Merge pull request #216452 from ElazarK/dfd-fixes

changes

Author: LJSpiller

.openpublishing.redirection.defender-for-cloud.json

@@ -734,6 +734,16 @@
             "source_path_from_root": "/articles/defender-for-cloud/defender-for-containers-cicd.md",
             "redirect_url": "/azure/defender-for-cloud/defender-for-devops-introduction",
             "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/defender-for-cloud/tutorial-enable-pull-request-annotations.md",
+            "redirect_url": "/azure/defender-for-cloud/enable-pull-request-annotations",
+            "redirect_document_id": true
+        },
+        {
+            "source_path_from_root": "/articles/defender-for-cloud/detect-credential-leaks.md",
+            "redirect_url": "/azure/defender-for-cloud/detect-exposed-secrets",
+            "redirect_document_id": true
         }
 
       ]

articles/defender-for-cloud/TOC.yml

@@ -77,8 +77,6 @@
     href: tutorial-security-policy.md
   - name: Investigate the health of your resources
     href: investigate-resource-health.md
-  - name: Enable pull request annotations in GitHub or in Azure DevOps
-    href: tutorial-enable-pull-request-annotations.md
 
 - name: Samples
   items:
@@ -445,7 +443,10 @@
       href: iac-vulnerabilities.md
     - name: Detect exposed secrets in code
       displayName: DevOps, CredScan, Credentials, leaks, 
-      href: detect-credential-leaks.md
+      href: detect-exposed-secrets.md
+    - name: Enable pull request annotations in GitHub or in Azure DevOps
+      displayName: PR annotations, annotations, DevOps, GitHub, pull request
+      href: enable-pull-request-annotations.md
 
 - name: Reference
   items:

articles/defender-for-cloud/azure-devops-extension.md

@@ -17,7 +17,7 @@ The Microsoft Security DevOps uses the following Open Source tools:
 | [Bandit](https://github.com/PyCQA/bandit) | Python | [Apache License 2.0](https://github.com/PyCQA/bandit/blob/master/LICENSE) |
 | [BinSkim](https://github.com/Microsoft/binskim) | Binary--Windows, ELF | [MIT License](https://github.com/microsoft/binskim/blob/main/LICENSE) |
 | [ESlint](https://github.com/eslint/eslint) | JavaScript | [MIT License](https://github.com/eslint/eslint/blob/main/LICENSE) |
-| [Credscan](detect-credential-leaks.md) | Credential Scanner (also known as CredScan) is a tool developed and maintained by Microsoft to identify credential leaks such as those in source code and configuration files <br> common types: default passwords, SQL connection strings, Certificates with private keys | Not Open Source |
+| [Credscan](detect-exposed-secrets.md) | Credential Scanner (also known as CredScan) is a tool developed and maintained by Microsoft to identify credential leaks such as those in source code and configuration files <br> common types: default passwords, SQL connection strings, Certificates with private keys | Not Open Source |
 | [Template Analyzer](https://github.com/Azure/template-analyzer) | ARM template, Bicep file | [MIT License](https://github.com/Azure/template-analyzer/blob/main/LICENSE.txt) |
 | [Terrascan](https://github.com/accurics/terrascan) | Terraform (HCL2), Kubernetes (JSON/YAML), Helm v3, Kustomize, Dockerfiles, Cloud Formation | [Apache License 2.0](https://github.com/accurics/terrascan/blob/master/LICENSE) |
 | [Trivy](https://github.com/aquasecurity/trivy) | container images, file systems, git repositories | [Apache License 2.0](https://github.com/aquasecurity/trivy/blob/main/LICENSE) |

articles/defender-for-cloud/defender-for-devops-introduction.md

@@ -37,7 +37,7 @@ Defender for DevOps allows you to manage your connected environments and provide
 
 :::image type="content" source="media/defender-for-devops-introduction/devops-dashboard.png" alt-text="Screenshot of the Defender for DevOps dashboard." lightbox="media/defender-for-devops-introduction/devops-dashboard.png":::
 
-Here, you can [add GitHub](quickstart-onboard-github.md) and [Azure DevOps](quickstart-onboard-devops.md) environments, customize DevOps workbooks to show your desired metrics, view our guides and give feedback, and [configure your pull request annotations](tutorial-enable-pull-request-annotations.md).
+Here, you can [add GitHub](quickstart-onboard-github.md) and [Azure DevOps](quickstart-onboard-devops.md) environments, customize DevOps workbooks to show your desired metrics, view our guides and give feedback, and [configure your pull request annotations](enable-pull-request-annotations.md).
 
 ### Understanding your DevOps security
 
@@ -88,6 +88,6 @@ On this part of the screen you see:
 
 ## Next steps
 
-[Connect your GitHub repositories to Microsoft Defender for Cloud](quickstart-onboard-github.md).
+[Configure the Microsoft Security DevOps GitHub action](github-action.md).
 
-[Connect your Azure DevOps repositories to Microsoft Defender for Cloud](quickstart-onboard-devops.md).
+[Configure the Microsoft Security DevOps Azure DevOps extension](azure-devops-extension.md)

articles/defender-for-cloud/detect-credential-leaks.md renamed to articles/defender-for-cloud/detect-exposed-secrets.md

@@ -148,4 +148,4 @@ The following exit codes are available in CredScan:
 | -9000 | Scan failed with unknown error. |
 
 ## Next steps
-+ Learn how to [configure pull request annotations](tutorial-enable-pull-request-annotations.md) in Defender for Cloud to remediate secrets in code before they are shipped to production.
++ Learn how to [configure pull request annotations](enable-pull-request-annotations.md) in Defender for Cloud to remediate secrets in code before they are shipped to production.

articles/defender-for-cloud/tutorial-enable-pull-request-annotations.md renamed to articles/defender-for-cloud/enable-pull-request-annotations.md

@@ -1,12 +1,12 @@
 ---
-title: Tutorial Enable pull request annotations in GitHub or in Azure DevOps
+title: Enable pull request annotations in GitHub or in Azure DevOps
 description: Add pull request annotations in GitHub or in Azure DevOps. By adding pull request annotations, your SecOps and developer teams so that they can be on the same page when it comes to mitigating issues.
 ms.topic: overview
 ms.custom: ignite-2022
-ms.date: 10/20/2022
+ms.date: 10/30/2022
 ---
 
-# Tutorial: Enable pull request annotations in GitHub and Azure DevOps
+# Enable pull request annotations in GitHub and Azure DevOps
 
 Defender for DevOps exposes security findings as annotations in Pull Requests (PR). Security operators can enable PR annotations in Microsoft Defender for Cloud. Any exposed issues can then be remedied by developers. This process can prevent and fix potential security vulnerabilities and misconfigurations before they enter the production stage. Defender for DevOps annotates the vulnerabilities within the differences in the file rather than all the vulnerabilities detected across the entire file. Developers are able to see annotations in their source code management systems and Security operators can see any unresolved findings in Microsoft Defender for Cloud.  
 
@@ -15,16 +15,8 @@ With Microsoft Defender for Cloud, you can configure PR annotations in Azure Dev
 > [!NOTE]
 > GitHub Advanced Security for Azure DevOps (GHAzDO) is providing a free trial of PR annotations during the Defender for DevOps preview. 
 
-In this tutorial you'll learn how to:
-
-> [!div class="checklist"]
-> * [Enable pull request annotations in GitHub](#enable-pull-request-annotations-in-github).
-> * [Enable pull request annotations in Azure DevOps](#enable-pull-request-annotations-in-azure-devops).
-
 ## Prerequisites
 
-Before you can follow the steps in this tutorial, you must:
-
 **For GitHub**:
 
 - An Azure account. If you don't already have an Azure account, you can [create your Azure free account today](https://azure.microsoft.com/free/).
@@ -37,7 +29,7 @@ Before you can follow the steps in this tutorial, you must:
 - An Azure account. If you don't already have an Azure account, you can [create your Azure free account today](https://azure.microsoft.com/free/).
 - [Connect your Azure DevOps repositories to Microsoft Defender for Cloud](quickstart-onboard-devops.md).
 - [Configure the Microsoft Security DevOps Azure DevOps extension](azure-devops-extension.md).
-- [Setup secret scanning in Azure DevOps](detect-credential-leaks.md#setup-secret-scanning-in-azure-devops).
+- [Setup secret scanning in Azure DevOps](detect-exposed-secrets.md#setup-secret-scanning-in-azure-devops).
 
 ## Enable pull request annotations in GitHub
 
@@ -85,7 +77,7 @@ Any issues that are discovered by the scanner will be viewable in the Files chan
 
 1. Navigate through the page and locate an affected file with an annotation.
 
-1. Follow the remediation steps in the annotation. If you choose not remediate the annotation, select **Dismiss alert**.
+1. Follow the remediation steps in the annotation. If you choose not to remediate the annotation, select **Dismiss alert**.
 
 1. Select a reason to dismiss:
 
@@ -127,7 +119,7 @@ Before you can enable pull request annotations, your main branch must have enabl
 
     :::image type="content" source="media/tutorial-enable-pr-annotations/validation-policy.png" alt-text="Screenshot that shows the build validation.":::
 
-Once you have completed these steps you can select the build pipeline you created previously and customize it's settings to suit your needs.  
+Once you have completed these steps you can select the build pipeline you created previously and customize its settings to suit your needs.  
 
 ### Enable pull request annotations
 
@@ -141,7 +133,7 @@ Once you have completed these steps you can select the build pipeline you create
 
 1. Select **Configure**.
 
-    :::image type="content" source="media/tutorial-enable-pr-annotations/select-configure.png" alt-text="Screenshot that shows you where to select configure, on the screen.":::
+    :::image type="content" source="media/tutorial-enable-pr-annotations/select-configure.png" alt-text="Screenshot that shows you where to select configure on the screen.":::
 
 1. Toggle Pull request annotations to **On**.
 
@@ -191,13 +183,11 @@ Defender for DevOps will re-activate an annotation if the security issue is not
 
 ## Learn more
 
-In this tutorial, you learned how to enable pull request annotations in GitHub and Azure DevOps.
-
 Learn more about [Defender for DevOps](defender-for-devops-introduction.md).
 
 Learn how to [Discover misconfigurations in Infrastructure as Code](iac-vulnerabilities.md).
 
-Learn how to [detect exposed secrets in code](detect-credential-leaks.md).
+Learn how to [detect exposed secrets in code](detect-exposed-secrets.md).
 
 ## Next steps
 

articles/defender-for-cloud/quickstart-onboard-devops.md

@@ -95,4 +95,4 @@ Learn more about [Defender for DevOps](defender-for-devops-introduction.md).
 
 Learn how to [configure the MSDO Azure DevOps extension](azure-devops-extension.md).
 
-Learn how to [configure pull request annotations](tutorial-enable-pull-request-annotations.md) in Defender for Cloud.
+Learn how to [configure pull request annotations](enable-pull-request-annotations.md) in Defender for Cloud.

articles/defender-for-cloud/quickstart-onboard-github.md

@@ -89,4 +89,4 @@ Learn more about [Defender for DevOps](defender-for-devops-introduction.md).
 
 Learn how to [configure the MSDO GitHub action](github-action.md).
 
-Learn how to [configure pull request annotations](tutorial-enable-pull-request-annotations.md) in Defender for Cloud.
+Learn how to [configure pull request annotations](enable-pull-request-annotations.md) in Defender for Cloud.