acrolinx

Author: v-dirichards

articles/defender-for-cloud/risk-prioritization.md

@@ -24,7 +24,7 @@ Microsoft Defender for Cloud's resources and workloads are assessed against buil
 > [!NOTE]
 > Recommendations are included with the [Foundational CSPM plan](concept-cloud-security-posture-management.md#plan-availability) which is included with Defender for Cloud. However, risk prioritization and governance is supported only with the [Defender CSPM plan](concept-cloud-security-posture-management.md#plan-availability).
 >
-> If you environment is not protected by the Defender CSPM plan the columns with the risk prioritization features will appear blurred out.
+> If your environment is not protected by the Defender CSPM plan the columns with the risk prioritization features will appear blurred out.
 
 Different resources can have the same recommendation with different risk levels. For example, a recommendation to enable MFA on a user account can have a different risk level for different users. The risk level is determined by the risk factors of each resource, such as its configuration, network connections, and security posture. The risk level is calculated based on the potential impact of the security issue being breached, the categories of risk, and the attack path that the security issue is part of.
 
@@ -40,15 +40,15 @@ On this page you can review the:
 
 - **Risk factors** - Environmental factors of the resource affected by the recommendation, which influence the exploitability and the business impact of the underlying security issue. Examples for risk factors include internet exposure, sensitive data, lateral movement potential.
 
-- **Attack paths** - The number of attack paths that the recommendation is part of based on the security engine's search for all potential attack paths based on the resources that exist in the environment and relationship that exists between them. Each environment will present it's own unique attack paths.
+- **Attack paths** - The number of attack paths that the recommendation is part of based on the security engine's search for all potential attack paths based on the resources that exist in the environment and relationship that exists between them. Each environment will present its own unique attack paths.
 
 - **Owner** - The person the recommendation is assigned to.
 
 - **Status** - The current status of the recommendation. For example, unassigned, on time, overdue.
 
 - **Insights** - Information related to the recommendation such as, if it's in preview, if it can be denied, if there is a fix option available and more.
 
-    :::image type="content" source="media/risk-prioritization/recommendations-dashboard.png" alt-text="Screenshot of teh recommendations dashboard which shows recommendations prioritized by their risk." lightbox="media/risk-prioritization/recommendations-dashboard.png":::
+    :::image type="content" source="media/risk-prioritization/recommendations-dashboard.png" alt-text="Screenshot of the recommendations dashboard which shows recommendations prioritized by their risk." lightbox="media/risk-prioritization/recommendations-dashboard.png":::
 
 When you select a recommendation, you can view the details of the recommendation, including the description, attack paths, scope, freshness, last change date, owner, due date, severity, tactics & techniques, and more.
 
@@ -103,4 +103,4 @@ The risk level is determined by a context-aware risk-prioritization engine that
 - [Review security recommendations](review-security-recommendations.md)
 - [Remediate security recommendations](implement-security-recommendations.md)
 - [Drive remediation with governance rules](governance-rules.md)
-- [Automate remediation responses](workflow-automation.md)
+- [Automate remediation responses](workflow-automation.md)