Update linux-exclusions.md

emmwalshh · emmwalshh · commit 01945af94a8e · 2025-02-21T10:57:30.000Z
diff --git a/defender-endpoint/linux-exclusions.md b/defender-endpoint/linux-exclusions.md
@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: linux
 search.appverid: met150
-ms.date: 02/19/2025
+ms.date: 02/21/2025
 ---
 
 # Configure and validate exclusions for Microsoft Defender for Endpoint on Linux
@@ -71,7 +71,7 @@ The following table shows the exclusion types supported by Defender for Endpoint
 |Process|A specific process (specified either by the full path or file name) and all files opened by it.<br/>*We recommend using full and trusted process launch path.*|`/bin/cat`<br/>`cat`<br/>`c?t`|
 
 > [!IMPORTANT]
-> The paths used must be hard links, not symbolic links, in order to be successfully excluded. You can check if a path is a symbolic link by running `file <path-name>`. When implementing global process exclusions, exclude only what is absolutely necessary to ensure system reliability and security. Verify that the process is known and trusted, specify the complete path to the process location, and confirm that the process will consistently launch from the same trusted full path.
+> The paths used must be hard links, not symbolic links, in order to be successfully excluded. You can check if a path is a symbolic link by running `file <path-name>`. When implementing global process exclusions, exclude only what is necessary to ensure system reliability and security. Verify that the process is known and trusted, specify the complete path to the process location, and confirm that the process will consistently launch from the same trusted full path.
 
 ### File, folder, and process exclusions support the following wildcards:
 
@@ -141,7 +141,7 @@ In enterprise environments, exclusions can also be managed through a configurati
 ### Using Defender for Endpoint security settings management
 
 > [!NOTE]
-> This method is currently in private Preview. For enabling this feature, please reach out to xplatpreviewsupport@microsoft.com.
+> This method is currently in private Preview. To enable this feature, please reach out to xplatpreviewsupport@microsoft.com.
 > Make sure to review the prerequisites: [Defender for Endpoint security settings management prerequisites](/mem/intune/protect/mde-security-integration#prerequisites)
 
 You can use the Microsoft Intune admin center or the Microsoft Defender portal to manage exclusions as endpoint security policies and assign those policies to Microsoft Entra ID groups. If you're using this method for the first time, make sure to complete the following steps:
@@ -150,11 +150,11 @@ You can use the Microsoft Intune admin center or the Microsoft Defender portal t
 
 1. In the [Microsoft Defender portal](https://security.microsoft.com), navigate to **Settings** > **Endpoints** > **Configuration Management** > **Enforcement Scope**, and then select the Linux platform. 
 
-2. Tag devices with the `MDE-Management` tag. Most devices enroll and receive the policy within minutes, although some might take up to 24 hours. For more information, see [Learn how to use Intune endpoint security policies to manage Microsoft Defender for Endpoint on devices that are not enrolled with Intune](/mem/intune/protect/mde-security-integration).
+2. Tag devices with the `MDE-Management` tag. Most devices enroll and receive the policy within minutes, although some might take up to 24 hours. For more information, see [Learn how to use Intune endpoint security policies to manage Microsoft Defender for Endpoint on devices that aren't enrolled with Intune](/mem/intune/protect/mde-security-integration).
 
 #### 2. Create a Microsoft Entra group
 
-Create a dynamic Microsoft Entra group that uses the operating system type to ensure that all devices onboarded to Defender for Endpoint receive policies. Using a dynamic group allows devices managed by Defender for Endpoint to be automatically added to the group, eliminating the need for admins to create new policies manually. For more information, see the following article: [Create Microsoft Entra Groups](/mem/intune/protect/mde-security-integration#create-microsoft-entra-groups) 
+Create a dynamic Microsoft Entra group based on the operating system type to ensure that all devices onboarded to Defender for Endpoint receive the appropriate policies. This dynamic group automatically includes devices managed by Defender for Endpoint, eliminating the need for admins to manually create new policies. For more information, see the following article: [Create Microsoft Entra Groups](/mem/intune/protect/mde-security-integration#create-microsoft-entra-groups) 
 
 #### 3. Create an endpoint security policy 
 
@@ -170,7 +170,7 @@ Create a dynamic Microsoft Entra group that uses the operating system type to en
 
 6. When you're done configuring settings, select **Next**.
 
-7. On the **Assignments** page, select the groups that will receive this profile. Then select **Next**.
+7. On the **Assignments** page, select the groups that receive this profile. Then select **Next**.
 
 8. On the **Review + create** page, when you're done, select **Save**. The new profile is displayed in the list when you select the policy type for the profile you created.
 
@@ -416,7 +416,7 @@ To get the name of a detected threat, run the following command:
 mdatp threat list
 ```
 
-For example, to add `EICAR-Test-File (not a virus)` to the allow list, run the following command:
+For example, to add `EICAR-Test-File (not a virus)` to the allowlist, run the following command:
 
 ```bash
 mdatp threat allowed add --name "EICAR-Test-File (not a virus)"
