Fix formatting

Author: David Curwin

articles/defender-for-cloud/other-threat-protections.md

@@ -1,6 +1,6 @@
 ---
 title: Other threat protections
-description: Learn about the threat protections available from Microsoft Defender for Cloud
+description: Learn about the threat protections available from Microsoft Defender for Cloud.
 ms.topic: overview
 ms.date: 05/22/2023
 ---
@@ -35,23 +35,22 @@ For a list of the Azure network layer alerts, see the [Reference table of alerts
 
 Azure Application Gateway offers a web application firewall (WAF) that provides centralized protection of your web applications from common exploits and vulnerabilities.
 
-Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. The Application Gateway WAF is based on Core Rule Set 3.2 or higher from the Open Web Application Security Project. The WAF is updated automatically to protect against new vulnerabilities. 
+Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities. The Application Gateway WAF is based on Core Rule Set 3.2 or higher from the Open Web Application Security Project. The WAF is updated automatically to protect against new vulnerabilities.
 
-If you have created [WAF Security solution](partner-integration.md#add-data-sources), your WAF alerts are streamed to Defender for Cloud with no other configurations. For more information on the alerts generated by WAF, see [Web application firewall CRS rule groups and rules](../web-application-firewall/ag/application-gateway-crs-rulegroups-rules.md?tabs=owasp31#crs911-31).
+If you created [WAF Security solution](partner-integration.md#add-data-sources), your WAF alerts are streamed to Defender for Cloud with no other configurations. For more information on the alerts generated by WAF, see [Web application firewall CRS rule groups and rules](../web-application-firewall/ag/application-gateway-crs-rulegroups-rules.md?tabs=owasp31#crs911-31).
 
 > [!NOTE]
 > Only WAF v1 is supported and will work with Microsoft Defender for Cloud.
 
-To deploy Azure's Application Gateway WAF, do the following:
+To deploy Azure's Application Gateway WAF, do the following steps:
 
 1. From the Azure portal, open **Defender for Cloud**.
 
 1. From Defender for Cloud's menu, select **Security solutions**.
 
 1. In the **Add data sources** section, select **Add** for Azure's Application Gateway WAF.
 
-    :::image type="content" source="media/other-threat-protections/deploy-azure-waf.png" alt-text="Screenshot showing where to select add to deploy WAF." lightbox="media/other-threat-protections/deploy-azure-waf.png"::: 
-
+    :::image type="content" source="media/other-threat-protections/deploy-azure-waf.png" alt-text="Screenshot showing where to select add to deploy WAF." lightbox="media/other-threat-protections/deploy-azure-waf.png":::
 
 <a name="azure-ddos"></a>
 
@@ -67,13 +66,14 @@ If you have Azure DDoS Protection enabled, your DDoS alerts are streamed to Defe
 
 ## Microsoft Entra Permissions Management (formerly Cloudknox)
 
-[Microsoft Entra Permissions Management](../active-directory/cloud-infrastructure-entitlement-management/index.yml) is a cloud infrastructure entitlement management (CIEM) solution. Microsoft Entra Permission Management provides comprehensive visibility and control over permissions for any identity and any resource in Azure, AWS, and GCP. 
- 
+[Microsoft Entra Permissions Management](../active-directory/cloud-infrastructure-entitlement-management/index.yml) is a cloud infrastructure entitlement management (CIEM) solution. Microsoft Entra Permission Management provides comprehensive visibility and control over permissions for any identity and any resource in Azure, AWS, and GCP.
+
 As part of the integration, each onboarded Azure subscription, AWS account, and GCP project give you a view of your [Permission Creep Index (PCI)](../active-directory/cloud-infrastructure-entitlement-management/ui-dashboard.md). The PCI is an aggregated metric that periodically evaluates the level of risk associated with the number of unused or excessive permissions across identities and resources. PCI measures how risky identities can potentially be, based on the permissions available to them.
 
-:::image type="content" source="media/other-threat-protections/permission-creep-index.png" alt-text="Screenshot of the three associated permission creed index recommendations for Azure, AWS and GCP." lightbox="media/other-threat-protections/permission-creep-index.png":::
+:::image type="content" source="media/other-threat-protections/permission-creep-index.png" alt-text="Screenshot of the three associated permission creed index recommendations for Azure, AWS, and GCP." lightbox="media/other-threat-protections/permission-creep-index.png":::
 
 ## Next steps
+
 To learn more about the security alerts from these threat protection features, see the following articles:
 
 - [Reference table for all Defender for Cloud alerts](alerts-reference.md)

articles/defender-for-cloud/overview-page.md

@@ -1,23 +1,21 @@
 ---
 title: Review cloud security posture in Microsoft Defender for Cloud
-description: Learn about cloud security posture in Microsoft Defender for Cloud
+description: Learn about cloud security posture in Microsoft Defender for Cloud.
 ms.date: 11/02/2023
 ms.topic: conceptual
 ---
 
-# Review cloud security posture 
+# Review cloud security posture
 
-Microsoft Defender for Cloud provides a unified view into the security posture of hybrid cloud workloads with the 
-interactive **Overview** dashboard. Select any element on the dashboard to get more information.
+Microsoft Defender for Cloud provides a unified view into the security posture of hybrid cloud workloads with the interactive **Overview** dashboard. Select any element on the dashboard to get more information.
 
 :::image type="content" source="./media/overview-page/overview-07-2023.png" alt-text="Screenshot of Defender for Cloud's overview page." lightbox="./media/overview-page/overview-07-2023.png":::
 
 ## Metrics
 
-
 The **top menu bar** offers:
 
-- **Subscriptions** - You can view and filter the list of subscriptions by selecting this button. Defender for Cloud will adjust the display to reflect the security posture of the selected subscriptions.
+- **Subscriptions** - You can view and filter the list of subscriptions by selecting this button. Defender for Cloud adjusts the display to reflect the security posture of the selected subscriptions.
 - **What's new** - Opens the [release notes](release-notes.md) so you can keep up to date with new features, bug fixes, and deprecated functionality.
 - **High-level numbers** for the connected cloud accounts, showing the context of the information in the main tiles, and the number of assessed resources, active recommendations, and security alerts. Select the assessed resources number to access [Asset inventory](asset-inventory.md). Learn more about connecting your [AWS accounts](quickstart-onboard-aws.md) and your [GCP projects](quickstart-onboard-gcp.md).
 
@@ -29,8 +27,8 @@ The center of the page displays the **feature tiles**, each linking to a high pr
 
 - **Security posture** - Defender for Cloud continually assesses your resources, subscriptions, and organization for security issues. It then aggregates all the findings into a single score so that you can understand, at a glance, your current security situation: the higher the score, the lower the identified risk level. [Learn more](secure-score-security-controls.md).
 - **Workload protections** - This is the cloud workload protection platform (CWPP) integrated within Defender for Cloud for advanced, intelligent protection of your workloads running on Azure, on-premises machines, or other cloud providers. For each resource type, there's a corresponding Microsoft Defender plan. The tile shows the coverage of your connected resources (for the currently selected subscriptions) and the recent alerts, color-coded by severity. Learn more about [the Defender plans](defender-for-cloud-introduction.md#protect-cloud-workloads).
-- **Regulatory compliance** - Based on continuous assessments of your hybrid and multi-cloud resources, Defender for Cloud provides insights into your compliance with the standards that matter to your organization. Defender for Cloud analyzes risk factors in your environment according to security best practices. These assessments are mapped to compliance controls from a supported set of standards. [Learn more](regulatory-compliance-dashboard.md).
-- **Inventory** - The asset inventory page of Microsoft Defender for Cloud provides a single page for viewing the security posture of the resources you've connected to Microsoft Defender for Cloud. All resources with unresolved security recommendations are shown in the inventory. If you've enabled the integration with Microsoft Defender for Endpoint and enabled Microsoft Defender for Servers, you'll also have access to a software inventory. The tile on the overview page shows you at a glance the total healthy and unhealthy resources (for the currently selected subscriptions). [Learn more](asset-inventory.md).
+- **Regulatory compliance** - Based on continuous assessments of your hybrid and multicloud resources, Defender for Cloud provides insights into your compliance with the standards that matter to your organization. Defender for Cloud analyzes risk factors in your environment according to security best practices. These assessments are mapped to compliance controls from a supported set of standards. [Learn more](regulatory-compliance-dashboard.md).
+- **Inventory** - The asset inventory page of Microsoft Defender for Cloud provides a single page for viewing the security posture of the resources you connected to Microsoft Defender for Cloud. All resources with unresolved security recommendations are shown in the inventory. If you enabled the integration with Microsoft Defender for Endpoint and enabled Microsoft Defender for Servers, you also have access to a software inventory. The tile on the overview page shows you at a glance the total healthy and unhealthy resources (for the currently selected subscriptions). [Learn more](asset-inventory.md).
 
 ## Insights
 
@@ -44,6 +42,5 @@ The **Insights** pane offers customized items for your environment including:
 ## Next steps
 
 - [Learn more](concept-cloud-security-posture-management.md) about cloud security posture management.
-- [Learn more](security-policy-concept.md) about security standards and recommendations
-- [Review your asset inventory](asset-inventory.md)
-
+- [Learn more](security-policy-concept.md) about security standards and recommendations.
+- [Review your asset inventory](asset-inventory.md).

articles/defender-for-cloud/plan-defender-for-servers-select-plan.md

@@ -94,4 +94,3 @@ A couple of vulnerability assessment options are available in Defender for Serve
 ## Next steps
 
 After you work through these planning steps, [review Azure Arc and agent and extension requirements](plan-defender-for-servers-agents.md).
-

articles/defender-for-cloud/plan-defender-for-servers.md

@@ -42,7 +42,7 @@ The following table shows an overview of the Defender for Servers deployment pro
 | Enable Defender for Servers | • When you enable a paid plan, Defender for Cloud enables the *Security* solution on its default workspace.<br /><br />• Enable Defender for Servers Plan 1 (subscription only) or Plan 2 (subscription and workspace).<br /><br />• After enabling a plan, decide how you want to install agents and extensions on Azure VMs in the subscription or workgroup.<br /><br />•By default, auto-provisioning is enabled for some extensions. |
 | Protect AWS/GCP machines    | • For a Defender for Servers deployment, you set up a connector, turn off plans you don't need, configure auto-provisioning settings, authenticate to AWS/GCP, and deploy the settings.<br /><br />• Auto-provisioning includes the agents used by Defender for Cloud and the Azure Connected Machine agent for onboarding to Azure with Azure Arc.<br /><br />• AWS uses a CloudFormation template.<br /><br />• GCP uses a Cloud Shell template.<br /><br />• Recommendations start appearing in the portal. |
 | Protect on-premises servers | • Onboard them as Azure Arc machines and deploy agents with automation provisioning. |
-| Foundational CSPM           | • There are no charges when you use foundational CSPM with no plans enabled.<br /><br />• AWS/GCP machines don't need to be set up with Azure Arc for foundational CSPM. On-premises machines do.<br /><br />• Some foundational recommendations rely only agents: Antimalware / endpoint protection (Log Analytics agent or Azure Monitor agent) \| OS baselines recommendations (Log Analytics agent or Azure Monitor agent and Guest Configuration extension) \| 
+| Foundational CSPM           | • There are no charges when you use foundational CSPM with no plans enabled.<br /><br />• AWS/GCP machines don't need to be set up with Azure Arc for foundational CSPM. On-premises machines do.<br /><br />• Some foundational recommendations rely only agents: Antimalware / endpoint protection (Log Analytics agent or Azure Monitor agent) \| OS baselines recommendations (Log Analytics agent or Azure Monitor agent and Guest Configuration extension) \||
 
 - Learn more about [foundational cloud security posture management (CSPM)](concept-cloud-security-posture-management.md).
 - Learn more about [Azure Arc](../azure-arc/index.yml) onboarding.

articles/defender-for-cloud/plan-multicloud-security-determine-ownership-requirements.md

@@ -21,7 +21,7 @@ Depending on the size of your organization, separate teams will manage [security
 
 | Security function | Details |
 |---|---|
-|[Security Operations (SecOps)](/azure/cloud-adoption-framework/organize/cloud-security-operations-center) | Reducing organizational risk by reducing the time in which bad actors have access to corporate resources. Reactive detection, analysis, response and remediation of attacks. Proactive threat hunting.  
+|[Security Operations (SecOps)](/azure/cloud-adoption-framework/organize/cloud-security-operations-center) | Reducing organizational risk by reducing the time in which bad actors have access to corporate resources. Reactive detection, analysis, response and remediation of attacks. Proactive threat hunting. |
 | [Security architecture](/azure/cloud-adoption-framework/organize/cloud-security-architecture)| Security design summarizing and documenting the components, tools, processes, teams, and technologies that protect your business from risk.|
 |[Security compliance management](/azure/cloud-adoption-framework/organize/cloud-security-compliance-management)| Processes that ensure the organization is compliant with regulatory requirements and internal policies.|
 |[People security](/azure/cloud-adoption-framework/organize/cloud-security-people)|Protecting the organization from human risk to security.|
@@ -31,7 +31,7 @@ Depending on the size of your organization, separate teams will manage [security
 |[Identity and key management](/azure/cloud-adoption-framework/organize/cloud-security-identity-keys)|Authenticating and authorizing users, services, devices, and apps. Provide secure distribution and access for cryptographic operations.|
 |[Threat intelligence](/azure/cloud-adoption-framework/organize/cloud-security-threat-intelligence)| Making decisions and acting on security threat intelligence that provides context and actionable insights on active attacks and potential threats.|
 |[Posture management](/azure/cloud-adoption-framework/organize/cloud-security-posture-management)|Continuously reporting on, and improving, your organizational security posture.|
-|[Incident preparation](/azure/cloud-adoption-framework/organize/cloud-security-incident-preparation)|Building tools, processes, and expertise to respond to security incidents.
+|[Incident preparation](/azure/cloud-adoption-framework/organize/cloud-security-incident-preparation)|Building tools, processes, and expertise to respond to security incidents. |
 
 ## Team alignment