Merge branch 'main' into patch-21

chrisda · web-flow · commit 01d3dacfa70f · 2024-01-24T10:55:39.000-08:00
diff --git a/microsoft-365/security/defender-endpoint/investigate-incidents.md b/microsoft-365/security/defender-endpoint/investigate-incidents.md
@@ -1,13 +1,8 @@
 ---
 title: Investigate incidents in Microsoft Defender for Endpoint
 description: See associated alerts, manage the incident, and see alert metadata to help you investigate an incident
-keywords: investigate, incident, alerts, metadata, risk, detection source, affected devices, patterns, correlation
-search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.service: defender-endpoint
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
@@ -19,7 +14,7 @@ ms.collection:
 - mde-edr
 ms.topic: conceptual
 ms.subservice: edr
-ms.date: 12/18/2020
+ms.date: 01/24/2024
 ---
 
 # Investigate incidents in Microsoft Defender for Endpoint
@@ -44,6 +39,9 @@ When you investigate an incident, you'll see:
 
 ## Analyze incident details
 
+> [!TIP]
+> For a limited time during January 2024, when you visit the **Incidents** page, Defender Boxed appears. Defender Boxed highlights your organization's security successes, improvements, and response actions during 2023. To reopen Defender Boxed, in the Microsoft Defender portal, go to **Incidents**, and then select **Your Defender Boxed**.
+
 Click an incident to see the **Incident pane**. Select **Open incident page** to see the incident details and related information (alerts, devices, investigations, evidence, graph).
 
 :::image type="content" source="images/atp-incident-details.png" alt-text="The details of an incident" lightbox="images/atp-incident-details.png":::
diff --git a/microsoft-365/security/defender-endpoint/manage-incidents.md b/microsoft-365/security/defender-endpoint/manage-incidents.md
@@ -19,7 +19,7 @@ ms.collection:
 - mde-edr
 ms.topic: conceptual
 ms.subservice: edr
-ms.date: 12/18/2020
+ms.date: 01/24/2024
 ---
 
 # Manage Microsoft Defender for Endpoint incidents
@@ -36,6 +36,8 @@ ms.date: 12/18/2020
 
 Managing incidents is an important part of every cybersecurity operation. You can manage incidents by selecting an incident from the **Incidents queue** or the **Incidents management pane**. 
 
+> [!TIP]
+> For a limited time during January 2024, when you visit the **Incidents** page, Defender Boxed appears. Defender Boxed highlights your organization's security successes, improvements, and response actions during 2023. To reopen Defender Boxed, in the Microsoft Defender portal, go to **Incidents**, and then select **Your Defender Boxed**.
 
 Selecting an incident from the **Incidents queue** brings up the **Incident management pane** where you can open the incident page for details.
 
diff --git a/microsoft-365/security/defender-endpoint/view-incidents-queue.md b/microsoft-365/security/defender-endpoint/view-incidents-queue.md
@@ -19,7 +19,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: edr
 search.appverid: met150
-ms.date: 12/18/2020
+ms.date: 01/24/2024
 ---
 
 # View and organize the Microsoft Defender for Endpoint Incidents queue
@@ -33,6 +33,10 @@ ms.date: 12/18/2020
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-pullalerts-abovefoldlink)
 
+> [!TIP]
+> For a limited time during January 2024, when you visit the **Incidents** page, Defender Boxed appears. Defender Boxed highlights your organization's security successes, improvements, and response actions during 2023. To reopen Defender Boxed, in the Microsoft Defender portal, go to **Incidents**, and then select **Your Defender Boxed**.
+
+
 The **Incidents queue** shows a collection of incidents that were flagged from devices in your network. It helps you sort through incidents to prioritize and create an informed cybersecurity response decision.
 
 By default, the queue displays incidents seen in the last 6 months, with the most recent incident showing at the top of the list, helping you see the most recent incidents first.
diff --git a/microsoft-365/security/defender-endpoint/whats-new-in-microsoft-defender-endpoint.md b/microsoft-365/security/defender-endpoint/whats-new-in-microsoft-defender-endpoint.md
@@ -7,7 +7,7 @@ ms.service: defender-endpoint
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
-ms.date: 01/22/2024
+ms.date: 01/24/2024
 manager: dansimp
 audience: ITPro
 ms.collection: 
@@ -50,6 +50,15 @@ For more information on Microsoft Defender for Endpoint on specific operating sy
 - [What's new in Defender for Endpoint on Android](android-whatsnew.md)
 - [What's new in Defender for Endpoint on iOS](ios-whatsnew.md)
 
+## January 2024
+
+- **Defender Boxed is available for a limited period of time**. Defender Boxed highlights your organization's security successes, improvements, and response actions during 2023. Take a moment to celebrate your organization's improvements in security posture, overall response to detected threats (manual and automatic), blocked emails, and more. 
+
+   - Defender Boxed opens automatically when you go to the **Incidents** page in the Microsoft Defender portal. 
+   - If you close Defender Boxed and you want to reopen it, in the Microsoft Defender portal, go to **Incidents**, and then select **Your Defender Boxed**.
+   - Act quickly! Defender Boxed is available only for a short period of time.
+
+
 ## November 2023
 
 - [Microsoft Defender Core service](microsoft-defender-antivirus-windows.md#microsoft-defender-core-service) is now available for consumers and is planned to begin rolling out to enterprise customers in early 2024.
