Merge pull request #269738 from rayne-wiselman/rayne-azure-march20-2

adding new relnotes page

Author: PMEds28

.openpublishing.redirection.defender-for-cloud.json

@@ -1,5 +1,25 @@
 {
     "redirections": [
+        {
+            "source_path_from_root": "/articles/defender-for-cloud/recommendations-reference.md",
+            "redirect_url": "/azure/defender-for-cloud/security-policy-concept",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/defender-for-cloud/recommendations-reference-gcp.md",
+            "redirect_url": "/azure/defender-for-cloud/security-policy-concept",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/defender-for-cloud/recommendations-reference-aws.md",
+            "redirect_url": "/azure/defender-for-cloud/security-policy-concept",
+            "redirect_document_id": false
+        },
+        {
+            "source_path_from_root": "/articles/defender-for-cloud/upcoming-changes.md",
+            "redirect_url": "/azure/defender-for-cloud/release-notes",
+            "redirect_document_id": false
+        },
         {
             "source_path_from_root": "/articles/defender-for-cloud/secret-scanning.md",
             "redirect_url": "/azure/defender-for-cloud/secrets-scanning-servers",

articles/defender-for-cloud/TOC.yml

@@ -22,7 +22,7 @@ Agentless container posture provides the following capabilities:
 - **[Agentless vulnerability assessment](agentless-vulnerability-assessment-azure.md)** - provides vulnerability assessment for all container images, including recommendations for registry and runtime, near real-time scans of new images, daily refresh of results, exploitability insights, and more. Vulnerability information is added to the security graph for contextual risk assessment and calculation of attack paths, and hunting capabilities.
 - **[Attack path analysis](concept-attack-path.md)** - Contextual risk assessment exposes exploitable paths that attackers might use to breach your environment and are reported as attack paths to help prioritize posture issues that matter most in your environment.
 - **[Enhanced risk-hunting](how-to-manage-cloud-security-explorer.md)** - Enables security admins to actively hunt for posture issues in their containerized assets through queries (built-in and custom) and [security insights](attack-path-reference.md#insights) in the [security explorer](how-to-manage-cloud-security-explorer.md).
-- **Control plane hardening** - Defender for Cloud continuously assesses the configurations of your clusters and compares them with the initiatives applied to your subscriptions. When it finds misconfigurations, Defender for Cloud generates security recommendations that are available on Defender for Cloud's Recommendations page. The recommendations let you investigate and remediate issues. For details on the recommendations included with this capability, check out the [containers section](recommendations-reference.md#container-recommendations) of the recommendations reference table for recommendations of the type **control plane**.
+- **Control plane hardening** - Defender for Cloud continuously assesses the configurations of your clusters and compares them with the initiatives applied to your subscriptions. When it finds misconfigurations, Defender for Cloud generates security recommendations that are available on Defender for Cloud's Recommendations page. The recommendations let you investigate and remediate issues. For details on the recommendations included with this capability, check out the [container recommendations](recommendations-reference-container.md) of the type **control plane**.
 
 ## Next steps
 

articles/defender-for-cloud/concept-agentless-containers.md

@@ -7,7 +7,7 @@ author: dcurwin
 ms.date: 12/06/2023
 ---
 
-# Create rich, interactive reports of Defender for Cloud data by using workbooks
+# Create interactive reports with Azure Monitor workbooks
 
 [Azure workbooks](../azure-monitor/visualize/workbooks-overview.md) are flexible canvas that you can use to analyze data and create rich, visual reports in the Azure portal. In workbooks, you can access multiple data sources across Azure. Combine workbooks into unified, interactive experiences.
 
@@ -37,7 +37,7 @@ In Defender for Cloud, you can use integrated Azure workbooks functionality to b
 - [Vulnerability Assessment Findings workbook](#vulnerability-assessment-findings-workbook): View the findings of vulnerability scans of your Azure resources.
 - [Compliance Over Time workbook](#compliance-over-time-workbook): View the status of a subscription's compliance with regulatory standards or industry standards that you select.
 - [Active Alerts workbook](#active-alerts-workbook): View active alerts by severity, type, tag, MITRE ATT&CK tactics, and location.
-- Price Estimation workbook: View monthly, consolidated price estimations for Defender for Cloud plans based on the resource telemetry in your environment. The numbers are estimates that are based on retail prices and don't represent actual billing or invoice data.
+- Price Estimation workbook: View monthly, consolidated price estimations for plans in Defender for Cloud, based on the resource telemetry in your environment. The numbers are estimates that are based on retail prices and don't represent actual billing or invoice data.
 - Governance workbook: Use the governance report in the governance rules settings to track progress of the rules that affect your organization.
 - [DevOps Security (preview) workbook](#devops-security-workbook): View a customizable foundation that helps you visualize the state of your DevOps posture for the connectors that you set up.
 
@@ -169,9 +169,9 @@ To see more details about an alert, select the alert.
 
 :::image type="content" source="media/custom-dashboards-azure-workbooks/active-alerts-high.png" alt-text="Screenshot that shows all high-severity active alerts for a specific resource.":::
 
-The **MITRE ATT&CK tactics** tab lists alerts in the order of the kill chain and the number of alerts that the subscription has at each stage.
+The **MITRE ATT&CK tactics** tab lists alerts in the order of the "kill chain" and the number of alerts that the subscription has at each stage.
 
-:::image type="content" source="media/custom-dashboards-azure-workbooks/mitre-attack-tactics.png" alt-text="Screenshot that shows the order of the kill chain and the number of alerts.":::
+:::image type="content" source="media/custom-dashboards-azure-workbooks/mitre-attack-tactics.png" alt-text="Screenshot that shows the order of the chain and the number of alerts.":::
 
 You can see all the active alerts in a table and filter by columns.
 
@@ -280,4 +280,4 @@ This article describes the Defender for Cloud integrated Azure workbooks page th
 
 Built-in workbooks get their data from Defender for Cloud recommendations.
 
-- Learn about the many security recommendations in [Security recommendations: A reference guide](recommendations-reference.md).
+

articles/defender-for-cloud/custom-dashboards-azure-workbooks.md

@@ -53,9 +53,8 @@ Last called data (UTC): The date when API traffic was last observed going to/fro
 
 Use recommendations to improve your security posture, harden API configurations, identify critical API risks, and mitigate issues by risk priority.
 
-Defender for API provides a number of recommendations, including recommendations to onboard APIs to the Defender for API plan, disable and remove unused APIs, and best practice recommendations for security, authentication, and access control.
+Defender for API provides a [number of recommendations](recommendations-reference-api.md), including recommendations to onboard APIs to the Defender for API plan, disable and remove unused APIs, and best practice recommendations for security, authentication, and access control.
 
-[Review the recommendations reference](recommendations-reference.md).
 
 ## Detecting threats
 

articles/defender-for-cloud/defender-for-apis-introduction.md

@@ -42,7 +42,7 @@ Defender for Cloud identifies Azure Resource Manager based ACR registries in you
 
 **Microsoft Defender for container registries** includes a vulnerability scanner to scan the images in your Azure Resource Manager-based Azure Container Registry registries and provide deeper visibility into your images' vulnerabilities.
 
-When issues are found, you'll get notified in the workload protection dashboard. For every vulnerability, Defender for Cloud provides actionable recommendations, along with a severity classification, and guidance for how to remediate the issue. For details of Defender for Cloud's recommendations for containers, see the [reference list of recommendations](recommendations-reference.md#container-recommendations).
+When issues are found, you'll get notified in the workload protection dashboard. For every vulnerability, Defender for Cloud provides actionable recommendations, along with a severity classification, and guidance for how to remediate the issue. [Learn more](recommendations-reference-container.md) about container recommendations.
 
 Defender for Cloud filters and classifies findings from the scanner. When an image is healthy, Defender for Cloud marks it as such. Defender for Cloud generates security recommendations only for images that have issues to be resolved. Defender for Cloud provides details of each reported vulnerability and a severity classification. Additionally, it gives guidance for how to remediate the specific vulnerabilities found on each image.
 

articles/defender-for-cloud/defender-for-container-registries-introduction.md

@@ -7,7 +7,7 @@ ms.author: dacurwin
 ms.date: 01/09/2024
 ---
 
-# Overview of Container security in Microsoft Defender for Containers
+# Overview-Container protection in Defender for Cloud
 
 Microsoft Defender for Containers is a cloud-native solution to improve, monitor, and maintain the security of your containerized assets (Kubernetes clusters, Kubernetes nodes, Kubernetes workloads, container registries, container images and more), and their applications, across multicloud and on-premises environments.
 
@@ -50,7 +50,7 @@ You can learn more by watching this video from the Defender for Cloud in the Fie
 
   :::image type="content" source="media/defender-for-containers/resource-filter.png" alt-text="Screenshot showing you where the resource filter is located." lightbox="media/defender-for-containers/resource-filter.png":::
 
-  For details included with this capability, check out the [containers section](recommendations-reference.md#container-recommendations) of the recommendations reference table, and look for recommendations with type "Control plane"
+  For details included with this capability, review [container recommendations](recommendations-reference-container.md ), and look for recommendations with type "Control plane"
 
 ### Sensor-based capabilities
 

articles/defender-for-cloud/defender-for-containers-introduction.md

@@ -12,7 +12,7 @@ ms.date: 09/04/2023
 This page describes how to use Microsoft Defender for Cloud's set of security recommendations dedicated to Kubernetes data plane hardening.
 
 > [!TIP]
-> For a list of the security recommendations that might appear for Kubernetes clusters and nodes, see the [Container recommendations](recommendations-reference.md#container-recommendations) section of the recommendations reference table.
+> For a list of the security recommendations that might appear for Kubernetes clusters and nodes, review[container recommendations](recommendations-reference-container.md).
 
 ## Set up your workload protection
 
@@ -287,5 +287,5 @@ In this article, you learned how to configure Kubernetes data plane hardening.
 
 For related material, see the following pages:
 
-- [Defender for Cloud recommendations for compute](recommendations-reference.md#compute-recommendations)
+- [Defender for Cloud recommendations for compute](recommendations-reference-compute.md)
 - [Alerts for AKS cluster level](alerts-reference.md#alerts-for-containers---kubernetes-clusters)

articles/defender-for-cloud/kubernetes-workload-protections.md

@@ -78,11 +78,6 @@ landingContent:
         links:
           - text: How to connect AWS to Microsoft Defender for Cloud
             url: https://youtu.be/LHwgEFXT3kQ
-      - linkListType: reference
-        links:
-          - text: Security recommendations for AWS resources
-            url: recommendations-reference-aws.md
-
   # Card
   - title: Defend Google GCP resources
     linkLists:

articles/defender-for-cloud/multicloud.yml

@@ -16,10 +16,10 @@ Defender for Servers is one of the paid plans provided by [Microsoft Defender fo
 
 This article is the *fifth* article in the Defender for Servers planning guide. Before you begin, review the earlier articles:
 
-1. [Start planning your deployment](plan-defender-for-servers.md)
-1. [Understand where your data is stored and Log Analytics workspace requirements](plan-defender-for-servers-data-workspace.md)
-1. [Review Defender for Servers access roles](plan-defender-for-servers-roles.md)
-1. [Select a Defender for Servers plan](plan-defender-for-servers-select-plan.md)
+1. [Start planning your deployment](plan-defender-for-servers.md).
+1. [Understand where your data is stored and Log Analytics workspace requirements](plan-defender-for-servers-data-workspace.md).
+1. [Review Defender for Servers access roles](plan-defender-for-servers-roles.md).
+1. [Select a plan for Defender for Servers](plan-defender-for-servers-select-plan.md).
 
 ## Review Azure Arc requirements
 
@@ -61,7 +61,7 @@ The following table describes the agents that are used in Defender for Servers:
 Feature | Log Analytics agent | Azure Monitor agent
 --- | --- | ---
 Foundational CSPM recommendations (free) that depend on the agent: [OS baseline recommendation](apply-security-baseline.md) (Azure VMs) | :::image type="icon" source="./media/icons/yes-icon.png" :::| :::image type="icon" source="./media/icons/yes-icon.png" :::<br/><br/> With the Azure Monitor agent, the Azure Policy [guest configuration extension](../virtual-machines/extensions/guest-configuration.md) is used.
-Foundational CSPM: [System updates recommendations](recommendations-reference.md#compute-recommendations) (Azure VMs) | :::image type="icon" source="./media/icons/yes-icon.png" ::: | Not yet available.
+Foundational CSPM: [System updates recommendations](recommendations-reference-compute.md) (Azure VMs) | :::image type="icon" source="./media/icons/yes-icon.png" ::: | Not yet available.
 Foundational CSPM: [Antimalware/endpoint protection recommendations](endpoint-protection-recommendations-technical.md) (Azure VMs) | :::image type="icon" source="./media/icons/yes-icon.png" ::: | :::image type="icon" source="./media/icons/yes-icon.png" :::
 Attack detection at the OS level and network layer, including fileless attack detection<br/><br/> Plan 1 relies on Defender for Endpoint capabilities for attack detection. | :::image type="icon" source="./media/icons/yes-icon.png" :::<br/><br/> Plan 2| :::image type="icon" source="./media/icons/yes-icon.png" :::<br/><br/> Plan 2
 File integrity monitoring (Plan 2 only)  | :::image type="icon" source="./media/icons/yes-icon.png" ::: | :::image type="icon" source="./media/icons/yes-icon.png" :::
@@ -110,7 +110,7 @@ Before you deploy Defender for Servers, verify operating system support for agen
 
 ## Review agent provisioning
 
-When you enable Defender for Cloud plans, including Defender for Servers, you can choose to automatically provision some agents that are relevant for Defender for Servers:
+When you enable plans in Defender for Cloud, including Defender for Servers, you can choose to automatically provision some agents that are relevant for Defender for Servers:
 
 - Log Analytics agent and Azure Monitor agent for Azure VMs
 - Log Analytics agent and Azure Monitor agent for Azure Arc VMs
@@ -146,7 +146,7 @@ You want to configure a custom workspace | Log Analytics agent, Azure Monitor ag
 
 After working through these planning steps, you can start deployment:
 
-- [Enable Defender for Servers](enable-enhanced-security.md) plans
+- [Enable plans in Defender for Servers](enable-enhanced-security.md)
 - [Connect on-premises machines](quickstart-onboard-machines.md) to Azure.
 - [Connect AWS accounts](quickstart-onboard-aws.md) to Defender for Cloud.
 - [Connect GCP projects](quickstart-onboard-gcp.md) to Defender for Cloud.