Microsoft have released a completely redesigned alert page in the Microsoft Defender Security Center (which is now in public preview).
The new Microsoft Defender ATP alert page is designed to help security admins more effectively triage, investigate, and take effective actions on alerts. Microsoft say that the changes to the page were guided by customer feedback on how to make the experience better and as a result the new page constructs a detailed alert story with full context which will provides the following:
- Improved focus – at the forefront so that analysts have less clicks to get to relevant insights.
- An investigation-oriented approach – alerts related to the same execution tree will appear on the same page, increasing efficiency, and awareness to the investigation scope.
- Easier to take actions – with necessary actions built into the workflow, doing what you need just became that much faster.
To learn more about the new Microsoft Defender ATP alert page, see the Microsoft Defender ATP alert page documentation.