more fixes , removed old article from toc

ElazarK · ElazarK · commit 0db74ea22fb0 · 2023-12-24T16:10:18.000+02:00
diff --git a/articles/defender-for-cloud/TOC.yml b/articles/defender-for-cloud/TOC.yml
@@ -109,9 +109,6 @@
     - name: Protect VMs
       displayName: manage, access, harden
       href: tutorial-protect-resources.md
-    - name: Investigate and respond to security alerts
-      displayName: triage, security, alerts, investigate,
-      href: tutorial-security-incident.md
     - name: Investigate the health of your resources
       displayName: health, resources, outstanding, security, issues,
       href: investigate-resource-health.md
diff --git a/articles/defender-for-cloud/managing-and-responding-alerts.md b/articles/defender-for-cloud/managing-and-responding-alerts.md
@@ -12,10 +12,10 @@ Defender for Cloud collects, analyzes, and integrates log data from your Azure,
 
 This article shows you how to view and process Defender for Cloud's alerts and protect your resources.
 
-When triaging security alerts, you should prioritize alerts based on their alert severity, addressing higher severity alerts first. Learn more about alerts severity in [How are alerts classified?](alerts-overview.md#how-are-alerts-classified).
+When triaging security alerts, you should prioritize alerts based on their alert severity, addressing higher severity alerts first. Learn more about [how alerts are classified](alerts-overview.md#how-are-alerts-classified).
 
 > [!TIP]
-> You can connect Microsoft Defender for Cloud to most popular SIEM solutions including Microsoft Sentinel and consume the alerts from your tool of choice. Learn more in [Stream alerts to a SIEM, SOAR, or IT Service Management solution](export-to-siem.md).
+> You can connect Microsoft Defender for Cloud to SIEM solutions including Microsoft Sentinel and consume the alerts from your tool of choice. Learn more how to [stream alerts to a SIEM, SOAR, or IT Service Management solution](export-to-siem.md).
 
 ## Manage your security alerts
 
@@ -25,25 +25,24 @@ When triaging security alerts, you should prioritize alerts based on their alert
 
     :::image type="content" source="media/managing-and-responding-alerts/overview-page-alerts-links.png" alt-text="Screenshot that shows how the security alerts page from Microsoft Defender for Cloud's overview page looks.":::
 
-1. (Optional) Filter the alerts list with any of the relevant filters. You can add additional filters with the **Add filter** option.
+1. (Optional) Filter the alerts list with any of the relevant filters. You can add extra filters with the **Add filter** option.
 
     :::image type="content" source="./media/managing-and-responding-alerts/alerts-adding-filters-small.png" alt-text="Screenshot that shows you how to add filters to the alerts view." lightbox="./media/managing-and-responding-alerts/alerts-adding-filters-large.png":::
 
     The list updates according to the filters selected. For example, you might you want to address security alerts that occurred in the last 24 hours because you're investigating a potential breach in the system.
 
 ## Investigate a security alert
 
-Various options are available for each alert in order to assist you in your investigation.
+Each alert contains information regarding the alert that assists you in your investigation.
 
 **To investigate a security alert**: 
 
 1. Select an alert. A side pane opens and shows a description of the alert and all the affected resources. 
 
-    :::image type="content" source="./media/managing-and-responding-alerts/alerts-details-pane.png" alt-text="Screenshot of the high-level details view of a security alert.":::.
+    :::image type="content" source="./media/managing-and-responding-alerts/alerts-details-pane.png" alt-text="Screenshot of the high-level details view of a security alert.":::
 
 1. Review the high-level information about the security alert.
     
-    This pane shows:
     - Alert severity, status, and activity time
     - Description that explains the precise activity that was detected
     - Affected resources
@@ -64,10 +63,7 @@ Various options are available for each alert in order to assist you in your inve
 
     :::image type="content" source="./media/managing-and-responding-alerts/alert-take-action.png" alt-text="Take action tab.":::
 
-If you need further details:
-
-    - Contact the resource owner to verify whether the detected activity is a false positive.
-    - Investigate the raw logs generated by the attacked resource
+For further details contact the resource owner to verify whether the detected activity is a false positive. You can also, investigate the raw logs generated by the attacked resource.
 
 ## Change the status of multiple security alerts at once
 
diff --git a/articles/defender-for-cloud/release-notes-archive.md b/articles/defender-for-cloud/release-notes-archive.md
@@ -2984,8 +2984,6 @@ Azure Security Center's security alerts page was redesigned to provide:
 - **Alerts from Azure Resource Graph** - you can query alerts in Azure Resource Graph, the Kusto-like API for all of your resources. This is also useful if you're building your own alerts dashboards. [Learn more about Azure Resource Graph](../governance/resource-graph/index.yml).
 - **Create sample alerts feature** - To create sample alerts from the new alerts experience, see [Generate sample Azure Defender alerts](alert-validation.md#generate-sample-security-alerts).
 
-:::image type="content" source="media/managing-and-responding-alerts/alerts-page.png" alt-text="Azure Security Center's security alerts list":::
-
 ### Kubernetes workload protection recommendations released for general availability (GA)
 
 We're happy to announce the general availability (GA) of the set of recommendations for Kubernetes workload protections.
