Merge pull request #239102 from dcurwin/validation-errors-may24-2023

Fix validation errors

Author: v-regandowner

articles/defender-for-cloud/alert-validation.md

@@ -158,7 +158,7 @@ You can also learn more about defending your Kubernetes nodes and clusters with
 
 ### Simulate alerts for App Service
 
-You can simulate alerts for resources running on [App Service](https://learn.microsoft.com/azure/app-service/overview).
+You can simulate alerts for resources running on [App Service](/azure/app-service/overview).
 
 1. Create a new website and wait 24 hours for it to be registered with Defender for Cloud, or use an existing web site. 
 
@@ -167,7 +167,7 @@ You can simulate alerts for resources running on [App Service](https://learn.mic
        
           :::image type="content" source="media/alert-validation/copy-default-domain.png" alt-text="Screenshot showing where to copy the default domain." lightbox="media/alert-validation/copy-default-domain.png":::
 
-      1. Copy the website name into the URL: **https://<website name>.azurewebsites.net/This_Will_Generate_ASC_Alert**.
+      1. Copy the website name into the URL: `https://<website name>.azurewebsites.net/This_Will_Generate_ASC_Alert`.
 1.  An alert is generated within about 1-2 hours.
 
 ## Next steps

articles/defender-for-cloud/azure-devops-extension.md

@@ -124,9 +124,9 @@ The pipeline will run for a few minutes and save the results.
 
 ## Learn more
 
-- Learn how to [create your first pipeline](/azure/devops/pipelines/create-first-pipeline?view=azure-devops&tabs=java%2Ctfs-2018-2%2Cbrowser).
+- Learn how to [create your first pipeline](/azure/devops/pipelines/create-first-pipeline).
 
-- Learn how to [deploy pipelines to Azure](/azure/devops/pipelines/overview-azure?toc=%2Fazure%2Fdevops%2Fcross-service%2Ftoc.json&bc=%2Fazure%2Fdevops%2Fcross-service%2Fbreadcrumb%2Ftoc.json&view=azure-devops).
+- Learn how to [deploy pipelines to Azure](/azure/devops/pipelines/overview-azure).
 
 ## Next steps
 

articles/defender-for-cloud/concept-agentless-containers.md

@@ -79,16 +79,16 @@ Container vulnerability assessment powered by MDVM (Microsoft Defender Vulnerabi
 
 - **Scanning OS packages** - container vulnerability assessment has the ability to scan vulnerabilities in packages installed by the OS package manager in Linux. See the [full list of the supported OS and their versions](support-agentless-containers-posture.md#registries-and-images).   
 - **Language specific packages** – support for language specific packages and files, and their dependencies installed or copied without the OS package manager. See the [complete list of supported languages](support-agentless-containers-posture.md#registries-and-images).  
-- **Image scanning in Azure Private Link** - Azure container vulnerability assessment provides the ability to scan images in container registries that are accessible via Azure Private Links. This capability requires access to trusted services and authentication with the registry. Learn how to [connect privately to an Azure container registry using Azure Private Link](https://learn.microsoft.com/azure/container-registry/container-registry-private-link#set-up-private-endpoint---portal-recommended).   
+- **Image scanning in Azure Private Link** - Azure container vulnerability assessment provides the ability to scan images in container registries that are accessible via Azure Private Links. This capability requires access to trusted services and authentication with the registry. Learn how to [connect privately to an Azure container registry using Azure Private Link](/azure/container-registry/container-registry-private-link#set-up-private-endpoint---portal-recommended).   
 - **Gaining intel for existing exploits of a vulnerability** - While vulnerability reporting tools can report the ever growing volume of vulnerabilities, the capacity to efficiently remediate them remains a challenge;teams. These tools typically prioritize their remediation processes according to the severity of the vulnerability. MDVM provides additional context on the risk related with each vulnerability, leveraging intelligent assessment and risk-based prioritization  against industry security benchmarks, based on three data sources: [exploit DB](https://www.exploit-db.com/), [CISA KEV](https://www.cisa.gov/known-exploited-vulnerabilities-catalog), and [MSRC](https://www.microsoft.com/msrc?SilentAuth=1&wa=wsignin1.0)
 - **Reporting** - Defender for Containers powered by Microsoft Defender Vulnerability Management (MDVM)  reports the vulnerabilities as the following recommendation: 
 
     | Recommendation | Description |
     |--|--|       
     | Container registry images should have vulnerability findings resolved (powered by Microsoft Defender Vulnerability Management) | Container image vulnerability assessment scans your registry for security vulnerabilities and exposes detailed findings for each image. Resolving the vulnerabilities can greatly improve your containers' security posture and protect them from attacks. |
 
-- **Query vulnerability information via the Azure Resource Graph** - Ability to query vulnerability information via the [Azure Resource Graph](https://learn.microsoft.com/azure/governance/resource-graph/overview#how-resource-graph-complements-azure-resource-manager). Learn how to [query recommendations via the ARG](review-security-recommendations.md#review-recommendation-data-in-azure-resource-graph-arg). 
-- **Query vulnerability information via sub-assessment API** - You can get scan results via REST API. See the [sub-assessment list](https://learn.microsoft.com/rest/api/defenderforcloud/sub-assessments/get?tabs=HTTP).   
+- **Query vulnerability information via the Azure Resource Graph** - Ability to query vulnerability information via the [Azure Resource Graph](/azure/governance/resource-graph/overview#how-resource-graph-complements-azure-resource-manager). Learn how to [query recommendations via the ARG](review-security-recommendations.md#review-recommendation-data-in-azure-resource-graph-arg). 
+- **Query vulnerability information via sub-assessment API** - You can get scan results via REST API. See the [sub-assessment list](/rest/api/defenderforcloud/sub-assessments/get?tabs=HTTP).   
 
 ### Scan Triggers 
 

articles/defender-for-cloud/concept-credential-scanner-rules.md

@@ -14,7 +14,7 @@ Defender for DevOps supports many types of files and rules. This article explain
 
 Credential scanning supports the following file types:
 
-| Supported file types |  |  |  |  |  |
+| Supported file types | Supported file types | Supported file types | Supported file types | Supported file types | Supported file types |
 |--|--|--|--|--|--|
 | 0.001 |\*.conf | id_rsa |\*.p12 |\*.sarif |\*.wadcfgx |
 | 0.1 |\*.config |\*.iis |\*.p12* |\*.sc |\*.waz |
@@ -210,39 +210,39 @@ Azure App Service Deployment Password
 
 **Sample**: `userPWD=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEFGHIJKLMNOPQRSTUV;`<br> `PublishingPassword=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEFGHIJKLMNOPQRSTUV;`
 
-Learn more about [Configuring deployment credentials for Azure App Service](../app-service/deploy-configure-credentials.md) and [Get publish settings from Azure and import into Visual Studio](/visualstudio/deployment/tutorial-import-publish-settings-azure?view=vs-2019).
+Learn more about [Configuring deployment credentials for Azure App Service](../app-service/deploy-configure-credentials.md) and [Get publish settings from Azure and import into Visual Studio](/visualstudio/deployment/tutorial-import-publish-settings-azure).
 
 ### CSCAN-AZURE0100
 
 Azure DevOps Personal Access Token
 
 **Sample**: `URL="org.visualstudio.com/proj"; PAT = "ntpi2ch67ci2vjzcohglogyygwo5fuyl365n2zdowwxhsys6jnoa"` <br> `URL="dev.azure.com/org/proj"; PAT = "ntpi2ch67ci2vjzcohglogyygwo5fuyl365n2zdowwxhsys6jnoa"`
 
-Learn more about [Using personal access tokens](/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=Windows).
+Learn more about [Using personal access tokens](/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate).
 
 ### CSCAN-AZURE0101
 
 Azure DevOps App Secret
 
 **Sample**: `AdoAppId=...;AdoAppSecret=ntph2ch67ciqunzcohglogyygwo5fuyl365n4zdowwxhsys6jnoa;`
 
-Learn more about [Authorizing access to REST APIs with OAuth 2.0](/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops).
+Learn more about [Authorizing access to REST APIs with OAuth 2.0](/azure/devops/integrate/get-started/authentication/oauth).
 
 ### CSCAN-AZURE0120
 
 Azure Function Primary / API Key
 
 **Sample**: `https://account.azurewebsites.net/api/function?code=abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDEF0123456789%3D%3D...` <br> `ApiEndpoint=account.azurewebsites.net/api/function;ApiKey=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEFGHIJKLMNOP==;` <br> `x-functions-key:abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEFGHIJKLMNOP==`
 
-Learn more about [Getting your function access keys](../azure-functions/functions-how-to-use-azure-function-app-settings.md#get-your-function-access-keys) and [Function access keys](https://learn.microsoft.com/azure/azure-functions/functions-bindings-http-webhook-trigger?tabs=in-process%2Cfunctionsv2&pivots=programming-language-csharp#authorization-keys)
+Learn more about [Getting your function access keys](../azure-functions/functions-how-to-use-azure-function-app-settings.md#get-your-function-access-keys) and [Function access keys](/azure/azure-functions/functions-bindings-http-webhook-trigger?tabs=in-process%2Cfunctionsv2&pivots=programming-language-csharp#authorization-keys)
 
 ### CSCAN-AZURE0121
 
 Identifiable Azure Function Primary / API Key
 
 **Sample**: `https://account.azurewebsites.net/api/function?code=abcdefghijklmnopqrstuvwxyz0123456789%2F%2BABCDEF0123456789%3D%3D...` <br> `ApiEndpoint=account.azurewebsites.net/api/function;ApiKey=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEFGHIJKLMNOP==;` <br> `x-functions-key:abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEFGHIJKLMNOP==`
 
-Learn more about [Getting your function access keys](../azure-functions/functions-how-to-use-azure-function-app-settings.md#get-your-function-access-keys) and [Function access keys](https://learn.microsoft.com/azure/azure-functions/functions-bindings-http-webhook-trigger?tabs=in-process%2Cfunctionsv2&pivots=programming-language-csharp#authorization-keys).
+Learn more about [Getting your function access keys](../azure-functions/functions-how-to-use-azure-function-app-settings.md#get-your-function-access-keys) and [Function access keys](/azure/azure-functions/functions-bindings-http-webhook-trigger?tabs=in-process%2Cfunctionsv2&pivots=programming-language-csharp#authorization-keys).
 
 ### CSCAN-AZURE0130
 
@@ -282,7 +282,7 @@ Azure Bot Service App Secret
 
 **Sample**: `"account.azurewebsites.net/api/messages;AppId=01234567-abcd-abcd-abcd-abcdef012345;AppSecret="abcdeFGHIJ0K1234567%;[@"`
 
-Learn more about [Authentication types](/azure/bot-service/bot-builder-concept-authentication-types?view=azure-bot-service-4.0).
+Learn more about [Authentication types](/azure/bot-service/bot-builder-concept-authentication-types).
 
 ### CSCAN-AZURE0160
 
@@ -386,7 +386,7 @@ Azure Bot Framework Secret Key
 
 **Sample**: `host: webchat.botframework.com/?s=abcdefghijklmnopqrstuvwxyz.0123456789_ABCDEabcdefghijkl&...` <br> `host: webchat.botframework.com/?s=abcdefghijk.lmn.opq.rstuvwxyz0123456789-_ABCDEFGHIJKLMNOPQRSTUV&...`
 
-Learn more about [Connecting a bot to Web Chat](/azure/bot-service/bot-service-channel-connect-webchat?view=azure-bot-service-4.0)
+Learn more about [Connecting a bot to Web Chat](/azure/bot-service/bot-service-channel-connect-webchat)
 
 ### CSCAN-GENERAL0020
 
@@ -418,7 +418,7 @@ ASP.NET Machine Key
 
 **Sample**: `machineKey validationKey="ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789" decryptionKey="ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789"...`
 
-Learn more about [MachineKey Class](/dotnet/api/system.web.security.machinekey?view=netframework-4.8)
+Learn more about [MachineKey Class](/dotnet/api/system.web.security.machinekey)
 
 
 ### CSCAN-GENERAL0060
@@ -443,7 +443,7 @@ Http Authorization Header
 
 **Sample**: `Authorization: Basic ABCDEFGHIJKLMNOPQRS0123456789;` <br> `Authorization: Digest ABCDEFGHIJKLMNOPQRS0123456789;`
 
-Learn more about [HttpRequestHeaders.Authorization Property](/dotnet/api/system.net.http.headers.httprequestheaders.authorization?view=netframework-4.8).
+Learn more about [HttpRequestHeaders.Authorization Property](/dotnet/api/system.net.http.headers.httprequestheaders.authorization).
 
 ### CSCAN-GENERAL0130
 
@@ -459,7 +459,7 @@ General Symmetric Key
 
 **Sample**: `key=abcdefghijklmnopqrstuvwxyz0123456789/+ABCDE=;`
 
-Learn more about [AES Class](/dotnet/api/system.security.cryptography.aes?view=net-5.0).
+Learn more about [AES Class](/dotnet/api/system.security.cryptography.aes).
 
 ### CSCAN-GENERAL0150
 

articles/defender-for-cloud/defender-for-cloud-glossary.md

@@ -146,7 +146,7 @@ This glossary provides a brief description of important terms and concepts for t
 
 | Term | Description | Learn more |
 |--|--|--|
-|**SAS**| Shared access signature that provides secure delegated access to resources in your storage account.|[Storage SAS Overview (https://learn.microsoft.com/azure/storage/common/storage-sas-overview)|
+|**SAS**| Shared access signature that provides secure delegated access to resources in your storage account.|[Storage SAS Overview](/azure/storage/common/storage-sas-overview)|
 |**SaaS**| Software as a service (SaaS) allows users to connect to and use cloud-based apps over the Internet. Common examples are email, calendaring, and office tools (such as Microsoft Office 365). SaaS provides a complete software solution that you purchase on a pay-as-you-go basis from a cloud service provider.|[What is SaaS?](https://azure.microsoft.com/resources/cloud-computing-dictionary/what-is-saas/)|
 |**Secure Score**|Defender for Cloud continually assesses your cross-cloud resources for security issues. It then aggregates all the findings into a single score that represents your current security situation: the higher the score, the lower the identified risk level.|[Security posture for Microsoft Defender for Cloud](secure-score-security-controls.md)|
 |**Security Alerts**|Security alerts are the notifications generated by Defender for Cloud and Defender for Cloud plans when threats are identified in your cloud, hybrid, or on-premises environment.|[What are security alerts?](../defender-for-cloud/alerts-overview.md#what-are-security-alerts)|

articles/defender-for-cloud/defender-for-devops-introduction.md

@@ -21,6 +21,7 @@ Defender for DevOps uses a central console to empower security teams with the ab
 Defender for DevOps helps unify, strengthen and manage multi-pipeline DevOps security. 
 
 ## Availability
+
   > [!Note] 
   > During the preview, the maximum number of GitHub repositories that can be onboarded to Microsoft Defender for Cloud is 2,000. If you try to connect more than 2,000 GitHub repositories, only the first 2,000 repositories, sorted alphabetically, will be onboarded.  
   > 
@@ -87,7 +88,7 @@ On this part of the screen you see:
 
 - Learn about [security in DevOps](/devops/operate/security-in-devops).
 
-- You can learn about [securing Azure Pipelines](/azure/devops/pipelines/security/overview?view=azure-devops).
+- You can learn about [securing Azure Pipelines](/azure/devops/pipelines/security/overview).
 
 - Learn about [security hardening practices for GitHub Actions](https://docs.github.com/actions/security-guides/security-hardening-for-github-actions).
 

articles/defender-for-cloud/episode-seventeen.md

@@ -13,13 +13,13 @@ ms.date: 04/27/2023
 <br>
 <iframe src="https://aka.ms/docs/player?id=96a0ecdb-b1c3-423f-9ff1-47fcc5d6ab1b" width="1080" height="530" allowFullScreen="true" frameBorder="0"></iframe>
 
-- [00:00](https://learn.microsoft.com/shows/mdc-in-the-field/integrate-entra#time=00m0s) - Defender for Cloud integration with Microsoft Entra
+- [00:00](/shows/mdc-in-the-field/integrate-entra#time=00m0s) - Defender for Cloud integration with Microsoft Entra
 
-- [00:55](https://learn.microsoft.com/shows/mdc-in-the-field/integrate-entra#time=00m55s) - What is Cloud Infrastructure Entitlement Management?
+- [00:55](/shows/mdc-in-the-field/integrate-entra#time=00m55s) - What is Cloud Infrastructure Entitlement Management?
 
-- [02:20](https://learn.microsoft.com/shows/mdc-in-the-field/integrate-entra#time=02m20s) - How does the integration with MDC work?
+- [02:20](/shows/mdc-in-the-field/integrate-entra#time=02m20s) - How does the integration with MDC work?
 
-- [03:58](https://learn.microsoft.com/shows/mdc-in-the-field/integrate-entra#time=03m58s) - Demonstration
+- [03:58](/shows/mdc-in-the-field/integrate-entra#time=03m58s) - Demonstration
 
 ## Recommended resources
 

articles/defender-for-cloud/episode-twenty-three.md

@@ -21,9 +21,9 @@ ms.date: 04/27/2023
 
 - [08:45](/shows/mdc-in-the-field/threat-intelligence#time=08m45s) - Demonstration
 
-
 ## Recommended resources
-  - [Learn more](https://learn.microsoft.com/defender/threat-intelligence/what-is-microsoft-defender-threat-intelligence-defender-ti) about Defender TI.
+
+  - [Learn more](/defender/threat-intelligence/what-is-microsoft-defender-threat-intelligence-defender-ti) about Defender TI.
   - Subscribe to [Microsoft Security on YouTube](https://www.youtube.com/playlist?list=PL3ZTgFEc7LysiX4PfHhdJPR7S8mGO14YS)
   - Join our [Tech Community](https://aka.ms/SecurityTechCommunity)
   - For more about [Microsoft Security](https://msft.it/6002T9HQY)