0
()

(NEW!) A unified Action center

We are pleased to announce a new, unified Action center (https://security.microsoft.com/action-center)!

Action center in the Microsoft 365 Defender portal.

The following table compares the new, unified Action center to the previous Action center.

(NEW!) A UNIFIED ACTION CENTER
The new, unified Action center The previous Action center
Lists pending and completed actions for devices and email in one location
(Microsoft Defender for Endpoint plus Microsoft Defender for Office 365)
Lists pending and completed actions for devices
(Microsoft Defender for Endpoint only)
Is located at:
https://security.microsoft.com/action-center
Is located at:
https://securitycenter.windows.com/action-center
In the Microsoft 365 Defender portal, choose Action center.Navigating to the Action Center in the Microsoft 365 Defender portal. In the Microsoft 365 Defender portal, choose Automated investigations > Action center.Navigating to the Action center from the Microsoft 365 Defender portal.

The unified Action center brings together remediation actions across Defender for Endpoint and Defender for Office 365. It defines a common language for all remediation actions, and provides a unified investigation experience.

You can use the unified Action center if you have appropriate permissions and one or more of the following subscriptions:

 Tip

To learn more, see Requirements.

Using the Action center

To get to the unified Action center in the improved Microsoft 365 Defender portal:

  1. Go to the Microsoft 365 Defender portal and sign in.
  2. In the navigation pane, select Action center.

When you visit the Action center, you see two tabs: Pending actions and History. The following table summarizes what you’ll see on each tab:

USING THE ACTION CENTER
Tab Description
Pending Displays a list of actions that require attention. You can approve or reject actions one at a time, or select multiple actions if they have the same type of action (such as Quarantine file).TIP: Make sure to review and approve (or reject) pending actions as soon as possible so that your automated investigations can complete in a timely manner.
History Serves as an audit log for actions that were taken, such as:

  • Remediation actions that were taken as a result of automated investigations
  • Remediation actions that were approved by your security operations team
  • Commands that were run and remediation actions that were applied during Live Response sessions
  • Remediation actions that were taken by threat protection features in Microsoft Defender Antivirus

Provides a way to undo certain actions (see Undo completed actions).

You can customize, sort, filter, and export data in the Action center.

Columns and filters in the Action center.

  • Select a column heading to sort items in ascending or descending order.
  • Use the time period filter to view data for the past day, week, 30 days, or 6 months.
  • Choose the columns that you want to view.
  • Specify how many items to include on each page of data.
  • Use filters to view just the items you want to see.
  • Select Export to export results to a .csv file.

Source : Official Microsoft Brand
Editor by : BEST Antivirus KBS Team

How useful was this post?

Click on a star to rate it!

Average rating / 5. Vote count:

No votes so far! Be the first to rate this post.

(Visited 1 times, 1 visits today)
Discover More help  IdentityDirectoryEvents (Microsoft)