Linter fixes

Author: ElazarK

articles/defender-for-cloud/enable-defender-for-endpoint.md

@@ -4,7 +4,8 @@ description: Learn how to deploy the Microsoft Defender for Endpoint integration
 author: dcurwin
 ms.author: dacurwin
 ms.topic: how-to
-ms.date: 02/14/2024
+ms.date: 03/13/2024
+#customer intent: As a user, I want to learn how to enable the Defender for Endpoint integration in Defender for Cloud so that I can protect my Azure, hybrid, and multicloud machines.
 ---
 
 # Enable the Defender for Endpoint integration

articles/defender-for-cloud/endpoint-protection-recommendations-technical.md

@@ -1,10 +1,11 @@
 ---
-title: Assessment checks for endpoint detection and response solutions (MMA)
-description: How the endpoint protection solutions are discovered and identified as healthy.
-ms.topic: conceptual
+title: Assessment checks for endpoint detection and response
+description: How the endpoint protection solutions are discovered, identified, and maintained for optimal security.
+ms.topic: concept-article
 ms.author: dacurwin
 author: dcurwin
-ms.date: 02/13/2024
+ms.date: 03/13/2024
+#customer intent: As a reader, I want to understand the assessment checks for endpoint detection and response solutions so that I can ensure the security of my systems.
 ---
 
 # Assessment checks for endpoint detection and response solutions (MMA)
@@ -22,6 +23,7 @@ Microsoft Defender for Cloud provides health assessments of [supported](supporte
 
 ## Windows Defender
 
+The table explains the scenarios that lead Defender for Cloud to generate the following two recommendations for Windows Defender:
 
 | Recommendation | Appears when |
 |--|--|
@@ -30,40 +32,52 @@ Microsoft Defender for Cloud provides health assessments of [supported](supporte
 
 ## Microsoft System Center endpoint protection
 
+The table explains the scenarios that lead Defender for Cloud to generate the following two recommendations for Microsoft System Center endpoint protection:
+
 | Recommendation | Appears when |
 |--|--|
 | **Endpoint protection should be installed on your machines** | importing **SCEPMpModule ("$env:ProgramFiles\Microsoft Security Client\MpProvider\MpProvider.psd1")** and running **Get-MProtComputerStatus** results in **AMServiceEnabled = false** |
 | **Endpoint protection health issues should be resolved on your machines** | **Get-MprotComputerStatus** runs and any of the following occurs: <br><br> At least one of the following properties is false: <br><br> - **AMServiceEnabled** <br> - **AntispywareEnabled** <br> - **RealTimeProtectionEnabled** <br> - **BehaviorMonitorEnabled** <br> - **IoavProtectionEnabled** <br> - **OnAccessProtectionEnabled** <br><br> If one or both of the following Signature Updates are greater or equal to 7: <br><br> - **AntispywareSignatureAge** <br> - **AntivirusSignatureAge** |
 
 ## Trend Micro
 
+The table explains the scenarios that lead Defender for Cloud to generate the following two recommendations for Trend Micro:
+
 | Recommendation | Appears when |
 |--|--|
 | **Endpoint protection should be installed on your machines** | any of the following checks aren't met: <br><br> - **HKLM:\SOFTWARE\TrendMicro\Deep Security Agent** exists <br> - **HKLM:\SOFTWARE\TrendMicro\Deep Security Agent\InstallationFolder** exists <br> - The **dsa_query.cmd** file is found in the Installation Folder <br> - Running **dsa_query.cmd** results with **Component.AM.mode: on - Trend Micro Deep Security Agent detected** |
 
 ## Symantec endpoint protection
 
+The table explains the scenarios that lead Defender for Cloud to generate the following two recommendations for Symantec endpoint protection:
+
 | Recommendation | Appears when |
 |--|--|
 | **Endpoint protection should be installed on your machines** | any of the following checks aren't met: <br> <br> - **HKLM:\Software\Symantec\Symantec Endpoint Protection\CurrentVersion\PRODUCTNAME = "Symantec Endpoint Protection"** <br> - **HKLM:\Software\Symantec\Symantec Endpoint Protection\CurrentVersion\public-opstate\ASRunningStatus = 1** <br> Or <br> - **HKLM:\Software\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion\PRODUCTNAME = "Symantec Endpoint Protection"** <br> - **HKLM:\Software\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion\public-opstate\ASRunningStatus = 1**|
 | **Endpoint protection health issues should be resolved on your machines** | any of the following checks aren't met: <br> <br> - Check Symantec Version >= 12: Registry location: **HKLM:\Software\Symantec\Symantec Endpoint Protection\CurrentVersion" -Value "PRODUCTVERSION"** <br> - Check Real-Time Protection status: **HKLM:\Software\Wow6432Node\Symantec\Symantec Endpoint Protection\AV\Storages\Filesystem\RealTimeScan\OnOff == 1** <br> - Check Signature Update status: **HKLM\Software\Symantec\Symantec Endpoint Protection\CurrentVersion\public-opstate\LatestVirusDefsDate <= 7 days** <br> - Check Full Scan status: **HKLM:\Software\Symantec\Symantec Endpoint Protection\CurrentVersion\public-opstate\LastSuccessfulScanDateTime <= 7 days** <br> - Find signature version number Path to signature version for Symantec 12: **Registry Paths+ "CurrentVersion\SharedDefs" -Value "SRTSP"** <br> - Path to signature version for Symantec 14: **Registry Paths+ "CurrentVersion\SharedDefs\SDSDefs" -Value "SRTSP"** <br><br> Registry Paths: <br> <br> - **"HKLM:\Software\Symantec\Symantec Endpoint Protection" + $Path;** <br> - **"HKLM:\Software\Wow6432Node\Symantec\Symantec Endpoint Protection" + $Path** |
 
 ## McAfee endpoint protection for Windows
 
+The table explains the scenarios that lead Defender for Cloud to generate the following two recommendations for McAfee endpoint protection for Windows:
+
 | Recommendation | Appears when |
 |--|--| 
 | **Endpoint protection should be installed on your machines** | any of the following checks aren't met: <br><br> - **HKLM:\SOFTWARE\McAfee\Endpoint\AV\ProductVersion** exists <br> - **HKLM:\SOFTWARE\McAfee\AVSolution\MCSHIELDGLOBAL\GLOBAL\enableoas = 1**|
 | **Endpoint protection health issues should be resolved on your machines** | any of the following checks aren't met: <br> <br> - McAfee Version: **HKLM:\SOFTWARE\McAfee\Endpoint\AV\ProductVersion >= 10** <br> - Find Signature Version: **HKLM:\Software\McAfee\AVSolution\DS\DS -Value "dwContentMajorVersion"** <br> - Find Signature date: **HKLM:\Software\McAfee\AVSolution\DS\DS -Value "szContentCreationDate" >= 7 days** <br> - Find Scan date: **HKLM:\Software\McAfee\Endpoint\AV\ODS -Value "LastFullScanOdsRunTime" >= 7 days** |
 
 ## McAfee Endpoint Security for Linux Threat Prevention
 
+The table explains the scenarios that lead Defender for Cloud to generate the following two recommendations for McAfee Endpoint Security for Linux Threat Prevention:
+
 | Recommendation | Appears when |
 |--|--|  
 | **Endpoint protection should be installed on your machines** | any of the following checks aren't met: <br> <br> - File **/opt/McAfee/ens/tp/bin/mfetpcli** exists <br> - **"/opt/McAfee/ens/tp/bin/mfetpcli --version"** output is: **McAfee name = McAfee Endpoint Security for Linux Threat Prevention and McAfee version >= 10** |
 | **Endpoint protection health issues should be resolved on your machines** | any of the following checks aren't met: <br> <br> - **"/opt/McAfee/ens/tp/bin/mfetpcli --listtask"** returns **Quick scan, Full scan** and both of the scans <= 7 days <br> - **"/opt/McAfee/ens/tp/bin/mfetpcli --listtask"** returns **DAT and engine Update time** and both of them <= 7 days <br> - **"/opt/McAfee/ens/tp/bin/mfetpcli --getoasconfig --summary"** returns **On Access Scan** status |
 
 ## Sophos Antivirus for Linux
 
+The table explains the scenarios that lead Defender for Cloud to generate the following two recommendations for Sophos Antivirus for Linux:
+
 | Recommendation | Appears when |
 |--|--|
 | **Endpoint protection should be installed on your machines** | any of the following checks aren't met: <br> <br> - File **/opt/sophos-av/bin/savdstatus** exits or search for customized location **"readlink $(which savscan)"** <br> - **"/opt/sophos-av/bin/savdstatus --version"** returns Sophos name = **Sophos Anti-Virus and Sophos version >= 9** |