Update storage-files-planning.md

Updated the content of Defender for Storage following customer's feedback

Author: Eitan-Shteinberg

articles/storage/files/storage-files-planning.md

@@ -134,12 +134,15 @@ You can back up your Azure file share via [share snapshots](./storage-snapshots-
 
 You can perform both item-level and share-level restores in the Azure portal using Azure Backup. All you need to do is choose the restore point (a particular snapshot), the particular file or directory if relevant, and then the location (original or alternate) you wish you restore to. The backup service handles copying the snapshot data over and shows your restore progress in the portal.
 
-For more information about backup, see [About Azure file share backup](../../backup/azure-file-share-backup-overview.md?toc=/azure/storage/files/toc.json).
-
 ### Protect Azure Files with Microsoft Defender for Storage
-Microsoft Defender for Storage provides an additional layer of security intelligence that generates alerts when it detects anomalous activity on your storage account, for example unusual access attempts. It also runs malware hash reputation analysis and will alert on known malware. You can configure Microsoft Defender for Storage at the subscription or storage account level via Microsoft Defender for Cloud.
 
-For more information, see [Introduction to Microsoft Defender for Storage](../../defender-for-cloud/defender-for-storage-introduction.md).
+Microsoft Defender for Storage is an Azure-native layer of security intelligence that detects potential threats to your storage accounts. It provides comprehensive security by analyzing the data plane and control plane telemetry generated by [Azure Blob Storage](https://azure.microsoft.com/services/storage/blobs/), [Azure Files](https://azure.microsoft.com/products/storage/files/), and [Azure Data Lake Storage](https://azure.microsoft.com/products/storage/data-lake-storage) services. It uses advanced threat detection capabilities powered by [Microsoft Threat Intelligence](https://go.microsoft.com/fwlink/?linkid=2128684) to provide contextual security alerts, including steps to mitigate the detected threats and prevent future attacks.
+
+Defender for Storage continuously analyzes the telemetry stream generated by the [Azure Blob Storage](https://azure.microsoft.com/services/storage/blobs/) and [Azure Files](https://azure.microsoft.com/services/storage/files/) services. When potentially malicious activities are detected, security alerts are generated. These alerts are displayed in Microsoft Defender for Cloud, along with the details of the suspicious activity, investigation steps, remediation actions, and security recommendations.
+
+Defender for Storage detects known malware, such as ransomware, viruses, spyware, and other malware uploaded to a storage account based on full blob/file hash. This capability helps prevent malware from entering the organization and spreading to more users and resources. See also the [Limitations of hash reputation analysis](https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-storage-introduction#limitations-of-hash-reputation-analysis).
+
+Defender for Storage doesn't access the Storage account data and does not impact its performance. You can [enable Microsoft Defender for Storage](https://learn.microsoft.com/en-us/azure/storage/common/azure-defender-storage-configure) at the subscription level (recommended) or the resource level.
 
 ## Storage tiers
 [!INCLUDE [storage-files-tiers-overview](../../../includes/storage-files-tiers-overview.md)]