Merge pull request #2333 from MicrosoftDocs/v-smandalika-9664381-B2

DefenderDocs - v-smandalika - 9664381 - Updated the metadata

Author: rjagiewich

defender-endpoint/behavior-monitor.md

@@ -1,8 +1,9 @@
 ---
 title: Behavior monitoring in Microsoft Defender Antivirus
 description: Learn about Behavior monitoring in Microsoft Defender Antivirus and Defender for Endpoint.
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: yongrhee
 manager: deniseb
 audience: ITPro
 ms.topic: conceptual

defender-endpoint/cloud-protection-microsoft-defender-antivirus.md

@@ -3,8 +3,8 @@ title: Cloud protection and Microsoft Defender Antivirus
 description: Learn about cloud protection and Microsoft Defender Antivirus
 ms.service: defender-endpoint
 ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
 ms.reviewer: mkaminska
 manager: deniseb
 ms.custom: nextgen

defender-endpoint/common-exclusion-mistakes-microsoft-defender-antivirus.md

@@ -3,10 +3,10 @@ title: Common mistakes to avoid when defining exclusions
 description: Avoid common mistakes when defining exclusions for Microsoft Defender Antivirus scans.
 ms.service: defender-endpoint
 ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
 ms.custom: nextgen
-ms.reviewer:
+ms.reviewer: yongrhee
 manager: deniseb
 ms.subservice: ngp
 ms.topic: conceptual

defender-endpoint/configure-advanced-scan-types-microsoft-defender-antivirus.md

@@ -3,8 +3,8 @@ title: Configure scanning options for Microsoft Defender Antivirus
 description: You can configure Microsoft Defender Antivirus to scan email storage files, back-up or reparse points, network files, and archived files (such as .zip files).
 ms.service: defender-endpoint
 ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
 ms.custom: nextgen
 ms.reviewer: pahuijbr
 manager: deniseb

defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus.md

@@ -3,8 +3,8 @@ title: Enable block at first sight to detect malware in seconds
 description: Turn on the block at first sight feature to detect and block malware within seconds.
 ms.service: defender-endpoint
 ms.localizationpriority: high
-author: denisebmsft
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
 ms.reviewer: marcmcc
 manager: deniseb
 ms.custom: nextgen
@@ -32,7 +32,7 @@ search.appverid: met150
 This article describes an antivirus/antimalware feature known as "block at first sight", and describes how to enable block at first sight for your organization.
 
 > [!TIP]
-> This article is intended for enterprise admins and IT Pros who manage security settings for organizations. If you are not an enterprise admin or IT Pro but you have questions about block at first sight, see the [Not an enterprise admin or IT Pro?](#not-an-enterprise-admin-or-it-pro) section.
+> This article is intended for enterprise admins and IT Pros who manage security settings for organizations. If you aren't an enterprise admin or IT Pro but you have questions about block at first sight, see the [Not an enterprise admin or IT Pro?](#not-an-enterprise-admin-or-it-pro) section.
 
 ## What is "block at first sight"?
 
@@ -57,9 +57,9 @@ Microsoft Defender Antivirus uses multiple detection and prevention technologies
 
 ## A few things to know about block at first sight
 
-- Block at first sight can block non-portable executable files (such as JS, VBS, or macros) and executable files, running the [latest Defender antimalware platform](microsoft-defender-antivirus-updates.md) on Windows or Windows Server.
+- Block at first sight can block nonportable executable files (such as JS, VBS, or macros) and executable files, running the [latest Defender antimalware platform](microsoft-defender-antivirus-updates.md) on Windows or Windows Server.
 
-- Block at first sight only uses the cloud protection backend for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the `.exe` file is checked via the cloud backend to determine if the file is a previously undetected file.
+- Block at first sight only uses the cloud protection backend for executable files and nonportable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the `.exe` file is checked via the cloud backend to determine if the file is a previously undetected file.
 
 - If the cloud backend is unable to make a determination, Microsoft Defender Antivirus locks the file and uploads a copy to the cloud. The cloud performs more analysis to reach a determination before it either allows the file to run or blocks it in all future encounters, depending on whether it determines the file to be malicious or not a threat.
 
@@ -98,7 +98,7 @@ Microsoft Defender Antivirus uses multiple detection and prevention technologies
 3. In the MAPS section, double-click **Configure the 'Block at First Sight' feature**, and set it to **Enabled**, and then select **OK**.
 
     > [!IMPORTANT]
-    > Setting to **Always prompt (0)** will lower the protection state of the device. Setting to **Never send (2)** means block at first sight will not function.
+    > Setting to **Always prompt (0)** lowers the protection state of the device. Setting to **Never send (2)** means block at first sight won't function.
 
 4. In the MAPS section, double-click **Send file samples when further analysis is required**, and set it to **Enabled**. Under **Send file samples when further analysis is required**, select **Send all samples**, and then select **OK**.
 
@@ -118,13 +118,13 @@ You can confirm that block at first sight is enabled on individual client device
 
 > [!NOTE]
 >
-> - If the prerequisite settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints.
-> - Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings.
+> - If the prerequisite settings are configured and deployed using Group Policy, the settings described in this section are greyed-out and unavailable for use on individual endpoints.
+> - Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting gets updated in Windows Settings.
 
 ## Turn off block at first sight
 
 > [!CAUTION]
-> Turning off block at first sight will lower the protection state of your device(s) and your network. We do not recommend disabling block at first sight protection permanently.
+> Turning off block at first sight lowers the protection state of your devices and your network. We don't recommend disabling block at first sight protection permanently.
 
 ### Turn off block at first sight with Microsoft Intune
 
@@ -144,22 +144,22 @@ You can confirm that block at first sight is enabled on individual client device
 
 1. On your Group Policy management computer, open the [Group Policy Management Console](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731212(v=ws.11)), right-click the Group Policy Object you want to configure, and then select **Edit**.
 
-2. Using the **Group Policy Management Editor** go to **Computer configuration** and select **Administrative templates**.
+2. Using the **Group Policy Management Editor**, go to **Computer configuration** and select **Administrative templates**.
 
 3. Expand the tree through **Windows components** \> **Microsoft Defender Antivirus** \> **MAPS**.
 
 4. Double-click **Configure the 'Block at First Sight' feature** and set the option to **Disabled**.
 
     > [!NOTE]
-    > Disabling block at first sight does not disable or alter the prerequisite group policies.
+    > Disabling block at first sight doesn't disable or alter the prerequisite group policies.
 
 ## Not an enterprise admin or IT Pro?
 
-If you are not an enterprise admin or an IT Pro, but you have questions about block at first sight, this section is for you. Block at first sight is a threat protection feature that detects and blocks malware within seconds. Although there isn't a specific setting called "Block at first sight," the feature is enabled when certain settings are configured on your device.
+If you aren't an enterprise admin or an IT Pro, but you have questions about block at first sight, this section is for you. Block at first sight is a threat protection feature that detects and blocks malware within seconds. Although there isn't a specific setting called "Block at first sight," the feature is enabled when certain settings are configured on your device.
 
 ### How to manage block at first sight on or off on your own device
 
-If you have a personal device that is not managed by an organization, you might be wondering how to turn block at first sight on or off. You can use the Windows Security app to manage block at first sight.
+If you have a personal device that isn't managed by an organization, you might be wondering how to turn block at first sight on or off. You can use the Windows Security app to manage block at first sight.
 
 1. On your Windows 10 or Windows 11 computer, open the Windows Security app.
 
@@ -174,7 +174,7 @@ If you have a personal device that is not managed by an organization, you might
    - To disable block at first sight, turn off **Cloud-delivered protection** or **Automatic sample submission**.
 
      > [!CAUTION]
-     > Turning off block at first sight lowers the level of protection for your device. We do not recommend permanently disabling block at first sight.
+     > Turning off block at first sight lowers the level of protection for your device. We don't recommend permanently disabling block at first sight.
 
 ## See also
 

defender-endpoint/configure-local-policy-overrides-microsoft-defender-antivirus.md

@@ -4,12 +4,12 @@ description: Enable or disable users from locally changing settings in Microsoft
 ms.service: defender-endpoint
 ms.subservice: ngp
 ms.localizationpriority: medium
-author: denisebmsft
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
 ms.topic: conceptual
 ms.custom: nextgen
 ms.date: 07/25/2024
-ms.reviewer: 
+ms.reviewer: yongrhee
 manager: deniseb
 ms.collection: 
 - m365-security

defender-endpoint/configure-notifications-microsoft-defender-antivirus.md

@@ -4,12 +4,12 @@ description: Learn how to configure and customize both standard and other Micros
 ms.service: defender-endpoint
 ms.subservice: ngp
 ms.localizationpriority: medium
-author: denisebmsft
+author: emmwalshh
 ms.topic: conceptual
-ms.author: deniseb
+ms.author: ewalsh
 ms.custom: nextgen
 ms.date: 10/18/2021
-ms.reviewer: 
+ms.reviewer: yongrhee
 manager: deniseb
 ms.collection: 
 - m365-security
@@ -35,12 +35,12 @@ If you're part of your organization's security team, you can configure how notif
 
 ## Configure antivirus notifications using Group Policy or the Windows Security app
 
-You can configure the display of additional notifications, such as recent threat detection summaries, in the [Windows Security app](microsoft-defender-security-center-antivirus.md) and with Group Policy.
+You can configure the display of more notifications, such as recent threat detection summaries, in the [Windows Security app](microsoft-defender-security-center-antivirus.md) and with Group Policy.
 
 > [!NOTE]
 > In Windows 10, version 1607 the feature was called **Enhanced notifications** and was configured under **Windows Settings** \> **Update & security** \> **Windows Defender**. In Group Policy settings for all versions of Windows 10 and Windows 11, the notification feature is called **Enhanced notifications**.
 
-### Use Group Policy to disable additional notifications
+### Use Group Policy to disable other notifications
 
 1. On your Group Policy management computer, open the [Group Policy Management Console](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731212(v=ws.11)).
 
@@ -52,10 +52,10 @@ You can configure the display of additional notifications, such as recent threat
 
 5. Expand the tree to **Windows components** \> **Microsoft Defender Antivirus** > **Reporting**.
 
-6. Double-click **Turn off enhanced notifications**, and set the option to **Enabled**. Then select **OK**. This will prevent additional notifications from appearing.
+6. Double-click **Turn off enhanced notifications**, and set the option to **Enabled**. Then select **OK**. This setting prevents more notifications from appearing.
 
 > [!IMPORTANT]
-> Disabling additional notifications will not disable critical notifications, such as threat detection and remediation alerts.
+> Disabling other notifications won't disable critical notifications, such as threat detection and remediation alerts.
 
 ### Use the Windows Security app to disable additional notifications
 
@@ -65,20 +65,20 @@ You can configure the display of additional notifications, such as recent threat
 
 3. Scroll to the **Notifications** section and select **Change notification settings**.
 
-4. Slide the switch to **Off** or **On** to disable or enable additional notifications.
+4. Slide the switch to **Off** or **On** to disable or enable other notifications.
 
 > [!IMPORTANT]
-> Disabling additional notifications will not disable critical notifications, such as threat detection and remediation alerts.
+> Disabling other notifications won't disable critical notifications, such as threat detection and remediation alerts.
 
 ## Configure standard notifications on endpoints using Group Policy
 
 You can use Group Policy to:
 
-- Display additional, customized text on endpoints when the user needs to perform an action
+- Display more, customized text on endpoints when the user needs to perform an action
 - Hide all notifications on endpoints
 - Hide reboot notifications on endpoints
 
-Hiding notifications can be useful in situations where you can't hide the entire Microsoft Defender Antivirus interface. See [Prevent users from seeing or interacting with the Microsoft Defender Antivirus user interface](prevent-end-user-interaction-microsoft-defender-antivirus.md) for more information. Hiding notifications will only occur on endpoints to which the policy has been deployed. Notifications related to actions that must be taken (such as a reboot) will still appear on the [Microsoft Configuration Manager Endpoint Protection monitoring dashboard and reports](/configmgr/protect/deploy-use/monitor-endpoint-protection). 
+Hiding notifications can be useful in situations where you can't hide the entire Microsoft Defender Antivirus interface. See [Prevent users from seeing or interacting with the Microsoft Defender Antivirus user interface](prevent-end-user-interaction-microsoft-defender-antivirus.md) for more information. Hiding notifications will only occur on endpoints to which the policy is deployed. Notifications related to actions that must be taken (such as a reboot) will still appear on the [Microsoft Configuration Manager Endpoint Protection monitoring dashboard and reports](/configmgr/protect/deploy-use/monitor-endpoint-protection). 
 
 To add custom contact information to endpoint notifications, see [Customize the Windows Security app for your organization](/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center).
 
@@ -94,7 +94,7 @@ To add custom contact information to endpoint notifications, see [Customize the
 
 5. Double-click **Suppress all notifications** and set the option to **Enabled**. 
 
-6. Select **OK**. This will prevent additional notifications from appearing.
+6. Select **OK**. This setting prevents more notifications from appearing.
 
 ### Use Group Policy to hide reboot notifications
 
@@ -110,7 +110,7 @@ To add custom contact information to endpoint notifications, see [Customize the
 
 5. Double-click **Suppresses reboot notifications** and set the option to **Enabled**. 
 
-5. Select **OK**. This will prevent additional notifications from appearing.
+5. Select **OK**. This setting prevents more notifications from appearing.
 
 > [!TIP]
 > If you're looking for Antivirus related information for other platforms, see: