Merge pull request #108798 from memildin/asc-melvyn-20200129

Revised VA docs with a bunch of additions

Author: PRMerger19

articles/security-center/built-in-vulnerability-assessment.md

@@ -22,7 +22,7 @@ The vulnerability scanner included with Azure Security Center is powered by Qual
 This feature is currently in preview.  
 
 > [!NOTE]
-> Security Center supports the integration of tools from other vendors, but you'll need to handle the licensing costs, deployment, and configuration. For more information, see [Deploying a partner vulnerability scanning solution](partner-vulnerability-assessment.md).
+> Security Center supports the integration of tools from other vendors, but you'll need to handle the licensing costs, deployment, and configuration. For more information, see [Deploying a partner vulnerability scanning solution](partner-vulnerability-assessment.md). You can also use those instructions to integrate your organization's own Qualys license, if you choose not to use the built-in vulnerability scanner included with Azure Security Center.
 
 ## Deploying the Qualys built-in vulnerability scanner (Standard tier only)
 
@@ -93,12 +93,22 @@ To see the findings and remediate the identified vulnerability:
 1. To remediate a finding, follow the remediation steps from this details pane.
 
 
+
+## Exporting results
+
+To export vulnerability assessment results, you'll need to use [Azure Resource Graph](https://azure.microsoft.com/features/resource-graph/) (ARG). This tool provides instant access to resource information across your cloud environments with robust filtering, grouping, and sorting capabilities. It's a quick and efficient way to query information across Azure subscriptions programmatically or from within the Azure portal.
+
+For full instructions and a sample ARG query, see this Tech Community post: [Exporting Vulnerability Assessment Results in Azure Security Center](https://techcommunity.microsoft.com/t5/azure-security-center/exporting-vulnerability-assessment-results-in-azure-security/ba-p/1212091).
+
+
 ## Built-in Qualys vulnerability scanner FAQ
 
 ### Are there any additional charges for the Qualys license?
-No. The built-in scanner is free to all Standard tier users. The "Enable the built-in vulnerability assessment solution on virtual machines (powered by Qualys)" recommendation deploys a scanner that includes all the necessary licensing and configuration information. No additional licenses are required. 
+No. The built-in scanner is free to all standard tier users. The "Enable the built-in vulnerability assessment solution on virtual machines (powered by Qualys)" recommendation deploys a scanner that includes all the necessary licensing and configuration information. No additional licenses are required. 
 
 ### What permissions are required to install the Qualys extension?
+You'll need write permissions for any VM on which you want to deploy the extension.
+
 The Azure Security Center Vulnerability Assessment extension (powered by Qualys), like other extensions, runs on top of the Azure Virtual Machine agent. So it runs as Local Host on Windows, and Root on Linux.
 
 ### Can I remove the Security Center Qualys extension? 
@@ -151,7 +161,7 @@ When you open the recommendation, you'll see your VMs in one or more of the foll
 The scanner is running on your virtual machine and looking for vulnerabilities of the VM itself. From the virtual machine, it can't scan your network.
 
 ### Does the scanner integrate with my existing Qualys console?
-The Security Center extension is a separate tool from your existing Qualys scanner and, because of licensing restrictions, can only be used within Azure Security Center.
+The Security Center extension is a separate tool from your existing Qualys scanner and, because of licensing restrictions, must be used within Azure Security Center.
 
 ### Microsoft Defender Advanced Threat Protection also includes Threat & Vulnerability Management (TVM). How is the Security Center Vulnerability Assessment extension different?
 Microsoft is actively developing world-class vulnerability management with Microsoft Defender ATP's Threat & Vulnerability Management solution, built into Windows.

articles/security-center/partner-vulnerability-assessment.md

@@ -15,9 +15,11 @@ ms.author: memildin
 
 ---
 
-# Deploying a partner vulnerability scanning solution (Free tier users only)
+# Deploying a partner vulnerability scanning solution
 
-Customers on the Free tier can choose to deploy vulnerability assessment solutions from [Qualys](https://www.qualys.com/lp/azure) and [Rapid7](https://www.rapid7.com/products/insightvm/). You can install the solution on multiple VMs. The VMs must belong to the same subscription.
+If you're on the standard tier, you're able to use Azure Security Center's built-in vulnerability assessment tool as described in [Integrated vulnerability scanner for virtual machines](built-in-vulnerability-assessment.md). This tool doesn't require a Qualys license or even a Qualys account - everything's handled seamlessly inside Security Center.
+
+Alternatively, you might want to deploy your own privately-licensed vulnerability assessment solution from [Qualys](https://www.qualys.com/lp/azure) or [Rapid7](https://www.rapid7.com/products/insightvm/). You can install one of these partner solutions on multiple VMs that belong to the same subscription.
 
 ## Configuring a partner solution
 
@@ -40,7 +42,7 @@ Customers on the Free tier can choose to deploy vulnerability assessment solutio
     To deploy the agent from Security Center, you need a license code and public key from the vendor. To learn how to get the license code and public key, see the [Qualys documentation](https://community.qualys.com/docs/DOC-5823-deploying-qualys-cloud-agents-from-microsoft-azure-security-center) or [Rapid7 documentation](https://insightvm.help.rapid7.com/docs/azure-security-center).
 
 
-1. To create a new assessment, click **Create new**. The partner’s **vulnerability management** page opens. The options shown on this page might change depending on the partner.
+1. To create a new assessment, click **Create new**. The partner's **vulnerability management** page opens. The options shown on this page might change depending on the partner.
 
     ![Create a new vulnerability assessment solution](./media/security-center-vulnerability-assessment-recommendations/security-center-vulnerability-assessment-fig4-new.png)
 

articles/security-center/security-center-vulnerability-assessment-recommendations.md

@@ -21,9 +21,9 @@ A core component of every cyber risk and security program is the identification
 
 Security Center presents one of two recommendations if it doesn't find a vulnerability assessment solution installed on a VM:
 
-* **For standard tier users**, a recommendation offers to install an Azure Security Center Vulnerability Assessment extension (powered by Qualys) for you at no additional cost. This extension reports its findings directly back to Security Center. To learn more, see [Integrated vulnerability scanner for virtual machines](built-in-vulnerability-assessment.md).
+- **Enable the built-in vulnerability assessment solution on virtual machines (powered by Qualys)** - This recommendation only appears standard tiers. It's an invitation to install an Azure Security Center Vulnerability Assessment extension (powered by Qualys) for you at no additional cost. This extension reports its findings directly back to Security Center. To learn more, see [Integrated vulnerability scanner for virtual machines](built-in-vulnerability-assessment.md).
 
-* **For users on the free tier**, Security Center recommends that you install a partner solution. You'll need to purchase a license for your chosen solution separately. Supported solutions report vulnerability data to the partner’s management platform. In turn, that platform provides vulnerability and health monitoring data back to Security Center. You can identify vulnerable VMs on the Security Center dashboard. Switch to the partner management console directly from Security Center for additional reports and information. To learn more, see [Deploying a partner vulnerability scanning solution](partner-vulnerability-assessment.md).
+- **Vulnerability assessment solution should be installed on your virtual machines** - This recommendation appears for both standard and free tiers. Use this recommendation to install any of the supported partner solutions. You'll need to purchase a license for your chosen solution separately. Supported solutions report vulnerability data to the partner's management platform. In turn, that platform provides vulnerability and health monitoring data back to Security Center. You can identify vulnerable VMs on the Security Center dashboard. Switch to the partner management console directly from Security Center for additional reports and information. To learn more, see [Deploying a partner vulnerability scanning solution](partner-vulnerability-assessment.md).
 
 Security Center also offers vulnerability analysis for your: