Merge pull request #270344 from dcurwin/fix-formatting2-march27-2024

fix formatting

Author: prmerger-automator[bot]

articles/defender-for-cloud/defender-for-cloud-introduction.md

@@ -43,7 +43,7 @@ Defender for Cloud includes Foundational CSPM capabilities for free. You can als
 | Capability | What problem does it solve? | Get started | Defender plan |
 |--|--|--|--|
 | [Centralized policy management](security-policy-concept.md) | Define the security conditions that you want to maintain across your environment. The policy translates to recommendations that identify resource configurations that violate your security policy. The [Microsoft cloud security benchmark](concept-regulatory-compliance.md) is a built-in standard that applies security principles with detailed technical implementation guidance for Azure and other cloud providers (such as AWS and GCP). | [Customize a security policy](create-custom-recommendations.md) | Foundational CSPM (Free) |
-| [Secure score]( secure-score-security-controls.md) | Summarize your security posture based on the security recommendations. As you remediate recommendations, your secure score improves. | [Track your secure score](secure-score-access-and-track.md) | Foundational CSPM (Free) |
+| [Secure score](secure-score-security-controls.md) | Summarize your security posture based on the security recommendations. As you remediate recommendations, your secure score improves. | [Track your secure score](secure-score-access-and-track.md) | Foundational CSPM (Free) |
 | [Multicloud coverage](plan-multicloud-security-get-started.md) | Connect to your multicloud environments with agentless methods for CSPM insight and CWP protection. | Connect your [Amazon AWS](quickstart-onboard-aws.md) and [Google GCP](quickstart-onboard-gcp.md) cloud resources to Defender for Cloud | Foundational CSPM (Free) |
 | [Cloud Security Posture Management (CSPM)](concept-cloud-security-posture-management.md) | Use the dashboard to see weaknesses in your security posture. | [Enable CSPM tools](enable-enhanced-security.md) | Foundational CSPM (Free) |
 | [Advanced Cloud Security Posture Management](concept-cloud-security-posture-management.md) | Get advanced tools to identify weaknesses in your security posture, including:</br>- Governance to drive actions to improve your security posture</br>- Regulatory compliance to verify compliance with security standards</br>- Cloud security explorer to build a comprehensive view of your environment | [Enable CSPM tools](enable-enhanced-security.md) | Defender CSPM |
@@ -66,7 +66,7 @@ When your environment is threatened, security alerts right away indicate the nat
 | Protect cloud databases | Protect your entire database estate with attack detection and threat response for the most popular database types in Azure to protect the database engines and data types, according to their attack surface and security risks. | [Deploy specialized protections for cloud and on-premises databases](quickstart-enable-database-protections.md) | - Defender for Azure SQL Databases</br>- Defender for SQL servers on machines</br>- Defender for Open-source relational databases</br>- Defender for Azure Cosmos DB |
 | Protect containers | Secure your containers so you can improve, monitor, and maintain the security of your clusters, containers, and their applications with environment hardening, vulnerability assessments, and run-time protection. | [Find security risks in your containers](defender-for-containers-introduction.md) | Defender for Containers |
 | [Infrastructure service insights](asset-inventory.md) | Diagnose weaknesses in your application infrastructure that can leave your environment susceptible to attack. | - [Identify attacks targeting applications running over App Service](defender-for-app-service-introduction.md)</br>- [Detect attempts to exploit Key Vault accounts](defender-for-key-vault-introduction.md)</br>- [Get alerted on suspicious Resource Manager operations](defender-for-resource-manager-introduction.md)</br>- [Expose anomalous DNS activities](defender-for-dns-introduction.md) | - Defender for App Service</br>- Defender for Key Vault</br>- Defender for Resource Manager</br>- Defender for DNS |
-| [Security alerts](alerts-overview.md) | Get informed of real-time events that threaten the security of your environment. Alerts are categorized and assigned severity levels to indicate proper responses. | [Manage security alerts]( managing-and-responding-alerts.md) | Any workload protection Defender plan |
+| [Security alerts](alerts-overview.md) | Get informed of real-time events that threaten the security of your environment. Alerts are categorized and assigned severity levels to indicate proper responses. | [Manage security alerts](managing-and-responding-alerts.md) | Any workload protection Defender plan |
 | [Security incidents](alerts-overview.md#what-are-security-incidents) | Correlate alerts to identify attack patterns and integrate with Security Information and Event Management (SIEM), Security Orchestration Automated Response (SOAR), and IT Service Management (ITSM) solutions to respond to threats and limit the risk to your resources. | [Export alerts to SIEM, SOAR, or ITSM systems](export-to-siem.md) | Any workload protection Defender plan |
 
 [!INCLUDE [Defender for DNS note](./includes/defender-for-dns-note.md)]

articles/defender-for-cloud/defender-for-containers-architecture.md

@@ -84,7 +84,7 @@ When you enable the agentless discovery for Kubernetes extension, the following
 
 These components are required in order to receive the full protection offered by Microsoft Defender for Containers:
 
-- **[Azure Arc-enabled Kubernetes](../azure-arc/kubernetes/overview.md)** - Azure Arc-enabled Kubernetes - An sensor based solution, installed on one node in the cluster, that connects your clusters to Defender for Cloud. Defender for Cloud is then able to deploy the following two agents as [Arc extensions](../azure-arc/kubernetes/extensions.md):
+- **[Azure Arc-enabled Kubernetes](../azure-arc/kubernetes/overview.md)** - Azure Arc-enabled Kubernetes - A sensor based solution, installed on one node in the cluster, that connects your clusters to Defender for Cloud. Defender for Cloud is then able to deploy the following two agents as [Arc extensions](../azure-arc/kubernetes/extensions.md):
 
 - **Defender sensor**: The DaemonSet that is deployed on each node, collects host signals using [eBPF technology](https://ebpf.io/) and Kubernetes audit logs, to provide runtime protection. The sensor is registered with a Log Analytics workspace, and used as a data pipeline. However, the audit log data isn't stored in the Log Analytics workspace. The Defender sensor is deployed as an Arc-enabled Kubernetes extension.
 

articles/defender-for-cloud/recommendations-reference-aws.md

@@ -800,7 +800,7 @@ RDS databases should have relevant logs enabled. Database logging provides detai
 
 ### [Disable direct internet access for Amazon SageMaker notebook instances](https://portal.azure.com/#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/0991c64b-ccf5-4408-aee9-2ef03d460020)
 
-**Description**: Direct internet access should be disabled for an SageMaker notebook instance.
+**Description**: Direct internet access should be disabled for a SageMaker notebook instance.
  This checks whether the 'DirectInternetAccess' field is disabled for the notebook instance.
  Your instance should be configured with a VPC and the default setting should be Disable - Access the internet through a VPC.
  In order to enable internet access to train or host models from a notebook, make sure that your VPC has a NAT gateway and your security group allows outbound connections. Ensure access to your SageMaker configuration is limited to only authorized users, and restrict users' IAM permissions to modify SageMaker settings and resources.

articles/defender-for-cloud/secret-scanning.md

@@ -126,7 +126,7 @@ Agentless secrets scanning for Azure VMs supports the following attack path scen
 
 Agentless secrets scanning for AWS instances supports the following attack path scenarios:
 
-- `Exposed Vulnerable EC2 instance has an insecure SSH private key that is used to authenticate to a EC2 instance`.
+- `Exposed Vulnerable EC2 instance has an insecure SSH private key that is used to authenticate to an EC2 instance`.
 
 - `Exposed Vulnerable EC2 instance has an insecure secret that are used to authenticate to a storage account`.
 

articles/defender-for-cloud/transition-to-defender-vulnerability-management.md

@@ -227,7 +227,7 @@ The workbook provides results from Microsoft Defender Vulnerability Management s
 
     :::image type="content" source="media/transition-to-defender-vulnerability-management/exploitable-vulnerabilities-dashboard.png" alt-text="Screenshot of exploitable vulnerabilities dashboard." lightbox="media/transition-to-defender-vulnerability-management/exploitable-vulnerabilities-dashboard.png":::
 
-- **Additional ARG queries**: You can use this workbook to view more examples of how to query ARG data between Qualys and Microsoft Defender Vulnerability Management. For more information on how to edit workbooks, see [Workbooks gallery in Microsoft Defender for Cloud]( custom-dashboards-azure-workbooks.md#workbooks-gallery-in-microsoft-defender-for-cloud).
+- **Additional ARG queries**: You can use this workbook to view more examples of how to query ARG data between Qualys and Microsoft Defender Vulnerability Management. For more information on how to edit workbooks, see [Workbooks gallery in Microsoft Defender for Cloud](custom-dashboards-azure-workbooks.md#workbooks-gallery-in-microsoft-defender-for-cloud).
 
 ## Next steps