MicrosoftDocs
diff --git a/‎articles/defender-for-cloud/advanced-configurations-for-malware-scanning.md
Lines changed: 2 additions & 2 deletions b/‎articles/defender-for-cloud/advanced-configurations-for-malware-scanning.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/defender-for-cloud/concept-regulatory-compliance-standards.md
Lines changed: 2 additions & 2 deletions b/‎articles/defender-for-cloud/concept-regulatory-compliance-standards.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/defender-for-cloud/custom-security-policies.md
Lines changed: 8 additions & 7 deletions b/‎articles/defender-for-cloud/custom-security-policies.md
Lines changed: 8 additions & 7 deletions
diff --git a/‎articles/defender-for-cloud/exempt-resource.md
Lines changed: 0 additions & 3 deletions b/‎articles/defender-for-cloud/exempt-resource.md
Lines changed: 0 additions & 3 deletions
diff --git a/‎articles/defender-for-cloud/governance-rules.md
Lines changed: 52 additions & 30 deletions b/‎articles/defender-for-cloud/governance-rules.md
Lines changed: 52 additions & 30 deletions
diff --git a/‎articles/defender-for-cloud/implement-security-recommendations.md
Lines changed: 25 additions & 16 deletions b/‎articles/defender-for-cloud/implement-security-recommendations.md
Lines changed: 25 additions & 16 deletions
@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender for Storage - advanced configurations for malware scanning
 description: Learn about the advanced configurations of Microsoft Defender for Storage malware scanning
-ms.date: 08/21/2023
+ms.date: 11/20/2023
 author: dcurwin
 ms.author: dacurwin
 ms.topic: conceptual
@@ -118,7 +118,7 @@ Overriding the settings of the subscriptions are usually used for the following
 
 To configure the settings of individual storage accounts different from those configured on the subscription level using the Azure portal:
 
-1. Sign in to the Azure portal.
+1. Sign in to the [Azure portal](https://portal.azure.com/).
 
 1. Navigate to your storage account that you want to configure custom settings.
 
 
@@ -3,7 +3,7 @@ title: Regulatory compliance standards in Microsoft Defender for Cloud
 description: Learn about regulatory compliance standards in Microsoft Defender for Cloud
 ms.topic: conceptual
 ms.custom: ignite-2022
-ms.date: 01/10/2023
+ms.date: 11/27/2023
 ---
 
 # Regulatory compliance standards
@@ -61,7 +61,7 @@ You can drill down into controls to get information about resources that have pa
 By default, when you enable Defender for Cloud, the following standards are enabled:
 
 - **Azure**: The [Microsoft Cloud Security Benchmark (MCSB)](concept-regulatory-compliance.md) is enabled for Azure subscriptions.
-- **AWS**: AWS accounts get the [AWS Foundational Security Best Practices standard](https://docs.aws.amazon.com/securityhub/latest/userguide/fsbp-standard.html) assigned. This standard contains AWS-specific guidelines for security and compliance best practices based on common compliance frameworks. AWS accounts also have MCSB assigned by default.
+- **AWS**: AWS accounts get the [AWS Foundational Security Best Practices standard](https://docs.aws.amazon.com/securityhub/latest/userguide/fsbp-standard.html) and [Microsoft Cloud Security Benchmark (MCSB)](concept-regulatory-compliance.md) assigned by default. AWS Foundational Security Best Practices standard contains AWS-specific guidelines for security and compliance best practices based on common compliance frameworks.
 - **GCP**: GCP projects get the GCP Default standard assigned.
 
 
 
@@ -3,7 +3,7 @@ title: Create custom security standards for Azure resources in Microsoft Defende
 description: Learn how to create custom security standards for Azure resources in Microsoft Defender for Cloud
 ms.topic: how-to
 ms.custom: ignite-2023
-ms.date: 10/30/2023
+ms.date: 11/27/2023
 zone_pivot_groups: manage-asc-initiatives
 ---
 
@@ -34,27 +34,28 @@ Security recommendations in Microsoft Defender for Cloud help you to improve and
 
     :::image type="content" source="media/custom-security-policies/create-custom-standard.png" alt-text="Screenshot that shows how to create a custom security standard." lightbox="media/custom-security-policies/create-custom-standard.png":::
 
-1. In **Create a new standard** > **Basics**, enter a name and description. Make sure the name is unique. If you create a custom standard with the same name as an existing standard, it causes a conflict in the information displayed in the dashboard.
+1. Enter a name and description. 
+
+    > [!IMPORTANT]
+    > Make sure the name is unique. If you create a custom standard with the same name as an existing standard, it causes a conflict in the information displayed in the dashboard.
 
 1. Select **Next**.
 
 1. In **Recommendations**, select the recommendations that you want to add to the custom standard.
 
     :::image type="content" source="media/custom-security-policies/select-recommendations.png" alt-text="Screenshot that shows the list of all of the recommendations that are available to select for the custom standard." lightbox="media/custom-security-policies/select-recommendations.png":::
 
-1. (Optional) Select **...** > **Manage effect and parameters** to manage the effects and parameters of each recommendation, and save the setting.
+1. (Optional) Select the three dot button (**...**) > **Manage effect and parameters** to manage the effects and parameters of each recommendation, and save the setting.
 
 1. Select **Next**.
 
 1. In **Review + create**, select **Create**.
 
-Your new standard takes effect after you create it. Here's what you'll see:
+Your new standard takes effect after you create it. You can see the effects of your new standard:
 
-- In Defender for Cloud > **Regulatory compliance**, the compliance dashboard shows the new custom standard alongside existing standards.
+- On the Regulatory compliance page, you will see the new custom standard alongside existing standards.
 - If your environment doesn't align with the custom standard, you begin to receive recommendations to fix issues found in the **Recommendations** page.
 
-
-
 ## Create a custom recommendation
 
 If you want to create a custom recommendation for Azure resources, you currently need to do that in Azure Policy, as follows:
 
@@ -74,9 +74,6 @@ After creating the exemption it can take up to 30 minutes to take effect. After
 - If you've exempted specific resources, they'll be listed in the **Not applicable** tab of the recommendation details page.
 - If you've exempted a recommendation, it will be hidden by default on Defender for Cloud's recommendations page. This is because the default options of the **Recommendation status** filter on that page are to exclude **Not applicable** recommendations. The same is true if you exempt all recommendations in a security control.
 
-
-
-
 ## Next steps
 
 [Review exempted resources](review-exemptions.md) in Defender for Cloud. 
@@ -4,7 +4,7 @@ description: Learn how to drive remediation of security recommendations with gov
 services: defender-for-cloud
 ms.service: defender-for-cloud
 ms.topic: how-to
-ms.date: 10/29/2023
+ms.date: 11/27/2023
 ---
 
 # Drive remediation with governance rules
@@ -35,80 +35,102 @@ For tracking, you can review the progress of the remediation tasks by subscripti
 
 ## Before you begin
 
-- To use governance rules, the [Defender Cloud Security Posture Management (CSPM) plan](concept-cloud-security-posture-management.md) must be enabled.
-- You need **Contributor**, **Security Admin**, or **Owner** permissions on Azure subscriptions.
-- For AWS accounts and GCP projects,  you need **Contributor**, **Security Admin**, or **Owner** permissions on the Defender for Cloud AWS/GCP connectors. 
+- The [Defender Cloud Security Posture Management (CSPM) plan](concept-cloud-security-posture-management.md) must be enabled.
+- You need **Contributor**, **Security Admin**, or **Owner** permissions on the Azure subscriptions.
+- For AWS accounts and GCP projects,  you need **Contributor**, **Security Admin**, or **Owner** permissions on the Defender for Cloud AWS or GCP connectors. 
 
 
 ## Define a governance rule
 
-Define a governance rule as follows.
+**You can define a governance rule as follows**:
+
+1. Sign in to the [Azure portal](https://portal.azure.com).
+
+1. Navigate to **Microsoft Defender for Cloud** > **Environment settings** > **Governance rules**.
 
-1. In Defender for Cloud, open the **Environment settings** page, and select **Governance rules**.
 1. Select **Create governance rule**.
-1. In **Create governance rule** > **General details**, specify a rule name, and the scope in which the rule applies.
+
+    :::image type="content" source="./media/governance-rules/add-rule.png" alt-text="Screenshot of page for adding a governance rule." lightbox="media/governance-rules/add-rule.png":::
+
+1. Specify a rule name and scope in which to apply the rule.
 
     - Rules for management scope (Azure management groups, AWS master accounts, GCP organizations) are applied prior to the rules on a single scope.
     - You can define exclusions within the scope as needed.
 
-1. Priority is assigned automatically. Rules are run in priority order from the highest (1) to the lowest (1000).
-1. Specify a description to help you identify the rule. Then select **Next**.
+1. Set a priority level.
 
-    :::image type="content" source="./media/governance-rules/add-rule.png" alt-text="Screenshot of page for adding a governance rule." lightbox="media/governance-rules/add-rule.png":::
+    Rules are run in priority order from the highest (1) to the lowest (1000).
+
+1. Specify a description to help you identify the rule.
+
+1. Select **Next**
+
+1. Specify how recommendations are impacted by the rule.
 
-1. In the **Conditions** tab, specify how recommendations are impacted by the rule.
     - **By severity** - The rule assigns the owner and due date to any recommendation in the subscription that doesn't already have them assigned.
     - **By specific recommendations** - Select the specific built-in or custom recommendations that the rule applies to. 
-1. In **Set owner**, specify who's responsible for fixing recommendations covered by the rule.
+
+    :::image type="content" source="./media/governance-rules/create-rule-conditions.png" alt-text="Screenshot of page for adding conditions for a governance rule." lightbox="media/governance-rules/create-rule-conditions.png":::
+
+1. Set the owner to specify who's responsible for fixing recommendations covered by the rule.
+
     - **By resource tag** - Enter the resource tag on your resources that defines the resource owner.
     - **By email address** - Enter the email address of the owner to assign to the recommendations.
 
-1. In **Set remediation timeframe**, specify the time that can elapse between when resources are identified as requiring remediation, and the time that the remediation is due.
-1. For recommendations issued by MCSB, if you don't want the resources to affect your secure score until they're overdue, select **Apply grace period**.
-1. By default owners and their managers are notified weekly about open and overdue tasks. If you don't want them to receive these weekly emails, clear the notification options.
-1. Select **Create**.
+1. Specify  remediation time frame to set the time that can elapse between when resources are identified as requiring remediation, and the time that the remediation is due.
 
-    :::image type="content" source="./media/governance-rules/create-rule-conditions.png" alt-text="Screenshot of page for adding conditions for a governance rule." lightbox="media/governance-rules/create-rule-conditions.png":::
+    For recommendations issued by MCSB, if you don't want the resources to affect your secure score until they're overdue, select **Apply grace period**.
 
+1. (Optional) By default owners and their managers are notified weekly about open and overdue tasks. If you don't want them to receive these weekly emails, clear the notification options.
 
-- If there are existing recommendations that match the definition of the governance rule, you can either:
+1. Select **Create**.
+
+If there are existing recommendations that match the definition of the governance rule, you can either:
 
-    - Assign an owner and due date to recommendations that don't already have an owner or due date.
-    - Overwrite the owner and due date of existing recommendations.
-- When you delete or disable a rule, all existing assignments and notifications remain.
+- Assign an owner and due date to recommendations that don't already have an owner or due date.
 
+- Overwrite the owner and due date of existing recommendations.
+
+When you delete or disable a rule, all existing assignments and notifications remain.
 
 ## View effective rules
 
 You can view the effect of government rules in your environment.
 
-1. In the Defender for Cloud portal, open the **Governance rules** page.
+1. Sign in to the [Azure portal](https://portal.azure.com).
+
+1. Navigate to **Microsoft Defender for Cloud** > **Environment settings** > **Governance rules**.
+
 1. Review governance rules. The default list shows all the governance rules applicable in your environment.
+
 1. You can search for rules, or filter rules.
+
      - Filter on **Environment** to identify rules for Azure, AWS, and GCP.
+     
      - Filter on rule name, owner, or time between the recommendation being issued and due date.
+     
      - Filter on **Grace period** to find MCSB recommendations that won't affect your secure score.
+     
      - Identify by status.
 
         :::image type="content" source="./media/governance-rules/view-filter-rules.png" alt-text="Screenshot of page for viewing and filtering rules." lightbox="media/governance-rules/view-filter-rules.png":::
 
+## Review the governance report
 
+The governance report lets you select subscriptions that have governance rules and, for each rule and owner, shows you how many recommendations are completed, on time, overdue, or unassigned.
 
+1. Sign in to the [Azure portal](https://portal.azure.com).
 
+1. Navigate to **Microsoft Defender for Cloud** > **Environment settings** > **Governance rules** >**Governance report**.
 
-## Review the governance report
+    :::image type="content" source="media/governance-rules/governance-report.png" alt-text="Screenshot of the  governance rules page that shows where the governance report button is located." lightbox="media/governance-rules/governance-report.png":::
 
-The governance report lets you select subscriptions that have governance rules and, for each rule and owner, shows you how many recommendations are completed, on time, overdue, or unassigned.
-
-1. In Defender for Cloud > **Environment settings** > **Governance rules**, select **Governance report**.
-1. In **Governance**, select a subscription.
+1. Select a subscription.
 
      :::image type="content" source="./media/governance-rules/governance-in-workbook.png" alt-text="Screenshot of governance status by rule and owner in the governance workbook." lightbox="media/governance-rules/governance-in-workbook.png":::
 
-1. From the governance report, you drill down into recommendations by rule and owner.
-
+From the governance report, you can drill down into recommendations by scope, display name, priority, remediation timeframe, owner type, owner details, grace period and cloud.
 
 ## Next steps
 
-
 Learn how to [Implement security recommendations](implement-security-recommendations.md).
@@ -4,8 +4,9 @@ description: Learn how to remediate security recommendations in Microsoft Defend
 ms.topic: how-to
 ms.author: dacurwin
 author: dcurwin
-ms.date: 11/08/2023
+ms.date: 11/22/2023
 ---
+
 # Remediate security recommendations
 
 Resources and workloads protected by Microsoft Defender for Cloud are assessed against built-in and custom security standards enabled in your Azure subscriptions, AWS accounts, and GCP projects. Based on those assessments, security recommendations provide practical steps to remediate security issues, and improve security posture.
@@ -16,6 +17,11 @@ This article describes how to remediate security recommendations in your Defende
 
 Before you attempt to remediate a recommendation you should review it in detail. Learn how to [review security recommendations](review-security-recommendations.md).
 
+> [!IMPORTANT]
+> This page discusses how to use the new recommendations experience where you have the ability to prioritize your recommendations by their effective risk level. To view this experience, you must select **Try it now**.
+>
+> :::image type="content" source="media/review-security-recommendations/try-it-now.png" alt-text="Screenshot that shows where the try it now button is located on the recommendation page." lightbox="media/review-security-recommendations/try-it-now.png":::
+
 ## Group recommendations by risk level
 
 Before you start remediating, we recommend grouping your recommendations by risk level in order to remediate the most critical recommendations first.
@@ -30,43 +36,46 @@ Before you start remediating, we recommend grouping your recommendations by risk
 
     Recommendations are displayed in groups of risk levels.
 
-1. Review critical and other recommendations to understand the recommendation and remediation steps. Use the graph to understand the risk to your business, including which resources are exploitable, and the effect that the recommendation has on your business.
-
+You can now review critical and other recommendations to understand the recommendation and remediation steps. Use the graph to understand the risk to your business, including which resources are exploitable, and the effect that the recommendation has on your business.
 
 ## Remediate recommendations
 
 After reviewing recommendations by risk, decide which one to remediate first.
 
 In addition to risk level, we recommend that you prioritize the security controls in the default [Microsoft Cloud Security Benchmark (MCSB)](concept-regulatory-compliance.md) standard in Defender for Cloud, since these controls affect your [secure score](secure-score-security-controls.md).
 
+1. Sign in to the [Azure portal](https://portal.azure.com).
 
-1. In the **Recommendations** page, select the recommendation you want to remediate.
+1. Navigate to **Microsoft Defender for Cloud** > **Recommendations**.
 
-1. In the recommendation details page, select **Take action** > **Remediate**.
-1. Follow the remediation instructions.
+1. Select a recommendation to remediate.
 
-    As an example, the following screenshot shows remediation steps for configuring applications to only allow traffic over HTTPS.
+1. Select **Take action** 
 
-    :::image type="content" source="./media/implement-security-recommendations/security-center-remediate-recommendation.png" alt-text="This screenshots shows manual remediation steps for a recommendation." lightbox="./media/implement-security-recommendations/security-center-remediate-recommendation.png":::
+1. Locate the Remediate section and follow the remediation instructions.
 
-1. Once completed, a notification appears informing you whether the issue is resolved.
+    :::image type="content" source="./media/implement-security-recommendations/security-center-remediate-recommendation.png" alt-text="This screenshot shows manual remediation steps for a recommendation." lightbox="./media/implement-security-recommendations/security-center-remediate-recommendation.png":::
 
 ## Use the Fix option
 
-To simplify remediation and improve your environment's security (and increase your secure score), many recommendations include a **Fix** option to help you quickly remediate a recommendation on multiple resources.
+To simplify remediation and improve your environment's security (and increase your secure score), many recommendations include a **Fix** option to help you quickly remediate a recommendation on multiple resources. If the Fix button is not present in the recommendation, then there is no option to apply a quick fix. 
+
+**To remediate a recommendation with the Fix button**:
+
+1. Sign in to the [Azure portal](https://portal.azure.com).
+
+1. Navigate to **Microsoft Defender for Cloud** > **Recommendations**.
+
+1. Select a recommendation to remediate.
 
-1. In the **Recommendations**  page, select a recommendation that shows the **Fix** action icon: :::image type="icon" source="media/implement-security-recommendations/fix-icon.png" border="false":::.
+1. Select **Take action** > **Fix**.
 
     :::image type="content" source="./media/implement-security-recommendations/microsoft-defender-for-cloud-recommendations-fix-action.png" alt-text="This screenshot shows recommendations with the Fix action" lightbox="./media/implement-security-recommendations/microsoft-defender-for-cloud-recommendations-fix-action.png":::
 
-1. In **Take action**, select **Fix**.
 1. Follow the rest of the remediation steps.
 
-
-After remediation completes, it can take several minutes to see the resources appear in the **Findings** tab when the status is filtered to view **Healthy** resources. 
+After remediation completes, it can take several minutes for the change to take place.
 
 ## Next steps
 
 [Learn about](governance-rules.md) using governance rules in your remediation processes.
-
-