these two policy rules into [one XML file](https://github.com/microsoft/mdatp-devicecontrol/blob/main/Printer%20Protection%20Samples/Group%20Policy/Printer_Policies.xml). See step 4 from the [Deploy using group policy](deploy-and-manage-using-group-policy.md) section to deploy this configuration.
security	Deploy And Manage Using Intune	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/deploy-and-manage-using-intune.md	You can download the files here, [Printer Protection Samples](https://github.com 1. Create Allow and Audit policy for allowed-file printer group. - :::image type="content" source="media/188243425-c0772ed4-6537-4c6a-9a1d-1dbb48018578.png" alt-text="A screenshot of policy 1." lightbox= "media/188243425-c0772ed4-6537-4c6a-9a1d-1dbb48018578.png"::: + :::image type="content" source="media/188243425-c0772ed4-6537-4c6a-9a1d-1dbb48018578.png" alt-text="A screenshot of policy 1." lightbox= "media/188243425-c0772ed4-6537-4c6a-9a1d-1dbb48018578.png"::: Here's the [sample file](https://github.com/microsoft/mdatp-devicecontrol/blob/main/Printer%20Protection%20Samples/Intune%20OMA-URI/Allow%20PDF_XPS%20Printer.xml). See step 4 from the [Deploy Printer Protection](deploy-and-manage-using-intune.md) section to deploy the configuration. 2. Create policy to allow authorized USB printer only when the machine is Corporate Network OR VPN connected. - :::image type="content" source="media/188243552-5d2a90ab-dba6-450f-ad8f-86a862f6e739.png" alt-text="A screenshot of policy 2." lightbox= "media/188243552-5d2a90ab-dba6-450f-ad8f-86a862f6e739.png"::: + :::image type="content" source="media/188243552-5d2a90ab-dba6-450f-ad8f-86a862f6e739.png" alt-text="A screenshot of policy 2." lightbox= "media/188243552-5d2a90ab-dba6-450f-ad8f-86a862f6e739.png"::: Here's the [sample file](https://github.com/microsoft/mdatp-devicecontrol/blob/main/Printer%20Protection%20Samples/Intune%20OMA-URI/Allow%20Authorized%20USB%20Printer.xml). See step 4 from the [Deploy Printer Protection](deploy-and-manage-using-intune.md) section to deploy the configuration. 3. Create Default Deny custom policy for any other printers. - :::image type="content" source="media/188243552-5d2a90ab-dba6-450f-ad8f-86a862f6e739.png" alt-text="A screenshot of policy 3." lightbox= "media/188243552-5d2a90ab-dba6-450f-ad8f-86a862f6e739.png"::: + :::image type="content" source="media/188243552-5d2a90ab-dba6-450f-ad8f-86a862f6e739.png" alt-text="A screenshot of policy 2." lightbox= "media/188243552-5d2a90ab-dba6-450f-ad8f-86a862f6e739.png"::: Here's the [sample file](https://github.com/microsoft/mdatp-devicecontrol/blob/main/Printer%20Protection%20Samples/Intune%20OMA-URI/Default%20Deny%20-%20custom%20policy.xml). See step 4 from the [Deploy Printer Protection](deploy-and-manage-using-intune.md) section to deploy the configuration.
security	Mac Updates	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-updates.md	Last updated 12/18/2020 Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. -To update Microsoft Defender for Endpoint on macOS, a program named Microsoft AutoUpdate (MAU) is used. MAU checks daily for updates, and automatically downloads and installs them. +To update Microsoft Defender for Endpoint on macOS, a program named Microsoft AutoUpdate (MAU) is used. MAU checks updates periodically, and automatically downloads and installs them. :::image type="content" source="images/MDATP-34-MAU.png" alt-text="MAU" lightbox="images/MDATP-34-MAU.png":::
security	Troubleshoot Security Config Mgt	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/troubleshoot-security-config-mgt.md	To successfully register devices to Azure Active Directory, you'll need to ensur - Azure AD connect is configured to sync the computer objects. By default, computer OUs are in Azure AD connect sync scope. If the computer objects belong to specific organizational units (OUs), configure the OUs to sync in Azure AD Connect. To learn more about how to sync computer objects by using Azure AD Connect, see [Organizational unitΓÇôbased filtering](/azure/active-directory/hybrid/how-to-connect-sync-configure-filtering#organizational-unitbased-filtering). > [!IMPORTANT] -> Azure AD connect does not sync Windows Server 2012 R2 computer objects. If you need to register them with Azure AD for Security Management for Microsoft Defender for Endpoint, then you'll need to customize Azure AD connect sync rule to include those computer objects in sync scope. See [Instructions for applying Computer Join rule in Azure Active Directory Connect](). +> Azure AD connect does not sync Windows Server 2012 R2 computer objects. If you need to register them with Azure AD for Security Management for Microsoft Defender for Endpoint, then you'll need to customize Azure AD connect sync rule to include those computer objects in sync scope. See [Instructions for applying Computer Join rule in Azure Active Directory Connect](#instructions-for-applying-computer-join-rule-in-aad-connect). > [!NOTE] > To successfully complete the onboarding flow, and independent of a device's Operating System, the Azure Active Directory state of a device can change, based on the devices' initial state:
security	Anti Spam Policies Asf Settings About	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-spam-policies-asf-settings-about.md	For each ASF setting, the following options are available in anti-spam policies: ## Increase spam score settings -The following Increase spam score ASF settings set the spam confidence level (SCL) of detected messages to 5 or 6, which corresponds to a Spam filter verdict and the corresponding action in anti-spam policies. +The following Increase spam score ASF settings result in an increase in spam score and therefore a higher chance of getting marked as spam with a spam confidence level (SCL) of 5 or 6, which corresponds to a Spam filter verdict and the corresponding action in anti-spam policies. Not every email that matches the following settings will be marked as spam. \|Anti-spam policy setting\|Description\|X-header added\| \|\|\|\| \|Image links to remote websites <p> IncreaseScoreWithImageLinks\|Messages that contain `<Img>` HTML tag links to remote sites (for example, using http) are marked as spam.\|`X-CustomSpam: Image links to remote sites`\| \|Numeric IP address in URL <p> IncreaseScoreWithNumericIps\|Messages that contain numeric-based URLs (typically, IP addresses) are marked as spam.\|`X-CustomSpam: Numeric IP in URL`\| -\|URL redirect to other port <p> IncreaseScoreWithRedirectToOtherPort\|Message that contain hyperlinks that redirect to TCP ports other than 80 (HTTP), 8080 (alternate HTTP), or 443 (HTTPS) are marked as spam.\|`X-CustomSpam: URL redirect to other port`\| +\|URL redirect to other port <p> IncreaseScoreWithRedirectToOtherPort\|Messages that contain hyperlinks that redirect to TCP ports other than 80 (HTTP), 8080 (alternate HTTP), or 443 (HTTPS) are marked as spam.\|`X-CustomSpam: URL redirect to other port`\| \|Links to .biz or .info websites <p> IncreaseScoreWithBizOrInfoUrls\|Messages that contain `.biz` or `.info` links in the body of the message are marked as spam.\|`X-CustomSpam: URL to .biz or .info websites`\| ## Mark as spam settings The following Mark as spam ASF settings set the SCL of detected messages to \|Anti-spam policy setting\|Description\|X-header added\| \|\|\|\| \|Empty messages <p> MarkAsSpamEmptyMessages\|Messages with no subject, no content in the message body, and no attachments are marked as high confidence spam.\|`X-CustomSpam: Empty Message`\| -\|Embedded tags in HTML <p> MarkAsSpamEmbedTagsInHtml\|Message that contain `<embed>` HTML tags are marked as high confidence spam. <p> This tag allows the embedding of different kinds of documents in an HTML document (for example, sounds, videos, or pictures).\|`X-CustomSpam: Embed tag in html`\| +\|Embedded tags in HTML <p> MarkAsSpamEmbedTagsInHtml\|Messages that contain `<embed>` HTML tags are marked as high confidence spam. <p> This tag allows the embedding of different kinds of documents in an HTML document (for example, sounds, videos, or pictures).\|`X-CustomSpam: Embed tag in html`\| \|JavaScript or VBScript in HTML <p> MarkAsSpamJavaScriptInHtml\|Messages that use JavaScript or Visual Basic Script Edition in HTML are marked as high confidence spam. <p> These scripting languages are used in email messages to cause specific actions to automatically occur.\|`X-CustomSpam: Javascript or VBscript tags in HTML`\| \|Form tags in HTML <p> MarkAsSpamFormTagsInHtml\|Messages that contain `<form>` HTML tags are marked as high confidence spam. <p> This tag is used to create website forms. Email advertisements often include this tag to solicit information from the recipient.\|`X-CustomSpam: Form tag in html`\| \|Frame or iframe tags in HTML <p> MarkAsSpamFramesInHtml\|Messages that contain `<frame>` or `<iframe>` HTML tags are marked as high confidence spam. <p> These tags are used in email messages to format the page for displaying text or graphics.\|`X-CustomSpam: IFRAME or FRAME in HTML`\|
security	Use The Delist Portal To Remove Yourself From The Office 365 Blocked Senders Lis	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/use-the-delist-portal-to-remove-yourself-from-the-office-365-blocked-senders-lis.md	See [Create safe sender lists in EOP](create-safe-sender-lists-in-office-365.md) When there's a problem delivering an email message that you sent, Microsoft 365 or Office 365 sends an email to let you know. The email you receive is a delivery status notification, also known as a DSN or bounce message. The most common type is called a non-delivery report (NDR) and they tell you that a message wasn't delivered. In certain situations, Microsoft must conduct additional investigations against traffic from your IP, and if you're receiving the NDR code 5.7.511, you will not be able to use the delist portal. -> 550 5.7.511 Access denied, banned sender[xxx.xxx.xxx.xxx]. To request removal from this list, forward this message to delist@messaging.microsoft.com. For more information, go to <https://go.microsoft.com/fwlink/?LinkId=526653>. +> 550 5.7.511 Access denied, banned sender[xxx.xxx.xxx.xxx]. To request removal from this list, forward this message to delist@microsoft.com. For more information, go to <https://go.microsoft.com/fwlink/?LinkId=526653>. In the email to request removal from this list, provide the full NDR code and IP address. Microsoft will contact you within 48 hours with the next steps.
solutions	Microsoft 365 Groups Expiration Policy	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/microsoft-365-groups-expiration-policy.md	When a group expires it is "soft-deleted" which means it can still be recovered Administrators can specify an expiration period and any inactive group that reaches the end of that period, and is not renewed, will be deleted. (This includes archived teams.) The expiration period begins when the group is created, or on the date it was last renewed. Group owners will automatically be sent a notification before the expiration that allows them to renew the group for another expiration interval. Expiration notices for groups used in Teams appear in the Teams Owners feed. -Groups that are actively in use are renewed automatically. Any of the following actions will autorenew a group: +Groups that are actively in use are renewed automatically around 35 days before the group expires. In this case, the owner does not get any renewal notifications. Any of the following actions will automatically renew a group: - SharePoint - View, edit, download, move, share, or upload files. (Viewing a SharePoint page does not count as an action for automatic renewal.) - Outlook - Join or edit group, read or write group message from the group, and like a message (Outlook on the web). - Teams - Visit a teams channel.
syntex	Accessibility Mode	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/accessibility-mode.md	audience: admin-+ search.appverid:
syntex	Adoption Assessment Tool	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/adoption-assessment-tool.md	Last updated audience: admin-+ - enabler-strategic
syntex	Adoption Getstarted	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/adoption-getstarted.md	Last updated audience: admin-+ - enabler-strategic
syntex	Adoption Scenarios	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/adoption-scenarios.md	Last updated audience: admin-+ - enabler-strategic
syntex	Apply A Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/apply-a-model.md	audience: admin-+ search.appverid:
syntex	Apply A Retention Label To A Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/apply-a-retention-label-to-a-model.md	audience: admin-+ search.appverid:
syntex	Apply A Sensitivity Label To A Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/apply-a-sensitivity-label-to-a-model.md	audience: admin-+ search.appverid:
syntex	Automate Document Generation	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/automate-document-generation.md	audience: admin -+ search.appverid:
syntex	Choose Library View	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/choose-library-view.md	audience: admin-+ search.appverid:
syntex	Content Assembly Create Document	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/content-assembly-create-document.md	audience: admin -+ search.appverid:
syntex	Content Assembly Edit Template	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/content-assembly-edit-template.md	audience: admin -+ search.appverid:
syntex	Content Assembly Modern Template	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/content-assembly-modern-template.md	audience: admin -+ search.appverid:
syntex	Content Assembly	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/content-assembly.md	audience: admin -+ search.appverid:
syntex	Content Processing Create Rules	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/content-processing-create-rules.md	audience: admin-+ search.appverid:
syntex	Create A Classifier	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/create-a-classifier.md	audience: admin-+ search.appverid:
syntex	Create A Content Center	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/create-a-content-center.md	audience: admin-+ search.appverid:
syntex	Create A Form Processing Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/create-a-form-processing-model.md	audience: admin-+ search.appverid:
syntex	Create An Extractor	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/create-an-extractor.md	audience: admin-+ search.appverid:
syntex	Create Local Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/create-local-model.md	audience: admin-+ search.appverid:
syntex	Create Syntex Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/create-syntex-model.md	audience: admin-+ search.appverid:
syntex	Delete A Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/delete-a-model.md	audience: admin -+ search.appverid:
syntex	Difference Between Document Understanding And Form Processing Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/difference-between-document-understanding-and-form-processing-model.md	audience: admin-+ search.appverid:
syntex	Discover Other Trained Models	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/discover-other-trained-models.md	audience: admin-+ search.appverid:
syntex	Document Understanding Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/document-understanding-overview.md	audience: admin-+ search.appverid:
syntex	Duplicate A Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/duplicate-a-model.md	audience: admin -+ search.appverid:
syntex	Explanation Templates	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/explanation-templates.md	audience: admin-+ search.appverid:
syntex	Explanation Types Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/explanation-types-overview.md	audience: admin-+ search.appverid:
syntex	Form Processing Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/form-processing-overview.md	audience: admin-++ search.appverid:
syntex	Freeform Document Processing Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/freeform-document-processing-overview.md	audience: admin-++ search.appverid:
syntex	Image Tagging	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/image-tagging.md	audience: admin-+ search.appverid:
syntex	Import Term Set Skos	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/import-term-set-skos.md	audience: admin -+ - enabler-strategic - m365initiative-syntex
syntex	Learn About Document Understanding Models Through The Sample Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/learn-about-document-understanding-models-through-the-sample-model.md	audience: admin--+ search.appverid:
syntex	Leverage Term Store Taxonomy	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/leverage-term-store-taxonomy.md	audience: admin-+ search.appverid:
syntex	Metadata Search	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/metadata-search.md	audience: admin-+ search.appverid:
syntex	Model Discovery	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/model-discovery.md	audience: admin -+ search.appverid:
syntex	Model Types Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/model-types-overview.md	audience: admin-+ search.appverid:
syntex	Model Usage Analytics	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/model-usage-analytics.md	audience: admin-+ search.appverid:
syntex	Powershell Syntex Explanations	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/powershell-syntex-explanations.md	audience: admin-+ - enabler-strategic
syntex	Powershell Syntex Import Export	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/powershell-syntex-import-export.md	audience: admin-+ - enabler-strategic
syntex	Powershell Syntex Intro	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/powershell-syntex-intro.md	audience: admin-+ - enabler-strategic
syntex	Powershell Syntex Processing	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/powershell-syntex-processing.md	audience: admin-+ - enabler-strategic
syntex	Powershell Syntex Publishing	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/powershell-syntex-publishing.md	audience: admin-+ - enabler-strategic
syntex	Prebuilt Model Invoice	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/prebuilt-model-invoice.md	audience: admin-+ search.appverid:
syntex	Prebuilt Model Receipt	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/prebuilt-model-receipt.md	audience: admin-+ search.appverid:
syntex	Prebuilt Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/prebuilt-overview.md	audience: admin-+ search.appverid:
syntex	Push Content Type To Hub	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/push-content-type-to-hub.md	audience: admin-+ search.appverid:
syntex	Rename A Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/rename-a-model.md	audience: admin -+ search.appverid:
syntex	Rename An Extractor	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/rename-an-extractor.md	audience: admin -+ search.appverid:
syntex	Requirements And Limitations	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/requirements-and-limitations.md	audience: admin-+ search.appverid:
syntex	Set Up Content Understanding	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/set-up-content-understanding.md	audience: admin-+ - enabler-strategic
syntex	Skos Format Reference	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/skos-format-reference.md	audience: admin-+ search.appverid:
syntex	Solution Manage Contracts In Microsoft 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/solution-manage-contracts-in-microsoft-365.md	audience: admin- Previously updated : + Last updated : 10/28/2022 - m365solution-managecontracts
syntex	Solution Manage Contracts Step1	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/solution-manage-contracts-step1.md	audience: admin- Previously updated : + Last updated : 10/28/2022 search.appverid: ms.localizationpriority: medium
syntex	Solution Manage Contracts Step2	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/solution-manage-contracts-step2.md	audience: admin- Previously updated :+ Last updated : 10/28/2022 search.appverid: ms.localizationpriority: medium
syntex	Solution Manage Contracts Step3	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/solution-manage-contracts-step3.md	audience: admin- Previously updated : + Last updated : 10/28/2022 search.appverid: ms.localizationpriority: medium
syntex	Syntex Azure Billing	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/syntex-azure-billing.md	audience: admin-+ - enabler-strategic
syntex	Syntex Licensing	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/syntex-licensing.md	audience: admin-+ - enabler-strategic
syntex	Syntex Overview	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/syntex-overview.md	audience: admin-+ search.appverid:
syntex	Term Store Analytics	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/term-store-analytics.md	audience: admin-+ search.appverid:
syntex	Train Freeform Document Processing Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/train-freeform-document-processing-model.md	audience: admin-+ search.appverid:
syntex	Train Model	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/train-model.md	audience: admin--+ search.appverid:
syntex	Trial Syntex	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/trial-syntex.md	Previously updated : Last updated : 08/26/2022 audience: admin-+ - enabler-strategic
syntex	Use Content Center Site	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/use-content-center-site.md	audience: admin -+ search.appverid:
syntex	Use Contracts Management Site	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/use-contracts-management-site.md	audience: admin -+ search.appverid: