Merge pull request #277656 from ElazarK/wi261474-CIEM-reccs

changed CIEM names

Author: prmerger-automator[bot]

articles/defender-for-cloud/enable-permissions-management.md

@@ -4,7 +4,7 @@ author: Elazark
 ms.author: elkrieger
 description: Learn how to enable Permissions Management for better access control and security in your cloud infrastructure.
 ms.topic: how-to
-ms.date: 05/07/2024
+ms.date: 06/09/2024
 #customer intent: As a cloud administrator, I want to learn how to enable permissions (CIEM) in order to effectively manage user access and entitlements in my cloud infrastructure.
 ---
 
@@ -54,7 +54,7 @@ List of Azure recommendations:
 
 - Azure over-provisioned identities should have only the necessary permissions
 
-- Unused identities in your Azure environment should be revoked/removed
+- Permissions of inactive identities in your Azure subscription should be revoked
 
 - Super identities in your Azure environment should be revoked/removed
 
@@ -99,7 +99,7 @@ List of AWS recommendations:
 
 - AWS over-provisioned identities should have only the necessary permissions
 
-- Unused identities in your Azure environment should be revoked/removed
+- Permissions of inactive identities in your Azure subscription should be revoked
 
 ## Enable Permissions Management (CIEM) for GCP
 
@@ -145,10 +145,11 @@ List of GCP recommendations:
 
 - GCP over-provisioned identities should have only necessary permissions
 
-- Unused identities in your GCP environment should be revoked/removed
+- Permissions of inactive identities in your GCP project should be revoked
 
 - Super identities in your GCP environment should be revoked/removed
 
 ## Next step
 
-Learn more about [Microsoft Entra Permissions Management](/entra/permissions-management/).
+> [!div class="nextstepaction"]
+> [Microsoft Entra Permissions Management](/entra/permissions-management/).

articles/defender-for-cloud/recommendations-reference-aws.md

@@ -2,7 +2,7 @@
 title: Reference table for all security recommendations for AWS resources
 description: This article lists all Microsoft Defender for Cloud security recommendations that help you harden and protect your Amazon Web Services (AWS) resources.
 ms.topic: reference
-ms.date: 03/13/2024
+ms.date: 06/09/2024
 ms.custom: generated
 ai-usage: ai-assisted
 ---
@@ -1147,9 +1147,9 @@ Secrets Manager can rotate secrets. You can use rotation to replace long-term se
 
 **Severity**: Medium
 
-### [Unused identities in your AWS environment should be removed](https://ms.portal.azure.com/#view/Microsoft_Azure_Security/GenericRecommendationDetailsBlade/assessmentKey/71016e8c-d079-479d-942b-9c95b463e4a6)
+### [Permissions of inactive identities in your AWS account should be revoked](https://ms.portal.azure.com/#view/Microsoft_Azure_Security/GenericRecommendationDetailsBlade/assessmentKey/71016e8c-d079-479d-942b-9c95b463e4a6)
 
-**Description**: Inactive identities are human and non-human entities that haven't performed any action on any resource in the last 90 days. Inactive IAM identities with high-risk permissions in your AWS account can be prone to attack if left as is and leave organizations open to credential misuse or exploitation. Proactively detecting and responding to unused identities helps you prevent unauthorized entities from gaining access to your AWS resources.
+**Description**: Microsoft Defender for Cloud discovered an identity that has not performed any action on any resource within your AWS account in the past 45 days. It is recommended to revoke permissions of inactive identities, in order to reduce the attack surface of your cloud environment.
 
 **Severity**: Medium
 

articles/defender-for-cloud/recommendations-reference-gcp.md

@@ -2,7 +2,7 @@
 title: Reference table for all security recommendations for GCP resources
 description: This article lists all Microsoft Defender for Cloud security recommendations that help you harden and protect your Google Cloud Platform (GCP) resources.
 ms.topic: reference
-ms.date: 03/13/2024
+ms.date: 06/09/2024
 ms.custom: generated
 ai-usage: ai-assisted
 ---
@@ -983,9 +983,9 @@ GCP facilitates up to 10 external service account keys per service account to fa
 
 **Severity**: High
 
-### [Unused identities in your GCP environment should be removed](https://ms.portal.azure.com/#view/Microsoft_Azure_Security/GenericRecommendationDetailsBlade/assessmentKey/257e9506-fd47-4123-a8ef-92017f845906)
+### [Permissions of inactive identities in your GCP project should be revoked](https://ms.portal.azure.com/#view/Microsoft_Azure_Security/GenericRecommendationDetailsBlade/assessmentKey/257e9506-fd47-4123-a8ef-92017f845906)
 
-**Description**: It's imperative to identify unused identities as they pose significant security risks. These identities often involve bad practices, such as excessive permissions and mismanaged keys that leave organizations open to credential misuse or exploitation and increases your resource`s attack surface. Inactive identities are human and nonhuman entities that haven't performed any action on any resource in the last 90 days. Service account keys can become a security risk if not managed carefully.
+**Description**: Microsoft Defender for Cloud discovered an identity that has not performed any action on any resource within your GCP project in the past 45 days. It is recommended to revoke permissions of inactive identities, in order to reduce the attack surface of your cloud environment.
 
 **Severity**: Medium
 

articles/defender-for-cloud/recommendations-reference.md

@@ -1841,9 +1841,9 @@ Learn more in [Introduction to Microsoft Defender for Key Vault](defender-for-ke
 
 **Severity**: Medium
 
-### [Unused identities in your Azure environment should be removed (Preview)](https://ms.portal.azure.com/#view/Microsoft_Azure_Security/GenericRecommendationDetailsBlade/assessmentKey/7af29efb-41cc-47b6-81b8-800a0888f9a2)
+### [Permissions of inactive identities in your Azure subscription should be revoked](https://ms.portal.azure.com/#view/Microsoft_Azure_Security/GenericRecommendationDetailsBlade/assessmentKey/7af29efb-41cc-47b6-81b8-800a0888f9a2)
 
-**Description**: Inactive Identities are the identities that have not performed any action on any infrastructure resources in the last 90 days. Inactive identities pose a significant risk to your organization as they could be used by attackers to gain access and execute tasks in your environment.
+**Description**: Microsoft Defender for Cloud discovered an identity that has not performed any action on any resource within your Azure subscription in the past 45 days. It is recommended to revoke permissions of inactive identities, in order to reduce the attack surface of your cloud environment.
 
 **Severity**: Medium