{"id":906,"date":"2022-11-10T17:12:42","date_gmt":"2022-11-10T09:12:42","guid":{"rendered":"http:\/\/www.aqwu.net\/wp\/?p=906"},"modified":"2022-11-10T17:12:42","modified_gmt":"2022-11-10T09:12:42","slug":"%e4%bd%bf%e7%94%a8-microsoft-365-defender-%e4%b8%ad%e7%9a%84%e6%96%b0%e6%94%bb%e5%87%bb%e6%95%85%e4%ba%8b%e8%a7%86%e5%9b%be%e6%9b%b4%e6%9c%89%e6%95%88%e5%9c%b0%e8%b0%83%e6%9f%a5%e4%ba%8b%e4%bb%b6","status":"publish","type":"post","link":"https:\/\/www.aqwu.net\/wp\/?p=906","title":{"rendered":"\u4f7f\u7528 Microsoft 365 Defender \u4e2d\u7684\u65b0\u653b\u51fb\u6545\u4e8b\u89c6\u56fe\u66f4\u6709\u6548\u5730\u8c03\u67e5\u4e8b\u4ef6"},"content":{"rendered":"\n<p>\u5b89\u5168\u8fd0\u8425\u4e2d\u5fc3\u56e2\u961f (SOC) \u6700\u5927\u7684\u6548\u7387\u6d88\u8017\u4e4b\u4e00\u662f\u4e0a\u4e0b\u6587\u7684\u4e0d\u65ad\u5207\u6362\u2014\u2014\u5728\u4e0d\u540c\u7684\u5b89\u5168\u5de5\u5177\u4e4b\u95f4\uff0c\u751a\u81f3\u5728\u4ed6\u4eec\u5bfb\u627e\u4e0d\u540c\u7c7b\u578b\u7684\u4fe1\u606f\u65f6\uff0c\u5728\u4e00\u4e2a\u89e3\u51b3\u65b9\u6848\u4e2d\u7684\u5404\u79cd\u89c6\u56fe\u4e4b\u95f4\u5207\u6362\u3002\u8fd9\u4e9b\u4e0d\u8fde\u8d2f\u7684\u89e3\u51b3\u65b9\u6848\u548c\u89c6\u56fe\u5bfc\u81f4 SOC \u56e2\u961f\u5728\u5c1d\u8bd5\u624b\u52a8\u62fc\u51d1\u76f8\u5173\u4fe1\u53f7\u65f6\u6d6a\u8d39\u5b9d\u8d35\u7684\u65f6\u95f4\u3002<\/p>\n\n\n\n<p>\u539f\u6587\u94fe\u63a5\uff1ahttps:\/\/techcommunity.microsoft.com\/t5\/microsoft-365-defender-blog\/investigate-incidents-more-effectively-with-the-new-attack-story\/ba-p\/3670478<\/p>\n\n\n\n<p>\u53e6\u4e00\u65b9\u9762\uff0cMicrosoft 365 Defender \u5c06\u8de8\u7aef\u70b9\u3001\u4e91\u548c\u672c\u5730\u8eab\u4efd\u3001\u7535\u5b50\u90ae\u4ef6\u3001\u6587\u6863\u548c\u4e91\u5e94\u7528\u7a0b\u5e8f\u7684\u6570\u5341\u4ebf\u4fe1\u53f7\u5173\u8054\u8d77\u6765\uff0c\u5e76\u5c06\u5b83\u4eec\u5206\u7ec4\u5230\u4e8b\u4ef6\u4e2d\u2014\u2014\u4e3a\u5b89\u5168\u56e2\u961f\u63d0\u4f9b\u4e00\u79cd\u66f4\u6709\u6548\u7684\u65b9\u5f0f\u6765\u8c03\u67e5\u548c\u4fee\u590d\u7edf\u4e00\u4f53\u9a8c\u4e2d\u7684\u5a01\u80c1.<\/p>\n\n\n\n<p>\u4eca\u5929\uff0c\u6211\u4eec\u5f88\u9ad8\u5174\u5730\u5ba3\u5e03\uff0c\u6211\u4eec\u901a\u8fc7\u5728 Microsoft 365 Defender \u4e2d\u5f15\u5165<strong>\u653b\u51fb\u6545\u4e8b\u89c6\u56fe<\/strong>\u6765\u6539\u5584\u8c03\u67e5\u4f53\u9a8c- \u4ee5\u5e2e\u52a9\u5206\u6790\u5e08\u66f4\u5feb\u5730\u963b\u6b62\u8fdd\u89c4\u884c\u4e3a\u3002\u5728 Microsoft 365 Defender \u7684\u65b0\u4e8b\u4ef6\u8c03\u67e5\u4f53\u9a8c\u4e2d\uff0c\u5206\u6790\u5e08\u73b0\u5728\u53ef\u4ee5\u8f7b\u677e\u5730\u5728\u53d7\u5f71\u54cd\u7684\u8d44\u4ea7\u4e4b\u95f4\u5bfc\u822a\u6216\u6df1\u5165\u4e86\u89e3\u5404\u4e2a\u8b66\u62a5\u7684\u8be6\u7ec6\u4fe1\u606f\uff0c\u540c\u65f6\u59cb\u7ec8\u4fdd\u7559\u4e8b\u4ef6\u7684\u5b8c\u6574\u4e0a\u4e0b\u6587\u3002<\/p>\n\n\n\n<p>\u5f53\u60a8\u4ece Microsoft 365 Defender \u4e2d\u7684\u4e8b\u4ef6\u961f\u5217\u4e2d\u9009\u62e9\u4e8b\u4ef6\u65f6\uff0c\u65b0\u7684\u653b\u51fb\u6545\u4e8b\u89c6\u56fe\u73b0\u5728\u662f\u8c03\u67e5\u4f53\u9a8c\u7684\u6838\u5fc3\u3002\u5b83\u662f\u6240\u6709\u53d7\u5f71\u54cd\u8d44\u6e90\u7684\u53ef\u89c6\u5316\u548c\u4ea4\u4e92\u5f0f\u89c6\u56fe\uff0c\u4f7f\u5b89\u5168\u5206\u6790\u5e08\u80fd\u591f\u5728\u8c03\u67e5\u671f\u95f4\u7684\u4efb\u4f55\u65f6\u5019\u4e86\u89e3\u4e8b\u4ef6\u4e0a\u4e0b\u6587\u3002\u6b64\u5916\uff0c\u5206\u6790\u5e08\u53ef\u4ee5\u4e0e\u653b\u51fb\u6545\u4e8b\u89c6\u56fe\u4ea4\u4e92\u4ee5\u786e\u5b9a\u4e0b\u4e00\u6b65\u6216\u4ece\u5e26\u6709\u9009\u9879\u7684\u4e0b\u62c9\u5217\u8868\u4e2d\u91c7\u53d6\u884c\u52a8\u3002<\/p>\n\n\n\n<p>\u56fe 1 \u663e\u793a\u4e86\u65b0\u7684\u653b\u51fb\u6545\u4e8b\u89c6\u56fe\u2014\u2014\u5b83\u5141\u8bb8\u60a8\u8f7b\u677e\u8bc6\u522b\u5728\u8fd9\u79cd\u60c5\u51b5\u4e0b\uff0c\u591a\u4e2a\u7528\u6237\u3001\u6587\u4ef6\u3001\u7aef\u70b9\u3001\u7535\u5b50\u90ae\u4ef6\u5e10\u6237\u4ee5\u53ca\u5916\u90e8\u57df\u53d7\u5230\u5f71\u54cd\u3002 &nbsp;<\/p>\n\n\n\n<p><img decoding=\"async\" src=\"https:\/\/techcommunity.microsoft.com\/t5\/image\/serverpage\/image-id\/417388i9A549EB8F4A8DAA5\/image-size\/large?v=v2&amp;px=999\" alt=\"\u7f29\u7565\u56fe 1 \u5e26\u6807\u9898\u7684\u56fe\u50cf 1 \u2013 Microsoft 365 Defender \u4e2d\u7684\u65b0\u653b\u51fb\u6545\u4e8b\u89c6\u56fe\"><em>\u56fe 1 \u2013 Microsoft 365 Defender \u4e2d\u7684\u65b0\u653b\u51fb\u6545\u4e8b\u89c6\u56fe<\/em><\/p>\n\n\n\n<p>\u56fe 2 \u5411\u60a8\u5c55\u793a\u4e86\u4e0e\u65b0\u4e8b\u4ef6\u9875\u9762\u7684\u4ea4\u4e92\u65b9\u5f0f\u4ee5\u53ca\u89c6\u56fe\u5982\u4f55\u6839\u636e\u60a8\u7684\u64cd\u4f5c\u52a8\u6001\u8c03\u6574\u3002\u5728\u56fe 2 \u7684\u5de6\u4fa7\uff0c\u60a8\u53ef\u4ee5\u770b\u5230\u4e0e\u6b64\u4e8b\u4ef6\u76f8\u5173\u7684\u8b66\u62a5\u5217\u8868\u2014\u2014\u5f53\u5206\u6790\u5e08\u9009\u62e9\u4e0d\u540c\u7684\u8b66\u62a5\u65f6\uff0c\u653b\u51fb\u6545\u4e8b\u89c6\u56fe\u4f1a\u81ea\u52a8\u8c03\u6574\u4ee5\u653e\u5927\u76f8\u5173\u8b66\u62a5\uff0c\u5e76\u4e14\u4e8b\u4ef6\u9875\u9762\u4f1a\u8c03\u6574\u4ee5\u63d0\u4f9b\u6240\u6709\u76f8\u5173\u4e0e\u6b64\u8b66\u62a5\u76f8\u5173\u7684\u8be6\u7ec6\u4fe1\u606f\u3002<\/p>\n\n\n\n<p><img decoding=\"async\" src=\"https:\/\/techcommunity.microsoft.com\/t5\/image\/serverpage\/image-id\/417389i19496D65EB89DADA\/image-size\/large?v=v2&amp;px=999\" alt=\"\u7f29\u7565\u56fe 2 \u6807\u9898 Image-2 \u65b0\u4e8b\u4ef6\u9875\u9762\u4e0a\u7684\u4ea4\u4e92\u5f0f\u89c6\u56fe\"><em>\u56fe 2 \u65b0\u4e8b\u4ef6\u9875\u9762\u4e0a\u7684\u4ea4\u4e92\u5f0f\u89c6\u56fe<\/em><\/p>\n\n\n\n<p>\u6216\u8005\uff0c\u5206\u6790\u5e08\u4e5f\u53ef\u4ee5\u901a\u8fc7\u5355\u51fb\u76f8\u5173\u8d44\u4ea7\uff08\u56fe 3\uff09\u76f4\u63a5\u4f7f\u7528\u56fe\u8868\u6765\u67e5\u770b\u5b9e\u4f53\u8be6\u7ec6\u4fe1\u606f\uff0c\u751a\u81f3\u53ef\u4ee5\u9009\u62e9\u4ed6\u4eec\u60f3\u8981\u91c7\u53d6\u7684\u884c\u52a8\u4ee5\u8fdb\u4e00\u6b65\u8c03\u67e5\u6216\u5f00\u59cb\u8865\u6551\uff0c\u5982\u56fe 4 \u6240\u793a\u3002<\/p>\n\n\n\n<p><img decoding=\"async\" src=\"https:\/\/techcommunity.microsoft.com\/t5\/image\/serverpage\/image-id\/417391i449517F095E691EA\/image-size\/large?v=v2&amp;px=999\" alt=\"\u7f29\u7565\u56fe 3 \u5e26\u6807\u9898\u7684\u56fe\u50cf 3 \u2013 \u4e0e\u653b\u51fb\u6545\u4e8b\u89c6\u56fe\u4ea4\u4e92\u4ee5\u68c0\u7d22\u8bbe\u5907\u4fe1\u606f\"><em>\u56fe 3 \u2013 \u4e0e\u653b\u51fb\u6545\u4e8b\u89c6\u56fe\u4ea4\u4e92\u4ee5\u68c0\u7d22\u8bbe\u5907\u4fe1\u606f<\/em><\/p>\n\n\n\n<p><img decoding=\"async\" src=\"https:\/\/techcommunity.microsoft.com\/t5\/image\/serverpage\/image-id\/417392iC1F3EE6AE20E3BCD\/image-size\/large?v=v2&amp;px=999\" alt=\"\u7f29\u7565\u56fe 4 \u5e26\u6807\u9898\u7684\u56fe\u50cf 4\uff1a\u9009\u62e9\u4efb\u4f55\u53ef\u7528\u64cd\u4f5c\u4ee5\u8fdb\u884c\u8fdb\u4e00\u6b65\u8c03\u67e5\u6216\u5f00\u59cb\u8865\u6551\"><em>\u56fe 4\uff1a\u9009\u62e9\u4efb\u4f55\u53ef\u7528\u64cd\u4f5c\u4ee5\u8fdb\u884c\u8fdb\u4e00\u6b65\u8c03\u67e5\u6216\u5f00\u59cb\u4fee\u590d<\/em><\/p>\n\n\n\n<p>\u65b0\u7684\u653b\u51fb\u6545\u4e8b\u89c6\u56fe\u6539\u53d8\u4e86 SOC \u56e2\u961f\u7684\u6e38\u620f\u89c4\u5219\u2014\u2014\u65e0\u4f11\u6b62\u7684\u4e0a\u4e0b\u6587\u5207\u6362\u548c\u8bd5\u56fe\u4e0d\u5ffd\u89c6\u6574\u4f53\u4e8b\u4ef6\u548c\u53d7\u5f71\u54cd\u8d44\u4ea7\u7684\u65e5\u5b50\u5df2\u7ecf\u4e00\u53bb\u4e0d\u590d\u8fd4\u4e86\u3002\u4ea4\u4e92\u5f0f\u89c6\u56fe\u5c06\u4f7f\u8c03\u67e5\u548c\u54cd\u5e94\u66f4\u52a0\u76f4\u89c2\uff0c\u6700\u91cd\u8981\u7684\u662f &#8211; \u6709\u52a9\u4e8e\u66f4\u5feb\u5730\u54cd\u5e94\u5a01\u80c1\u5e76\u9650\u5236\u653b\u51fb\u7684\u5f71\u54cd\u3002<\/p>\n\n\n\n<p><strong>\u6709\u5173\u66f4\u591a\u4fe1\u606f\uff0c\u8bf7\u67e5\u770b\u4ee5\u4e0b\u8d44\u6e90\uff1a<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365\/security\/defender\/incidents-overview?view=o365-21vianet\" target=\"_blank\" rel=\"noreferrer noopener\">\u4f7f\u7528 Microsoft 365 Defender<\/a>\u83b7\u53d6\u4e8b\u4ef6\u54cd\u5e94\u6982\u89c8<a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365\/security\/defender\/incidents-overview?view=o365-21vianet\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/li>\n\n\n\n<li>\u8be6\u7ec6\u4e86\u89e3\u4f7f\u7528 Microsoft 365 Defender \u8fdb\u884c<a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365\/security\/defender\/manage-incidents?view=o365-21vianet\" target=\"_blank\" rel=\"noreferrer noopener\">\u4e8b\u4ef6\u7ba1\u7406<\/a><\/li>\n\n\n\n<li>\u4e86\u89e3\u5982\u4f55<a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365\/security\/defender\/investigate-incidents?view=o365-21vianet\" target=\"_blank\" rel=\"noreferrer noopener\">\u8c03\u67e5<\/a>Microsoft 365 Defender \u4e2d\u7684\u4e8b\u4ef6<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>\u5b89\u5168\u8fd0\u8425\u4e2d\u5fc3\u56e2\u961f (SOC) \u6700\u5927\u7684\u6548\u7387\u6d88\u8017\u4e4b\u4e00\u662f\u4e0a\u4e0b\u6587\u7684\u4e0d\u65ad\u5207\u6362\u2014\u2014\u5728\u4e0d\u540c\u7684\u5b89\u5168\u5de5\u5177\u4e4b\u95f4\uff0c\u751a\u81f3\u5728\u4ed6\u4eec\u5bfb\u627e\u4e0d\u540c [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[10,5],"tags":[151,73],"class_list":["post-906","post","type-post","status-publish","format-standard","hentry","category-microsoftdefenderatp","category-infosec","tag-microsoft-365-defender","tag-windows"],"views":1435,"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.aqwu.net\/wp\/index.php?rest_route=\/wp\/v2\/posts\/906","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.aqwu.net\/wp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aqwu.net\/wp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aqwu.net\/wp\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aqwu.net\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=906"}],"version-history":[{"count":1,"href":"https:\/\/www.aqwu.net\/wp\/index.php?rest_route=\/wp\/v2\/posts\/906\/revisions"}],"predecessor-version":[{"id":907,"href":"https:\/\/www.aqwu.net\/wp\/index.php?rest_route=\/wp\/v2\/posts\/906\/revisions\/907"}],"wp:attachment":[{"href":"https:\/\/www.aqwu.net\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=906"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aqwu.net\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=906"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aqwu.net\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=906"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}