Merge pull request #248330 from danielledennis/main

Inventory Deltas + Asset Change History

Author: v-dirichards

articles/external-attack-surface-management/media/change-history-1.png

@@ -259,6 +259,16 @@ The following fields are included in the table in the **Values** section on the
 
 Many organizations opt to obfuscate their registry information. Sometimes contact email addresses end in *@anonymised.email*. This placeholder is used instead of a real contact address. Many fields are optional during registration configuration, so any field with an empty value wasn't included by the registrant.
 
+
+
+### Change history 
+
+The "Change history" tab displays a list of modifications that have been applied to an asset over time. This information helps you track these changes over time and better understand the lifecycle of the asset.  This tab displays a variety of changes, including but not limited to asset states, labels and external IDs. For each change, we list the user who implemented the change and a timestamp. 
+
+[ ![Screenshot that shows the Change history tab.](media/change-history-1.png) ](media/change-history-1.png#lightbox)
+
+
+
 ## Next steps
 
 - [Understand dashboards](understanding-dashboards.md)

articles/external-attack-surface-management/media/inventory-changes-1.png

@@ -46,8 +46,19 @@ All assets are labeled as one of the following states:
 
 These asset states are uniquely processed and monitored to ensure that customers have clear visibility into the most critical assets by default. For instance, “Approved Inventory” assets are always represented in dashboard charts and are scanned daily to ensure data recency. All other kinds of assets are not included in dashboard charts by default; however, users can adjust their inventory filters to view assets in different states as needed. Similarly, "Candidate” assets are only scanned during the discovery process; it’s important to review these assets and change their state to “Approved Inventory” if they are owned by your organization.
 
+
+## Tracking inventory changes 
+
+Your attack surface is constantly changing, which is why Defender EASM continuously analyzes and updates your inventory to ensure accuracy.  Assets are frequently added and removed from inventory, so it's important to track these changes to understand your attack surface and identify key trends.  The inventory changes dashboard provides an overview of these changes, displaying the "added" and "removed" counts for each asset type. You can filter the dashboard by two date ranges: either the last 7 or 30 days. For a more granular view of these inventory changes, refer to the "Changes by date" section. 
+
+
+[ ![Screenshot of Inventory Changes screen.](media/inventory-changes-1.png)](media/inventory-changes-1.png#lightbox)
+
+
+
+
 ## Next steps
 
-- [Deploying the EASM Azure resource](deploying-the-defender-easm-azure-resource.md)
+- [Modifying inventory  assets](labeling-inventory-assets.md)
 - [Understanding asset details](understanding-asset-details.md)
 - [Using and managing discovery](using-and-managing-discovery.md)