MicrosoftDocs
diff --git a/‎.openpublishing.redirection.json
Lines changed: 25 additions & 0 deletions b/‎.openpublishing.redirection.json
Lines changed: 25 additions & 0 deletions
diff --git a/‎articles/cosmos-db/cosmos-db-advanced-threat-protection.md
Lines changed: 1 addition & 1 deletion b/‎articles/cosmos-db/cosmos-db-advanced-threat-protection.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/security-center/TOC.yml
Lines changed: 3 additions & 11 deletions b/‎articles/security-center/TOC.yml
Lines changed: 3 additions & 11 deletions
diff --git a/‎articles/security-center/advanced-threat-protection-key-vault.md
Lines changed: 9 additions & 5 deletions b/‎articles/security-center/advanced-threat-protection-key-vault.md
Lines changed: 9 additions & 5 deletions
diff --git a/‎articles/security-center/alerts-reference.md
Lines changed: 13 additions & 13 deletions b/‎articles/security-center/alerts-reference.md
Lines changed: 13 additions & 13 deletions
diff --git a/‎articles/security-center/azure-kubernetes-service-integration.md
Lines changed: 1 addition & 1 deletion b/‎articles/security-center/azure-kubernetes-service-integration.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/security-center/container-security.md
Lines changed: 1 addition & 1 deletion b/‎articles/security-center/container-security.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/security-center/security-center-alerts-compute.md
Lines changed: 0 additions & 64 deletions b/‎articles/security-center/security-center-alerts-compute.md
Lines changed: 0 additions & 64 deletions
@@ -29021,6 +29021,31 @@
       "redirect_url": "/azure/security-center/faq-general",
       "redirect_document_id": false
     },
+    {
+      "source_path": "articles/security-center/security-center-alerts-iaas.md",
+      "redirect_url": "/azure/security-center/threat-protection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/security-center/security-center-alerts-data-services.md",
+      "redirect_url": "/azure/security-center/threat-protection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/security-center/security-center-alerts-compute.md",
+      "redirect_url": "/azure/security-center/threat-protection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/security-center/security-center-alerts-service-layer.md",
+      "redirect_url": "/azure/security-center/threat-protection",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "articles/security-center/security-center-alerts-integration.md",
+      "redirect_url": "/azure/security-center/threat-protection",
+      "redirect_document_id": false
+    },
     {
       "source_path": "articles/security-center/security-center-playbooks.md",
       "redirect_url": "/azure/security-center/workflow-automation",
 
@@ -101,7 +101,7 @@ An email notification is also sent with the alert details and recommended action
 
 ## Cosmos DB ATP alerts
 
- To see a list of the alerts generated when monitoring Azure Cosmos DB accounts, see the [Cosmos DB alerts](../security-center/security-center-alerts-data-services.md#cosmos-db) section in the Security Center documentation.
+ To see a list of the alerts generated when monitoring Azure Cosmos DB accounts, see the [Cosmos DB alerts](https://docs.microsoft.com/azure/security-center/alerts-reference#alerts-azurecosmos) section in the Azure Security Center documentation.
 
 ## Next steps
 
 
@@ -52,7 +52,7 @@
       href: azure-container-registry-integration.md
     - name: Integration with Azure Kubernetes Service
       href: azure-kubernetes-service-integration.md
-  - name: Threat detection alerts and incidents
+  - name: Threat protection and security alerts
     items:
     - name: Security alerts overview
       href: security-center-alerts-overview.md      
@@ -62,16 +62,8 @@
       href: security-center-managing-and-responding-alerts.md
     - name: Manage security incidents
       href: security-center-incident.md
-    - name: Threat detection for VMs & servers
-      href: security-center-alerts-iaas.md
-    - name: Threat detection for cloud apps and containers
-      href: security-center-alerts-compute.md
-    - name: Threat detection for data services
-      href: security-center-alerts-data-services.md
-    - name: Threat detection for Azure service layers
-      href: security-center-alerts-service-layer.md   
-    - name: Threat detection alerts from Azure WAF & Azure DDoS Protection
-      href: security-center-alerts-integration.md
+    - name: Threat protection in Azure Security Center
+      href: threat-protection.md
     - name: Cloud Smart Alert correlation (incidents)
       href: security-center-alerts-cloud-smart.md
     - name: Security alerts map and threat intelligence
 
@@ -10,31 +10,35 @@ ms.date: 11/04/2019
 ms.author: memildin
 
 ---
-# Set up advanced threat protection for Azure Key Vault (preview)
+# Threat protection for Azure Key Vault (preview)
 
 Advanced threat protection for Azure Key Vault provides an additional layer of security intelligence. This tool detects potentially harmful attempts to access or exploit Key Vault accounts. Using the native advanced threat protection in Azure Security Center, you can address threats without being a security expert, and without learning additional security monitoring systems.
 
 When Security Center detects anomalous activity, it displays alerts. It also emails the subscription administrator with details of the suspicious activity and recommendations for how to investigate and remediate the identified threats.
 
-## Set up advanced threat protection from Azure Security Center
+## Enabling and disabling threat protection from Azure Security Center
 
 By default, advanced threat protection is enabled for all of your Key Vault accounts when you subscribe to the Security Center Standard tier. For more information, see [Pricing](security-center-pricing.md).
 
-To enable or disable the protection for a specific subscription, follow these steps.
+To enable or disable the protection for a specific subscription:
 
 1. From the left pane in Security Center, select **Pricing & settings**.
+
 1. Select the subscription with the storage accounts for which you want to enable or disable threat protection.
+
 1. Select **Pricing tier**.
+
 1. From the **Select pricing tier by resource type** group, find the **Key Vaults** row and select **Enabled** or **Disabled**.
 
     [![Enabling or disabling advanced threat protection for Key Vault in Azure Security Center](media/advanced-threat-protection-key-vault/atp-for-akv-enable-atp-for-akv.png)](media/advanced-threat-protection-key-vault/atp-for-akv-enable-atp-for-akv.png#lightbox)
+
 1. Select **Save**.
 
 
 ## Next steps
 
 In this article, you learned how to enable and disable advanced threat protection for Azure Key Vault. 
 
-For other related material, see the following article:
+For related material, see the following article:
 
-- [Threat detection for the Azure services layers in Security Center](security-center-alerts-service-layer.md): This article describes the alerts related to advanced threat protection for Azure Key Vault.
+- [Threat protection in Azure Security Center](threat-protection.md)--This article describes the sources of security alerts in Azure Security Center.
@@ -10,7 +10,7 @@ ms.devlang: na
 ms.topic: conceptual
 ms.tgt_pltfrm: na
 ms.workload: na
-ms.date: 01/05/2020
+ms.date: 02/25/2020
 ms.author: memildin
 
 ---
@@ -29,7 +29,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-windows"></a>Alerts for Windows machines
 
-[Further details and notes](security-center-alerts-iaas.md#windows-)
+[Further details and notes](threat-protection.md#windows-machines)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -120,7 +120,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-linux"></a>Alerts for Linux machines
 
-[Further details and notes](security-center-alerts-iaas.md#linux-)
+[Further details and notes](threat-protection.md#linux-machines)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -209,7 +209,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-azureappserv"></a>Alerts for Azure App Service
 
-[Further details and notes](security-center-alerts-compute.md#azure-app-service-)
+[Further details and notes](threat-protection.md#app-services)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -234,7 +234,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-akscluster"></a>Alerts for containers - Azure Kubernetes Service clusters
 
-[Further details and notes](security-center-alerts-compute.md#azure-containers-)
+[Further details and notes](threat-protection.md#azure-containers)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -249,7 +249,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-containerhost"></a>Alerts for containers - host level
 
-[Further details and notes](security-center-alerts-compute.md#azure-containers-)
+[Further details and notes](threat-protection.md#azure-containers)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -265,7 +265,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-sql-db-and-warehouse"></a>Alerts for SQL Database and SQL Data Warehouse
 
-[Further details and notes](security-center-alerts-data-services.md#sql-database-and-sql-data-warehouse-)
+[Further details and notes](threat-protection.md#data-sql)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -283,7 +283,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-azurestorage"></a>Alerts for Azure Storage
 
-[Further details and notes](security-center-alerts-data-services.md#azure-storage-)
+[Further details and notes](threat-protection.md#azure-storage)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -304,7 +304,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-azurecosmos"></a>Alerts for Azure Cosmos DB (Preview)
 
-[Further details and notes](security-center-alerts-data-services.md#azure-cosmos-db)
+[Further details and notes](threat-protection.md#cosmos-db)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -315,7 +315,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-azurenetlayer"></a>Alerts for Azure network layer
 
-[Further details and notes](security-center-alerts-service-layer.md#azure-network-layer)
+[Further details and notes](threat-protection.md#network-layer)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -340,7 +340,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-azureresourceman"></a>Alerts for Azure Resource Manager (Preview)
 
-[Further details and notes](security-center-alerts-service-layer.md#azure-management-layer-azure-resource-manager-preview)
+[Further details and notes](threat-protection.md#management-layer)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -359,7 +359,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-azurekv"></a>Alerts for Azure Key Vault (Preview)
 
-[Further details and notes](security-center-alerts-service-layer.md#azure-keyvault)
+[Further details and notes](threat-protection.md#azure-keyvault)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
@@ -377,7 +377,7 @@ Below the alerts tables is a table describing the Azure Security Center kill cha
 
 ## <a name="alerts-azureddos"></a>Alerts for Azure DDoS Protection
 
-[Further details and notes](security-center-alerts-integration.md#azure-ddos)
+[Further details and notes](threat-protection.md#azure-ddos)
 
 |Alert|Description|Intent ([Learn more](#intentions))|
 |----|----|:----:|
 
@@ -41,7 +41,7 @@ Using the two services together provides:
     * Raw security events, such as network data and process creation
     * The Kubernetes audit log
 
-    For more information, see [threat detection for Azure containers](security-center-alerts-compute.md#azure-containers-)
+    For more information, see [threat protection for Azure containers](threat-protection.md#azure-containers)
 
     For the list of possible alerts, see these sections in the alerts reference table: [AKS cluster level alerts](alerts-reference.md#alerts-akscluster) and [Container host level alerts](alerts-reference.md#alerts-containerhost).  
 
 
@@ -61,7 +61,7 @@ For details of the relevant Security Center recommendations that might appear fo
 
 Security Center provides real-time threat detection for your containerized environments and generates alerts for suspicious activities. You can use this information to quickly remediate security issues and improve the security of your containers.
 
-We detect threats at the host and AKS cluster level. For full details, see [threat detection for Azure containers](https://docs.microsoft.com/azure/security-center/security-center-alerts-compute#azure-containers-).
+We detect threats at the host and AKS cluster level. For full details, see [threat protection for Azure containers](threat-protection.md#azure-containers).
 
 
 ## Container security FAQ