Resolve comments from review

Author: bmansheim

articles/defender-for-cloud/powershell-sample-vulnerability-assessment-azure-sql.md

@@ -1,5 +1,5 @@
 ---
-title: PowerShell Script Sample - Enable vulnerability assessment on a SQL server
+title: PowerShell script sample - Enable vulnerability assessment on a SQL server
 description: In this article, learn how to enable vulnerability assessments on Azure SQL databases with the express configuration using a PowerShell script.
 ms.topic: sample
 ms.date: 11/29/2022

articles/defender-for-cloud/powershell-sample-vulnerability-assessment-baselines.md

@@ -1,5 +1,5 @@
 ---
-title: PowerShell Script Sample - Set up baselines on Azure SQL databases
+title: PowerShell script sample - Set up baselines on Azure SQL databases
 description: In this article, learn how to set up baselines for vulnerability assessments on Azure SQL databases using a PowerShell script.
 ms.topic: sample
 ms.date: 11/29/2022

articles/defender-for-cloud/sql-azure-vulnerability-assessment-enable.md

@@ -78,11 +78,11 @@ To enable vulnerability assessment with a storage account, use the classic confi
 
 1. Select **Configure** on the link to open the Microsoft Defender for SQL settings pane for either the entire server or managed instance.
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/opening-sql-configuration.png" alt-text="Opening the Defender for SQL configuration":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/opening-sql-configuration.png" alt-text="Screenshot of the Defender for SQL configuration":::
 
 1. In the **Server settings** page, enter the Microsoft Defender for SQL settings:
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/sql-vulnerability-scan-settings.png" alt-text="Configuring the SQL vulnerability assessment scans":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/sql-vulnerability-scan-settings.png" alt-text="Screenshot of configuring the SQL vulnerability assessment scans":::
 
     1. Configure a storage account where your scan results for all databases on the server or managed instance will be stored. For information about storage accounts, see [About Azure storage accounts](/azure/storage/common/storage-account-create).
 
@@ -99,4 +99,4 @@ Learn more about:
 
 - [Microsoft Defender for Azure SQL](defender-for-sql-introduction.md)
 - [Data discovery and classification](/azure/azure-sql/database/data-discovery-and-classification-overview.md)
-- [Storing scan results in a storage account behind firewalls and VNets](/azure/azure-sql/database/sql-database-vulnerability-assessment-storage.md)
+- [storing scan results in a storage account behind firewalls and VNets](/azure/azure-sql/database/sql-database-vulnerability-assessment-storage.md)

articles/defender-for-cloud/sql-azure-vulnerability-assessment-find.md

@@ -53,11 +53,11 @@ You can run SQL vulnerability assessment scans on-demand:
 
 1. From the resource's **Defender for Cloud** page, select **View additional findings in Vulnerability Assessment** to access the scan results from previous scans.
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/view-additional-findings-link.png" alt-text="Opening the scan results and manual scan options.":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/view-additional-findings-link.png" alt-text="Screenshot of opening the scan results and manual scan options.":::
 
 1. To run an on-demand scan to scan your database for vulnerabilities, select **Scan** from the toolbar:
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/on-demand-vulnerability-scan.png" alt-text="Select scan to run an on-demand vulnerability assessment scan of your SQL resource":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/on-demand-vulnerability-scan.png" alt-text="Screenshot of selecting scan to run an on-demand vulnerability assessment scan of your SQL resource":::
 
 
 > [!NOTE]
@@ -72,7 +72,7 @@ When a vulnerability scan completes, the report is displayed in the Azure portal
 - A summary by severity of the risks
 - A list of the findings for further investigations
 
-:::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/sample-sql-vulnerabilities-report.png" alt-text="Sample scan report from the SQL vulnerability assessment scanner":::
+:::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/sample-sql-vulnerabilities-report.png" alt-text="Screenshot of sample scan report from the SQL vulnerability assessment scanner":::
 
 To remediate the vulnerabilities discovered:
 
@@ -83,15 +83,15 @@ To remediate the vulnerabilities discovered:
     > [!TIP]
     > The findings details page includes actionable remediation information explaining how to resolve the issue.
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/examining-vulnerability-findings.gif" alt-text="Examining the findings from a vulnerability scan":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/examining-vulnerability-findings.gif" alt-text="Screenshot of examining the findings from a vulnerability scan":::
 
 1. As you review your assessment results, you can mark specific results as being an acceptable *baseline* in your environment. A baseline is essentially a customization of how the results are reported. In subsequent scans, results that match the baseline are considered as passes. After you've established your baseline security state, vulnerability assessment only reports on deviations from the baseline. In this way, you can focus your attention on the relevant issues.
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/baseline-approval.png" alt-text="Approving a finding as a baseline for future scans":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/baseline-approval.png" alt-text="Screenshot of approving a finding as a baseline for future scans":::
 
 1. Any findings you've added to the baseline will now appear as **Passed** with an indication that they've passed because of the baseline changes. There's no need to run another scan for the baseline to take effect. 
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/passed-per-custom-baseline.png" alt-text="Passed assessments indicating they've passed per custom baseline":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/passed-per-custom-baseline.png" alt-text="Screenshot of passed assessments indicating they've passed per custom baseline":::
 
 Your vulnerability assessment scans can now be used to ensure that your database maintains a high level of security, and that your organizational policies are met.
 
@@ -126,11 +126,11 @@ You can run SQL vulnerability assessment scans on-demand:
 
 1. From the resource's **Defender for Cloud** page, select **View additional findings in Vulnerability Assessment** to access the scan results from previous scans.
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/view-additional-findings-link.png" alt-text="Opening the scan results and manual scan options.":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/view-additional-findings-link.png" alt-text="Screenshot of opening the scan results and manual scan options.":::
 
 1. To run an on-demand scan to scan your database for vulnerabilities, select **Scan** from the toolbar:
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/on-demand-vulnerability-scan.png" alt-text="Select scan to run an on-demand vulnerability assessment scan of your SQL resource":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/on-demand-vulnerability-scan.png" alt-text="Screenshot of select scan to run an on-demand vulnerability assessment scan of your SQL resource":::
 
 
 > [!NOTE]
@@ -145,7 +145,7 @@ When a vulnerability scan completes, the report is displayed in the Azure portal
 - A summary by severity of the risks
 - A list of the findings for further investigations
 
-:::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/sample-sql-vulnerabilities-report.png" alt-text="Sample scan report from the SQL vulnerability assessment scanner":::
+:::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/sample-sql-vulnerabilities-report.png" alt-text="Screenshot of sample scan report from the SQL vulnerability assessment scanner":::
 
 To remediate the vulnerabilities discovered:
 
@@ -156,20 +156,22 @@ To remediate the vulnerabilities discovered:
     > [!TIP]
     > The findings details page includes actionable remediation information explaining how to resolve the issue.
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/examining-vulnerability-findings.gif" alt-text="Examining the findings from a vulnerability scan":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/examining-vulnerability-findings.gif" alt-text="Screenshot of examining the findings from a vulnerability scan":::
 
 1. As you review your assessment results, you can mark specific results as being an acceptable *baseline* in your environment. A baseline is essentially a customization of how the results are reported. In subsequent scans, results that match the baseline are considered as passes. After you've established your baseline security state, vulnerability assessment only reports on deviations from the baseline. In this way, you can focus your attention on the relevant issues.
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/baseline-approval.png" alt-text="Approving a finding as a baseline for future scans":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/baseline-approval.png" alt-text="Screenshot of approving a finding as a baseline for future scans":::
 
 1. If you change the baselines, use the **Scan** button to run an on-demand scan and view the customized report. Any findings you've added to the baseline will now appear in **Passed** with an indication that they've passed because of the baseline changes.
 
-    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/passed-per-custom-baseline.png" alt-text="Passed assessments indicating they've passed per custom baseline":::
+    :::image type="content" source="media/defender-for-sql-azure-vulnerability-assessment/passed-per-custom-baseline.png" alt-text="Screenshot of passed assessments indicating they've passed per custom baseline":::
 
 Your vulnerability assessment scans can now be used to ensure that your database maintains a high level of security, and that your organizational policies are met.
 
+---
+
 ## Next steps  
 
 - Learn more about [Microsoft Defender for Azure SQL](defender-for-sql-introduction.md).
 - Learn more about [data discovery and classification](/azure/azure-sql/database/data-discovery-and-classification-overview.md).
-- Learn more about [Storing vulnerability assessment scan results in a storage account accessible behind firewalls and VNets](/azure/azure-sql/database/sql-database-vulnerability-assessment-storage.md).
+- Learn more about [storing vulnerability assessment scan results in a storage account accessible behind firewalls and VNets](/azure/azure-sql/database/sql-database-vulnerability-assessment-storage.md).

articles/defender-for-cloud/sql-azure-vulnerability-assessment-manage.md

@@ -287,14 +287,14 @@ To create a rule:
     - Severity
     - Benchmarks
 
-    :::image type="content" source="media/defender-for-sql-Azure-vulnerability-assessment/disable-rule-vulnerability-findings-sql.png" alt-text="Create a disable rule for VA findings on SQL servers on machines":::
+    :::image type="content" source="media/defender-for-sql-Azure-vulnerability-assessment/disable-rule-vulnerability-findings-sql.png" alt-text="Screenshot of create a disable rule for VA findings on SQL servers on machines":::
 
 1. Select **Apply rule**. Changes might take up to 24 hrs to take effect.
 1. To view, override, or delete a rule:
     1. Select **Disable rule**.
     1. From the scope list, subscriptions with active rules show as **Rule applied**.
 
-        :::image type="content" source="media/defender-for-sql-Azure-vulnerability-assessment/modify-rule.png" alt-text="Modify or delete an existing rule":::
+        :::image type="content" source="media/defender-for-sql-Azure-vulnerability-assessment/modify-rule.png" alt-text="Screenshot of modify or delete an existing rule":::
 
     1. To view or delete the rule, select the ellipsis menu ("...").
 
@@ -339,7 +339,7 @@ For a script example, see [Azure SQL vulnerability assessment PowerShell support
 ### Azure CLI
 
 > [!IMPORTANT]
-> The following Azure CLI commands are for SQL databases hosted on VMs or On-Premise machines. For vulnerability assessments regarding Azure SQL Databases, refer to the Azure portal or PowerShell section.
+> The following Azure CLI commands are for SQL databases hosted on VMs or on-premises machines. For vulnerability assessments regarding Azure SQL Databases, refer to the Azure portal or PowerShell section.
 
 You can use Azure CLI commands to programmatically manage your vulnerability assessments. The supported commands are:
 
@@ -433,8 +433,10 @@ To handle Boolean types as true/false, set the baseline result with binary input
    }
 ```
 
+---
+
 ## Next steps
 
 - Learn more about [Microsoft Defender for Azure SQL](defender-for-sql-introduction.md).
 - Learn more about [data discovery and classification](/azure/azure-sql/database/data-discovery-and-classification-overview.md).
-- Learn more about [Storing vulnerability assessment scan results in a storage account accessible behind firewalls and VNets](/azure/azure-sql/database/sql-database-vulnerability-assessment-storage.md).
+- Learn more about [storing vulnerability assessment scan results in a storage account accessible behind firewalls and VNets](/azure/azure-sql/database/sql-database-vulnerability-assessment-storage.md).

articles/defender-for-cloud/sql-azure-vulnerability-assessment-overview.md

@@ -57,10 +57,10 @@ Configuration modes benefits and limitations comparison:
 | Apply baseline               | Will take effect **without** rescanning the database                    | Will take effect **only after** rescanning the database                 |
 | Single rule scan result size | Maximum of 1 MB                                                       | Unlimited                                                           |
 | Email notifications          | • Logic Apps                                                          | • Internal scheduler<br>• Logic Apps |
-| Scan export                  | TBD                                                                 | Excel format                                                        |
+| Scan export                  | Not supported                                                                 | Excel format                                                        |
 
 ## Next steps  
 
 - Learn more about [Microsoft Defender for Azure SQL](defender-for-sql-introduction.md).
 - Learn more about [data discovery and classification](/azure/azure-sql/database/data-discovery-and-classification-overview.md).
-- Learn more about [Storing vulnerability assessment scan results in a storage account accessible behind firewalls and VNets](/azure/azure-sql/database/sql-database-vulnerability-assessment-storage.md).
+- Learn more about [storing vulnerability assessment scan results in a storage account accessible behind firewalls and VNets](/azure/azure-sql/database/sql-database-vulnerability-assessment-storage.md).

articles/defender-for-cloud/sql-azure-vulnerability-assessment-rules-changelog.md

@@ -1,5 +1,5 @@
 ---
-title: SQL vulnerability assessment rules changelog
+title: SQL vulnerability assessment rules changelog for Microsoft Defender for Cloud
 description: Changelog for SQL vulnerability assessment rules with SQL Server, Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics
 ms.author: cesanu
 author: CESANU

articles/defender-for-cloud/sql-azure-vulnerability-assessment-rules.md

@@ -1,5 +1,5 @@
 ---
-title: SQL vulnerability assessment rules reference guide
+title: SQL vulnerability assessment rules reference for Microsoft Defender for Cloud
 description: List of rule titles and descriptions for SQL Server, Azure SQL Database, Azure SQL Managed Instance, and Azure Synapse Analytics
 ms.author: cesanu
 author: CESANU