Merge pull request #264226 from danielledennis/main

Recency toggle + private IP update

Author: v-dirichards

articles/external-attack-surface-management/media/Inventory_2.png

@@ -105,15 +105,20 @@ The following data is specific to the issuer of an SSL certificate.
 
 ## Data tabs
 
-On the rightmost pane of the asset details page, users can access more expansive data related to the selected asset. This data is organized in a series of categorized tabs. The available metadata tabs change depending on the type of asset you're viewing.
+On the rightmost pane of the asset details page, users can access more expansive data related to the selected asset. This data is organized in a series of categorized tabs. The available metadata tabs change depending on the type of asset you're viewing. 
+
+Certain tabs display a "Recent only" toggle in the upper-right corner. By default, Defender EASM displays all data that we've collected for each asset, including historical observations that may not be actively running on your current attack surface. While this historical context is very valuable for certain use cases, the "Recent only" toggle will limit all results on the Asset Details page to those most recently observed on the asset. It is recommended that you use the "Recent only" toggle when you only wish to view data that represents the current state of the asset for remediation purposes. 
+
+![Screenshot that highlights the "Recent only" toggle from the Overview page of Asset Details.](media/inventory-1b.png)
+
 
 ### Overview
 
 The **Overview** tab provides more context to ensure that significant insights are quickly identifiable when you view the details of an asset. This section includes key discovery data for all asset types. It provides insight about how Microsoft maps the asset to your known infrastructure.
 
 This section can also include dashboard widgets that visualize insights that are relevant to the asset type in question.
 
-![Screenshot that shows the asset details page Overview pane.](media/Inventory_2.png)
+![Screenshot that shows the asset details page Overview pane.](media/inventory-2.png)
 
 ### Discovery chain
 

articles/external-attack-surface-management/media/inventory-1.png

@@ -60,7 +60,7 @@ Custom discoveries are organized into discovery groups. They're independent seed
     ![Screenshot that shows the first page of the discovery group setup.](media/Discovery_4.png)
 
 
-5. Select the seeds that you want to use for this discovery group. Seeds are known assets that belong to your organization. The Defender EASM platform scans these entities and maps their connections to other online infrastructure to create your attack surface.
+5. Select the seeds that you want to use for this discovery group. Seeds are known assets that belong to your organization. The Defender EASM platform scans these entities and maps their connections to other online infrastructure to create your attack surface. Since Defender EASM is intended to monitor your attack surface from an external perspective, private IP addresses cannot be included as discovery seeds. 
 
     ![Screenshot that shows the seed selection page of the discovery group setup.](media/Discovery_5.png)