Merge branch 'main' of https://github.com/MicrosoftDocs/azure-docs-pr into yelevin/sap-incident-response-playbooks

Author: your name

articles/active-directory/fundamentals/whats-new-archive.md

@@ -39,13 +39,13 @@
   - name: Connect your hybrid and multicloud environments
     expanded: false
     items:
-    - name: Connect your on-premises machine
+    - name: Connect your on-premises machines
       displayName: azure stack, ash, windows, linux, hybrid, arc, on-premises
       href: quickstart-onboard-machines.md
-    - name: Connect your AWS account
+    - name: Connect your AWS accounts
       displayName: hybrid, multicloud, multicloud, amazon, arc, AWS, accounts
       href: quickstart-onboard-aws.md
-    - name: Connect your GCP project
+    - name: Connect your GCP projects
       displayName: hybrid, multicloud, multicloud, google, gcp
       href: quickstart-onboard-gcp.md
     - name: Connect non-Azure machines with Defender for Endpoint
@@ -60,7 +60,7 @@
     - name: Protect your resources with Defender CSPM
       displayName: CSPM, cloud security posture management, enable
       href: tutorial-enable-cspm-plan.md
-    - name: Protect servers with Defender for Servers
+    - name: Protect your servers with Defender for Servers
       displayName: servers, server, enable
       href: tutorial-enable-servers-plan.md
     - name: Protect your applications with Defender for App Service
@@ -69,20 +69,20 @@
     - name: Protect your databases with Defender for Databases
       displayName: Databases, Cosmos, DB, SQL servers, Azure SQL, SQL, Open-source relational databases
       href: tutorial-enable-databases-plan.md
-    - name: Protect your storage with Defender for Storage
+    - name: Protect your storage accounts with Defender for Storage
       displayName: storage, enable
       href: tutorial-enable-storage-plan.md
     - name: Protect containers with Defender for Containers
       items:
       - name: Protect your Azure containers (AKS) 
         href: tutorial-enable-containers-azure.md
-      - name: Protect your on-premises and IaaS (ARC) devices 
+      - name: Protect your on-premises and IaaS (Arc) devices 
         href: tutorial-enable-containers-arc.md
       - name: Protect your Amazon Web Service (AWS) accounts containers
         href: tutorial-enable-container-aws.md
       - name: Protect your Google Cloud Platform (GCP) project containers
         href: tutorial-enable-container-gcp.md
-    - name: Protect your key vault with Defender for Key Vault
+    - name: Protect your key vaults with Defender for Key Vault
       displayName: enable, key, vault, key vault
       href: tutorial-enable-key-vault-plan.md
     - name: Protect your Domain Name System (DNS) with Defender for DNS

articles/defender-for-cloud/TOC.yml

@@ -98,7 +98,7 @@ You can simulate alerts for both of the control plane, and workload alerts with
 **Prerequisites**
 
 - Ensure the Defender for Containers plan is enabled.
-- **ARC only** - Ensure the Defender extension is installed.
+- **Arc only** - Ensure the Defender extension is installed.
 - **EKS or GKE only** - Ensure the default audit log collection autoprovisioning options are enabled.
 
 **To simulate a Kubernetes control plane security alert**:

articles/defender-for-cloud/alert-validation.md

@@ -26,27 +26,27 @@ When you enable the auto-provision option, a default workspace will be automatic
 
 1. Search for, and select **Policy**.
 
-    :::image type="content" source="../media/defender-for-containers/find-policy.png" alt-text="Screenshot that shows how to locate the policy page for ARC." lightbox="../media/defender-for-containers/find-policy.png":::
+    :::image type="content" source="../media/defender-for-containers/find-policy.png" alt-text="Screenshot that shows how to locate the policy page for Arc." lightbox="../media/defender-for-containers/find-policy.png":::
 
 1. Select **Definitions**.
 
 1. Search for policy ID `708b60a6-d253-4fe0-9114-4be4c00f012c`.
 
-    :::image type="content" source="../media/defender-for-containers/policy-search-arc.png" alt-text="Screenshot that shows where to search for the policy by ID number for ARC." lightbox="../media/defender-for-containers/policy-search-arc.png":::
+    :::image type="content" source="../media/defender-for-containers/policy-search-arc.png" alt-text="Screenshot that shows where to search for the policy by ID number for Arc." lightbox="../media/defender-for-containers/policy-search-arc.png":::
 
 1. Select **Configure Azure Arc enabled Kubernetes clusters to install Microsoft Defender for Cloud extension.**.
 
 1. Select **Assignments**.
 
-    :::image type="content" source="../media/defender-for-containers/assignments-tab-arc.png" alt-text="Screenshot that shows where the assignments tab is for ARC." lightbox="../media/defender-for-containers/assignments-tab-arc.png":::
+    :::image type="content" source="../media/defender-for-containers/assignments-tab-arc.png" alt-text="Screenshot that shows where the assignments tab is for Arc." lightbox="../media/defender-for-containers/assignments-tab-arc.png":::
 
 1. Follow the [Create a new assignment with custom workspace](#create-a-new-assignment-with-custom-workspace) steps if the policy hasn't yet been assigned to the relevant scope. Or, follow the [Update assignment with custom workspace](#update-assignment-with-custom-workspace) steps if the policy is already assigned and you want to change it to use a custom workspace.
 
 #### Create a new assignment with custom workspace 
 
 If the policy hasn't been assigned, you'll see `Assignments (0)`.
 
-:::image type="content" source="../media/defender-for-containers/no-assignment-arc.png" alt-text="Screenshot showing that no workspace has been assigned for ARC." lightbox="../media/defender-for-containers/no-assignment-arc.png":::
+:::image type="content" source="../media/defender-for-containers/no-assignment-arc.png" alt-text="Screenshot showing that no workspace has been assigned for Arc." lightbox="../media/defender-for-containers/no-assignment-arc.png":::
 
 **To assign custom workspace**:
 
@@ -56,7 +56,7 @@ If the policy hasn't been assigned, you'll see `Assignments (0)`.
 
 1. Select a LogAnalyticsWorkspaceResource ID from the dropdown menu.
 
-   :::image type="content" source="../media/defender-for-containers/drop-down-menu-arc.png" alt-text="Screenshot showing where the dropdown menu is located for ARC." lightbox="../media/defender-for-containers/drop-down-menu-arc.png"::: 
+   :::image type="content" source="../media/defender-for-containers/drop-down-menu-arc.png" alt-text="Screenshot showing where the dropdown menu is located for Arc." lightbox="../media/defender-for-containers/drop-down-menu-arc.png"::: 
 
 1. Select **Review + create**.
 
@@ -69,21 +69,21 @@ If the policy has already been assigned to a workspace, you'll see `Assignments
 > [!NOTE]
 > If you have more than one subscription the number may be higher. If you have a number 1 or higher, the assignment may still not be on the relevant scope. If this is the case, you will want to follow the [Create a new assignment with custom workspace](#create-a-new-assignment-with-custom-workspace) steps.
 
-:::image type="content" source="../media/defender-for-containers/already-assigned-arc.png" alt-text="Screenshot that shows Assignment (1), meaning a workspace has already been assigned for ARC." lightbox="../media/defender-for-containers/already-assigned-arc.png":::
+:::image type="content" source="../media/defender-for-containers/already-assigned-arc.png" alt-text="Screenshot that shows Assignment (1), meaning a workspace has already been assigned for Arc." lightbox="../media/defender-for-containers/already-assigned-arc.png":::
 
 **To assign custom workspace**:
 
 1. Select the relevant assignment.
 
-    :::image type="content" source="../media/defender-for-containers/relevant-assignment-arc.png" alt-text="Screenshot that shows where to select the relevant assignment from for ARC." lightbox="../media/defender-for-containers/relevant-assignment-arc.png":::
+    :::image type="content" source="../media/defender-for-containers/relevant-assignment-arc.png" alt-text="Screenshot that shows where to select the relevant assignment from for Arc." lightbox="../media/defender-for-containers/relevant-assignment-arc.png":::
 
 1. Select **Edit assignment**.
 
 1. In the **Parameters** tab, deselect the **Only show parameters that need input or review** option.
 
 1. Select a LogAnalyticsWorkspaceResource ID from the dropdown menu.
 
-   :::image type="content" source="../media/defender-for-containers/drop-down-menu-arc.png" alt-text="Screenshot showing where the dropdown menu is located for ARC." lightbox="../media/defender-for-containers/drop-down-menu-arc.png"::: 
+   :::image type="content" source="../media/defender-for-containers/drop-down-menu-arc.png" alt-text="Screenshot showing where the dropdown menu is located for Arc." lightbox="../media/defender-for-containers/drop-down-menu-arc.png"::: 
 
 1. Select **Review + save**.
 

articles/defender-for-cloud/includes/defender-for-containers-assign-workspace-arc.md

@@ -128,7 +128,7 @@ For a reference list of all the recommendations Defender for Cloud can provide f
         - (Optional) Select **Configure**, to edit the configuration as required.
 
     > [!NOTE]
-    > The respective Azure Arc servers for EC2 instances or GCP virtual machines that no longer exist (and the respective Azure Arc servers with a status of ["Disconnected" or "Expired"](/azure/azure-arc/servers/overview)) will be removed after 7 days. This process removes irrelevant Azure ARC entities, ensuring only Azure Arc servers related to existing instances are displayed.
+    > The respective Azure Arc servers for EC2 instances or GCP virtual machines that no longer exist (and the respective Azure Arc servers with a status of ["Disconnected" or "Expired"](/azure/azure-arc/servers/overview)) will be removed after 7 days. This process removes irrelevant Azure Arc entities, ensuring only Azure Arc servers related to existing instances are displayed.
 
     - By default the **Containers** plan is set to **On**. This is necessary to have Defender for Containers protect your AWS EKS clusters. Ensure you've fulfilled the [network requirements](./defender-for-containers-enable.md?pivots=defender-for-container-eks&source=docs&tabs=aks-deploy-portal%2ck8s-deploy-asc%2ck8s-verify-asc%2ck8s-remove-arc%2caks-removeprofile-api#network-requirements) for the Defender for Containers plan.
 

articles/defender-for-cloud/quickstart-onboard-aws.md

@@ -110,7 +110,7 @@ To have full visibility to Microsoft Defender for Servers security content, ensu
     - **Manual installation** - You can manually connect your VM instances to Azure Arc for servers. Instances in projects with Defender for Servers plan enabled that aren't connected to Arc are surfaced by the recommendation `GCP VM instances should be connected to Azure Arc`. Select the **Fix** option in the recommendation to install Azure Arc on the selected machines.
 
     > [!NOTE]
-    > The respective Azure Arc servers for EC2 instances or GCP virtual machines that no longer exist (and the respective Azure Arc servers with a status of ["Disconnected" or "Expired"](/azure/azure-arc/servers/overview)) will be removed after 7 days. This process removes irrelevant Azure ARC entities, ensuring only Azure Arc servers related to existing instances are displayed.
+    > The respective Azure Arc servers for EC2 instances or GCP virtual machines that no longer exist (and the respective Azure Arc servers with a status of ["Disconnected" or "Expired"](/azure/azure-arc/servers/overview)) will be removed after 7 days. This process removes irrelevant Azure Arc entities, ensuring only Azure Arc servers related to existing instances are displayed.
 
 - Ensure you've fulfilled the [network requirements for Azure Arc](../azure-arc/servers/network-requirements.md?tabs=azure-cloud).
 

articles/defender-for-cloud/quickstart-onboard-gcp.md

@@ -1,12 +1,12 @@
 ---
-title: Connect your on-premises machine to Defender for Cloud
+title: Connect your on-premises machines to Defender for Cloud
 description: Learn how to connect your on-premises machines to Microsoft Defender for Cloud
 ms.topic: install-set-up-deploy
 ms.date: 06/29/2023
 ms.custom: mode-other
 ---
 
-# Connect your non-Azure machine to Microsoft Defender for Cloud
+# Connect your non-Azure machines to Microsoft Defender for Cloud
 
 Defender for Cloud can monitor the security posture of your non-Azure computers, but first you need to connect them to Azure.
 

articles/defender-for-cloud/quickstart-onboard-machines.md

@@ -8,7 +8,7 @@ ms.date: 06/29/2023
 
 # Protect your applications with Defender for App Service
 
-Defender for App Service in Microsoft Defender for Cloud is a fully managed platform for building and hosting your web apps and APIs. It provides management, monitoring, and operational insights to meet enterprise-grade performance, security, and compliance requirements. For more information, see [Azure App Service](https://azure.microsoft.com/services/app-service/).
+Azure App Service is a fully managed platform for building and hosting your web apps and APIs. It provides management, monitoring, and operational insights to meet enterprise-grade performance, security, and compliance requirements. For more information, see [Azure App Service](https://azure.microsoft.com/services/app-service/).
 
 **Microsoft Defender for App Service** uses the scale of the cloud to identify attacks targeting applications running over App Service. Attackers probe web applications to find and exploit weaknesses. Before being routed to specific environments, requests to applications running in Azure go through several gateways, where they're inspected and logged. The data is then used to identify exploits and attackers, and to learn new patterns that are used later.
 
@@ -17,10 +17,10 @@ When you enable Microsoft Defender for App Service, you immediately benefit from
 - **Secure** - Defender for App Service assesses the resources covered by your App Service plan and generates security recommendations based on its findings. Use the detailed instructions in these recommendations to harden your App Service resources.
 
 - **Detect** - Defender for App Service detects a multitude of threats to your App Service resources by monitoring:
-    - the VM instance in which your App Service is running, and its management interface
-    - the requests and responses sent to and from your App Service apps
-    - the underlying sandboxes and VMs
-    - App Service internal logs - available thanks to the visibility that Azure has as a cloud provider
+  - the VM instance in which your App Service is running, and its management interface
+  - the requests and responses sent to and from your App Service apps
+  - the underlying sandboxes and VMs
+  - App Service internal logs - available thanks to the visibility that Azure has as a cloud provider
 
 As a cloud-native solution, Defender for App Service can identify attack methodologies applying to multiple targets. For example, from a single host it would be difficult to identify a distributed attack from a small subset of IPs, crawling to similar endpoints on multiple hosts.
 

articles/defender-for-cloud/tutorial-enable-app-service-plan.md

@@ -1,14 +1,16 @@
 ---
-title: Protect your key vault with the Defender for Key Vault plan - Microsoft Defender for Cloud
+title: Protect your key vaults with the Defender for Key Vault plan - Microsoft Defender for Cloud
 titleSuffix: Microsoft Defender for Cloud
 description: Learn how to enable the Defender for Key Vault plan on your Azure subscription for Microsoft Defender for Cloud.
 ms.topic: install-set-up-deploy
 ms.date: 06/29/2023
 ---
 
-# Protect your key vault with Defender for Key Vault
+# Protect your key vaults with Defender for Key Vault
 
-Defender for Key Vault in Microsoft Defender for Cloud is a cloud service that safeguards encryption keys and secrets like certificates, connection strings, and passwords.
+Azure Key Vault is a cloud service that safeguards encryption keys and secrets like certificates, connection strings, and passwords.
+
+Enable Microsoft Defender for Key Vault for Azure-native, advanced threat protection for Azure Key Vault, providing an additional layer of security intelligence.
 
 Learn more about [Microsoft Defender for Key Vault](defender-for-key-vault-introduction.md).
 

articles/defender-for-cloud/tutorial-enable-key-vault-plan.md

@@ -8,7 +8,9 @@ ms.date: 06/29/2023
 
 # Protect your resources with Defender for Resource Manager
 
-Defender for Resource Manager in Microsoft Defender for Cloud is the deployment and management service for Azure. [Azure Resource Manager](../azure-resource-manager/management/overview.md) provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features, like access control, locks, and tags, to secure and organize your resources after deployment.
+[Azure Resource Manager](../azure-resource-manager/management/overview.md) is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. You use management features, like access control, locks, and tags, to secure and organize your resources after deployment.
+
+Microsoft Defender for Resource Manager automatically monitors the resource management operations in your organization, whether they're performed through the Azure portal, Azure REST APIs, Azure CLI, or other Azure programmatic clients. Defender for Cloud runs advanced security analytics to detect threats and alerts you about suspicious activity.
 
 Learn more about [Microsoft Defender for Resource Manager](defender-for-resource-manager-introduction.md).