Apply suggestions from code review

Co-authored-by: Catherine Watson <[email protected]>

Author: batamig

articles/sentinel/microsoft-sentinel-defender-portal.md

@@ -32,7 +32,7 @@ The following table describes the new or improved capabilities available in the
 | Capabilities      | Description              |
 | ----------------- | ------------------------ |
 | Advanced hunting  | Query from a single portal across different data sets to make hunting more efficient and remove the need for context-switching. Use Security Copilot to help generate your KQL. View and query all data including data from Microsoft security services and Microsoft Sentinel. Use all your existing Microsoft Sentinel workspace content, including queries and functions.<br><br>  For more information, see the following articles:<br>- [Advanced hunting in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2264410)<br>- [Security Copilot in advanced hunting](/defender-xdr/advanced-hunting-security-copilot) |
-| Case management | Manage SecOps cases natively in the Defender portal without losing security context. Define your own case workflow with custom status values. Assign tasks to collaborators and configure due dates. Handle escalations and complex cases by linking multiple incidents to a case.</br></br>For more information, see [Manage cases natively in the Microsoft Defender portal](/unified-secops-platform/cases-overview).
+| Case management | Manage SecOps cases natively in the Defender portal without losing security context. Define your own case workflow with custom status values. Assign tasks to collaborators and configure due dates. Handle escalations and complex cases by linking multiple incidents to a case.</br></br>For more information, see [Manage cases natively in Microsoft's unified security operations platforml](/unified-secops-platform/cases-overview).
 | Microsoft Copilot in Microsoft Defender | When investigating incidents in the Defender portal, <br>- [Summarize incidents](/defender-xdr/security-copilot-m365d-incident-summary) <br>- [Analyze scripts](/defender-xdr/security-copilot-m365d-script-analysis)<br>- [Analyze files](/defender-xdr/copilot-in-defender-file-analysis)<br>- [Create incident reports](/defender-xdr/security-copilot-m365d-create-incident-report) <br><br>When hunting for threats in advanced hunting, create ready-to-run KQL queries by using the query assistant. For more information, see [Microsoft Security Copilot in advanced hunting](/defender-xdr/advanced-hunting-security-copilot).|
 | SOC optimizations   | Get high-fidelity and actionable recommendations to help you identify areas to:<br>- Reduce costs <br>- Add security controls<br>- Add missing data<br>SOC optimizations are available in the Defender and Azure portals, are tailored to your environment, and are based on your current coverage and threat landscape.  <br><br>For more information, see the following articles:<br>- [Optimize your security operations](soc-optimization/soc-optimization-access.md) <br>- [Use SOC optimizations programmatically](soc-optimization/soc-optimization-api.md)<br>- [SOC optimization reference of recommendations](soc-optimization/soc-optimization-reference.md)  |
 
@@ -84,7 +84,7 @@ The following limitations also apply to Microsoft Sentinel in Defender portal wi
 
 ## Quick reference
 
-Some Microsoft Sentinel capabilities, like the unified incident queue, are integrated with Microsoft Defender XDR in the Defender portal. Many other Microsoft Sentinel capabilities are available in the **Microsoft Sentinel** section of the Defender portal.
+Some Microsoft Sentinel capabilities, like the unified incident queue, are integrated with Microsoft Defender XDR in Microsoft's unified security operations platform. Many other Microsoft Sentinel capabilities are available in the **Microsoft Sentinel** section of the Defender portal.
 
 The following image shows the **Microsoft Sentinel** menu in the Defender portal:
 

articles/sentinel/sap/deployment-attack-disrupt.md

@@ -17,7 +17,7 @@ ms.collection: usx-security
 
 Microsoft Defender XDR correlates millions of individual signals to identify active ransomware campaigns or other sophisticated attacks in the environment with high confidence. While an attack is in progress, Defender XDR disrupts the attack by automatically containing compromised assets that the attacker is using through automatic attack disruption. Automatic attack disruption limits lateral movement early on and reduces the overall impact of an attack, from associated costs to loss of productivity. At the same time, it leaves security operations teams in complete control of investigating, remediating, and bringing assets back online.
 
-When you add a new SAP system to Microsoft Sentinel, your default configuration includes attack disruption functionality in the Defender portal. This article describes how to ensure that your SAP system is ready to support automatic attack disruption for SAP in the Microsoft Defender portal.
+When you add a new SAP system to Microsoft Sentinel, your default configuration includes attack disruption functionality in Microsoft's unified security operations platform. This article describes how to ensure that your SAP system is ready to support automatic attack disruption for SAP in the Microsoft Defender portal.
 
 For a video demonstration of attack disruption for SAP, watch the following video:
 <br><br>
@@ -28,7 +28,7 @@ Content in this article is intended for your **security**, **infrastructure**, a
 > [!NOTE]
 > Attack disruption requires a data connector agent and isn't supported for the [SAP agentless solution](deployment-overview.md#data-connector) (limited preview).
 
-## Attack disruption for SAP in the Microsoft Defender portal
+## Attack disruption for SAP in Microsoft's unified security operations platform
 
 Attack disruption for SAP is configured by updating your data connector agent version and ensuring that the relevant roles are applied in Azure and your SAP system. However, automatic attack disruption itself surfaces only in the Microsoft Defender portal.
 

articles/sentinel/sap/update-sap-data-connector.md

@@ -88,7 +88,7 @@ Be sure to check for any other available updates, such as SAP change requests.
 
 ## Update your system for attack disruption
 
-Automatic attack disruption for SAP is supported in the Microsoft Defender portal, and requires:
+Automatic attack disruption for SAP is supported in Microsoft's unified security operations platform, and requires:
 
 - A workspace [onboarded to the Defender portal](../microsoft-sentinel-defender-portal.md).
 

articles/sentinel/sentinel-security-copilot.md

@@ -41,7 +41,7 @@ This integration primarily supports the standalone experience accessed through [
 
 Microsoft Sentinel data integrates with Security Copilot in two ways.
 
-- In the Defender portal, Copilot in Microsoft Defender XDR benefits from unified incidents integrated with Microsoft Sentinel.
+- In Microsoft's unified security operations platform, Copilot in Microsoft Defender XDR benefits from unified incidents integrated with Microsoft Sentinel.
 - In the standalone experience, Microsoft Sentinel provides two plugins to integrate with Security Copilot:
    <br>**Microsoft Sentinel (Preview)**
    <br>**Natural language to KQL for Microsoft Sentinel (Preview)**.

articles/sentinel/understand-threat-intelligence.md

@@ -125,7 +125,7 @@ For more information, see [Connect Microsoft Sentinel to STIX/TAXII threat intel
 
 ## Create and manage threat intelligence
 
-Threat intelligence powered by Microsoft Sentinel is managed next to Microsoft Defender Threat Intelligence (MDTI) and Threat Analytics in the Defender portal.
+Threat intelligence powered by Microsoft Sentinel is managed next to Microsoft Defender Threat Intelligence (MDTI) and Threat Analytics in Microsoft's unified SecOps platform.
 
 :::image type="content" source="media/understand-threat-intelligence/intel-management-defender-portal.png" alt-text="Screenshot showing intel management page in the Defender portal." lightbox="media/understand-threat-intelligence/intel-management-defender-portal.png":::