Applies to: Microsoft 365 từ GoDaddy

Microsoft 365 từ GoDaddy Trợ giúp

Remediate security alerts with Microsoft Defender

Microsoft Defender is designed to catch a range of suspicious activities and malicious behaviors. It includes tools to help detect and respond to security risks, but knowing how to act on security alerts is key to securing your devices.

Note: If you want to purchase Defender and add it to your Microsoft 365 plan, please contact our GoDaddy Guides.
Note: Our GoDaddy Guides can help you set up Defender and make sure your license is properly applied. However, they cannot give you in-depth guidance on using the Defender portal or interpreting specific security alerts beyond this article. See our Statement of Support.

Defender sends you 4 main types of alerts: it lets you know when malware is detected and handled, warns you about coordinated attacks, flags suspicious emails like phishing attempts and spots any unusual behavior that might signal trouble.

  1. Sign in to the Microsoft Defender portal. Use your Microsoft 365 email address and password (your GoDaddy username and password won’t work here).
  2. To see your devices at risk, on the leftmost side, select Assets, and then Devices.
    The Assets menu expanded with the Devices button highlighted.

Review alert details for a specific device

  1. To review alert details for a specific device, select the device. The Overview page will open, and, under Active alerts, you’ll see any active alerts or incidents.
  2. To see more information about an alert or incident, under the device name, select Incidents and alerts.
    The Incidents and alerts tab button highlighted.

Run an antivirus scan

  1. To run an antivirus scan that will search for and remove malicious files, on the Overview page, in the upper-right corner, select The horizontal three dot icon for More actions. More actions, and then Run Antivirus Scan.
    The More actions menu opened with the Run Antivirus Scan button highlighted.
  2. Select the scan type, and then Confirm.

Trigger automated investigation

  1. To run an automated investigation (an in-depth analysis that identifies the root cause and flags any related issues), on the Overview page, in the upper-right corner, select The horizontal three dot icon for More actions. More actions, and then Initiate Automated Investigation. You'll see a message confirming that the investigation started.
    The More actions menu opened with the Initiate Automated Investigation button highlighted.

Isolate the device (if the threat is severe)

  1. If the threat is severe, continue with device isolation. On the Overview page, in the upper-right corner, select The horizontal three dot icon for More actions. More actions, and then Isolate Device. This disconnects the device from the network to restrict further infection.
    The More actions menu opened with the Isolate Device button highlighted.
  2. Select The horizontal three dot icon for More actions. More actions again, and then Restrict App Execution. This will limit the device’s ability to run potentially harmful applications.
    The More actions menu opened with the Restrict App Execution button highlighted.

Monitor ongoing incidents

  1. To monitor ongoing incidents, on the leftmost side, select Incidents & alerts, and then one of the options.
    The Incidents & alerts menu expanded with the three options shown.
  2. Revisit this section to verify that all alerts are addressed.

Các bước liên quan

Xem thêm thông tin