Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
Say hello to the new alert page in Microsoft Defender ATP
Published Jun 15 2020 08:39 AM 19.1K Views

We are excited to announce the public preview of a completely redesigned alert page in the Microsoft Defender Security Center. The new Microsoft Defender ATP alert page will enable security researchers to more effectively triage, investigate, and take effective actions on alerts. The changes to the page were guided by customer feedback on how to make the experience better. The new page constructs a detailed alert story with full context which will provide the following:

  • Improved focus – is now at the forefront so that analysts have less clicks to get to relevant insights.  
  • An investigation-oriented approach - alerts related to the same execution tree will appear on the same page, increasing efficiency, and awareness to the investigation scope.
  • Easier to take actions – with necessary actions built into the workflow, doing what you need just became that much faster.




How to get started

Each alert page consists of 4 sections:

  1. The alert title – alert name which stays in constant view, regardless of what is clicked on the page.
  2. Affected assets - cards for devices and users affected by this alert.
  3. Alert story - displays all entities related to the alert, interconnected by a tree view. Every entity in the alert story is expandable and clickable.
  4. Details pane - a dynamic section that provides contextual information and actions for the selected object.

Check out the new alert page in action:



To learn more about the new Microsoft Defender ATP alert page, see the Microsoft Defender ATP alert page documentation.


Turn on preview features in the Microsoft Defender Security Center to try it out today. We welcome your feedback and are looking forward to hearing it! 

1 Comment
Version history
Last update:
‎Jun 09 2021 02:51 PM
Updated by: