The Incidents queue is the starting point for threat investigations. It provides high-level information about each incident, like the impacted machines, the sources of alerts, and the severity. Incidents optimize your time by helping you to triage, investigate, and remediate related alerts together. For more tips like this, check out the working remotely playlist at www.youtube.com/FoetronAcademy . Also, if you need any further assistance then you can raise a support ticket and get it addressed.
Incident investigations in Microsoft Defender ATP Print
Created by: Shekhar Rathour
Modified on: Thu, 13 Aug, 2020 at 9:05 PM
Did you find it helpful? Yes No
Send feedbackSorry we couldn't be helpful. Help us improve this article with your feedback.