MicrosoftDocs
diff --git a/‎articles/active-directory/saas-apps/autotaskendpointbackup-tutorial.md
Lines changed: 3 additions & 3 deletions b/‎articles/active-directory/saas-apps/autotaskendpointbackup-tutorial.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/active-directory/saas-apps/carlsonwagonlit-tutorial.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/saas-apps/carlsonwagonlit-tutorial.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/active-directory/saas-apps/wikispaces-tutorial.md
Lines changed: 2 additions & 2 deletions b/‎articles/active-directory/saas-apps/wikispaces-tutorial.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/advisor/security-baseline.md
Lines changed: 11 additions & 11 deletions b/‎articles/advisor/security-baseline.md
Lines changed: 11 additions & 11 deletions
diff --git a/‎articles/app-service/app-service-authentication-how-to.md
Lines changed: 1 addition & 1 deletion b/‎articles/app-service/app-service-authentication-how-to.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/app-service/security-baseline.md
Lines changed: 3 additions & 3 deletions b/‎articles/app-service/security-baseline.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/automation/automation-hrw-run-runbooks.md
Lines changed: 1 addition & 1 deletion b/‎articles/automation/automation-hrw-run-runbooks.md
Lines changed: 1 addition & 1 deletion
@@ -102,7 +102,7 @@ To configure Azure AD single sign-on with Autotask Endpoint Backup, perform the
     `https://<subdomain>.backup.autotask.net/singlesignon/saml/SSO`
 
     > [!NOTE]
-    > These values are not real. Update these values with the actual Identifier and Reply URL. Contact [Autotask Endpoint Backup Client support team](https://backup.autotask.net/help/Content/0_HOME/_AutotaskCustomerSupport.htm) to get these values. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
+    > These values are not real. Update these values with the actual Identifier and Reply URL. Contact [Autotask Endpoint Backup Client support team](https://backup.autotask.net/help/Content/0_HOME/Support_for_End_Clients.htm) to get these values. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
 
 5. On the **Set up Single Sign-On with SAML** page, in the **SAML Signing Certificate** section, click **Download** to download the **Federation Metadata XML** from the given options as per your requirement and save it on your computer.
 
@@ -120,7 +120,7 @@ To configure Azure AD single sign-on with Autotask Endpoint Backup, perform the
 
 ### Configure Autotask Endpoint Backup Single Sign-On
 
-To configure single sign-on on **Autotask Endpoint Backup** side, you need to send the downloaded **Federation Metadata XML** and appropriate copied URLs from Azure portal to [Autotask Endpoint Backup support team](https://backup.autotask.net/help/Content/0_HOME/_AutotaskCustomerSupport.htm). They set this setting to have the SAML SSO connection set properly on both sides.
+To configure single sign-on on **Autotask Endpoint Backup** side, you need to send the downloaded **Federation Metadata XML** and appropriate copied URLs from Azure portal to [Autotask Endpoint Backup support team](https://backup.autotask.net/help/Content/0_HOME/Support_for_End_Clients.htm). They set this setting to have the SAML SSO connection set properly on both sides.
 
 ### Create an Azure AD test user 
 
@@ -175,7 +175,7 @@ In this section, you enable Britta Simon to use Azure single sign-on by granting
 
 ### Create Autotask Endpoint Backup test user
 
-In this section, you create a user called Britta Simon in Autotask Endpoint Backup. Work with [Autotask Endpoint Backup support team](https://backup.autotask.net/help/Content/0_HOME/_AutotaskCustomerSupport.htm) to add the users in the Autotask Endpoint Backup platform. Users must be created and activated before you use single sign-on.
+In this section, you create a user called Britta Simon in Autotask Endpoint Backup. Work with [Autotask Endpoint Backup support team](https://backup.autotask.net/help/Content/0_HOME/Support_for_End_Clients.htm) to add the users in the Autotask Endpoint Backup platform. Users must be created and activated before you use single sign-on.
 
 ### Test single sign-on
 
 
@@ -114,7 +114,7 @@ To configure Azure AD single sign-on with Carlson Wagonlit Travel, perform the f
 
 ### Configure Carlson Wagonlit Travel Single Sign-On
 
-To configure single sign-on on **Carlson Wagonlit Travel** side, you need to send the downloaded **Federation Metadata XML** and appropriate copied URLs from Azure portal to [Carlson Wagonlit Travel support team](http://www.carlsonwagonlit.in/content/cwt/in/en/technical-assistance.html). They set this setting to have the SAML SSO connection set properly on both sides.
+To configure single sign-on on **Carlson Wagonlit Travel** side, you need to send the downloaded **Federation Metadata XML** and appropriate copied URLs from Azure portal to [Carlson Wagonlit Travel support team](https://www.mycwt.com/traveler-help/). They set this setting to have the SAML SSO connection set properly on both sides.
 
 ### Create an Azure AD test user
 
@@ -169,7 +169,7 @@ In this section, you enable Britta Simon to use Azure single sign-on by granting
 
 ### Create Carlson Wagonlit Travel test user
 
-In this section, you create a user called Britta Simon in Carlson Wagonlit Travel. Work with [Carlson Wagonlit Travel support team](http://www.carlsonwagonlit.in/content/cwt/in/en/technical-assistance.html) to add the users in the Carlson Wagonlit Travel platform. Users must be created and activated before you use single sign-on.
+In this section, you create a user called Britta Simon in Carlson Wagonlit Travel. Work with [Carlson Wagonlit Travel support team](https://www.mycwt.com/traveler-help/) to add the users in the Carlson Wagonlit Travel platform. Users must be created and activated before you use single sign-on.
 
 ### Test single sign-on 
 
 
@@ -102,7 +102,7 @@ To configure Azure AD single sign-on with Wikispaces, perform the following step
     `https://session.wikispaces.net/<instancename>`
 
 	> [!NOTE]
-	> These values are not real. Update these values with the actual Sign on URL and Identifier. Contact [Wikispaces Client support team](https://www.wikispaces.com/site/help) to get these values. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
+	> These values are not real. Update these values with the actual Sign on URL and Identifier. Contact [Wikispaces Client support team](https://wikispaces.psu.edu/) to get these values. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
 
 5. On the **Set up Single Sign-On with SAML** page, in the **SAML Signing Certificate** section, click **Download** to download the **Federation Metadata XML** from the given options as per your requirement and save it on your computer.
 
@@ -120,7 +120,7 @@ To configure Azure AD single sign-on with Wikispaces, perform the following step
 
 ### Configure Wikispaces Single Sign-On
 
-To configure single sign-on on **Wikispaces** side, you need to send the downloaded **Federation Metadata XML** and appropriate copied URLs from Azure portal to [Wikispaces support team](https://www.wikispaces.com/site/help). They set this setting to have the SAML SSO connection set properly on both sides.
+To configure single sign-on on **Wikispaces** side, you need to send the downloaded **Federation Metadata XML** and appropriate copied URLs from Azure portal to [Wikispaces support team](https://wikispaces.psu.edu/). They set this setting to have the SAML SSO connection set properly on both sides.
 
 ### Create an Azure AD test user 
 
 
@@ -142,7 +142,7 @@ Note that some Azure services support local users and roles which are not manage
 
 - [Create an access review of Azure resource roles in Privileged Identity Management (PIM)](../active-directory/privileged-identity-management/pim-resource-roles-start-access-review.md) 
 
-- [How to use Azure AD identity and access reviews](/azure/active-directory/governance/access-reviews-overvie)
+- [How to use Azure AD identity and access reviews](/azure/active-directory/governance/access-reviews-overview)
 
 **Azure Security Center monitoring**: Not applicable
 
@@ -218,7 +218,7 @@ Use Azure Conditional Access to limit a user's ability to interact with Azure Re
 
 ## Logging and Threat Detection
 
-*For more information, see the [Azure Security Benchmark: Logging and Threat Detection](/azure/security/benchmarks/security-controls-v2-logging-threat-protection).*
+*For more information, see the [Azure Security Benchmark: Logging and Threat Detection](/azure/security/benchmarks/security-controls-v2-logging-threat-detection).*
 
 ### LT-4: Enable logging for Azure resources
 
@@ -370,7 +370,7 @@ Use workflow automation features in Azure Security Center and Azure Sentinel to
 
 ## Posture and Vulnerability Management
 
-*For more information, see the [Azure Security Benchmark: Posture and Vulnerability Management](/azure/security/benchmarks/security-controls-v2-vulnerability-management).*
+*For more information, see the [Azure Security Benchmark: Posture and Vulnerability Management](/azure/security/benchmarks/security-controls-v2-posture-vulnerability-management).*
 
 ### PV-8: Conduct regular attack simulation
 
@@ -420,9 +420,9 @@ For more information, see the following references:
 
 - [Cloud Adoption Framework - Azure data security and encryption best practices](../security/fundamentals/data-encryption-best-practices.md?amp;bc=%2fazure%2fcloud-adoption-framework%2f_bread%2ftoc.json&toc=%2fazure%2fcloud-adoption-framework%2ftoc.json)
 
-- [Azure Security Benchmark - Asset management](/azure/security/benchmarks/security-benchmark-v2-asset-management)
+- [Azure Security Benchmark - Asset management](/azure/security/benchmarks/security-controls-v2-asset-management)
 
-- [Azure Security Benchmark - Data Protection](/azure/security/benchmarks/security-benchmark-v2-data-protection)
+- [Azure Security Benchmark - Data Protection](/azure/security/benchmarks/security-controls-v2-data-protection)
 
 **Azure Security Center monitoring**: Not applicable
 
@@ -450,7 +450,7 @@ Ensure that the segmentation strategy is implemented consistently across control
 
 **Guidance**: Continuously measure and mitigate risks to your individual assets and the environment they are hosted in. Prioritize high value assets and highly-exposed attack surfaces, such as published applications, network ingress and egress points, user and administrator endpoints, etc.
 
-- [Azure Security Benchmark - Posture and vulnerability management](/azure/security/benchmarks/security-benchmark-v2-posture-vulnerability-management)
+- [Azure Security Benchmark - Posture and vulnerability management](/azure/security/benchmarks/security-controls-v2-posture-vulnerability-management)
 
 **Azure Security Center monitoring**: Not applicable
 
@@ -491,7 +491,7 @@ This strategy should include documented guidance, policy, and standards for the
 For more information, see the following references:
 - [Azure Security Best Practice 11 - Architecture. Single unified security strategy](/azure/cloud-adoption-framework/security/security-top-10#11-architecture-establish-a-single-unified-security-strategy)
 
-- [Azure Security Benchmark - Network Security](/azure/security/benchmarks/security-benchmark-v2-network-security)
+- [Azure Security Benchmark - Network Security](/azure/security/benchmarks/security-controls-v2-network-security)
 
 - [Azure network security overview](../security/fundamentals/network-overview.md)
 
@@ -519,9 +519,9 @@ This strategy should include documented guidance, policy, and standards for the
 
 Review the referenced links for more information.
 
-- [Azure Security Benchmark - Identity management](/azure/security/benchmarks/security-benchmark-v2-identity-management)
+- [Azure Security Benchmark - Identity management](/azure/security/benchmarks/security-controls-v2-identity-management)
 
-- [Azure Security Benchmark - Privileged access](/azure/security/benchmarks/security-benchmark-v2-privileged-access)
+- [Azure Security Benchmark - Privileged access](/azure/security/benchmarks/security-controls-v2-privileged-access)
 
 - [Azure Security Best Practice 11 - Architecture. Single unified security strategy](/azure/cloud-adoption-framework/security/security-top-10#11-architecture-establish-a-single-unified-security-strategy)
 
@@ -553,9 +553,9 @@ This strategy should include documented guidance, policy, and standards for the
 
 For more information, see the following references:
 
-- [Azure Security Benchmark - Logging and threat detection](/azure/security/benchmarks/security-benchmark-v2-logging-threat-detection)
+- [Azure Security Benchmark - Logging and threat detection](/azure/security/benchmarks/security-controls-v2-logging-threat-detection)
 
-- [Azure Security Benchmark - Incident response](/azure/security/benchmarks/security-benchmark-v2-incident-response)
+- [Azure Security Benchmark - Incident response](/azure/security/benchmarks/security-controls-v2-incident-response)
 
 - [Azure Security Best Practice 4 - Process. Update Incident Response Processes for Cloud](/azure/cloud-adoption-framework/security/security-top-10#4-process-update-incident-response-ir-processes-for-cloud)
 
 
@@ -167,7 +167,7 @@ When your provider's access token (not the [session token](#extend-session-token
 
 - **Google**: Append an `access_type=offline` query string parameter to your `/.auth/login/google` API call. If using the Mobile Apps SDK, you can add the parameter to one of the `LogicAsync` overloads (see [Google Refresh Tokens](https://developers.google.com/identity/protocols/OpenIDConnect#refresh-tokens)).
 - **Facebook**: Doesn't provide refresh tokens. Long-lived tokens expire in 60 days (see [Facebook Expiration and Extension of Access Tokens](https://developers.facebook.com/docs/facebook-login/access-tokens/expiration-and-extension)).
-- **Twitter**: Access tokens don't expire (see [Twitter OAuth FAQ](https://developer.twitter.com/en/docs/basics/authentication/FAQ)).
+- **Twitter**: Access tokens don't expire (see [Twitter OAuth FAQ](https://developer.twitter.com/en/docs/authentication/faq)).
 - **Microsoft Account**: When [configuring Microsoft Account Authentication Settings](configure-authentication-provider-microsoft.md), select the `wl.offline_access` scope.
 - **Azure Active Directory**: In [https://resources.azure.com](https://resources.azure.com), do the following steps:
     1. At the top of the page, select **Read/Write**.
 
@@ -167,7 +167,7 @@ Review the referenced links for additional information.
 
 - [How to configure end-to-end TLS by using Application Gateway with the portal](../application-gateway/end-to-end-ssl-portal.md)
 
-- [Secure the ASE as described in Locking down an App Service](https://review.docs.microsoft.com/azure/app-service/environment/firewall-integrationEnvironment:)
+- [Secure the ASE as described in Locking down an App Service](/azure/app-service/environment/firewall-integration)
 
 **Azure Security Center monitoring**: Yes
 
@@ -204,7 +204,7 @@ Review the referenced links for additional information.
 
 - [How to configure end-to-end TLS by using Application Gateway with the portal](../application-gateway/end-to-end-ssl-portal.md)
 
-- [Secure the ASE as described in Locking down an App Service](https://review.docs.microsoft.com/azure/app-service/environment/firewall-integrationEnvironment:)
+- [Secure the ASE as described in Locking down an App Service](/azure/app-service/environment/firewall-integration)
 
 **Azure Security Center monitoring**: Not applicable
 
@@ -220,7 +220,7 @@ Apply any of the built-in Azure Policy definitions related to tagging effects, s
 
 - [How to create and use tags](../azure-resource-manager/management/tag-resources.md)
 
-- [Azure App Service Access Restrictions](/azure/app-service/app-service-ip-restriction)
+- [Azure App Service Access Restrictions](/azure/app-service/app-service-ip-restrictions)
 
 **Azure Security Center monitoring**: Not applicable
 
 
@@ -17,7 +17,7 @@ When you author a runbook to run on a Hybrid Runbook Worker, you should edit and
 
 Azure Automation handles jobs on Hybrid Runbook Workers differently from jobs run in Azure sandboxes. If you have a long-running runbook, make sure that it's resilient to possible restart. For details of the job behavior, see [Hybrid Runbook Worker jobs](automation-hybrid-runbook-worker.md#hybrid-runbook-worker-jobs).
 
-Jobs for Hybrid Runbook Workers run under the local **System** account on Windows, or the **nxautomation** account on Linux. For Linux, verify the **nxautomation** account has access to the location where the runbook modules are stored. When you use the [Install-Module](/powershell/module/powershellget/install-module) cmdlet, be sure to specify AllUsers for the `Scope` parameter to ensure that the **nxautomation** account has access. For more information on PowerShell on Linux, see [Known Issues for PowerShell on Non-Windows Platforms](/powershell/scripting/whats-new/known-issues-ps6#known-issues-for-powershell-on-non-windows-platforms).
+Jobs for Hybrid Runbook Workers run under the local **System** account on Windows, or the **nxautomation** account on Linux. For Linux, verify the **nxautomation** account has access to the location where the runbook modules are stored. When you use the [Install-Module](/powershell/module/powershellget/install-module) cmdlet, be sure to specify AllUsers for the `Scope` parameter to ensure that the **nxautomation** account has access. For more information on PowerShell on Linux, see [Known Issues for PowerShell on Non-Windows Platforms](/powershell/scripting/whats-new/what-s-new-in-powershell-70?view=powershell-7.1).
 
 ## Configure runbook permissions