fix formatting

Author: David Curwin

articles/defender-for-cloud/adaptive-network-hardening.md

@@ -130,7 +130,7 @@ When necessary, you can delete a recommended rule for the current session. For e
 
 To delete an adaptive network hardening rule for your current session:
 
-- In the **Rules** tab, select the three dots (...) at the end of the rule's row, and select **Delete**.  
+- In the **Rules** tab, select the three dots (...) at the end of the rule's row, and select **Delete**.
 
     ![Deleting a rule.](./media/adaptive-network-hardening/delete-hard-rule.png)
 

articles/defender-for-cloud/agentless-malware-scanning.md

@@ -28,9 +28,9 @@ Agentless malware scanning provides:
 
 Agentless malware scanning offers the following benefits to both protected and unprotected machines:
 
-- **Improved coverage** - If a machine doesn't have an antivirus solution enabled, the agentless detector scans that machine to detect malicious activity.  
+- **Improved coverage** - If a machine doesn't have an antivirus solution enabled, the agentless detector scans that machine to detect malicious activity.
 
-- **Detect potential threats** - The agentless scanner scans all files and folders including any files or folders that are excluded from the agent-based antivirus scans, without having an effect on the performance of the machine.  
+- **Detect potential threats** - The agentless scanner scans all files and folders including any files or folders that are excluded from the agent-based antivirus scans, without having an effect on the performance of the machine.
 
 You can learn more about [agentless machine scanning](concept-agentless-data-collection.md) and how to [enable agentless scanning for VMs](enable-agentless-scanning-vms.md).
 

articles/defender-for-cloud/alert-validation.md

@@ -70,7 +70,7 @@ After the Microsoft Defender for Endpoint agent is installed on your machine, as
 
     :::image type="content" source="media/alert-validation/powershell-no-exit.png" alt-text="Screenshot showing PowerShell message line." lightbox="media/alert-validation/powershell-no-exit.png":::
 
-Alternately, you can also use the [EICAR](https://www.eicar.org/download-anti-malware-testfile/) test string to perform this test:  Create a text file, paste the EICAR line, and save the file as an executable file to your machine's local drive.  
+Alternately, you can also use the [EICAR](https://www.eicar.org/download-anti-malware-testfile/) test string to perform this test:  Create a text file, paste the EICAR line, and save the file as an executable file to your machine's local drive.
 
 > [!NOTE]
 > When reviewing test alerts for Windows, make sure that you have Defender for Endpoint running with Real-Time protection enabled. Learn how to [validate this configuration](/microsoft-365/security/defender-endpoint/configure-real-time-protection-microsoft-defender-antivirus).

articles/defender-for-cloud/concept-data-security-posture.md

@@ -59,7 +59,7 @@ By applying sensitivity information types and Microsoft Purview sensitivity labe
 
 Data sensitivity settings define what's considered sensitive data in your organization. Data sensitivity values in Defender for Cloud are based on:
 
-- **Predefined sensitive information types**: Defender for Cloud uses the built-in sensitive information types in [Microsoft Purview](/microsoft-365/compliance/sensitive-information-type-learn-about). This ensures consistent classification across services and workloads. Some of these types are enabled by default in Defender for Cloud. You can [modify these defaults](data-sensitivity-settings.md). Of these built-in sensitive information types, there's a subset supported by sensitive data discovery. You can view a [reference list](sensitive-info-types.md) of this subset, which also lists which information types are supported by default.  
+- **Predefined sensitive information types**: Defender for Cloud uses the built-in sensitive information types in [Microsoft Purview](/microsoft-365/compliance/sensitive-information-type-learn-about). This ensures consistent classification across services and workloads. Some of these types are enabled by default in Defender for Cloud. You can [modify these defaults](data-sensitivity-settings.md). Of these built-in sensitive information types, there's a subset supported by sensitive data discovery. You can view a [reference list](sensitive-info-types.md) of this subset, which also lists which information types are supported by default.
 - **Custom information types/labels**: You can optionally import custom sensitive information types and [labels](/microsoft-365/compliance/sensitivity-labels) that you defined in the Microsoft Purview compliance portal.
 - **Sensitive data thresholds**: In Defender for Cloud, you can set the threshold for sensitive data labels. The threshold determines minimum confidence level for a label to be marked as sensitive in Defender for Cloud. Thresholds make it easier to explore sensitive data.
 

articles/defender-for-cloud/file-integrity-monitoring-enable-log-analytics.md

@@ -184,12 +184,12 @@ Use wildcards to simplify tracking across directories. The following rules apply
 
 ### Enable built-in recursive registry checks
 
-The FIM registry hive defaults provide a convenient way to monitor recursive changes within common security areas.  For example, an adversary might configure a script to execute in LOCAL_SYSTEM context by configuring an execution at startup or shutdown.  To monitor changes of this type, enable the built-in check.  
+The FIM registry hive defaults provide a convenient way to monitor recursive changes within common security areas.  For example, an adversary might configure a script to execute in LOCAL_SYSTEM context by configuring an execution at startup or shutdown.  To monitor changes of this type, enable the built-in check.
 
 ![Registry.](./media/file-integrity-monitoring-enable-log-analytics/baselines-registry.png)
 
 >[!NOTE]
-> Recursive checks apply only to recommended security hives and not to custom registry paths.  
+> Recursive checks apply only to recommended security hives and not to custom registry paths.
 
 ### Add a custom registry check
 
@@ -233,7 +233,7 @@ In the example in the following figure, **Contoso Web App** resides in the D:\ d
 
 ### Retrieve change data
 
-File Integrity Monitoring data resides within the Azure Log Analytics/ConfigurationChange table set.  
+File Integrity Monitoring data resides within the Azure Log Analytics/ConfigurationChange table set.
 
 1. Set a time range to retrieve a summary of changes by resource.
 
@@ -258,7 +258,7 @@ File Integrity Monitoring data resides within the Azure Log Analytics/Configurat
     | order by Computer, RegistryKey
     ```
 
-Reports can be exported to CSV for archival and/or channeled to a Power BI report.  
+Reports can be exported to CSV for archival and/or channeled to a Power BI report.
 
 ![FIM data.](./media/file-integrity-monitoring-enable-log-analytics/baselines-data.png)
 

articles/defender-for-cloud/file-integrity-monitoring-overview.md

@@ -8,7 +8,7 @@ ms.date: 03/11/2024
 ---
 # File Integrity Monitoring in Microsoft Defender for Cloud
 
-File Integrity Monitoring (FIM) examines operating system files, Windows registries, application software, and Linux system files for changes that might indicate an attack.  
+File Integrity Monitoring (FIM) examines operating system files, Windows registries, application software, and Linux system files for changes that might indicate an attack.
 
 FIM (file integrity monitoring) uses the Azure Change Tracking solution to track and identify changes in your environment. When FIM is enabled, you have a **Change Tracking** resource of type **Solution**. If you remove the **Change Tracking** resource, you'll also disable the File Integrity Monitoring feature in Defender for Cloud. FIM lets you take advantage of [Change Tracking](../automation/change-tracking/overview.md) directly in Defender for Cloud. For data collection frequency details, see [Change tracking data collection details](../automation/change-tracking/overview.md#change-tracking-and-inventory-data-collection).
 

articles/defender-for-cloud/sql-azure-vulnerability-assessment-overview.md

@@ -60,7 +60,7 @@ Configuration modes benefits and limitations comparison:
 | Scan export | Azure Resource Graph | Excel format, Azure Resource Graph |
 | Supported Clouds | :::image type="icon" source="./media/icons/yes-icon.png"::: Commercial clouds<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Azure Government<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Microsoft Azure operated by 21Vianet | :::image type="icon" source="./media/icons/yes-icon.png"::: Commercial clouds<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Azure Government<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Azure operated by 21Vianet |
 
-## Next steps  
+## Next steps
 
 - Enable [SQL vulnerability assessments](sql-azure-vulnerability-assessment-enable.md)
 - Express configuration [common questions](faq-defender-for-databases.yml) and [Troubleshooting](sql-azure-vulnerability-assessment-manage.md?tabs=express#troubleshooting).

articles/defender-for-cloud/troubleshooting-guide.md

@@ -42,7 +42,7 @@ Defender for Cloud uses connectors to collect monitoring data from Amazon Web Se
   - **GKE clusters should have Microsoft Defender's extension for Azure Arc installed**
   - **Azure Arc-enabled Kubernetes clusters should have the Azure Policy extension installed**
   - **GKE clusters should have the Azure Policy extension installed**
-- If you're experiencing problems with deleting the AWS or GCP connector, check if you have a lock. An error in the Azure activity log might hint at the presence of a lock.  
+- If you're experiencing problems with deleting the AWS or GCP connector, check if you have a lock. An error in the Azure activity log might hint at the presence of a lock.
 - Check that workloads exist in the AWS account or GCP project.
 
 ### Tips for AWS connector problems

articles/defender-for-cloud/working-with-log-analytics-agent.md

@@ -37,7 +37,7 @@ To configure integration with the Log Analytics agent:
         > - [Where is the default Log Analytics workspace created?](./faq-data-collection-agents.yml#where-is-the-default-log-analytics-workspace-created-)
         > - [Can I delete the default workspaces created by Defender for Cloud?](./faq-data-collection-agents.yml#can-i-delete-the-default-workspaces-created-by-defender-for-cloud-)
 
-    - **Connect Azure VMs to a different workspace** - From the dropdown list, select the workspace to store collected data. The dropdown list includes all workspaces across all of your subscriptions. You can use this option to collect data from virtual machines running in different subscriptions and store it all in your selected workspace.  
+    - **Connect Azure VMs to a different workspace** - From the dropdown list, select the workspace to store collected data. The dropdown list includes all workspaces across all of your subscriptions. You can use this option to collect data from virtual machines running in different subscriptions and store it all in your selected workspace.
 
         If you already have an existing Log Analytics workspace, you might want to use the same workspace (requires read and write permissions on the workspace). This option is useful if you're using a centralized workspace in your organization and want to use it for security data collection. Learn more in [Manage access to log data and workspaces in Azure Monitor](../azure-monitor/logs/manage-access.md).
 

articles/defender-for-cloud/workload-protections-dashboard.md

@@ -25,7 +25,7 @@ Defender for Cloud includes many advanced threat protection capabilities for vir
 
 ## Insights
 
-Insights provide you with news, suggested reading, and high priority alerts that are relevant in your environment.  
+Insights provide you with news, suggested reading, and high priority alerts that are relevant in your environment.
 
 ## Next steps