Merge pull request #269428 from memildin/patch-114

prmerger-automator[bot] · web-flow · commit 2d6e4498c443 · 2024-03-19T09:54:00.000Z
Removed out-of-date dupe content
diff --git a/articles/defender-for-cloud/upcoming-changes.md b/articles/defender-for-cloud/upcoming-changes.md
@@ -34,15 +34,12 @@ If you're looking for the latest release notes, you can find them in the [What's
 | [Change in pricing for multicloud container threat detection](#change-in-pricing-for-multicloud-container-threat-detection) | January 30, 2024 | April 2024 |
 | [Enforcement of Defender CSPM for Premium DevOps Security Capabilities](#enforcement-of-defender-cspm-for-premium-devops-security-value) | January 29, 2024 | March 2024 |
 | [Update to agentless VM scanning built-in Azure role](#update-to-agentless-vm-scanning-built-in-azure-role) |January 14, 2024 | February 2024 |
-| [Deprecation of two recommendations related to PCI](#deprecation-of-two-recommendations-related-to-pci) |January 14, 2024 | February 2024 |
 | [Defender for Servers built-in vulnerability assessment (Qualys) retirement path](#defender-for-servers-built-in-vulnerability-assessment-qualys-retirement-path) | January 9, 2024 | May 2024 |
-| [New version of Defender Agent for Defender for Containers](#new-version-of-defender-agent-for-defender-for-containers) | January 4, 2024 | February 2024 |
 | [Upcoming change for the Defender for Cloud’s multicloud network requirements](#upcoming-change-for-the-defender-for-clouds-multicloud-network-requirements) | January 3, 2024 | May 2024 |
 | [Deprecation of two DevOps security recommendations](#deprecation-of-two-devops-security-recommendations) | November 30, 2023 | January 2024 |
 | [Consolidation of Defender for Cloud's Service Level 2 names](#consolidation-of-defender-for-clouds-service-level-2-names) | November 1, 2023 | December 2023 |
 | [Changes to how Microsoft Defender for Cloud's costs are presented in Microsoft Cost Management](#changes-to-how-microsoft-defender-for-clouds-costs-are-presented-in-microsoft-cost-management) | October 25, 2023 | November 2023 |
 | [Replacing the "Key Vaults should have purge protection enabled" recommendation with combined recommendation "Key Vaults should have deletion protection enabled"](#replacing-the-key-vaults-should-have-purge-protection-enabled-recommendation-with-combined-recommendation-key-vaults-should-have-deletion-protection-enabled) |  | June 2023|
-| [Preview alerts for DNS servers to be deprecated](#preview-alerts-for-dns-servers-to-be-deprecated) |  | August 2023 |
 | [Change to the Log Analytics daily cap](#change-to-the-log-analytics-daily-cap) |  | September 2023 |
 | [DevOps Resource Deduplication for Defender for DevOps](#devops-resource-deduplication-for-defender-for-devops) |  | November 2023 |
 | [Deprecating two security incidents](#deprecating-two-security-incidents) |  | November 2023 |
@@ -191,17 +188,6 @@ For more information on the code to cloud security capabilities in Defender CSPM
 
 In Azure, agentless scanning for VMs uses a built-in role (called [VM scanner operator](faq-permissions.yml)) with the minimum necessary permissions required to scan and assess your VMs for security issues. To continuously provide relevant scan health and configuration recommendations for VMs with encrypted volumes, an update to this role's permissions is planned. The update includes the addition of the ```Microsoft.Compute/DiskEncryptionSets/read``` permission. This permission solely enables improved identification of encrypted disk usage in VMs. It doesn't provide Defender for Cloud any more capabilities to decrypt or access the content of these encrypted volumes beyond the encryption methods [already supported](concept-agentless-data-collection.md#availability) prior to this change. This change is expected to take place during February 2024 and no action is required on your end.
 
-## Deprecation of two recommendations related to PCI
-
-**Announcement date: January 14, 2024**
-
-**Estimated date for change: February 2024**
-
-The following two recommendations related to PCI (Permission Creep Index) are set for deprecation:
-
-- `Over-provisioned identities in accounts should be investigated to reduce the Permission Creep Index (PCI)`
-- `Over-Provisioned identities in subscriptions should be investigated to reduce the Permission Creep Index (PCI)`
-
 ## Defender for Servers built-in vulnerability assessment (Qualys) retirement path
 
 **Announcement date: January 9, 2024**
@@ -214,14 +200,6 @@ For more information about our decision to unify our vulnerability assessment of
 
 You can also check out the [common questions about the transition to Microsoft Defender Vulnerability Management solution](faq-scanner-detection.yml).
 
-## New version of Defender Agent for Defender for Containers
-
-**Announcement date: January 4, 2024**
-
-**Estimated date for change: February 2024**
-
-A new version of the [Defender Agent for Defender for Containers](tutorial-enable-containers-azure.md#deploy-the-defender-agent-in-azure) will be released in February 2024. It includes performance and security improvements, support for both AMD64 and ARM64 arch nodes (Linux only), and uses [Inspektor Gadget](https://www.inspektor-gadget.io/) as the process collection agent instead of Sysdig. The new version is only supported on Linux kernel versions 5.4 and higher, so if you have older versions of the Linux kernel, you'll need to upgrade. For more information, see [Supported host operating systems](support-matrix-defender-for-containers.md#supported-host-operating-systems).
-
 ## Upcoming change for the Defender for Cloud’s multicloud network requirements
 
 **Announcement date: January 3, 2024**
@@ -338,29 +316,6 @@ The `Key Vaults should have purge protection enabled` recommendation is deprecat
 
 See the [full index of Azure Policy built-in policy definitions for Key Vault](../key-vault/policy-reference.md).
 
-## Preview alerts for DNS servers to be deprecated
-
-**Estimated date for change: August 2023**
-
-Following quality improvement process, security alerts for DNS servers are set to be deprecated in August. For cloud resources, use [Azure DNS](defender-for-dns-introduction.md) to receive the same security value.
-
-The following table lists the alerts to be deprecated:
-
-| AlertDisplayName | AlertType |
-|--|--|
-| Communication with suspicious random domain name (Preview) | DNS_RandomizedDomain |
-| Communication with suspicious domain identified by threat intelligence (Preview) | DNS_ThreatIntelSuspectDomain |
-| Digital currency mining activity (Preview) | DNS_CurrencyMining |
-| Network intrusion detection signature activation (Preview) | DNS_SuspiciousDomain |
-| Attempted communication with suspicious sinkholed domain (Preview) | DNS_SinkholedDomain |
-| Communication with possible phishing domain (Preview) | DNS_PhishingDomain|
-| Possible data transfer via DNS tunnel (Preview) | DNS_DataObfuscation |
-| Possible data exfiltration via DNS tunnel (Preview) | DNS_DataExfiltration |
-| Communication with suspicious algorithmically generated domain (Preview) | DNS_DomainGenerationAlgorithm |
-| Possible data download via DNS tunnel (Preview) | DNS_DataInfiltration |
-| Anonymity network activity (Preview) | DNS_DarkWeb |
-| Anonymity network activity using web proxy (Preview) | DNS_DarkWebProxy |
-
 ## Change to the Log Analytics daily cap
 
 Azure monitor offers the capability to [set a daily cap](../azure-monitor/logs/daily-cap.md) on the data that is ingested on your Log analytics workspaces. However, Defenders for Cloud security events are currently not supported in those exclusions.
