edits

Author: lgayhardt

articles/ai-studio/concepts/evaluation-metrics-built-in.md

@@ -109,7 +109,7 @@ The risk and safety metrics draw on insights gained from our previous Large Lang
 - Direct attack jailbreak
 - Protected material content
 
-You can measure these risk and safety metrics on your own data or test dataset through redteaming or on a synthetic test dataset generated by [our adversarial simulator](../how-to/develop/simulator-interaction-data.md). This will output an annotated test dataset with content risk severity levels (very low, low, medium, or high) and [view your results in Azure AI ](../how-to/evaluate-results.md), which provide you with overall defect rate across whole test dataset and instance view of each content risk label and reasoning.
+You can measure these risk and safety metrics on your own data or test dataset through redteaming or on a synthetic test dataset generated by [our adversarial simulator](../how-to/develop/simulator-interaction-data.md#generate-adversarial-simulations-for-safety-evaluation). This will output an annotated test dataset with content risk severity levels (very low, low, medium, or high) and [view your results in Azure AI ](../how-to/evaluate-results.md), which provide you with overall defect rate across whole test dataset and instance view of each content risk label and reasoning.
 
 ### Evaluating jailbreak vulnerability
 
@@ -123,9 +123,9 @@ We support evaluating vulnerability towards the following types of jailbreak att
 1. Baseline adversarial test dataset 
 2. Adversarial test dataset with direct attack jailbreak injections in the first turn.
 
-You can do this with functionality and attack datasets generated with the [direct attack simulator](../how-to/develop/simulator-interaction-data.md) with the same randomization seed. Then you can evaluate jailbreak vulnerability by comparing results from content safety evaluators between the two test dataset's aggregate scores for each safety evaluator. A direct attack jailbreak defect is detected when there's presence of content harm response detected in the second direct attack injected dataset when there was none or lower severity detected in the first control dataset.
+You can do this with functionality and attack datasets generated with the [direct attack simulator](../how-to/develop/simulator-interaction-data.md#simulating-jailbreak-attacks) with the same randomization seed. Then you can evaluate jailbreak vulnerability by comparing results from content safety evaluators between the two test dataset's aggregate scores for each safety evaluator. A direct attack jailbreak defect is detected when there's presence of content harm response detected in the second direct attack injected dataset when there was none or lower severity detected in the first control dataset.
 
-*Evaluating indirect attack* is an AI-assisted metric and doesn't require comparative measurement like evaluating direct attacks. Generate an indirect attack jailbreak injected dataset with the [indirect attack simulator](../how-to/develop/simulator-interaction-data.md) then evaluate with the `IndirectAttackEvaluator`.
+*Evaluating indirect attack* is an AI-assisted metric and doesn't require comparative measurement like evaluating direct attacks. Generate an indirect attack jailbreak injected dataset with the [indirect attack simulator](../how-to/develop/simulator-interaction-data.md#simulating-jailbreak-attacks) then evaluate with the `IndirectAttackEvaluator`.
 
 > [!NOTE]
 > AI-assisted risk and safety metrics are hosted by Azure AI Studio safety evaluations back-end service and is only available in the following regions: East US 2, France Central, UK South, Sweden Central. Protected Material evaluation is only available in East US 2.

articles/ai-studio/how-to/develop/simulator-interaction-data.md

@@ -233,7 +233,7 @@ azure_ai_project = {
 > [!NOTE]
 > Currently adversarial simulation, which uses the Azure AI safety evaluation service, is only available in the following regions: East US 2, France Central, UK South, Sweden Central.
 
-## Specify target callback to simulate against - adversarial simulator
+## Specify target callback to simulate against for adversarial simulator
 
 You can bring any application endpoint to the adversarial simulator. `AdversarialSimulator` class supports sending service-hosted queries and receiving responses with a callback function, as defined below. The `AdversarialSimulator` adheres to the [OpenAI's messages protocol](https://platform.openai.com/docs/api-reference/messages/object#messages/object-content).