Fix formatting

Author: David Curwin

articles/defender-for-cloud/quickstart-onboard-github.md

@@ -8,13 +8,13 @@ ms.custom: ignite-2023
 
 # Quickstart: Connect your GitHub Environment to Microsoft Defender for Cloud
 
-In this quickstart, you will connect your GitHub organizations on the **Environment settings** page in Microsoft Defender for Cloud. This page provides a simple onboarding experience to auto-discover your GitHub repositories.
+In this quickstart, you connect your GitHub organizations on the **Environment settings** page in Microsoft Defender for Cloud. This page provides a simple onboarding experience to autodiscover your GitHub repositories.
 
 By connecting your GitHub organizations to Defender for Cloud, you extend the security capabilities of Defender for Cloud to your GitHub resources. These features include:
 
 - **Foundational Cloud Security Posture Management (CSPM) features**: You can assess your GitHub security posture through GitHub-specific security recommendations. You can also learn about all the [recommendations for GitHub](recommendations-reference.md) resources.
 
-- **Defender CSPM features**: Defender CSPM customers receive code to cloud contextualized attack paths, risk assessments, and insights to identify the most critical weaknesses that attackers can use to breach their environment. Connecting your GitHub repositories will allow you to contextualize DevOps security findings with your cloud workloads and identify the origin and developer for timely remediation. For more information, learn how to [identify and analyze risks across your environment](concept-attack-path.md)
+- **Defender CSPM features**: Defender CSPM customers receive code to cloud contextualized attack paths, risk assessments, and insights to identify the most critical weaknesses that attackers can use to breach their environment. Connecting your GitHub repositories allows you to contextualize DevOps security findings with your cloud workloads and identify the origin and developer for timely remediation. For more information, learn how to [identify and analyze risks across your environment](concept-attack-path.md).
 
 ## Prerequisites
 
@@ -29,10 +29,10 @@ To complete this quickstart, you need:
 | Aspect | Details |
 |--|--|
 | Release state: | General Availability. |
-| Pricing: | For pricing, see the Defender for Cloud [pricing page](https://azure.microsoft.com/pricing/details/defender-for-cloud/?v=17.23h#pricing).
+| Pricing: | For pricing, see the Defender for Cloud [pricing page](https://azure.microsoft.com/pricing/details/defender-for-cloud/?v=17.23h#pricing) |
 | Required permissions: | **Account Administrator** with permissions to sign in to the Azure portal. <br> **Contributor** to create the connector on the Azure subscription.  <br> **Organization Owner** in GitHub. |
 | GitHub supported versions: | GitHub Free, Pro, Team, and Enterprise Cloud |
-| Regions and availability: | Refer to the [support and prerequisites](devops-support.md) section for region support and feature availability.  |
+| Regions and availability: | Refer to the [support and prerequisites](devops-support.md) section for region support and feature availability.|
 | Clouds: | :::image type="icon" source="media/quickstart-onboard-github/check-yes.png" border="false"::: Commercial <br> :::image type="icon" source="media/quickstart-onboard-github/x-no.png" border="false"::: National (Azure Government, Microsoft Azure operated by 21Vianet) |
 
 > [!NOTE]
@@ -68,14 +68,14 @@ To connect your GitHub account to Microsoft Defender for Cloud:
 
 1. Select **Install**.
 
-1. Select the organizations to install the GitHub application. It is recommended to grant access to **all repositories** to ensure Defender for Cloud can secure your entire GitHub environment.
+1. Select the organizations to install the GitHub application. It's recommended to grant access to **all repositories** to ensure Defender for Cloud can secure your entire GitHub environment.
 
     This step grants Defender for Cloud access to the selected organizations.
-   
+
 1. For Organizations, select one of the following:
 
-    - Select **all existing organizations** to auto-discover all repositories in GitHub organizations where the DevOps security GitHub application is installed.
-    - Select **all existing and future organizations** to auto-discover all repositories in GitHub organizations where the DevOps security GitHub application is installed and future organizations where the DevOps security GitHub application is installed.
+    - Select **all existing organizations** to autodiscover all repositories in GitHub organizations where the DevOps security GitHub application is installed.
+    - Select **all existing and future organizations** to autodiscover all repositories in GitHub organizations where the DevOps security GitHub application is installed and future organizations where the DevOps security GitHub application is installed.
 
 1. Select **Next: Review and generate**.
 
@@ -90,7 +90,7 @@ The Defender for Cloud service automatically discovers the organizations where y
 > [!NOTE]
 > To ensure proper functionality of advanced DevOps posture capabilities in Defender for Cloud, only one instance of a GitHub organization can be onboarded to the Azure Tenant you are creating a connector in.
 
-The **DevOps security** blade shows your onboarded repositories grouped by Organization. The **Recommendations** blade shows all security assessments related to GitHub repositories.
+The **DevOps security** pane shows your onboarded repositories grouped by Organization. The **Recommendations** pane shows all security assessments related to GitHub repositories.
 
 ## Next steps
 

articles/defender-for-cloud/quickstart-onboard-gitlab.md

@@ -14,7 +14,7 @@ By connecting your GitLab groups to Defender for Cloud, you extend the security
 
 - **Foundational Cloud Security Posture Management (CSPM) features**: You can assess your GitLab security posture through GitLab-specific security recommendations. You can also learn about all the [recommendations for DevOps](recommendations-reference.md) resources.
 
-- **Defender CSPM features**: Defender CSPM customers receive code to cloud contextualized attack paths, risk assessments, and insights to identify the most critical weaknesses that attackers can use to breach their environment. Connecting your GitLab projects will allow you to contextualize DevOps security findings with your cloud workloads and identify the origin and developer for timely remediation. For more information, learn how to [identify and analyze risks across your environment](concept-attack-path.md)
+- **Defender CSPM features**: Defender CSPM customers receive code to cloud contextualized attack paths, risk assessments, and insights to identify the most critical weaknesses that attackers can use to breach their environment. Connecting your GitLab projects allows you to contextualize DevOps security findings with your cloud workloads and identify the origin and developer for timely remediation. For more information, learn how to [identify and analyze risks across your environment](concept-attack-path.md).
 
 ## Prerequisites
 
@@ -28,9 +28,9 @@ To complete this quickstart, you need:
 | Aspect | Details |
 |--|--|
 | Release state: | Preview. The [Azure Preview Supplemental Terms](https://azure.microsoft.com/support/legal/preview-supplemental-terms/) include legal terms that apply to Azure features that are in beta, in preview, or otherwise not yet released into general availability. |
-| Pricing: | For pricing, see the Defender for Cloud [pricing page](https://azure.microsoft.com/pricing/details/defender-for-cloud/?v=17.23h#pricing). |
-| Required permissions: | **Account Administrator** with permissions to sign in to the Azure portal. <br> **Contributor** to create a connector on the Azure subscription. <br> **Group Owner** on the GitLab Group. 
-| Regions and availability: | Refer to the [support and prerequisites](devops-support.md) section for region support and feature availability.  |
+| Pricing: | For pricing, see the Defender for Cloud [pricing page](https://azure.microsoft.com/pricing/details/defender-for-cloud/?v=17.23h#pricing).|
+| Required permissions: | **Account Administrator** with permissions to sign in to the Azure portal. <br> **Contributor** to create a connector on the Azure subscription. <br> **Group Owner** on the GitLab Group.|
+| Regions and availability: | Refer to the [support and prerequisites](devops-support.md) section for region support and feature availability.|
 | Clouds: | :::image type="icon" source="media/quickstart-onboard-github/check-yes.png" border="false"::: Commercial <br> :::image type="icon" source="media/quickstart-onboard-github/x-no.png" border="false"::: National (Azure Government, Microsoft Azure operated by 21Vianet) |
 
 > [!NOTE]
@@ -60,14 +60,14 @@ To connect your GitLab Group to Defender for Cloud by using a native connector:
 
 1. Select **Next: Configure access**.
 
-1. Select **Authorize**. 
+1. Select **Authorize**.
 
 1. In the popup dialog, read the list of permission requests, and then select **Accept**.
 
 1. For Groups, select one of the following:
 
-    - Select **all existing groups** to autodiscover all subgroups and projects in groups you are currently an Owner in.
-    - Select **all existing and future groups** to autodiscover all subgroups and projects in all current and future groups you are an Owner in.
+    - Select **all existing groups** to autodiscover all subgroups and projects in groups you're currently an Owner in.
+    - Select **all existing and future groups** to autodiscover all subgroups and projects in all current and future groups you're an Owner in.
 
 Since GitLab projects are onboarded at no additional cost, autodiscover is applied across the group to ensure Defender for Cloud can comprehensively assess the security posture and respond to security threats across your entire DevOps ecosystem. Groups can later be manually added and removed through **Microsoft Defender for Cloud** > **Environment settings**.
 
@@ -78,7 +78,7 @@ Since GitLab projects are onboarded at no additional cost, autodiscover is appli
 > [!NOTE]
 > To ensure proper functionality of advanced DevOps posture capabilities in Defender for Cloud, only one instance of a GitLab group can be onboarded to the Azure Tenant you are creating a connector in.
 
-The **DevOps security** blade shows your onboarded repositories by GitLab group. The **Recommendations** blade shows all security assessments related to GitLab projects.
+The **DevOps security** pane shows your onboarded repositories by GitLab group. The **Recommendations** pane shows all security assessments related to GitLab projects.
 
 ## Next steps
 

articles/defender-for-cloud/quickstart-onboard-machines.md

@@ -64,7 +64,7 @@ After you connect Defender for Cloud to your Azure subscription, you can start c
 
     A list of your Log Analytics workspaces appears.
 
-1. (Optional) If you don't already have a Log Analytics workspace in which to store the data, select **Create new workspace** and follow the on-screen guidance.
+1. (Optional) If you don't already have a Log Analytics workspace in which to store the data, select **Create new workspace**, and follow the on-screen guidance.
 
 1. From the list of workspaces, select **Upgrade** for the relevant workspace to turn on Defender for Cloud paid plans for 30 free days.
 
@@ -151,7 +151,7 @@ To verify that your machines are connected:
 
 When you enable Defender for Cloud, Defender for Cloud's alerts are automatically integrated into the Microsoft Defender Portal. No further steps are needed.
 
-The integration between Microsoft Defender for Cloud and Microsoft Defender XDR brings your cloud environments into Microsoft Defender XDR. With Defender for Cloud's alerts and cloud correlations integrated into Microsoft Defender XDR, SOC teams can now access all security information from a single interface. 
+The integration between Microsoft Defender for Cloud and Microsoft Defender XDR brings your cloud environments into Microsoft Defender XDR. With Defender for Cloud's alerts and cloud correlations integrated into Microsoft Defender XDR, SOC teams can now access all security information from a single interface.
 
 Learn more about Defender for Cloud's [alerts in Microsoft Defender XDR](concept-integration-365.md).
 

articles/defender-for-cloud/regulatory-compliance-dashboard.md

@@ -21,7 +21,7 @@ Compliance Manager thus provides improvement actions and status across your clou
 
 ## Before you start
 
-- By default, when you enable Defender for Cloud on an Azure subscription, AWS account, or GCP plan, the MCSB plan is enabled
+- By default, when you enable Defender for Cloud on an Azure subscription, AWS account, or GCP plan, the MCSB plan is enabled.
 - You can add more non-default compliance standards when at least one paid plan is enabled in Defender for Cloud.
 - You must be signed in with an account that has reader access to the policy compliance data. The **Reader** role for the subscription has access to the policy compliance data, but the **Security Reader** role doesn't. At a minimum, you need to have **Resource Policy Contributor** and **Security Admin** roles assigned.
 
@@ -130,13 +130,13 @@ The regulatory compliance has automated and manual assessments that might need t
 
     For example, from the PCI tab you can download a ZIP file containing a digitally signed certificate demonstrating Microsoft Azure, Dynamics 365, and Other Online Services' compliance with ISO22301 framework, together with the necessary collateral to interpret and present the certificate.
 
- When you download one of these certification reports, you'll be shown the following privacy notice:
+ When you download one of these certification reports, you're shown the following privacy notice:
 
  _By downloading this file, you are giving consent to Microsoft to store the current user and the selected subscriptions at the time of download. This data is used in order to notify you in case of changes or updates to the downloaded audit report. This data is used by Microsoft and the audit firms that produce the certification/reports only when notification is required._
 
 ### Check compliance offerings status
 
-Transparency provided by the compliance offerings (currently in preview), allows you to view the certification status for each of the services provided by Microsoft prior to adding your product to the Azure platform.
+Transparency provided by the compliance offerings (currently in preview), allows you to view the certification status for each of the services provided by Microsoft before adding your product to the Azure platform.
 
 1. In the Defender for Cloud portal, open **Regulatory compliance**.
 
@@ -148,7 +148,7 @@ Transparency provided by the compliance offerings (currently in preview), allows
 
     :::image type="content" source="media/regulatory-compliance-dashboard/search-service.png" alt-text="Screenshot of the compliance offering screen with the search bar highlighted." lightbox="media/regulatory-compliance-dashboard/search-service.png":::
 
-## Continuously export compliance status 
+## Continuously export compliance status
 
 If you want to track your compliance status with other monitoring tools in your environment, Defender for Cloud includes an export mechanism to make this straightforward. Configure **continuous export** to send select data to an Azure Event Hubs or a Log Analytics workspace. Learn more in [continuously export Defender for Cloud data](continuous-export.md).
 
@@ -169,7 +169,7 @@ Use continuous export data to an Azure Event Hubs or a Log Analytics workspace:
 
 Defender for Cloud's workflow automation feature can trigger Logic Apps whenever one of your regulatory compliance assessments changes state.
 
-For example, you might want Defender for Cloud to email a specific user when a compliance assessment fails. You'll need to first create the logic app (using [Azure Logic Apps](../logic-apps/logic-apps-overview.md))  and then set up the trigger in a new workflow automation as explained in [Automate responses to Defender for Cloud triggers](workflow-automation.md).
+For example, you might want Defender for Cloud to email a specific user when a compliance assessment fails. You need to first create the logic app (using [Azure Logic Apps](../logic-apps/logic-apps-overview.md))  and then set up the trigger in a new workflow automation as explained in [Automate responses to Defender for Cloud triggers](workflow-automation.md).
 
 :::image type="content" source="media/release-notes/regulatory-compliance-triggers-workflow-automation.png" alt-text="Screenshot that shows how to use changes to regulatory compliance assessments to trigger a workflow automation." lightbox="media/release-notes/regulatory-compliance-triggers-workflow-automation.png":::
 

articles/defender-for-cloud/review-exemptions.md

@@ -7,7 +7,7 @@ author: dcurwin
 ms.date: 11/22/2023
 ---
 
-# Review resources exempted from recommendations 
+# Review resources exempted from recommendations
 
 In Microsoft Defender for Cloud, you can [exempt protected resources from Defender for Cloud security recommendations](exempt-resource.md). This article describes how to review and work with exempted resources.
 
@@ -24,7 +24,7 @@ In Microsoft Defender for Cloud, you can [exempt protected resources from Defend
 
 1. Select **Add filter** > **Is exempt**.
 
-1. Select **All**, **Yes** or **No**. 
+1. Select **All**, **Yes** or **No**.
 
 1. Select **Apply**.
 
@@ -34,9 +34,9 @@ In Microsoft Defender for Cloud, you can [exempt protected resources from Defend
 
 1. For each resource, the **Reason** column shows why the resource is exempted. To modify the exemption settings for a resource, select the ellipsis in the resource > **Manage exemption**.
 
-You can also find all resources that have been exempted from one or more recommendations on the Inventory page.
+You can also find all resources that are exempted from one or more recommendations on the Inventory page.
 
-**To review exempted resources on the Defender for Cloud's Inventory page**: 
+**To review exempted resources on the Defender for Cloud's Inventory page**:
 
 1. Sign in to the [Azure portal](https://portal.azure.com/).
 
@@ -85,16 +85,14 @@ To view all recommendations that have exemption rules:
     | where StatusDescription contains "Exempt"    
     ```
 
-
 ## Get notified when exemptions are created
 
-To keep track of how users are exempting resources from recommendations, we've created an Azure Resource Manager (ARM) template that deploys a Logic App Playbook, and all necessary API connections to notify you when an exemption has been created.
+To keep track of how users are exempting resources from recommendations, we created an Azure Resource Manager (ARM) template that deploys a Logic App Playbook, and all necessary API connections to notify you when an exemption was created.
 
 - Learn more about the playbook in TechCommunity blog [How to keep track of Resource Exemptions in Microsoft Defender for Cloud](https://techcommunity.microsoft.com/t5/azure-security-center/how-to-keep-track-of-resource-exemptions-in-azure-security/ba-p/1770580).
-- Locate the ARM template in [Microsoft Defender for Cloud GitHub repository](https://github.com/Azure/Azure-Security-Center/tree/master/Workflow%20automation/Notify-ResourceExemption)
+- Locate the ARM template in [Microsoft Defender for Cloud GitHub repository](https://github.com/Azure/Azure-Security-Center/tree/master/Workflow%20automation/Notify-ResourceExemption).
 - [Use this automated process](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2FAzure-Security-Center%2Fmaster%2FWorkflow%2520automation%2FNotify-ResourceExemption%2Fazuredeploy.json) to deploy all components.
 
-
 ## Next steps
 
-[Review security recommendations](review-security-recommendations.md)
+[Review security recommendations](review-security-recommendations.md)