MicrosoftDocs
diff --git a/‎articles/defender-for-iot/organizations/how-to-accelerate-alert-incident-response.md
Lines changed: 7 additions & 7 deletions b/‎articles/defender-for-iot/organizations/how-to-accelerate-alert-incident-response.md
Lines changed: 7 additions & 7 deletions
diff --git a/‎articles/defender-for-iot/organizations/how-to-activate-and-set-up-your-on-premises-management-console.md
Lines changed: 2 additions & 2 deletions b/‎articles/defender-for-iot/organizations/how-to-activate-and-set-up-your-on-premises-management-console.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/defender-for-iot/organizations/how-to-activate-and-set-up-your-sensor.md
Lines changed: 21 additions & 19 deletions b/‎articles/defender-for-iot/organizations/how-to-activate-and-set-up-your-sensor.md
Lines changed: 21 additions & 19 deletions
diff --git a/‎articles/defender-for-iot/organizations/how-to-analyze-programming-details-changes.md
Lines changed: 13 additions & 9 deletions b/‎articles/defender-for-iot/organizations/how-to-analyze-programming-details-changes.md
Lines changed: 13 additions & 9 deletions
diff --git a/‎articles/defender-for-iot/organizations/how-to-configure-windows-endpoint-monitoring.md
Lines changed: 3 additions & 0 deletions b/‎articles/defender-for-iot/organizations/how-to-configure-windows-endpoint-monitoring.md
Lines changed: 3 additions & 0 deletions
diff --git a/‎articles/defender-for-iot/organizations/how-to-connect-sensor-by-proxy.md
Lines changed: 2 additions & 2 deletions b/‎articles/defender-for-iot/organizations/how-to-connect-sensor-by-proxy.md
Lines changed: 2 additions & 2 deletions
@@ -124,13 +124,13 @@ The alert message indicates that a user-defined rule triggered the alert.
 
 1. Select **Create rule** (**+**). 
 
-    :::image type="content" source="media/how-to-work-with-alerts-sensor/custom-alerts-rules.png" alt-text="Create custom alert rules":::
+    :::image type="content" source="media/how-to-work-with-alerts-sensor/custom-alerts-rules.png" alt-text="Screenshot of the Create custom alert rules pane.":::
 
 1. Define an alert name.
 1. Select protocol to detect.
 1. Define a message to display. Alert messages can contain alphanumeric characters you enter, as well as traffic variables detected. For example, include the detected source and destination addresses in the alert messages. Use { } to add variables to the message
 1. Select the engine that should detect the activity.
-1. **Select the source and destination devices that pairs for which activity should be detected.** 
+1. Select the source and destination devices for the activity you want to detect.
 
 #### Create rule conditions
 
@@ -165,13 +165,13 @@ Create conditions based on unique values associated with the category selected.
 
 8. Enter a **Value** as a number. If the variable you selected is a MAC address or IP address, the value must be converted from a dotted-decimal address to decimal format. Use an IP address conversion tool, for example <https://www.ipaddressguide.com/ip>.
 
-    :::image type="content" source="media/how-to-work-with-alerts-sensor/custom-rule-conditions.png" alt-text="Custom rule condition":::
+    :::image type="content" source="media/how-to-work-with-alerts-sensor/custom-rule-conditions.png" alt-text="Screenshot of the Custom rule condition options.":::
 
 9. Select  plus (**+**) to create a condition set.
 
 When the rule condition or condition set is met, the alert is sent. You will be notified if the condition logic is not valid.
 
-**Condition Based when activity took place**
+**Condition based on when activity took place**
 
 Create conditions based on when the activity was detected. In the Detected section, select a time period and day in which the detection must occur in order to send the alert. You can choose to send the alert if the activity is detected:
 - any time throughout the day 
@@ -191,7 +191,7 @@ The following actions can be defined for the rule:
 
 The rule is added to the **Customized Alerts Rules** page.
 
-:::image type="content" source="media/how-to-work-with-alerts-sensor/custom-alerts-page.png" alt-text="Custom alerts main page" lightbox="media/how-to-work-with-alerts-sensor/custom-alerts-page.png":::
+:::image type="content" source="media/how-to-work-with-alerts-sensor/custom-alerts-page.png" alt-text="Screenshot of the main Custom alerts page." lightbox="media/how-to-work-with-alerts-sensor/custom-alerts-page.png":::
 
 ### Managing customer alert rules
 
@@ -213,6 +213,6 @@ Changes made to custom alert rules are tracked in the event timeline. For exampl
 1. Navigate to the Event timeline page.
 
 
-### See also
+## Next steps
 
-[Manage the alert event](how-to-manage-the-alert-event.md)
+For more information, see [Manage the alert event](how-to-manage-the-alert-event.md).
@@ -364,6 +364,6 @@ To unassign and delete a sensor:
 
 1. To delete the unassigned sensor from the site, select the sensor from the list of unassigned sensors and select :::image type="icon" source="media/how-to-activate-and-set-up-your-on-premises-management-console/delete-icon.png" border="false":::.
 
-## See also
+## Next steps
 
-[Troubleshoot the sensor and on-premises management console](how-to-troubleshoot-the-sensor-and-on-premises-management-console.md)
+For more information, see [Troubleshoot the sensor and on-premises management console](how-to-troubleshoot-the-sensor-and-on-premises-management-console.md).
@@ -46,7 +46,7 @@ Your sensor was onboarded to Microsoft Defender for IoT in a specific management
 
 A locally connected, or cloud-connected activation file was generated and downloaded for this sensor during onboarding. The activation file contains instructions for the management mode of the sensor. *A unique activation file should be uploaded to each sensor you deploy.*  The first time you sign in, you need to upload the relevant activation file for this sensor.
 
-:::image type="content" source="media/how-to-activate-and-set-up-your-sensor/azure-defender-for-iot-activation-file-download-button.png" alt-text="Defender for IoT in the Azure portal, onboard sensor.":::
+:::image type="content" source="media/how-to-activate-and-set-up-your-sensor/azure-defender-for-iot-activation-file-download-button.png" alt-text="Screenshot of the download activation file for Defender for IoT sensors in the Azure portal.":::
 
 ### About certificates
 
@@ -76,15 +76,15 @@ For more information about working with certificates, see [Manage certificates](
 
 1. Go to the sensor console from your browser by using the IP defined during the installation. The sign-in dialog box opens.
 
-    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/sensor-log-in-1.png" alt-text="Sensor log in screen":::
+    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/sensor-log-in-1.png" alt-text="Screenshot of a Defender for IoT sensor sign in page.":::
 
 
 1. Enter the credentials defined during the sensor installation, or select the **Password recovery** option. If you purchased a preconfigured sensor from Arrow, generate a password first. For more information on password recovery, see [Investigate password failure at initial sign-in](how-to-troubleshoot-the-sensor-and-on-premises-management-console.md#investigate-password-failure-at-initial-sign-in).
 
 
 1. Select **Login/Next**.  The **Sensor Network Settings** tab opens.
 
-      :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/sensor-log-in-wizard-activate.png" alt-text="log in to sensor":::   
+      :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/sensor-log-in-wizard-activate.png" alt-text="Screenshot of the sensor network settings options when signing into the sensor.":::   
 
 1. Use this tab if you want to change the sensor network configuration before activation. The configuration parameters were defined during the software installation, or when you purchased a preconfigured sensor. The following parameters were defined:
 
@@ -98,11 +98,11 @@ For more information about working with certificates, see [Manage certificates](
 
     If you want to work with a proxy, enable the proxy toggle and add the proxy host, port and username.
 
-    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/sensor-log-in-wizard-activate-proxy.png" alt-text="Initial Log in to sensor using a proxy":::
+    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/sensor-log-in-wizard-activate-proxy.png" alt-text="Screenshot of the proxy options for signing in to a sensor.":::
 
 1. Select **Next.** The Activation tab opens.
 
-    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/wizard-upload-activation-file.png" alt-text="First time log in activation file":::
+    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/wizard-upload-activation-file.png" alt-text="Screenshot of a first time activation file upload option.":::
 
 1. Select **Upload** and go to the activation file that you downloaded during the sensor onboarding.
 
@@ -112,7 +112,7 @@ For more information about working with certificates, see [Manage certificates](
 
     It is **not recommended** to use a locally generated certificate in a production environment.
 
-    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/wizard-upload-activation-certificates-1.png" alt-text="Initial sensor login certificates":::
+    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/wizard-upload-activation-certificates-1.png" alt-text="Screenshot of the SSL/TLS Certificates page when signing in to a sensor.":::
 
 1. Enable the **Import trusted CA certificate (recommended)** toggle.
 1. Define a certificate name.
@@ -131,7 +131,7 @@ For information about uploading a new certificate, supported certificate paramet
 
 For users with versions prior to 10.0, your license may expire, and the following alert will be displayed.
 
-  :::image type="content" source="media/how-to-activate-and-set-up-your-on-premises-management-console/activation-popup.png" alt-text="When your license expires you’ll need to update your license through the activation file.":::
+  :::image type="content" source="media/how-to-activate-and-set-up-your-on-premises-management-console/activation-popup.png" alt-text="Screenshot of a license expiration popup message.":::
 
 **To activate your license:**
 
@@ -145,19 +145,19 @@ For users with versions prior to 10.0, your license may expire, and the followin
 
 1. Paste the string into space provided.
 
-    :::image type="content" source="media/how-to-activate-and-set-up-your-on-premises-management-console/add-license.png" alt-text="Paste the string into the provided field.":::
+    :::image type="content" source="media/how-to-activate-and-set-up-your-on-premises-management-console/add-license.png" alt-text="Screenshot of the license activation box and button.":::
 
 1. Select **Activate**.
 
 ### Subsequent sign ins
 
 After first-time activation, the Microsoft Defender for IoT sensor console opens after sign-in without requiring an activation file or certificate definition. You only need your sign-in credentials.
 
-:::image type="content" source="media/how-to-activate-and-set-up-your-sensor/sensor-log-in-1.png" alt-text="Sensor login after initial activation":::
+:::image type="content" source="media/how-to-activate-and-set-up-your-sensor/sensor-log-in-1.png" alt-text="Screenshot of the sensor sign in page after the initial activation.":::
 
 After your sign in, the Microsoft Defender for IoT sensor console opens.
 
-  :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/initial-dashboard.png" alt-text="Screenshot that shows the Defender for IoT initial dashboard." lightbox="media/how-to-activate-and-set-up-your-sensor/initial-dashboard.png":::
+  :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/initial-dashboard.png" alt-text="Screenshot of the initial sensor console dashboard Overview page." lightbox="media/how-to-activate-and-set-up-your-sensor/initial-dashboard.png":::
 
 ## Initial setup and learning (for administrators)
 
@@ -198,7 +198,7 @@ Before you sign in, verify that you have:
 - The sensor IP address.
 - Sign in credentials that your administrator provided.
 
-    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/sensor-log-in-1.png" alt-text="Sensor login after initial setup":::
+    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/sensor-log-in-1.png" alt-text="Screenshot of the sensor sign in page after the initial setup.":::
 
 
 ## Console tools: Overview
@@ -209,13 +209,13 @@ You can access console tools from the side menu.  Tools help you:
 - Set up your sensor for maximum performance
 - Create and manage users 
 
-   :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/main-page-side-bar.png" alt-text="The main menu of the sensor console on the left side of the screen":::
+   :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/main-page-side-bar.png" alt-text="Screenshot of the sensor console's main menu on the left.":::
 
 ### Discover
 
 | Tools| Description |
 | -----------|--|
-| Overview | View a dashboard with high-level information about your sensor deployment, alerts, traffic, and more. <!--- For more information, see TBD --->|
+| Overview | View a dashboard with high-level information about your sensor deployment, alerts, traffic, and more. |
 | Device map | View the network devices, device connections, Purdue levels, and device properties in a map. Various zoom, highlight, and filter options are available to help you gain the insight you need. For more information, see [Investigate sensor detections in the Device Map](how-to-work-with-the-sensor-device-map.md#investigate-sensor-detections-in-the-device-map). |
 | Device inventory | The Device inventory displays a list of device attributes that this sensor detects. Options are available to: <br /> - Sort, or filter the information according to the table fields, and see the filtered information displayed. <br /> - Export information to a CSV file. <br /> - Import Windows registry details. For more information, see [Investigate sensor detections in a device inventory](how-to-investigate-sensor-detections-in-a-device-inventory.md#investigate-sensor-detections-in-an-inventory).|
 | Alerts | Alerts are triggered when sensor engines detect changes or suspicious activity in network traffic that require your attention.  For more information, see [View alerts on your sensor](how-to-view-alerts.md#view-alerts-on-your-sensor).|
@@ -253,19 +253,21 @@ You can access console tools from the side menu.  Tools help you:
   - your sensor isn't detecting traffic
 - your sensor SSL certificate is expired or will expire soon
 
-    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/system-messages.png" alt-text="System messages screen on main sensor console page, viewed by selecting the bell icon":::
+    :::image type="content" source="media/how-to-activate-and-set-up-your-sensor/system-messages.png" alt-text="Screenshot of the System messages area on the sensor console page, displayed after selecting the bell icon.":::
 
 **To review system messages:**
 1. Sign into the sensor
 1. Select the **System Messages** icon (Bell icon).
 
 
-## See also
+## Next steps
 
-[Threat intelligence research and packages ](how-to-work-with-threat-intelligence-packages.md)
+For more information, see:
 
-[Onboard a sensor](getting-started.md#onboard-a-sensor)
+- [Threat intelligence research and packages ](how-to-work-with-threat-intelligence-packages.md)
 
-[Manage sensor activation files](how-to-manage-individual-sensors.md#manage-sensor-activation-files)
+- [Onboard a sensor](getting-started.md#onboard-a-sensor)
 
-[Control what traffic is monitored](how-to-control-what-traffic-is-monitored.md)
+- [Manage sensor activation files](how-to-manage-individual-sensors.md#manage-sensor-activation-files)
+
+- [Control what traffic is monitored](how-to-control-what-traffic-is-monitored.md)
@@ -30,7 +30,7 @@ You may need to review programming activity:
 
   - When a process or machine is not working correctly (to see who carried out the last update and when)
 
-   :::image type="content" source="media/how-to-work-with-maps/differences.png" alt-text="Programming Change Log":::
+   :::image type="content" source="media/how-to-work-with-maps/differences.png" alt-text="Screenshot of a Programming Change Log":::
 
 Other options let you:
 
@@ -56,13 +56,13 @@ Access the Programming Analysis window from the:
 
 Use the event timeline to display a timeline of events in which programming changes were detected.
 
-:::image type="content" source="media/how-to-work-with-maps/timeline.png" alt-text="A view of the event timeline.":::
+:::image type="content" source="media/how-to-work-with-maps/timeline.png" alt-text="Screenshot of the event timeline.":::
 
 ### Unauthorized programming alerts
 
 Alerts are triggered when unauthorized programming devices carry out programming activities.
 
-:::image type="content" source="media/how-to-work-with-maps/unauthorized.png" alt-text="Unauthorized programming alerts":::
+:::image type="content" source="media/how-to-work-with-maps/unauthorized.png" alt-text="Screenshot of unauthorized programming alerts":::
 
 > [!NOTE]
 > You can also view basic programming information in the Device Properties window and Device Inventory.
@@ -75,7 +75,7 @@ This section describes how to view programming files and compare versions. Searc
 
   - File type
 
-   :::image type="content" source="media/how-to-work-with-maps/timeline-view.png" alt-text="programming timeline window":::
+   :::image type="content" source="media/how-to-work-with-maps/timeline-view.png" alt-text="Screenshot of a programming timeline window.":::
 
 |Programming timeline type | Description |
 |--|--|
@@ -98,7 +98,7 @@ This section describes how to choose a file to review.
 
 2. Select a file from the File pane. The file appears in the Current pane.
 
-   :::image type="content" source="media/how-to-work-with-maps/choose-file.png" alt-text="Select the file to work with.":::
+   :::image type="content" source="media/how-to-work-with-maps/choose-file.png" alt-text="Screenshot of selecting the file you want to work with.":::
 
 ### Compare files
 
@@ -112,17 +112,17 @@ This section describes how to compare programming files.
 
 3. Select the compare indicator.
 
-   :::image type="content" source="media/how-to-work-with-maps/compare.png" alt-text="Compare indicator":::
+   :::image type="content" source="media/how-to-work-with-maps/compare.png" alt-text="Screenshot of the compare indicator.":::
 
    The window displays all dates the selected file was detected on the programmed device. The file may have been updated on the programmed device by multiple programming devices.
 
    The number of differences detected appears in the upper right-hand corner of the window. You may need to scroll down to view differences.
 
-   :::image type="content" source="media/how-to-work-with-maps/scroll.png" alt-text="scroll down to your selection":::
+   :::image type="content" source="media/how-to-work-with-maps/scroll.png" alt-text="Screenshot of scrolling down to your selection.":::
 
    The number is calculated by adjacent lines of changed text. For example, if eight consecutive lines of code were changed (deleted, updated, or added) this will be calculated as one difference.
 
-   :::image type="content" source="media/how-to-work-with-maps/program-timeline.png" alt-text="Your programming timeline view." lightbox="media/how-to-work-with-maps/program-timeline.png":::
+   :::image type="content" source="media/how-to-work-with-maps/program-timeline.png" alt-text="Screenshot of the programming timeline view." lightbox="media/how-to-work-with-maps/program-timeline.png":::
 
 4. Select a date. The file detected on the selected date appears in the window.
 
@@ -135,4 +135,8 @@ In addition to reviewing details in the Programming Timeline, you can access pro
 | Device type | Description |
 |--|--|
 | Device properties | The device properties window provides information on the last programming event detected on the device. |
-| The device inventory | The device inventory indicates if the device is a programming device. <br> :::image type="content" source="media/how-to-work-with-maps/inventory-v2.png" alt-text="The inventory of devices"::: |
+| The device inventory | The device inventory indicates if the device is a programming device. <br> :::image type="content" source="media/how-to-work-with-maps/inventory-v2.png" alt-text="Screenshot of the device inventory page."::: |
+
+## Next steps
+
+For more information, see [Import device information to a sensor](how-to-import-device-information.md).
@@ -32,3 +32,6 @@ Before you begin scanning, create a firewall rule that allows outgoing traffic f
 1. Select **Save** to save the automatic scan settings.
 1. When the scan is finished, select to view/export scan results.
 
+## Next steps
+
+For more information, see [Work with device notifications](how-to-work-with-device-notifications.md).
@@ -84,6 +84,6 @@ This section describes how to set up a sensor to use Squid.
 
 1. Select **Save**.
 
-## See also
+## Next steps
 
-[Manage your subscriptions](how-to-manage-subscriptions.md).
+For more information, see [Manage your subscriptions](how-to-manage-subscriptions.md).