Fix formatting

Author: David Curwin

articles/defender-for-cloud/review-pull-request-annotations.md

@@ -37,11 +37,11 @@ Once you've configured the scanner, you're able to view all issues that were det
 
 1. Follow the remediation steps in the annotation.
 
-1. Select **Active** to change the status of the annotation and access the dropdown menu. 
+1. Select **Active** to change the status of the annotation and access the dropdown menu.
 
 1. Select an action to take:
 
-    - **Active** - The default status for new annotations.    
+    - **Active** - The default status for new annotations.
     - **Pending** - The finding is being worked on.
     - **Resolved** - The finding has been addressed.
     - **Won't fix** - The finding is noted but won't be fixed.

articles/defender-for-cloud/review-security-recommendations.md

@@ -87,34 +87,34 @@ You can perform many actions to interact with recommendations. If an option isn'
     - Select **View policy definition** to view the Azure Policy entry for the underlying recommendation (if relevant).
 
 1. In **Findings**, you can review affiliated findings by severity.
-    
+
      :::image type="content" source="media/review-security-recommendations/recommendation-findings.png" alt-text="Screenshot of the findings tab in a recommendation that shows all of the attack paths for that recommendation." lightbox="media/review-security-recommendations/recommendation-findings.png":::
 
 1. In **Take action**:
     - **Remediate**: A description of the manual steps required to remediate the security issue on the affected resources. For recommendations with the **Fix** option, you can select **View remediation logic** before applying the suggested fix to your resources.
-    
-     - **Assign owner and due date**: If you have a [governance rule](governance-rules.md) turned on for the recommendation, you can assign an owner and due date.
-    
+
+    - **Assign owner and due date**: If you have a [governance rule](governance-rules.md) turned on for the recommendation, you can assign an owner and due date.
+
     - **Exempt**: You can exempt resources from the recommendation, or disable specific findings using disable rules.
-    
+
     - **Workflow automation**: Set a logic app to trigger with this recommendation.
-    
-    :::image type="content" source="media/review-security-recommendations/recommendation-take-action.png" alt-text="Screenshot that shows what you can see in the recommendation when you select the take action tab." lightbox="media/review-security-recommendations/recommendation-take-action.png"::: 
-    
+
+    :::image type="content" source="media/review-security-recommendations/recommendation-take-action.png" alt-text="Screenshot that shows what you can see in the recommendation when you select the take action tab." lightbox="media/review-security-recommendations/recommendation-take-action.png":::
+
 1. In **Graph**, you can view and investigate all context that is used for risk prioritization, including [attack paths](how-to-manage-attack-path.md). You can select a node in an attack path to view the details of the selected node.
 
      :::image type="content" source="media/review-security-recommendations/recommendation-graph.png" alt-text="Screenshot of the graph tab in a recommendation that shows all of the attack paths for that recommendation." lightbox="media/review-security-recommendations/recommendation-graph.png":::
 
 ## How are recommendations classified?
 
 Every security recommendation from Defender for Cloud is assigned one of three severity ratings:
- 
+
 - **High severity**: These recommendations should be addressed immediately, as they indicate a critical security vulnerability that could be exploited by an attacker to gain unauthorized access to your systems or data. Examples of high severity recommendations are when we’ve discovered unprotected secrets on a machine, overly-permissive inbound NSG rules, clusters allowing images to be deployed from untrusted registries, and unrestricted public access to storage accounts or databases.
 
 - **Medium severity**: These recommendations indicate a potential security risk that should be addressed in a timely manner, but may not require immediate attention. Examples of medium severity recommendations might include containers sharing sensitive host namespaces, web apps not using managed identities, Linux machines not requiring SSH keys during authentication, and unused credentials being left in the system after 90 days of inactivity.
 
 - **Low severity**: These recommendations indicate a relatively minor security issue that can be addressed at your convenience. Examples of low severity recommendations might include the need to disable local authentication in favor of Microsoft Entra ID, health issues with your endpoint protection solution, best practices not being followed with network security groups, or misconfigured logging settings that could make it harder to detect and respond to security incidents.
- 
+
 Of course, the internal views of an organization might differ with Microsoft’s classification of a specific recommendation. So, it's always a good idea to review each recommendation carefully and consider its potential impact on your security posture before deciding how to address it.
 
 ## Manage recommendations assigned to you
@@ -192,4 +192,3 @@ When you open the underlying query, and run it, Azure Resource Graph Explorer re
 ## Next steps
 
 [Remediate security recommendations](implement-security-recommendations.md)
-

articles/defender-for-cloud/secure-score-access-and-track.md

@@ -14,7 +14,7 @@ You can find your overall secure score, and your score per subscription, through
 
 ## Get your secure score from the portal
 
-Defender for Cloud displays your score prominently in the portal. When you select the Secure score tile on the overview page, you're taken to the dedicated secure score page, where you'll see the score broken down by subscription. Select a single subscription to see the detailed list of prioritized recommendations and the potential effect that remediating them will have on the subscription's score. 
+Defender for Cloud displays your score prominently in the portal. When you select the Secure score tile on the overview page, you're taken to the dedicated secure score page, where you'll see the score broken down by subscription. Select a single subscription to see the detailed list of prioritized recommendations and the potential effect that remediating them will have on the subscription's score.
 
 Your secure score is shown in the following locations in Defender for Cloud's portal pages.
 
@@ -29,7 +29,7 @@ Your secure score is shown in the following locations in Defender for Cloud's po
     :::image type="content" source="./media/secure-score-security-controls/secure-score-management-groups.png" alt-text="The secure score for management groups on Defender for Cloud's secure score page":::
 
     > [!NOTE]
-    > Any management groups for which you don't have sufficient permissions, will show their score as “Restricted.” 
+    > Any management groups for which you don't have sufficient permissions, will show their score as “Restricted.”
 
 - At the top of the **Recommendations** page:
 
@@ -41,7 +41,7 @@ You can access your score via the secure score API. The API methods provide the
 
 ![Retrieving a single secure score via the API.](media/secure-score-security-controls/single-secure-score-via-api.png)
 
-For examples of tools built on top of the secure score API, see [the secure score area of our GitHub community](https://github.com/Azure/Azure-Security-Center/tree/master/Secure%20Score). 
+For examples of tools built on top of the secure score API, see [the secure score area of our GitHub community](https://github.com/Azure/Azure-Security-Center/tree/master/Secure%20Score).
 
 ## Get your secure score from Azure Resource Graph
 
@@ -55,7 +55,7 @@ To access the secure score for multiple subscriptions with Azure Resource Graph:
 
 1. Enter your Kusto query (using the following examples for guidance).
 
-    - This query returns the subscription ID, the current score in points and as a percentage, and the maximum score for the subscription. 
+    - This query returns the subscription ID, the current score in points and as a percentage, and the maximum score for the subscription.
 
         ```kusto
         SecurityResources 
@@ -64,7 +64,7 @@ To access the secure score for multiple subscriptions with Azure Resource Graph:
         | project subscriptionId, current, max, percentage = ((current / max)*100)
         ```
 
-    - This query returns the status of all the security controls. For each control, you'll get the number of unhealthy resources, the current score, and the maximum score. 
+    - This query returns the status of all the security controls. For each control, you'll get the number of unhealthy resources, the current score, and the maximum score.
 
         ```kusto
         SecurityResources 
@@ -75,7 +75,6 @@ To access the secure score for multiple subscriptions with Azure Resource Graph:
 
 1. Select **Run query**.
 
-
 ## Tracking your secure score over time
 
 ### Secure Score Over Time report in workbooks page
@@ -99,7 +98,6 @@ The dashboard contains the following two reports to help you analyze your securi
 
 :::image type="content" source="./media/secure-score-security-controls/power-bi-secure-score-dashboard.png" alt-text="The optional Secure Score Over Time Power BI dashboard for tracking your secure score over time and investigating changes.":::
 
-
 ## Next steps
 
 This article described how to access and track your secure score. For related material, see the following articles:

articles/defender-for-cloud/sql-azure-vulnerability-assessment-rules-changelog.md

@@ -46,7 +46,6 @@ This article details the changes made to the SQL vulnerability assessment servic
 |VA1220 |Database communication using TDS should be protected through TLS |Logic change |
 |VA2108 |Minimal set of principals should be members of fixed high impact database roles |Logic change |
 
-
 ## December 2020
 
 |Rule ID  |Rule Title  |Change details  |

articles/defender-for-cloud/support-matrix-cloud-environment.md

@@ -13,7 +13,6 @@ This article indicates which Defender for Cloud features are supported in Azure
 
 In the support table, **NA** indicates that the feature isn't available.
 
-
 |**Feature/Plan** | **Azure** | **Azure Government** | **Microsoft Azure operated by 21Vianet**|
 |--- | --- | --- | --- |
 |**GENERAL FEATURES** | | ||