Merge branch 'main' into diannegali-xdrmdedeploy

Author: diannegali

CloudAppSecurityDocs/activity-filters-queries.md

@@ -35,7 +35,7 @@ Below is a list of the activity filters that can be applied. Most filters suppor
 - Administrative activity – Search only for administrative activities.
 
   >[!NOTE]
-  > Defender for Cloud Apps can't mark Google Cloud Platform (GCP) administrative activities as administrative activities.
+  > Defender for Cloud Apps classifies all GCP activities as administrative activities.
 
 - Alert ID - Search by alert ID.
 

defender-business/mdb-faq.yml

@@ -10,7 +10,7 @@ metadata:
   ms.topic: faq
   ms.service: defender-business
   ms.localizationpriority: medium
-  ms.date: 01/02/2024
+  ms.date: 03/19/2024
   ms.reviewer: efratka, nehabha
   f1.keywords: NOCSH
   ms.collection:
@@ -157,7 +157,7 @@ sections:
           | Cross-platform support <br/>(Mac, iOS, Android)| ✔ | ✔ | ✔ |
           | Windows Server and Linux Server <br/>(requires server licenses) | ✔  | ✔ | ✔ |
           | Microsoft Threat Experts | | | ✔ |
-          | Microsoft 365 Lighthouse <br/>(optimized; for CSPs only) | ✔ | | |
+          | Microsoft 365 Lighthouse <br/>(optimized; for CSPs only) | ✔ | ✔ | ✔ |
           | Microsoft Defender multi-tenant management | ✔ | ✔ | ✔ |
           | APIs | ✔  | ✔ | ✔ |
 

defender-endpoint/supported-capabilities-by-platform.md

@@ -52,17 +52,17 @@ The following table gives information about the supported Microsoft Defender for
 |[Vulnerability management](/defender-vulnerability-management/defender-vulnerability-management)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg) <br/>(preview)|
 |**Response**     |         |         |         ||
 |[Automated Investigation & Response (AIR)](automated-investigations.md)        | ![Yes.](media/svg/check-yes.svg)        | ![Yes.](media/svg/check-yes.svg)  |  ![No](media/svg/check-no.svg)       |  ![No](media/svg/check-no.svg)        |
-|[Device response capabilities: collect investigation package ](respond-machine-alerts.md)        | ![Yes.](media/svg/check-yes.svg)        | ![Yes.](media/svg/check-yes.svg)   |  ![Yes.](media/svg/check-yes.svg) <br/>(preview)  |  ![Yes.](media/svg/check-yes.svg) <br/>(preview) |
+|[Device response capabilities: collect investigation package ](respond-machine-alerts.md)        | ![Yes.](media/svg/check-yes.svg)        | ![Yes.](media/svg/check-yes.svg)   |  ![Yes.](media/svg/check-yes.svg)  |  ![Yes.](media/svg/check-yes.svg)  |
 |[Device response capabilities: run antivirus scan](respond-machine-alerts.md)        | ![Yes.](media/svg/check-yes.svg)        | ![Yes.](media/svg/check-yes.svg)   |  ![Yes.](media/svg/check-yes.svg)        |  ![Yes.](media/svg/check-yes.svg)         |
 |[Device isolation](respond-machine-alerts.md)        | ![Yes.](media/svg/check-yes.svg)        | ![Yes.](media/svg/check-yes.svg)   |  ![Yes.](media/svg/check-yes.svg)       |  ![Yes.](media/svg/check-yes.svg)    |
-|File response capabilities: collect file, deep analysis, block file, stop, and quarantine processes  | ![Yes.](media/svg/check-yes.svg)        | ![Yes.](media/svg/check-yes.svg)   |  ![Yes.](media/svg/check-yes.svg) <br/>(preview) |  ![Yes.](media/svg/check-yes.svg) <br/>(preview) |
+|File response capabilities: collect file, deep analysis  | ![Yes.](media/svg/check-yes.svg)        | ![Yes.](media/svg/check-yes.svg)   |  ![Yes.](media/svg/check-yes.svg) |  ![Yes.](media/svg/check-yes.svg) |
+|File response capabilities: block file, stop, and quarantine processes  | ![Yes.](media/svg/check-yes.svg)        | ![Yes.](media/svg/check-yes.svg)   |  ![No](media/svg/check-no.svg) |  ![No](media/svg/check-no.svg) |
 |[Live Response](live-response.md)       | ![Yes.](media/svg/check-yes.svg)        | ![Yes.](media/svg/check-yes.svg) |  ![Yes.](media/svg/check-yes.svg)       |  ![Yes.](media/svg/check-yes.svg)      |
 
 > [!NOTE]
 > - For Windows Server 2012 R2 and Windows Server 2016, use the modern, unified solution. See [Onboard Windows Servers to the Defender for Endpoint service](configure-server-endpoints.md).
+> - On Linux Server, network protection, web protection, and custom network indicators are currently in preview.
 > - On Linux, network protection, web protection, and custom network indicators are currently in preview.
-> - On Linux and Mac, [Device response capabilities: collect investigation package ](respond-machine-alerts.md) is currently in preview. You can also use [Live Response](live-response.md).
-> - On Linux and Mac, [File response capabilities: collect file, deep analysis, block file, stop, and quarantine processes](respond-file-alerts.md) are currently in preview. You can also use [Live Response](live-response.md).
 > - Endpoint & network device discovery is supported on Windows Server 2019 or later, and on Windows 10 and Windows 11.
 > - Microsoft Defender Vulnerability Management is not supported on Rocky and Alma currently.
 > - For Windows 7, Windows 8.1, and Windows Server 2008 R2, use System Center Endpoint Protection (SCEP) for the EDR sensor and antivirus protection.