Merge pull request #172912 from MicrosoftDocs/master

merge master to live, 4 PM Sunday

Author: jborsecnik

articles/azure-government/documentation-government-welcome.md

@@ -1,28 +1,23 @@
 ---
-title: Azure Government Overview | Microsoft Docs
+title: Azure Government Overview
 description: Overview of Azure Government capabilities, including security and compliance capabilities applicable to federal, state, and local government organizations and their partners
-services: azure-government
-cloud: gov
-documentationcenter: ''
-author: stevevi
-ms.author: stevevi
 ms.service: azure-government
-ms.devlang: na
 ms.topic: overview
-ms.tgt_pltfrm: na
 ms.workload: azure-government
-ms.date: 08/02/2021
+ms.author: stevevi
+author: stevevi
+ms.date: 09/19/2021
 ---
 
 # What is Azure Government?
 
-US government agencies or their partners interested in cloud services that meet government security and compliance requirements, can be confident that [Microsoft Azure Government](https://azure.microsoft.com/global-infrastructure/government/) provides world-class [security, protection, and compliance services](../compliance/index.yml). Azure Government delivers a dedicated cloud enabling government agencies and their partners to transform mission-critical workloads to the cloud. Azure Government services handle data that is subject to various government regulations and requirements, such as FedRAMP, DoD IL4 and IL5, CJIS, IRS 1075, ITAR, CMMC, NIST 800-171, and others. To provide you with the highest level of security and compliance, Azure Government uses physically isolated datacenters and networks (located in the US only).
+US government agencies or their partners interested in cloud services that meet government security and compliance requirements, can be confident that [Microsoft Azure Government](https://azure.microsoft.com/global-infrastructure/government/) provides world-class [security, protection, and compliance services](../compliance/index.yml). Azure Government delivers a dedicated cloud enabling government agencies and their partners to transform mission-critical workloads to the cloud. Azure Government services handle data that is subject to various government regulations and requirements, such as FedRAMP, DoD IL4 and IL5, CJIS, IRS 1075, ITAR, CMMC, NIST 800-171, and others. To provide you with the highest level of security and compliance, Azure Government uses physically isolated datacenters and networks located in the US only.
 
 Azure Government customers (US federal, state, and local government or their partners) are subject to validation of eligibility. If there is a question about eligibility for Azure Government, you should consult your account team. To sign up for trial, request your [trial subscription](https://azure.microsoft.com/global-infrastructure/government/request/?ReqType=Trial).
 
-The following video provides a good introduction to Azure Government:
+The following video provides a good introduction to Azure Government: </br>
 
-> [!VIDEO https://channel9.msdn.com/Shows/Azure-Friday/Azure-Government/player]
+> [!VIDEO https://channel9.msdn.com/Shows/Azure-Friday/Enable-government-missions-in-the-cloud-with-Azure-Government/player]
 
 ## Compare Azure Government and global Azure
 

articles/security-center/security-center-pricing.md

@@ -6,7 +6,7 @@ ms.author: memildin
 manager: rkarlin
 ms.service: security-center
 ms.topic: overview
-ms.date: 06/10/2021
+ms.date: 09/19/2021
 ---
 
 # Azure Security Center free vs Azure Defender enabled
@@ -26,6 +26,7 @@ Security Center is offered in two modes:
     - **Vulnerability scanning for virtual machines and container registries** - Easily deploy a scanner to all of your virtual machines that provides the industry's most advanced solution for vulnerability management. View, investigate, and remediate the findings directly within Security Center. 
     - **Hybrid security** – Get a unified view of security across all of your on-premises and cloud workloads. Apply security policies and continuously assess the security of your hybrid cloud workloads to ensure compliance with security standards. Collect, search, and analyze security data from multiple sources, including firewalls and other partner solutions.
     - **Threat protection alerts** - Advanced behavioral analytics and the Microsoft Intelligent Security Graph provide an edge over evolving cyber-attacks. Built-in behavioral analytics and machine learning can identify attacks and zero-day exploits. Monitor networks, machines, and cloud services for incoming attacks and post-breach activity. Streamline investigation with interactive tools and contextual threat intelligence.
+    - **Track compliance with a range of standards** - Security Center continuously assesses your hybrid cloud environment to analyze the risk factors according to the controls and best practices in [Azure Security Benchmark](/security/benchmark/azure/introduction). When you enable Azure Defender, you can apply a range of other industry standards, regulatory standards, and benchmarks according to your organization's needs. Add standards and track your compliance with them from the [regulatory compliance dashboard](update-regulatory-compliance-packages.md).
     - **Access and application controls** (AAC) - Block malware and other unwanted applications by applying machine learning powered recommendations adapted to your specific workloads to create allow and deny lists. Reduce the network attack surface with just-in-time, controlled access to management ports on Azure VMs. AAC drastically reduces exposure to brute force and other network attacks.
     - **Container security features** - Benefit from vulnerability management and real-time threat protection on your containerized environments. When enabling the **Azure Defender for container registries**, it may take up to 12 hrs until all the features are enabled. Charges are based on the number of unique container images pushed to your connected registry. After an image has been scanned once, you won't be charged for it again unless it's modified and pushed once more.
     - **Breadth threat protection for resources connected to the Azure environment** - Azure Defender includes Azure-native breadth threat protection for the Azure services common to all of your resources: Azure Resource Manager, Azure DNS, Azure network layer, and Azure Key Vault. Azure Defender has unique visibility into the Azure management layer and the Azure DNS layer, and can therefore protect cloud resources that are connected to those layers.