Next step

Author: David Curwin

articles/defender-for-cloud/adaptive-application-controls.md

@@ -37,6 +37,6 @@ No enforcement options are currently available. Adaptive application controls ar
 |Required roles and permissions:|**Security Reader** and **Reader** roles can both view groups and the lists of known-safe applications<br>**Contributor** and **Security Admin** roles can both edit groups and the lists of known-safe applications|
 |Clouds:|:::image type="icon" source="./media/icons/yes-icon.png"::: Commercial clouds<br>:::image type="icon" source="./media/icons/yes-icon.png"::: National (Azure Government, Microsoft Azure operated by 21Vianet)<br>:::image type="icon" source="./media/icons/yes-icon.png"::: Connected AWS accounts|
 
-## Next steps
+## Next step
 
 [Enable adaptive application controls](enable-adaptive-application-controls.md)

articles/defender-for-cloud/advanced-configurations-for-malware-scanning.md

@@ -194,6 +194,6 @@ Request Body:
 
 Make sure you add the parameter `overrideSubscriptionLevelSettings` and its value is set to **true**. This ensures that the settings are saved only for this storage account and will not be overrun by the subscription settings.
 
-## Next steps
+## Next step
 
 Learn more about [malware scanning settings](defender-for-storage-malware-scan.md).

articles/defender-for-cloud/agentless-malware-scanning.md

@@ -54,6 +54,6 @@ If you believe a file is being incorrectly detected as malware (false positive),
 
 Defender for Cloud allows you to [suppress false positive alerts](alerts-suppression-rules.md). Make sure to limit the suppression rule by using the malware name or file hash.
 
-## Next steps
+## Next step
 
 Learn more about how to [Enable agentless scanning for VMs](enable-agentless-scanning-vms.md).

articles/defender-for-cloud/alerts-suppression-rules.md

@@ -97,7 +97,7 @@ The relevant HTTP methods for suppression rules in the REST API are:
 
 For details and usage examples, see the [API documentation](/rest/api/defenderforcloud/operation-groups?view=rest-defenderforcloud-2020-01-01&preserve-view=true).
 
-## Next steps
+## Next step
 
 This article described the suppression rules in Microsoft Defender for Cloud that automatically dismiss unwanted alerts.
 

articles/defender-for-cloud/concept-data-security-posture-prepare.md

@@ -138,6 +138,6 @@ AWS:
 > - Exposure rules that include 0.0.0.0/0 are considered “excessively exposed”, meaning that they can be accessed from any public IP.
 > - Azure resources with the exposure rule “0.0.0.0” are accessible from any resource in Azure (regardless of tenant or subscription).
 
-## Next steps
+## Next step
 
 [Enable](data-security-posture-enable.md) data-aware security posture.

articles/defender-for-cloud/concept-defender-for-cosmos.md

@@ -52,7 +52,7 @@ Threat intelligence security alerts are triggered for:
 - **Suspicious database activity**: <br>
     For example, suspicious key-listing patterns that resemble known malicious lateral movement techniques and suspicious data extraction patterns.
 
-## Next steps
+## Next step
 
 In this article, you learned about Microsoft Defender for Azure Cosmos DB.
 

articles/defender-for-cloud/concept-integration-365.md

@@ -49,6 +49,6 @@ Customers who integrated their Microsoft 365 Defender incidents into Sentinel an
 
 Learn how [Defender for Cloud and Microsoft 365 Defender handle your data's privacy](data-security.md#defender-for-cloud-and-microsoft-defender-365-defender-integration).
 
-## Next steps
+## Next step
 
 [Security alerts - a reference guide](alerts-reference.md)