Microsoft Defender Security Center

Microsoft Defender Security Center is the portal where you can access Microsoft Defender Advanced Threat Protection capabilities. It gives enterprise security operations teams a single pane of glass experience to help secure networks.

In this section

Topic Description
Get started Learn about the minimum requirements, validate licensing and complete setup, know about preview features, understand data storage and privacy, and how to assign user access to the portal.
Onboard machines Learn about onboarding client, server, and non-Windows machines. Learn how to run a detection test, configure proxy and Internet connectivity settings, and how to troubleshoot potential onboarding issues.
Understand the portal Understand the Security operations, Secure Score, and Threat analytics dashboards as well as how to navigate the portal.
Investigate and remediate threats Investigate alerts, machines, and take response actions to remediate threats.
API and SIEM support Use the supported APIs to pull and create custom alerts, or automate workflows. Use the supported SIEM tools to pull alerts from Microsoft Defender Security Center.
Reporting Create and build Power BI reports using Microsoft Defender ATP data.
Check service health and sensor state Verify that the service is running and check the sensor state on machines.
Configure Microsoft Defender Security Center settings Configure general settings, turn on the preview experience, notifications, and enable other features.
Access the Microsoft Defender ATP Community Center Access the Microsoft Defender ATP Community Center to learn, collaborate, and share experiences about the product.
Troubleshoot service issues This section addresses issues that might arise as you use the Microsoft Defender Advanced Threat service.