Merge pull request #247629 from AbdullahBell/ddos-update-alerts-defender

DDoS Protection: Update: View Azure DDoS Protection alerts in Microsoft Defender for Cloud

Author: v-dirichards

articles/ddos-protection/ddos-view-alerts-defender-for-cloud.md

@@ -4,24 +4,31 @@ description: Learn how to view DDoS protection alerts in Microsoft Defender for
 services: ddos-protection
 author: AbdullahBell
 ms.service: ddos-protection
-ms.topic: how-to
+ms.topic: tutorial
 ms.workload: infrastructure-services
-ms.date: 03/29/2023
+ms.date: 08/08/2023
 ms.author: abell
 ---
 
 # View Azure DDoS Protection alerts in Microsoft Defender for Cloud
 
 Microsoft Defender for Cloud provides a list of [security alerts](../security-center/security-center-managing-and-responding-alerts.md), with information to help investigate and remediate problems. With this feature, you get a unified view of alerts - including DDoS attack-related alerts - and the actions to take to mitigate the attack.
 
+In this tutorial, you learn how to:
+
+> [!div class="checklist"]
+> * View Azure DDoS Protection alerts in Microsoft Defender for Cloud.
+
 There are two specific alerts that you'll see for any DDoS attack detection and mitigation:
 
 - **DDoS Attack detected for Public IP**: This alert is generated when the DDoS protection service detects that one of your public IP addresses is the target of a DDoS attack.
 - **DDoS Attack mitigated for Public IP**: This alert is generated when an attack on the public IP address has been mitigated.
 
 To view the alerts, open **Defender for Cloud** in the Azure portal and select **Security alerts**. The following screenshot shows an example of the DDoS attack alerts.
 
-:::image type="content" source="./media/manage-ddos-protection/ddos-alert-asc.png" alt-text="Screenshot of DDoS Alert in Microsoft Defender for Cloud." lightbox="./media/manage-ddos-protection/ddos-alert-asc.png":::
+:::image type="content" source="./media/ddos-view-alerts-defender-for-cloud/ddos-alert-asc.png" alt-text="Screenshot of DDoS Alert in Microsoft Defender for Cloud." lightbox="./media/ddos-view-alerts-defender-for-cloud/ddos-alert-asc.png":::
+
+
 
 ## Prerequisites
 
@@ -34,10 +41,14 @@ To view the alerts, open **Defender for Cloud** in the Azure portal and select *
 1. In the search box at the top of the portal, enter **Microsoft Defender for Cloud**. Select **Microsoft Defender for Cloud** from the search results.
 1. From the side menu, select **Security alerts**. To filter the alerts list, select your subscription, or any of the relevant filters. You can optionally add filters with the **Add filter** option.
 
-    :::image type="content" source="./media/manage-ddos-protection/ddos-protection-security-alerts.png" alt-text="Screenshot of Security alert in Microsoft Defender for Cloud.":::
+    :::image type="content" source="./media/ddos-view-alerts-defender-for-cloud/ddos-protection-security-alerts.png" alt-text="Screenshot of Security alert in Microsoft Defender for Cloud." lightbox="./media/ddos-view-alerts-defender-for-cloud/ddos-protection-security-alerts.png":::
 
 The alerts include general information about the public IP address that’s under attack, geo and threat intelligence information, and remediation steps.
 
 ## Next steps
 
-* [Engage with Azure DDoS Rapid Response](ddos-rapid-response.md)
+In this tutorial you learned how to view DDoS protection alerts in Microsoft Defender for Cloud. To learn more about the recommended steps to take when you receive an alert, see these next steps.
+
+> [!div class="nextstepaction"]
+> [Engage with Azure DDoS Rapid Response](ddos-rapid-response.md)
+> [components of a DDoS Rapid Response Strategy](ddos-response-strategy.md)