MicrosoftDocs
diff --git a/‎articles/active-directory/manage-apps/f5-aad-integration.md
Lines changed: 18 additions & 18 deletions b/‎articles/active-directory/manage-apps/f5-aad-integration.md
Lines changed: 18 additions & 18 deletions
diff --git a/‎articles/cognitive-services/language-service/language-detection/includes/quickstarts/rest-api.md
Lines changed: 1 addition & 0 deletions b/‎articles/cognitive-services/language-service/language-detection/includes/quickstarts/rest-api.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎articles/defender-for-cloud/defender-for-storage-exclude.md
Lines changed: 50 additions & 5 deletions b/‎articles/defender-for-cloud/defender-for-storage-exclude.md
Lines changed: 50 additions & 5 deletions
diff --git a/‎articles/defender-for-cloud/kubernetes-workload-protections.md
Lines changed: 1 addition & 1 deletion b/‎articles/defender-for-cloud/kubernetes-workload-protections.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/defender-for-cloud/media/defender-for-storage-exclude/defender-plan-enable-resource.png
-24.4 KB b/‎articles/defender-for-cloud/media/defender-for-storage-exclude/defender-plan-enable-resource.png
-24.4 KB
diff --git a/‎articles/defender-for-cloud/media/defender-for-storage-exclude/storage-off.png
141 KB b/‎articles/defender-for-cloud/media/defender-for-storage-exclude/storage-off.png
141 KB
diff --git a/‎articles/defender-for-cloud/media/defender-for-storage-exclude/tag-off.png
112 KB b/‎articles/defender-for-cloud/media/defender-for-storage-exclude/tag-off.png
112 KB
diff --git a/‎articles/defender-for-cloud/media/defender-for-storage-exclude/workspace-exclude.png
264 KB b/‎articles/defender-for-cloud/media/defender-for-storage-exclude/workspace-exclude.png
264 KB
diff --git a/‎articles/defender-for-iot/organizations/how-to-create-attack-vector-reports.md
Lines changed: 13 additions & 18 deletions b/‎articles/defender-for-iot/organizations/how-to-create-attack-vector-reports.md
Lines changed: 13 additions & 18 deletions
@@ -28,9 +28,7 @@ Having Azure AD pre-authenticate access to BIG-IP published services provides ma
 
 - Preemptive [Conditional Access](../conditional-access/overview.md) and [Azure AD Multi-Factor Authentication (MFA)](../authentication/concept-mfa-howitworks.md)
 
-- [Identity Protection](../identity-protection/overview-identity-protection.md) - Adaptive control through user and session risk profiling
-
-- [Leaked credential detection](../identity-protection/concept-identity-protection-risks.md)
+- [Identity Protection](../identity-protection/overview-identity-protection.md) - Adaptive protection through user and session risk profiling, plus [Leaked credential detection](../identity-protection/concept-identity-protection-risks.md)
 
 - [Self-service password reset (SSPR)](../authentication/tutorial-enable-sspr.md)
 
@@ -77,15 +75,15 @@ Whether a direct employee, affiliate, or consumer, most users are already acquai
 
 Users now find their BIG-IP published services consolidated in the  [MyApps](https://support.microsoft.com/account-billing/sign-in-and-start-apps-from-the-my-apps-portal-2f3b1bae-0e5a-4a86-a33e-876fbd2a4510) or [O365 launchpads](https://airhead.io/airbase/launchpads/R3kW-RkDFEedipcU1AFlnA) along with self-service capabilities to a broader set of services, no matter the type of device or location. Users can even continue accessing published services directly via the BIG-IPs proprietary Webtop portal, if preferred. When logging off, SHA ensures a users’ session is terminated at both ends, the BIG-IP and Azure AD, ensuring services remain fully protected from unauthorized access.  
 
-The screenshots provided are from the Azure AD app portal that users access securely to find their BIG-IP published services and for managing their account properties.  
+Users access the Microsoft MyApps portal to easily find their BIG-IP published services and for managing their account properties.  
 
 ![The screenshot shows woodgrove myapps gallery](media/f5-aad-integration/woodgrove-app-gallery.png)
 
 ![The screenshot shows woodgrove myaccounts self-service page](media/f5-aad-integration/woodgrove-myaccount.png)
 
 ## Insights and analytics
 
-A BIG-IP’s role is critical to any business, so deployed BIG-IP instances should be monitored to ensure published services are highly available, both at an SHA level and operationally too.
+A BIG-IP’s role is critical to any business, so deployed BIG-IP instances can be monitored to ensure published services are highly available, both at an SHA level and operationally too.
 
 Several options exist for logging events either locally, or remotely through a Security Information and Event Management (SIEM) solution, enabling off-box storage and processing of telemetry. A highly effective solution for monitoring Azure AD and SHA-specific activity, is to use [Azure Monitor](../../azure-monitor/overview.md) and [Microsoft Sentinel](../../sentinel/overview.md), together offering:
 
@@ -97,7 +95,7 @@ Several options exist for logging events either locally, or remotely through a S
 
 ## Prerequisites
 
-Integrating F5 BIG-IP with Azure AD for SHA have the following pre-requisites:
+Integrating an F5 BIG-IP with Azure AD for SHA has the following pre-requisites:
 
 - An F5 BIG-IP instance running on either of the following platforms:
 
@@ -111,13 +109,13 @@ Integrating F5 BIG-IP with Azure AD for SHA have the following pre-requisites:
 
 - An active F5 BIG-IP APM license, through one of the following options:
 
-  - F5 BIG-IP® Best bundle (or)
+  - F5 BIG-IP® Best bundle
 
-    - F5 BIG-IP Access Policy Manager™ standalone license
+  - F5 BIG-IP Access Policy Manager™ standalone license
 
-    - F5 BIG-IP Access Policy Manager™ (APM) add-on license on an existing BIG-IP F5 BIG-IP® Local Traffic Manager™ (LTM)
+  - F5 BIG-IP Access Policy Manager™ (APM) add-on license on an existing BIG-IP F5 BIG-IP® Local Traffic Manager™ (LTM)
 
-    - A 90-day BIG-IP Access Policy Manager™ (APM) [trial license](https://www.f5.com/trial/big-ip-trial.php)
+  - A 90-day BIG-IP Access Policy Manager™ (APM) [trial license](https://www.f5.com/trial/big-ip-trial.php)
 
 - Azure AD licensing through either of the following options:
 
@@ -130,7 +128,7 @@ No previous experience or F5 BIG-IP knowledge is necessary to implement SHA, but
 ## Configuration scenarios
 
 Configuring a BIG-IP for SHA is achieved using any of the many available methods, including several template based options, or a manual configuration.
-The following tutorials provide detailed guidance on implementing some of the more common patterns for BIG-IP and Azure AD SHA, using these methods.  
+The following tutorials provide detailed guidance on implementing some of the more common patterns for BIG-IP and Azure AD secure hybrid access.  
 
 **Advanced configuration**
 
@@ -154,7 +152,7 @@ Refer to the following advanced configuration tutorials for your integration req
 
 The Guided Configuration wizard, available from BIG-IP version 13.1 aims to minimize time and effort implementing common BIG-IP publishing scenarios. Its workflow-based framework provides an intuitive deployment experience tailored to specific access topologies.
 
-The latest version of the Guided Configuration 16.1 now offers an Easy Button feature. With **Easy Button**, admins no longer go back and forth between Azure AD and a BIG-IP to enable services for SHA. The end-to-end deployment and policy management is handled directly between the APM’s Guided Configuration wizard and Microsoft Graph. This rich integration between BIG-IP APM and Azure AD ensures applications can quickly, easily support identity federation, SSO, and Azure AD Conditional Access, without management overhead of having to do so on a per app basis. 
+Version 16.x of the Guided Configuration now offers an Easy Button feature. With **Easy Button**, admins no longer go back and forth between Azure AD and a BIG-IP to enable services for SHA. The end-to-end deployment and policy management is handled directly between the APM’s Guided Configuration wizard and Microsoft Graph. This rich integration between BIG-IP APM and Azure AD ensures applications can quickly, easily support identity federation, SSO, and Azure AD Conditional Access, without management overhead of having to do so on a per app basis. 
 
 Refer to the following guided configuration tutorials using Easy Button templates for your integration requirements:
 
@@ -164,7 +162,9 @@ Refer to the following guided configuration tutorials using Easy Button template
 
 - [F5 BIG-IP Easy Button for SSO to header-based and LDAP applications](f5-big-ip-ldap-header-easybutton.md)
 
-- [F5 BIG-IP Easy Button for SSO to Oracle EBS (Enterprise Business Suite)](f5-big-ip-oracle-enterprise-business-suite-easy-button.md) 
+- [BIG-IP Easy Button for SSO to Oracle EBS (Enterprise Business Suite)](f5-big-ip-oracle-enterprise-business-suite-easy-button.md)
+
+- [BIG-IP Easy Button for SSO to Oracle JD Edwards](f5-big-ip-oracle-jde-easy-button.md)
 
 ## Additional resources
 
@@ -178,16 +178,16 @@ Refer to the following guided configuration tutorials using Easy Button template
 
 ## Next steps
 
-Consider running an SHA Proof of concept (POC) using your existing BIG-IP infrastructure, or by deploying a trial instance. [Deploying a BIG-IP Virtual Edition (VE) VM into Azure](f5-bigip-deployment-guide.md) takes approximately 30 minutes, at which point you'll have:
+Consider running an SHA Proof of concept (POC) using your existing BIG-IP infrastructure, or by [Deploying a BIG-IP Virtual Edition (VE) VM into Azure](f5-bigip-deployment-guide.md) takes approximately 30 minutes, at which point you'll have:
 
-- A fully secured platform to model an SHA proof of concept
+- A fully secured platform to model a SHA proof of concept
 
-- A pre-production instance, fully secured platform to use for testing new BIG-IP system updates and hotfixes
+- A pre-production instance for testing new BIG-IP system updates and hotfixes
 
-At the same time, you should identify one or two applications that can be targeted for publishing via the BIG-IP and protecting with SHA.  
+At the same time, you should identify one or two applications that can be published via the BIG-IP and protected with SHA.
 
 Our recommendation is to start with an application that isn’t yet published via a BIG-IP, so as to avoid potential disruption to production services. The guidelines mentioned in this article will help you get acquainted with the general procedure for creating the various BIG-IP configuration objects and setting up SHA. Once complete you should be able to do the same with any other new services, plus also have enough knowledge to convert existing BIG-IP published services over to SHA with minimal effort.
 
-The below interactive guide walks through the high-level procedure for implementing SHA and seeing the end-user experience.
+The below interactive guide walks through the high-level procedure for implementing SHA using a non Easy Button template, and seeing the end-user experience.
 
 [![The image shows interactive guide cover](media/f5-aad-integration/interactive-guide.png)](https://aka.ms/Secure-Hybrid-Access-F5-Interactive-Guide)
@@ -15,6 +15,7 @@ ms.custom: ignite-fall-2021
 
 ## Prerequisites
 
+* Azure subscription - [Create one for free](https://azure.microsoft.com/free/cognitive-services)
 * The current version of [cURL](https://curl.haxx.se/).
 * Once you have your Azure subscription, <a href="https://ms.portal.azure.com/#create/Microsoft.CognitiveServicesTextAnalytics"  title="Create a Language resource"  target="_blank">create a Language resource </a> in the Azure portal to get your key and endpoint. After it deploys, click **Go to resource**.
     * You will need the key and endpoint from the resource you create to connect your application to the API. You'll paste your key and endpoint into the code below later in the quickstart.
 
@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender for Storage - excluding a storage account 
 description: Excluding a specific storage account from a subscription with Microsoft Defender for Storage enabled.
-ms.date: 01/16/2022
+ms.date: 02/06/2022
 ms.topic: how-to
 ---
 # Exclude a storage account from Microsoft Defender for Storage protections
@@ -106,15 +106,60 @@ To exclude specific storage accounts from Microsoft Defender for Storage when th
 
 ---
 
-
 ## Exclude an Azure Databricks Storage account
 
-When Defender for Storage is enabled on a subscription, it's not currently possible to exclude a Storage account if it belongs to an Azure Databricks workspace.
+### Exclude an active Databricks workspace
+
+Microsoft Defender for Storage can exclude specific active Databricks workspace storage accounts, when the plan is already enabled on a subscription.
+
+**To exclude an active Databricks workspace**: 
+
+1. Sign in to the [Azure portal](https://portal.azure.com). 
+
+1. Navigate to **Azure Databricks** > **`Your Databricks workspace`** > **Tags**.
+
+1. In the Name field, enter `AzDefenderPlanAutoEnable`.
+
+1. In the Value field, enter `off`.
+
+1. Select **Apply**.
+
+    :::image type="content" source="media/defender-for-storage-exclude/workspace-exclude.png" alt-text="Screenshot showing the location, and how to apply the tag to your Azure Databricks account.":::
+
+1. Navigate to **Microsoft Defender for Cloud** > **Environment settings** > **`Your subscription`**.
+
+1. Toggle the Defender for Storage plan to **Off**.
+
+    :::image type="content" source="media/defender-for-storage-exclude/storage-off.png" alt-text="Screenshot showing how to switch the Defender for Storage plan to off.":::
+
+1. Select **Save**.
+
+1. Toggle the Defender for Storage plan to **On**.
+
+1. Select **Save**.
+
+The tags will be inherited by the Storage account of the Databricks workspace and prevent Defender for Storage from turning on. 
+
+> [!Note] 
+> Tags can't be added directly to the Databricks Storage account, or its Managed Resource Group.
+
+### Prevent auto-enabling on a new Databricks workspace storage account 
+
+When you create a new Databricks workspace, you have the ability to add a tag that will prevent your Microsoft Defender for Storage account from enabling automatically.
 
-Instead, you can disable Defender for Storage on the subscription and enable Defender for Storage for each Azure Storage account from the **Security** page:
+**To prevent auto-enabling on a new Databricks workspace storage account**:
 
-:::image type="content" source="media/defender-for-storage-exclude/defender-plan-enable-resource.png" alt-text="Screenshot of enabling Microsoft Defender for Storage from the security page of an Azure Storage account." lightbox="media/defender-for-storage-exclude/defender-plan-enable-resource.png":::
+ 1. Follow [these steps](/azure/databricks/scenarios/quickstart-create-Databricks-workspace-portal?tabs=azure-portal) to create a new Azure Databricks workspace.
+ 
+ 1. In the Tags tab, enter a tag named `AzDefenderPlanAutoEnable`.
+ 
+ 1. Enter the value `off`.
+ 
+    :::image type="content" source="media/defender-for-storage-exclude/tag-off.png" alt-text="Screenshot that shows how to create a tag in the Databricks workspace.":::
 
+1. Continue following the instructions to create your new Azure Databricks workspace.
+ 
+The Microsoft Defender for Storage account will inherit the tag of the Databricks workspace, which will prevent Defender for Storage from turning on automatically.
 
 ## Next steps
 
 
@@ -26,7 +26,7 @@ Defender for Cloud offers more container security features if you enable Microso
 | Release state:                  | General availability (GA)                                                                                                                    |
 | Pricing:                        | Free for AKS workloads<br>For Azure Arc-enabled Kubernetes or EKS, it's billed according to the Microsoft Defender for Containers plan       |
 | Required roles and permissions: | **Owner** or **Security admin** to edit an assignment<br>**Reader** to view the recommendations                                              |
-| Environment requirements:       | Kubernetes v1.14 (or higher) is required<br>No PodSecurityPolicy resource (old PSP model) on the clusters<br>Windows nodes are not supported |
+| Environment requirements:       | Kubernetes v1.14 (or newer) is required<br>No PodSecurityPolicy resource (old PSP model) on the clusters<br>Windows nodes are not supported |
 | Clouds:                         | :::image type="icon" source="./media/icons/yes-icon.png"::: Commercial clouds<br>:::image type="icon" source="./media/icons/yes-icon.png"::: National (Azure Government, Azure China 21Vianet) |
 |                                 |                                                                                                                                              |
 
 
@@ -1,7 +1,7 @@
 ---
 title: Create attack vector reports
 description: Attack vector reports provide a graphical representation of a vulnerability chain of exploitable devices.
-ms.date: 11/09/2021
+ms.date: 02/03/2022
 ms.topic: how-to
 ---
 
@@ -13,26 +13,25 @@ Attack vector reports provide a graphical representation of a vulnerability chai
 
 Working with the attack vector lets you evaluate the effect of mitigation activities in the attack sequence. You can then determine, for example, if a system upgrade disrupts the attacker's path by breaking the attack chain, or if an alternate attack path remains. This information helps you prioritize remediation and mitigation activities.
 
-:::image type="content" source="media/how-to-generate-reports/control-center.png" alt-text="View your alerts in the control center.":::
-
 > [!NOTE]
 > Administrators and security analysts can perform the procedures described in this section.
 
 ## Create an attack vector report
 
-To create an attack vector simulation:
+This section describes how to create Attack Vector reports.
 
-1. Select :::image type="content" source="media/how-to-generate-reports/plus.png" alt-text="Plus sign":::on the side menu to add a Simulation.
+**To create an attack vector simulation:**
 
- :::image type="content" source="media/how-to-generate-reports/vector.png" alt-text="The attack vector simulation.":::
+1. Select **Attack vector** from the sensor side menu. 
+1. Select **Add simulation**.
 
 2. Enter simulation properties:
 
    - **Name**: Simulation name.
 
    - **Maximum vectors**: The maximum number of vectors in a single simulation.
 
-   - **Show in Device map**: Show the attack vector as a filter on the device map.
+   - **Show in Device map**: Show the attack vector as a group in the Device map.
 
    - **All Source devices**: The attack vector will consider all devices as an attack source.
 
@@ -46,19 +45,15 @@ To create an attack vector simulation:
 
    - **Exclude Subnets**: Specified subnets will be excluded from the attack vector simulation.
 
-3. Select **Add Simulation**. The simulation will be added to the simulations list.
-
-   :::image type="content" source="media/how-to-generate-reports/new-simulation.png" alt-text="Add a new simulation.":::
-
-4. Select :::image type="icon" source="media/how-to-generate-reports/edit-a-simulation-icon.png" border="false"::: if you want to edit the simulation.
-
-   Select :::image type="icon" source="media/how-to-generate-reports/delete-simulation-icon.png" border="false"::: if you want to delete the simulation.
-
-   Select :::image type="icon" source="media/how-to-generate-reports/make-a-favorite-icon.png" border="false"::: if you want to mark the simulation as a favorite.
+3. Select **Save**.
+1. Select the report that is saved from the Attack vector page and review:
+    - network attack paths and insights
+    - a risk score
+    - source and target devices
+    -  a graphical representation of attack vectors
 
-5. A list of attack vectors appears and includes vector score (out of 100), attack source device, and attack target device. Select a specific attack for graphical depiction of attack vectors.
+   :::image type="content" source="media/how-to-generate-reports/sample-attack-vectors.png" alt-text="Screen shot of Attack vectors report.":::
 
-   :::image type="content" source="media/how-to-generate-reports/sample-attack-vectors.png" alt-text="Attack vectors.":::
 
 ## See also