MicrosoftDocs
diff --git a/‎articles/security-center/TOC.yml
Lines changed: 3 additions & 3 deletions b/‎articles/security-center/TOC.yml
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/security-center/alerts-schemas.md
Lines changed: 8 additions & 8 deletions b/‎articles/security-center/alerts-schemas.md
Lines changed: 8 additions & 8 deletions
diff --git a/‎articles/security-center/alerts-suppression-rules.md
Lines changed: 1 addition & 1 deletion b/‎articles/security-center/alerts-suppression-rules.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/security-center/asset-inventory.md
Lines changed: 6 additions & 6 deletions b/‎articles/security-center/asset-inventory.md
Lines changed: 6 additions & 6 deletions
diff --git a/‎articles/security-center/continuous-export.md
Lines changed: 9 additions & 9 deletions b/‎articles/security-center/continuous-export.md
Lines changed: 9 additions & 9 deletions
diff --git a/‎articles/security-center/custom-security-policies.md
Lines changed: 3 additions & 3 deletions b/‎articles/security-center/custom-security-policies.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/security-center/defender-for-container-registries-usage.md
Lines changed: 1 addition & 1 deletion b/‎articles/security-center/defender-for-container-registries-usage.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/security-center/defender-for-sql-introduction.md
Lines changed: 2 additions & 2 deletions b/‎articles/security-center/defender-for-sql-introduction.md
Lines changed: 2 additions & 2 deletions
@@ -259,7 +259,7 @@
 - name: Reference
   items:
   - name: REST APIs
-    href: https://docs.microsoft.com/rest/api/securitycenter/
+    href: /rest/api/securitycenter/
   - name: FAQ for Azure Security Center
     items:
     - name: General questions
@@ -288,9 +288,9 @@
   - name: Manage user data
     href: security-center-privacy.md
   - name: Azure Defender for IoT documentation
-    href: https://docs.microsoft.com/azure/asc-for-iot/
+    href: /azure/asc-for-iot/
   - name: Azure security documentation
-    href: /azure/security/
+    href: ../security/index.yml
   - name: Azure updates
     href: https://azure.microsoft.com/updates/?category=security-identity
   - name: Readiness Roadmap
 
@@ -20,9 +20,9 @@ If your subscription has Azure Defender enabled, you'll receive security alerts
 
 You can view these security alerts in Azure Security Center's **Threat Protection** pages, or through external tools such as:
 
-- [Azure Sentinel](https://docs.microsoft.com/azure/sentinel/) - Microsoft's cloud-native SIEM. The Sentinel Connector gets alerts from Azure Security Center and sends them to the [Log Analytics workspace](https://docs.microsoft.com/azure/azure-monitor/learn/quick-create-workspace) for Azure Sentinel.
-- Third-party SIEMs - Use Security Center's [continuous export](continuous-export.md) tools to send data to [Azure Event Hubs](https://docs.microsoft.com/azure/event-hubs/). Then integrate your Event Hub data with a third-party SIEM.
-- [The REST API](https://docs.microsoft.com/rest/api/securitycenter/) - If you're using the REST API to access alerts, see the [online Alerts API documentation](https://docs.microsoft.com/rest/api/securitycenter/alerts).
+- [Azure Sentinel](../sentinel/index.yml) - Microsoft's cloud-native SIEM. The Sentinel Connector gets alerts from Azure Security Center and sends them to the [Log Analytics workspace](../azure-monitor/learn/quick-create-workspace.md) for Azure Sentinel.
+- Third-party SIEMs - Use Security Center's [continuous export](continuous-export.md) tools to send data to [Azure Event Hubs](../event-hubs/index.yml). Then integrate your Event Hub data with a third-party SIEM.
+- [The REST API](/rest/api/securitycenter/) - If you're using the REST API to access alerts, see the [online Alerts API documentation](/rest/api/securitycenter/alerts).
 
 If you're using any programmatic methods to consume the alerts, you'll need the correct schema to find the fields that are relevant to you. Also, if you're exporting to an Event Hub or trying to trigger Workflow Automation with generic HTTP connectors, use the schemas to properly parse the JSON objects.
 
@@ -56,7 +56,7 @@ The Sentinel Connector gets alerts from Azure Security Center and sends them to
 
 To create a Sentinel case or incident using Security Center alerts, you'll need the schema for those alerts shown below. 
 
-For more information about Azure Sentinel, see [the documentation](https://docs.microsoft.com/azure/sentinel/).
+For more information about Azure Sentinel, see [the documentation](../sentinel/index.yml).
 
 [!INCLUDE [Sentinel and workspace schema](../../includes/security-center-alerts-schema-log-analytics-workspace.md)]
 
@@ -168,7 +168,7 @@ You can view the security alerts events in Activity Log by searching for the Act
 
 Microsoft Graph is the gateway to data and intelligence in Microsoft 365. It provides a unified programmability model that you can use to access the tremendous amount of data in Microsoft 365, Windows 10, and Enterprise Mobility + Security. Use the wealth of data in Microsoft Graph to build apps for organizations and consumers that interact with millions of users.
 
-The schema and a JSON representation for security alerts sent to MS Graph, are available in [the Microsoft Graph documentation](https://docs.microsoft.com/graph/api/resources/alert?view=graph-rest-1.0&preserve-view=true).
+The schema and a JSON representation for security alerts sent to MS Graph, are available in [the Microsoft Graph documentation](/graph/api/resources/alert?preserve-view=true&view=graph-rest-1.0).
 
 ---
 
@@ -179,7 +179,7 @@ This article described the schemas that Azure Security Center's threat protectio
 
 For more information on the ways to access security alerts from outside Security Center, see the following pages:
 
-- [Azure Sentinel](https://docs.microsoft.com/azure/sentinel/) - Microsoft's cloud-native SIEM
-- [Azure Event Hubs](https://docs.microsoft.com/azure/event-hubs/) - Microsoft's fully managed, real-time data ingestion service
+- [Azure Sentinel](../sentinel/index.yml) - Microsoft's cloud-native SIEM
+- [Azure Event Hubs](../event-hubs/index.yml) - Microsoft's fully managed, real-time data ingestion service
 - Security Center's [continuous export feature](continuous-export.md)
-- [Log Analytics workspaces](https://docs.microsoft.com/azure/azure-monitor/learn/quick-create-workspace) - Azure Monitor stores log data in a Log Analytics workspace, a container that includes data and configuration information
+- [Log Analytics workspaces](../azure-monitor/learn/quick-create-workspace.md) - Azure Monitor stores log data in a Log Analytics workspace, a container that includes data and configuration information
@@ -134,7 +134,7 @@ The relevant HTTP methods for suppression rules in the REST API are:
 
 - **DELETE**: Deletes an existing rule (but doesn't change the status of alerts already dismissed by it).
 
-For full details and usage examples, see the [API documentation](https://docs.microsoft.com/rest/api/securitycenter/). 
+For full details and usage examples, see the [API documentation](/rest/api/securitycenter/). 
 
 
 ## Next steps
 
@@ -63,22 +63,22 @@ The inventory page provides the following tools:
     ![Inventory's export options](./media/asset-inventory/inventory-export-options.png)
 
     > [!TIP]
-    > The KQL documentation provides a database with some sample data together with some simple queries to get the "feel" for the language. [Learn more in this KQL tutorial](https://docs.microsoft.com/azure/data-explorer/kusto/query/tutorial?pivots=azuredataexplorer).
+    > The KQL documentation provides a database with some sample data together with some simple queries to get the "feel" for the language. [Learn more in this KQL tutorial](/azure/data-explorer/kusto/query/tutorial?pivots=azuredataexplorer).
 
 - **Asset management options** - Inventory lets you perform complex discovery queries. When you've found the resources that match your queries, inventory provides shortcuts for operations such as:
 
     - Assign tags to the filtered resources - select the checkboxes alongside the resources you want to tag.
     - Onboard new servers to Security Center - use the **Add non-Azure servers** toolbar button.
-    - Automate workloads with Azure Logic Apps - use the **Trigger Logic App** button to run a logic app on one or more resources. Your logic apps have to be prepared in advance, and accept the relevant trigger type (HTTP request). [Learn more about logic apps](https://docs.microsoft.com/azure/logic-apps/logic-apps-overview).
+    - Automate workloads with Azure Logic Apps - use the **Trigger Logic App** button to run a logic app on one or more resources. Your logic apps have to be prepared in advance, and accept the relevant trigger type (HTTP request). [Learn more about logic apps](../logic-apps/logic-apps-overview.md).
 
 
 ## How does asset inventory work?
 
-Asset inventory utilizes [Azure Resource Graph (ARG)](https://docs.microsoft.com/azure/governance/resource-graph/), an Azure service that provides the ability to query Security Center's security posture data across multiple subscriptions.
+Asset inventory utilizes [Azure Resource Graph (ARG)](../governance/resource-graph/index.yml), an Azure service that provides the ability to query Security Center's security posture data across multiple subscriptions.
 
 ARG is designed to provide efficient resource exploration with the ability to query at scale.
 
-Using the [Kusto Query Language (KQL)](https://docs.microsoft.com/azure/data-explorer/kusto/query/), asset inventory can quickly produce deep insights by cross-referencing ASC data with other resource properties.
+Using the [Kusto Query Language (KQL)](/azure/data-explorer/kusto/query/), asset inventory can quickly produce deep insights by cross-referencing ASC data with other resource properties.
 
 
 ## How to use asset inventory
@@ -151,5 +151,5 @@ This article described the asset inventory page of Azure Security Center.
 
 For more information on related tools, see the following pages:
 
-- [Azure Resource Graph (ARG)](https://docs.microsoft.com/azure/governance/resource-graph/)
-- [Kusto Query Language (KQL)](https://docs.microsoft.com/azure/data-explorer/kusto/query/)
+- [Azure Resource Graph (ARG)](../governance/resource-graph/index.yml)
+- [Kusto Query Language (KQL)](/azure/data-explorer/kusto/query/)
@@ -76,7 +76,7 @@ The steps below are necessary whether you're setting up a continuous export to L
 
 ### Configure continuous export using the REST API
 
-Continuous export can be configured and managed via the Azure Security Center [automations API](https://docs.microsoft.com/rest/api/securitycenter/automations). Use this API to create or update rules for exporting to any of the following possible destinations:
+Continuous export can be configured and managed via the Azure Security Center [automations API](/rest/api/securitycenter/automations). Use this API to create or update rules for exporting to any of the following possible destinations:
 
 - Azure Event Hub
 - Log Analytics workspace
@@ -93,7 +93,7 @@ The API provides additional functionality not available from the Azure portal, f
     > [!TIP]
     > If you've set up multiple export configurations using the API, or if you've used API-only parameters, those extra features will not be displayed in the Security Center UI. Instead, there'll be a banner informing you that other configurations exist.
 
-Learn more about the automations API in the [REST API documentation](https://docs.microsoft.com/rest/api/securitycenter/automations).
+Learn more about the automations API in the [REST API documentation](/rest/api/securitycenter/automations).
 
 
 
@@ -159,7 +159,7 @@ To view the event schemas of the exported data types, visit the [Log Analytics t
 
 ##  View exported alerts and recommendations in Azure Monitor
 
-In some cases, you may choose to view the exported Security Alerts and/or recommendations in [Azure Monitor](https://docs.microsoft.com/azure/azure-monitor/platform/alerts-overview). 
+In some cases, you may choose to view the exported Security Alerts and/or recommendations in [Azure Monitor](../azure-monitor/platform/alerts-overview.md). 
 
 Azure Monitor provides a unified alerting experience for a variety of Azure alerts including Diagnostic Log, Metric alerts, and custom alerts based on Log Analytics workspace queries.
 
@@ -169,13 +169,13 @@ To view alerts and recommendations from Security Center in Azure Monitor, config
 
     ![Azure Monitor's alerts page](./media/continuous-export/azure-monitor-alerts.png)
 
-1. In the create rule page, configure your new rule (in the same way you'd configure a [log alert rule in Azure Monitor](https://docs.microsoft.com/azure/azure-monitor/platform/alerts-unified-log)):
+1. In the create rule page, configure your new rule (in the same way you'd configure a [log alert rule in Azure Monitor](../azure-monitor/platform/alerts-unified-log.md)):
 
     * For **Resource**, select the Log Analytics workspace to which you exported security alerts and recommendations.
 
     * For **Condition**, select **Custom log search**. In the page that appears, configure the query, lookback period, and frequency period. In the search query, you can type *SecurityAlert* or *SecurityRecommendation* to query the data types that Security Center continuously exports to as you enable the Continuous export to Log Analytics feature. 
 
-    * Optionally, configure the [Action Group](https://docs.microsoft.com/azure/azure-monitor/platform/action-groups) that you'd like to trigger. Action groups can trigger email sending, ITSM tickets, WebHooks, and more.
+    * Optionally, configure the [Action Group](../azure-monitor/platform/action-groups.md) that you'd like to trigger. Action groups can trigger email sending, ITSM tickets, WebHooks, and more.
     ![Azure Monitor alert rule](./media/continuous-export/azure-monitor-alert-rule.png)
 
 You'll now see new Azure Security Center alerts or recommendations (depending on your configured continuous export rules and the condition you defined in your Azure Monitor alert rule) in Azure Monitor alerts, with automatic triggering of an action group (if provided).
@@ -210,7 +210,7 @@ In this article, you learned how to configure continuous exports of your recomme
 For related material, see the following documentation: 
 
 - Learn more about [workflow automation templates](https://github.com/Azure/Azure-Security-Center/tree/master/Workflow%20automation).
-- [Azure Event Hubs documentation](https://docs.microsoft.com/azure/event-hubs/)
-- [Azure Sentinel documentation](https://docs.microsoft.com/azure/sentinel/)
-- [Azure Monitor documentation](https://docs.microsoft.com/azure/azure-monitor/)
-- [Export data types schemas](https://aka.ms/ASCAutomationSchemas)
+- [Azure Event Hubs documentation](../event-hubs/index.yml)
+- [Azure Sentinel documentation](../sentinel/index.yml)
+- [Azure Monitor documentation](../azure-monitor/index.yml)
+- [Export data types schemas](https://aka.ms/ASCAutomationSchemas)
@@ -19,7 +19,7 @@ To help secure your systems and environment, Azure Security Center generates sec
 
 With this feature, you can add your own *custom* initiatives. You'll then receive recommendations if your environment doesn't follow the policies you create. Any custom initiatives you create will appear alongside the built-in initiatives in the regulatory compliance dashboard, as described in the tutorial [Improve your regulatory compliance](security-center-compliance-dashboard.md).
 
-As discussed in [the Azure Policy documentation](https://docs.microsoft.com/azure/governance/policy/concepts/definition-structure#definition-location), when you specify a location for your custom initiative, it must be a management group or a subscription. 
+As discussed in [the Azure Policy documentation](../governance/policy/concepts/definition-structure.md#definition-location), when you specify a location for your custom initiative, it must be a management group or a subscription. 
 
 ## To add a custom initiative to your subscription 
 
@@ -134,7 +134,7 @@ Below is an example of a custom policy including the metadata/securityCenter pro
 }
   ```
 
-For another example of using the securityCenter property, see [this section of the REST API documentation](https://docs.microsoft.com/rest/api/securitycenter/assessmentsmetadata/createinsubscription#examples).
+For another example of using the securityCenter property, see [this section of the REST API documentation](/rest/api/securitycenter/assessmentsmetadata/createinsubscription#examples).
 
 
 ## Next steps
@@ -144,4 +144,4 @@ In this article, you learned how to create custom security policies.
 For other related material, see the following articles: 
 
 - [The overview of security policies](tutorial-security-policy.md)
-- [A list of the built-in security policies](security-center-policy-definitions.md)
+- [A list of the built-in security policies](./policy-reference.md)
@@ -25,7 +25,7 @@ When the scanner reports vulnerabilities to Security Center, Security Center pre
 |Release state:|Generally available (GA)|
 |Pricing:|**Azure Defender for container registries** is billed as shown on [the pricing page](security-center-pricing.md)|
 |Supported registries and images:|![Yes](./media/icons/yes-icon.png) Linux-hosted ACR registries that are accessible from the public internet and provide shell access.<br>![No](./media/icons/no-icon.png) Windows-hosted ACR registries.<br>![No](./media/icons/no-icon.png) 'Private' registries - Security Center requires your registries to be accessible from the public internet. Security Center can't currently connect to, or scan, registries with access limited with a firewall, a service endpoint, or private endpoints such as Azure Private Link.<br>![No](./media/icons/no-icon.png) Super minimalist images such as [Docker scratch](https://hub.docker.com/_/scratch/) images, or "Distroless" images that only contain an application and its runtime dependencies without a package manager, shell, or OS.|
-|Required roles and permissions:|**Security reader** and [Azure Container Registry reader role](https://docs.microsoft.com/azure/container-registry/container-registry-roles)|
+|Required roles and permissions:|**Security reader** and [Azure Container Registry reader role](../container-registry/container-registry-roles.md)|
 |Clouds:|![Yes](./media/icons/yes-icon.png) Commercial clouds<br>![No](./media/icons/no-icon.png) National/Sovereign (US Gov, China Gov, Other Gov)|
 |||
 
 
@@ -13,7 +13,7 @@ manager: rkarlin
 
 # Introduction to Azure Defender for SQL
 
-Azure Defender for SQL includes two Azure Defender plans that extend Azure Security Center's [data security package](../azure-sql/database/advanced-data-security.md) to secure your databases and their data wherever they're located. 
+Azure Defender for SQL includes two Azure Defender plans that extend Azure Security Center's [data security package](../azure-sql/database/azure-defender-for-sql.md) to secure your databases and their data wherever they're located. 
 
 ## Availability
 
@@ -65,5 +65,5 @@ In this article, you learned about Azure Defender for SQL.
 For related material, see the following articles: 
 
 - [How to enable Azure Defender for SQL servers on machines](defender-for-sql-usage.md)
-- [How to enable Azure Defender for SQL database servers](../azure-sql/database/advanced-data-security.md)
+- [How to enable Azure Defender for SQL database servers](../azure-sql/database/azure-defender-for-sql.md)
 - [The list of Azure Defender alerts for SQL](alerts-reference.md#alerts-sql-db-and-warehouse)