Merge pull request #267658 from dcurwin/fix-formatting-feb29-2024

Fix formatting

Author: prmerger-automator[bot]

articles/defender-for-cloud/file-integrity-monitoring-enable-log-analytics.md

@@ -174,7 +174,7 @@ The **Changes** tab (shown below) lists all changes for the workspace during the
 Use wildcards to simplify tracking across directories. The following rules apply when you configure folder monitoring using wildcards:
 
 - Wildcards are required for tracking multiple files.
-- Wildcards can only be used in the last segment of a path, such as `C:\folder\file` or` /etc/*.conf`
+- Wildcards can only be used in the last segment of a path, such as `C:\folder\file` or `/etc/*.conf`
 - If an environment variable includes a path that isn't valid, validation succeeds but the path fails when inventory runs.
 - When setting the path, avoid general paths such as `c:\*.*`, which results in too many folders being traversed.
 
@@ -239,7 +239,7 @@ File Integrity Monitoring data resides within the Azure Log Analytics/Configurat
 
     In the following example, we're retrieving all changes in the last 14 days in the categories of registry and files:
 
-    ```
+    ```kusto
     ConfigurationChange
     | where TimeGenerated > ago(14d)
     | where ConfigChangeType in ('Registry', 'Files')
@@ -251,7 +251,7 @@ File Integrity Monitoring data resides within the Azure Log Analytics/Configurat
     1. Remove **Files** from the **where** clause.
     1. Remove the summarization line and replace it with an ordering clause:
 
-    ```
+    ```kusto
     ConfigurationChange
     | where TimeGenerated > ago(14d)
     | where ConfigChangeType in ('Registry')

articles/defender-for-cloud/file-integrity-monitoring-overview.md

@@ -60,9 +60,9 @@ Defender for Cloud provides the following list of recommended items to monitor b
 
 ## Next steps
 
-In this article, you learned about File Integrity Monitoring (FIM) in Defender for Cloud. 
+In this article, you learned about File Integrity Monitoring (FIM) in Defender for Cloud.
 
 Next, you can:
 
 - [Enable File Integrity Monitoring when using the Azure Monitor Agent](file-integrity-monitoring-enable-ama.md)
-- [Enable File Integrity Monitoring when using the Log Analytics agent](file-integrity-monitoring-enable-log-analytics.md)
+- [Enable File Integrity Monitoring when using the Log Analytics agent](file-integrity-monitoring-enable-log-analytics.md)

articles/defender-for-cloud/github-action.md

@@ -1,6 +1,6 @@
 ---
 title: Configure the Microsoft Security DevOps GitHub action
-description: Learn how to configure the Microsoft Security DevOps GitHub action.
+description: Learn how to configure the Microsoft Security DevOps GitHub action to enhance your project's security and DevOps processes.
 ms.date: 06/18/2023
 ms.topic: how-to
 ---
@@ -105,10 +105,10 @@ Microsoft Security DevOps uses the following Open Source tools:
             name: alerts
             path: ${{ steps.msdo.outputs.sarifFile }}
     ```
+
     > [!NOTE]
     >  For additional tool configuration options, see [the Microsoft Security DevOps wiki](https://github.com/microsoft/security-devops-action/wiki)
 
-
 1. Select **Start commit**
 
     :::image type="content" source="media/msdo-github-action/start-commit.png" alt-text="Screenshot showing you where to select start commit.":::
@@ -141,7 +141,7 @@ Code scanning findings will be filtered by specific MSDO tools in GitHub. These
 
 - Learn how to [deploy apps from GitHub to Azure](/azure/developer/github/deploy-to-azure).
 
-## Next steps
+## Related content
 
 Learn more about [DevOps security in Defender for Cloud](defender-for-devops-introduction.md).
 

articles/defender-for-cloud/governance-rules.md

@@ -1,5 +1,5 @@
 ---
-title: Drive remediation of security recommendations with governance rules in Microsoft Defender for Cloud
+title: Drive remediation of recommendations with governance rules
 description: Learn how to drive remediation of security recommendations with governance rules in Microsoft Defender for Cloud
 services: defender-for-cloud
 ms.service: defender-for-cloud
@@ -37,8 +37,7 @@ For tracking, you can review the progress of the remediation tasks by subscripti
 
 - The [Defender Cloud Security Posture Management (CSPM) plan](concept-cloud-security-posture-management.md) must be enabled.
 - You need **Contributor**, **Security Admin**, or **Owner** permissions on the Azure subscriptions.
-- For AWS accounts and GCP projects,  you need **Contributor**, **Security Admin**, or **Owner** permissions on the Defender for Cloud AWS or GCP connectors. 
-
+- For AWS accounts and GCP projects,  you need **Contributor**, **Security Admin**, or **Owner** permissions on the Defender for Cloud AWS or GCP connectors.
 
 ## Define a governance rule
 
@@ -68,7 +67,7 @@ For tracking, you can review the progress of the remediation tasks by subscripti
 1. Specify how recommendations are impacted by the rule.
 
     - **By severity** - The rule assigns the owner and due date to any recommendation in the subscription that doesn't already have them assigned.
-    - **By specific recommendations** - Select the specific built-in or custom recommendations that the rule applies to. 
+    - **By specific recommendations** - Select the specific built-in or custom recommendations that the rule applies to.
 
     :::image type="content" source="./media/governance-rules/create-rule-conditions.png" alt-text="Screenshot of page for adding conditions for a governance rule." lightbox="media/governance-rules/create-rule-conditions.png":::
 
@@ -106,11 +105,11 @@ You can view the effect of government rules in your environment.
 1. You can search for rules, or filter rules.
 
      - Filter on **Environment** to identify rules for Azure, AWS, and GCP.
-     
+
      - Filter on rule name, owner, or time between the recommendation being issued and due date.
-     
+
      - Filter on **Grace period** to find MCSB recommendations that won't affect your secure score.
-     
+
      - Identify by status.
 
         :::image type="content" source="./media/governance-rules/view-filter-rules.png" alt-text="Screenshot of page for viewing and filtering rules." lightbox="media/governance-rules/view-filter-rules.png":::
@@ -131,6 +130,6 @@ The governance report lets you select subscriptions that have governance rules a
 
 From the governance report, you can drill down into recommendations by scope, display name, priority, remediation timeframe, owner type, owner details, grace period and cloud.
 
-## Next steps
+## Next step
 
 Learn how to [Implement security recommendations](implement-security-recommendations.md).

articles/defender-for-cloud/harden-docker-hosts.md

@@ -1,6 +1,6 @@
 ---
 title: Review Docker host hardening recommendations
-description: How-to protect your Docker hosts and verify they're compliant with the CIS Docker benchmark
+description: How to protect your Docker hosts and verify they're compliant with the CIS Docker benchmark with Microsoft Defender for Cloud.
 author: dcurwin
 ms.author: dacurwin
 ms.topic: how-to
@@ -26,21 +26,20 @@ When vulnerabilities are found, they're grouped inside a single recommendation.
 |Required roles and permissions:|**Reader** on the workspace to which the host connects|
 |Clouds:|:::image type="icon" source="./media/icons/yes-icon.png"::: Commercial clouds<br>:::image type="icon" source="./media/icons/yes-icon.png"::: National (Azure Government, Microsoft Azure operated by 21Vianet)<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Connected AWS accounts|
 
-
 ## Identify and remediate security vulnerabilities in your Docker configuration
 
 1. From Defender for Cloud's menu, open the **Recommendations** page.
 
 1. Filter to the recommendation **Vulnerabilities in container security configurations should be remediated** and select the recommendation.
 
-    The recommendation page shows the affected resources (Docker hosts). 
+    The recommendation page shows the affected resources (Docker hosts).
 
     :::image type="content" source="./media/monitor-container-security/docker-host-vulnerabilities-found.png" alt-text="Recommendation to remediate vulnerabilities in container security configurations.":::
 
     > [!NOTE]
-    > Machines that aren't running Docker will be shown in the **Not applicable resources** tab. They'll appear in Azure Policy as Compliant. 
+    > Machines that aren't running Docker will be shown in the **Not applicable resources** tab. They'll appear in Azure Policy as Compliant.
 
-1. To view and remediate the CIS controls that a specific host failed, select the host you want to investigate. 
+1. To view and remediate the CIS controls that a specific host failed, select the host you want to investigate.
 
     > [!TIP]
     > If you started at the asset inventory page and reached this recommendation from there, select the **Take action** button on the recommendation page.
@@ -55,9 +54,8 @@ When vulnerabilities are found, they're grouped inside a single recommendation.
 
 1. When you're sure the command is appropriate and ready for your host, select **Run**.
 
+## Next step
 
-## Next steps
-
-Docker hardening is just one aspect of Defender for Cloud's container security features. 
+Docker hardening is just one aspect of Defender for Cloud's container security features.
 
 Learn more [Container security in Defender for Cloud](defender-for-containers-introduction.md).