Merge branch 'main' into batamig-patch-3

Author: Ruchika-mittal01

.acrolinx-config.edn

@@ -1,6 +1,6 @@
 {:changed-files-limit 60
  :allowed-branchname-matches ["main" "release-.*"]
- :allowed-filename-matches ["ATADocs/" "CloudAppSecurityDocs/" "defender/" "defender-business/" "defender-endpoint/" "defender-for-cloud/" "defender-for-iot/" "defender-office-365/" "defender-vulnerability-management/" "defender-xdr/" "exposure-management/" "unified-secops-platform/"] ;; Can be overridden in repo-specific edn file. This is an allow list that identifies which folders contain the files Acrolinx will check. Separate multiple folders as follows ["folder/" "folder2"]
+ :allowed-filename-matches ["ATADocs/" "ATPDocs/" "CloudAppSecurityDocs/" "defender/" "defender-business/" "defender-endpoint/" "defender-for-cloud/" "defender-for-iot/" "defender-office-365/" "defender-vulnerability-management/" "defender-xdr/" "exposure-management/" "unified-secops-platform/"] ;; Can be overridden in repo-specific edn file. This is an allow list that identifies which folders contain the files Acrolinx will check. Separate multiple folders as follows ["folder/" "folder2"]
 
 :use-gh-statuses true
 

ATPDocs/investigate-assets.md

@@ -45,7 +45,9 @@ Find identity information in the following Microsoft Defender XDR areas:
 
 For example, the following image shows the details on an identity details page:
 
-:::image type="content" source="media/investigate-assets/identity-details.png" alt-text="Screenshot of an identity details page." lightbox="media/investigate-assets/identity-details.png":::
+![Screenshot of a specific user's page in the Microsoft Defender portal.](media/investigate-assets/image.png)
+
+
 
 ### Identity details
 
@@ -60,6 +62,10 @@ When you investigate a specific identity, you'll see the following details on an
 |[Identity timeline](/microsoft-365/security/defender/investigate-users#timeline)     | The timeline represents activities and alerts observed from a user's identity from the last 180 days, unifying identity entries across Microsoft Defender for Identity, Microsoft Defender for Cloud Apps, and Microsoft Defender for Endpoint. <br><br>Use the timeline to focus on activities a user performed or were performed on them in specific timeframes. Select the default **30 days** to change the time range to another built-in value, or to a custom range.       |
 |[Remediation actions](/microsoft-365/security/defender/investigate-users#remediation-actions)      |     Respond to compromised users by disabling their accounts or resetting their password. After taking action on users, you can check on the activity details in the Microsoft Defender XDR **Action center.|
 
+> [!NOTE]
+> **Investigation Priority Score** has been deprecated on December 3, 2025. As a result, both the Investigation Priority Score breakdown and the scored activity timeline cards have been removed from the UI. 
+
+  
 For more information, see [Investigate users](/microsoft-365/security/defender/investigate-users) in the Microsoft Defender XDR documentation.
 
 ## Investigation steps for suspicious groups

ATPDocs/media/investigate-assets/image.png

@@ -5,7 +5,7 @@ ms.date: 11/20/2023
 ms.topic: how-to
 ---
 
-# Security assessment: Edit misconfigured certificate templates ACL (ESC4)  (Preview)
+# Security assessment: Edit misconfigured certificate templates ACL (ESC4)
 
 This article describes Microsoft Defender for Identity's **Misconfigured certificate template ACL** security posture assessment report.
 

ATPDocs/security-assessment-edit-misconfigured-acl.md

@@ -5,7 +5,7 @@ ms.date: 11/14/2023
 ms.topic: how-to
 ---
 
-# Security assessment: Edit misconfigured Certificate Authority ACL (ESC7)  (Preview)
+# Security assessment: Edit misconfigured Certificate Authority ACL (ESC7)
 
 This article describes Microsoft Defender for Identity's **Misconfigured certificate authority ACL** security posture assessment report.
 

ATPDocs/security-assessment-edit-misconfigured-ca-acl.md

@@ -5,7 +5,7 @@ ms.date: 11/20/2023
 ms.topic: how-to
 ---
 
-# Security assessment: Edit misconfigured enrollment agent certificate template (ESC3)  (Preview)
+# Security assessment: Edit misconfigured enrollment agent certificate template (ESC3)
 
 This article describes Microsoft Defender for Identity's **Misconfigured enrollment agent certificate template** security posture assessment report.
 

ATPDocs/security-assessment-edit-misconfigured-enrollment-agent.md

@@ -5,7 +5,7 @@ ms.date: 11/14/2023
 ms.topic: how-to
 ---
 
-# Security assessment: Edit misconfigured certificate templates owner (ESC4) (Preview)
+# Security assessment: Edit misconfigured certificate templates owner (ESC4)
 
 This article provides an overview of Microsoft Defender for Identity's **Misconfigured certificate templates owner (ESC4)** security posture assessment report.
 

ATPDocs/security-assessment-edit-misconfigured-owner.md

@@ -5,7 +5,7 @@ ms.date: 11/20/2023
 ms.topic: how-to
 ---
 
-# Security assessment: Edit overly permissive certificate template with privileged EKU (Any purpose EKU or No EKU) (ESC2)  (Preview)
+# Security assessment: Edit overly permissive certificate template with privileged EKU (Any purpose EKU or No EKU) (ESC2)
 
 This article describes Microsoft Defender for Identity's **Overly permissive certificate template with privileged EKU** security posture assessment report.
 

ATPDocs/security-assessment-edit-overly-permissive-template.md

@@ -5,7 +5,7 @@ ms.date: 11/20/2023
 ms.topic: how-to
 ---
 
-# Security assessment: Enforce encryption for RPC certificate enrollment interface (ESC11)  (Preview)
+# Security assessment: Enforce encryption for RPC certificate enrollment interface (ESC11)
 
 This article describes Microsoft Defender for Identity's **Enforce encryption for RPC certificate enrollment** security posture assessment report.
 

ATPDocs/security-assessment-enforce-encryption-rpc.md

@@ -70,7 +70,7 @@ sections:
           
           - **[UEBA capabilities](/cloud-app-security/tutorial-ueba)**: Insights into individual user risk through user investigation priority scoring. The score can assist SecOps in their investigations and help analysts understand unusual activities for the user and the organization.
           
-          - **Native integrations**: Integrates with Microsoft Defender for Cloud Apps and Azure AD Identity Protection to provide a hybrid view of what's taking place in both on-premises and hybrid environments.
+          - **Native integrations**: Integrates with Microsoft Defender for Cloud Apps and Microsoft Entra ID Protection to provide a hybrid view of what's taking place in both on-premises and hybrid environments.
           
           - **Contributes to Microsoft Defender XDR**: Contributes alert and threat data to  Microsoft Defender XDR. Microsoft Defender XDR uses the Microsoft 365 security portfolio (identities, endpoints, data, and applications) to automatically analyze cross-domain threat data, building a complete picture of each attack in a single dashboard.