Merge branch 'main' into docs-editor/investigate-users-1727439254

Author: diannegali

.openpublishing.redirection.defender.json

@@ -1,5 +1,10 @@
 {
   "redirections": [
+    {
+      "source_path": "defender/threat-intelligence/index-backup.md",
+      "redirect_url": "/defender/threat-intelligence/what-is-microsoft-defender-threat-intelligence-defender-ti",
+      "redirect_document_id": false
+    },
     {
       "source_path": "defender/advanced-hunting-overview.md",
       "redirect_url": "/defender-xdr/advanced-hunting-overview",
@@ -214,6 +219,16 @@
       "source_path": "defender-endpoint/defender-endpoint-antivirus-exclusions.md",
       "redirect_url": "/defender-endpoint/navigate-defender-endpoint-antivirus-exclusions",
       "redirect_document_id": false
-    }
+    },
+    {
+      "source_path": "defender-endpoint/defender-endpoint-demonstration-amsi.md",
+      "redirect_url": "/defender-endpoint/mde-demonstration-amsi",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "defender-xdr/device-profile.md",
+      "redirect_url": "/defender-xdr/entity-page-device",
+      "redirect_document_id": true
+    }    
   ]
 }

defender-endpoint/TOC.yml

@@ -59,44 +59,43 @@
     - name: Antivirus solution compatibility with Defender for Endpoint
       href: defender-compatibility.md
 
-  - name: Microsoft Defender for Endpoint demonstrations
+  - name: Microsoft Defender for Endpoint demonstrations and evaluation
     items:
-    - name: Microsoft Defender for Endpoint demonstrations
+    - name: Evaluate Microsoft Defender Antivirus
+      href: evaluate-microsoft-defender-antivirus.md
       items:
-      - name: Overview
-        href: evaluate-microsoft-defender-antivirus.md
       - name: Evaluate Microsoft Defender Antivirus using PowerShell
         href: microsoft-defender-antivirus-using-powershell.md
       - name: Evaluate Microsoft Defender Antivirus using Microsoft Defender Endpoint Security Settings Management
         href: evaluate-mda-using-mde-security-settings-management.md
       - name: Evaluate Microsoft Defender Antivirus using Group Policy 
         href: evaluate-mdav-using-gp.md  
-      - name: Microsoft Defender for Endpoint demonstration scenarios
-        href: defender-endpoint-demonstrations.md
+    - name: Demonstration scenarios
+      href: defender-endpoint-demonstrations.md
+      items:
+      - name: AMSI demonstrations
+        href: mde-demonstration-amsi.md
+      - name: Antimalware validation demonstration
+        href: validate-antimalware.md
+      - name: Attack surface reduction rules demonstration
+        href: defender-endpoint-demonstration-attack-surface-reduction-rules.md
       - name: App reputation demonstration
         href: defender-endpoint-demonstration-app-reputation.md
-      - name: Behavior monitoring demonstrations
+      - name: Behavior monitoring demonstration
         href: demonstration-behavior-monitoring.md
-      - name: Validate antimalware
-        href: validate-antimalware.md
-      - name: AMSI demonstrations
-        href: defender-endpoint-demonstration-amsi.md
-        displayName: Antimalware Scan Interface (AMSI), AMSI
-      - name: Attack surface reduction rules demonstrations
-        href: defender-endpoint-demonstration-attack-surface-reduction-rules.md
-      - name: Cloud-delivered protection demonstration
+      - name: Cloud-delivered protection
         href: defender-endpoint-demonstration-cloud-delivered-protection.md
-      - name: Controlled folder access (CFA) demonstration (block script)
+      - name: Controlled folder access (block script) demonstration
         href: defender-endpoint-demonstration-controlled-folder-access-test-tool.md
-      - name: Controlled folder access (CFA) demonstrations (block ransomware)
+      - name: Controlled folder access (block ransomware) demonstration
         href: defender-endpoint-demonstration-controlled-folder-access.md
-      - name: EDR detections
+      - name: EDR detections demonstration
         href: edr-detection.md
-      - name: Exploit protection (EP) demonstrations
+      - name: Exploit protection demonstration
         href: defender-endpoint-demonstration-exploit-protection.md
-      - name: Network protection demonstrations
+      - name: Network protection demonstration
         href: defender-endpoint-demonstration-network-protection.md
-      - name: Potentially unwanted applications (PUA) demonstration
+      - name: Potentially unwanted applications demonstration
         href: defender-endpoint-demonstration-potentially-unwanted-applications.md
       - name: URL reputation demonstrations
         href: defender-endpoint-demonstration-smartscreen-url-reputation.md

defender-endpoint/android-configure.md

@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: android
 search.appverid: met150
-ms.date: 08/30/2024
+ms.date: 10/18/2024
 ---
 
 # Configure Defender for Endpoint on Android features
@@ -197,9 +197,9 @@ Defender for Endpoint supports vulnerability assessment of apps in the work prof
 1. In [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Apps** \> **App configuration policies** \\> **Add** > **Managed devices**.
 2. Give the policy a name; **Platform \> Android Enterprise**; select the profile type.
 3. Select **Microsoft Defender for Endpoint** as the target app.
-4. In Settings page, select **Use configuration designer** and add **DefenderTVMPrivacyMode** as the key and value type as **Integer**
+1. In Settings page, select **Use configuration designer** and add **Enable TVM Privacy** as the key and value type as **Integer**
 
-   - To disable vulnerability of apps in the work profile, enter value as `1` and assign this policy to users. By default, this value is set to `0`.
+- To disable vulnerability of apps in the work profile, enter value as `1` and assign this policy to users. By default, this value is set to `0`.
    - For users with key set as `0`, Defender for Endpoint sends the list of apps from the work profile to the backend service for vulnerability assessment.
 
 5. Select **Next** and assign this profile to targeted devices/users.

defender-endpoint/android-intune.md

@@ -15,7 +15,7 @@ ms.custom: partner-contribution
 ms.topic: conceptual
 ms.subservice: android
 search.appverid: met150
-ms.date: 07/25/2024
+ms.date: 10/11/2024
 ---
 
 # Deploy Microsoft Defender for Endpoint on Android with Microsoft Intune
@@ -284,7 +284,10 @@ Android low touch onboarding is disabled by default. Admins can enable it throug
 
       > [!div class="mx-imgBorder"]
    > ![Screenshot showing a low touch onboarding configuration policy.](media/low-touch-user-upn.png)
-   
+
+> [!Note]
+> Once the policy is created, these value types will show as string.
+ 
 8. Assign the policy to the target user group.
 
 9. Review and create the policy.

defender-endpoint/customize-controlled-folders.md

@@ -15,7 +15,7 @@ ms.collection:
 - tier2
 - mde-asr
 search.appverid: met150
-ms.date: 10/27/2023
+ms.date: 10/17/2024
 ---
 
 # Customize controlled folder access
@@ -33,8 +33,12 @@ ms.date: 10/27/2023
 > [!TIP]
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-assignaccess-abovefoldlink)
 
-Controlled folder access helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is supported on Windows Server 2019, Windows Server 2022, Windows 10, and Windows 11 clients. This article describes how to customize controlled folder access capabilities, and includes the following sections:
+Controlled folder access helps you protect valuable data from malicious apps and threats, such as ransomware. Controlled folder access is supported on Windows Server 2019, Windows Server 2022, Windows 10, and Windows 11 clients.
 
+> [!IMPORTANT]
+> Controlled folder access is not supported on Linux servers.
+
+This article describes how to customize controlled folder access capabilities, and includes the following sections:
 - [Protect additional folders](#protect-additional-folders)
 - [Add apps that should be allowed to access protected folders](#allow-specific-apps-to-make-changes-to-controlled-folders)
 - [Allow signed executable files to access protected folders](#allow-signed-executable-files-to-access-protected-folders)