Merge branch 'MicrosoftDocs:public' into public

Author: JackStuart

.openpublishing.redirection.defender-endpoint.json

@@ -94,6 +94,21 @@
       "source_path": "defender-endpoint/monthly-security-summary-report.md",
       "redirect_url": "/defender-endpoint/threat-protection-reports#monthly-security-summary",
       "redirect_document_id": true
+    },
+    {
+      "source_path": "defender-endpoint/run-analyzer-macos-linux.md",
+      "redirect_url": "/defender-endpoint/overview-client-analyzer",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "defender-endpoint/download-client-analyzer.md",
+      "redirect_url": "/defender-endpoint/overview-client-analyzer",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-endpoint/comprehensive-guidance-on-linux-deployment.md",
+      "redirect_url": "/defender-endpoint/linux-installer-script",
+      "redirect_document_id": true
     }    
   ]
 }

ATPDocs/whats-new.md

@@ -24,6 +24,17 @@ For updates about versions and features released six months ago or earlier, see
 
 ## March 2025
 
+### Enhanced Identity Inventory (Preview)
+
+The Identities page under *Assets* has been updated to provide better visibility and management of identities across your environment.  
+The updated Identities Inventory page now includes the following tabs:
+
+- Identities: A consolidated view of identities across Active Directory, Entra ID. This Identities tab highlights key details, including identity types, and user's information. 
+
+- Cloud application accounts: Displays a list of cloud application accounts, including those from application connectors and third-party sources (original available in the previous version based on Microsoft Defender for Cloud Apps). 
+
+For more information, see [Identity inventory details](/defender-for-identity/identity-inventory). 
+
 ### New LDAP query events added to the IdentityQueryEvents table in Advanced Hunting
 New LDAP query events were added to the `IdentityQueryEvents` table in Advanced Hunting to provide more visibility into additional LDAP search queries running in the customer environment.
 

CloudAppSecurityDocs/release-notes.md

@@ -21,6 +21,16 @@ For news about earlier releases, see [Archive of past updates for Microsoft Defe
 
 ## March 2025
 
+### Enhanced Identity Inventory (Preview)
+
+The Identities page under *Assets* has been updated to provide better visibility and management of identities across your environment. The updated Identities Inventory page now includes the following tabs:
+
+- Identities: A consolidated view of identities across Active Directory, Entra ID. This Identities tab highlights key details, including identity types, and user's information.
+
+- Cloud application accounts: Provides insights into accounts from connected applications via Defender for Cloud Apps, allowing investigation of account permissions, group memberships, aliases, and the applications in use.
+
+For more information, see [Identity inventory details](/defender-for-identity/identity-inventory), [Cloud application accounts](/defender-cloud-apps/accounts).
+
 ### Role-Based Access Control scoping for "Behaviors" (Preview)
 
 Defender for Cloud Apps customers can now configure Role-Based Access Control (RBAC) scoping for 'Behaviors.' This new capability allows administrators to define and manage access permissions more precisely. Administrators can ensure that users have the appropriate level of access to specific application data based on their roles and responsibilities. By using RBAC scoping, organizations can enhance their security posture, streamline operations, and reduce the risk of unauthorized access.

defender-endpoint/TOC.yml

@@ -263,46 +263,54 @@
           items:
           - name: Deploy Defender for Endpoint on Linux
             items:
-            - name: Defender for Endpoint on Linux for ARM64-based devices (preview)
-              href: mde-linux-arm.md
-            - name: Installer script based deployment
-              href: linux-installer-script.md
-            - name: Ansible based deployment
-              href: linux-install-with-ansible.md
-            - name: Chef based deployment
-              href: linux-deploy-defender-for-endpoint-with-chef.md
-            - name: Puppet based deployment
-              href: linux-install-with-puppet.md
-            - name: Saltstack-based deployment
-              href: linux-install-with-saltack.md
-            - name: Manual deployment
-              href: linux-install-manually.md
-            - name: Advanced deployment for Defender for Endpoint on Linux
-              href: comprehensive-guidance-on-linux-deployment.md
-            - name: Deployment guidance for Defender for Endpoint on Linux for SAP
-              href: mde-linux-deployment-on-sap.md
-          - name: Configure Defender for Endpoint on Linux
-            items:
-            - name: Configure and validate exclusions on Linux
-              href: linux-exclusions.md
-            - name: Static proxy configuration
-              href: linux-static-proxy-configuration.md
-            - name: Set preferences
-              href: linux-preferences.md
-            - name: Detect and block Potentially Unwanted Applications
-              href: linux-pua.md
-            - name: Schedule scans with Microsoft Defender for Endpoint on Linux
-              href: linux-schedule-scan-mde.md
-            - name: Schedule antivirus scan in Defender for Endpoint on Linux
-              href: schedule-antivirus-scan-in-mde.md
-            - name: Schedule an update for Microsoft Defender for Endpoint on Linux
-              href: linux-update-MDE-Linux.md
-            - name: Configure eBPF-based sensor
-              href: linux-support-ebpf.md 
-            - name: Configure Offline Security Intelligence Update
-              href: linux-support-offline-security-intelligence-update.md
+            - name: 1 - Prerequisites
+              href: mde-linux-prerequisites.md
+            - name: 2 - Choose a deployment method
+              items:
+              - name: Installer script based deployment
+                href: linux-installer-script.md
+              - name: Ansible based deployment
+                href: linux-install-with-ansible.md
+              - name: Chef based deployment
+                href: linux-deploy-defender-for-endpoint-with-chef.md
+              - name: Puppet based deployment
+                href: linux-install-with-puppet.md
+              - name: Saltstack-based deployment
+                href: linux-install-with-saltack.md
+              - name: Manual deployment
+                href: linux-install-manually.md
+              - name: Direct onboarding with Defender for Cloud
+                href: /azure/defender-for-cloud/onboard-machines-with-defender-for-endpoint?toc=/defender-endpoint/toc.json&bc=/defender-endpoint/breadcrumb/toc.json
+              - name: Defender for Endpoint on Linux for ARM64-based devices (preview)
+                href: mde-linux-arm.md
+              - name: Deployment guidance for Defender for Endpoint on Linux for SAP
+                href: mde-linux-deployment-on-sap.md
+            - name: 3 - Configuration
+              items:
+              - name: Configure security policies and settings
+                href: linux-preferences.md
+              - name: Static proxy configuration
+                href: linux-static-proxy-configuration.md
+              - name: Configure antivirus scans
+                items:
+                - name: Schedule antivirus scans using Anacron
+                  href: schedule-antivirus-scan-in-mde.md
+                - name: Schedule antivirus scans using Crontab
+                  href: linux-schedule-scan-mde.md
+              - name: Configure and validate exclusions on Linux
+                href: linux-exclusions.md
+              - name: Configure eBPF-based sensor
+                href: linux-support-ebpf.md 
+              - name: Detect and block Potentially Unwanted Applications
+                href: linux-pua.md
+              - name: Configure Offline Security Intelligence Update
+                href: linux-support-offline-security-intelligence-update.md
           - name: Update Defender for Endpoint on Linux
-            href: linux-updates.md
+            items: 
+            - name: Update Defender for Endpoint on Linux
+              href: linux-updates.md
+            - name: Schedule an update for Defender for Endpoint on Linux
+              href: linux-update-mde-linux.md
           - name: Privacy for Defender for Endpoint on Linux
             href: linux-privacy.md
           - name: Resources for Microsoft Defender for Endpoint on Linux
@@ -494,12 +502,8 @@
           items:
           - name: Client analyzer overview
             href: overview-client-analyzer.md
-          - name: Download and run the client analyzer
-            href: download-client-analyzer.md
           - name: Run the client analyzer on Windows
             href: run-analyzer-windows.md
-          - name: Run the client analyzer on macOS or Linux
-            href: run-analyzer-macos-linux.md
           - name: Run the client analyzer on Linux
             href: run-analyzer-linux.md
           - name: Run the client analyzer on macOS

defender-endpoint/api/isolate-machine.md

@@ -14,7 +14,7 @@ ms.topic: reference
 ms.subservice: reference
 ms.custom: api
 search.appverid: met150
-ms.date: 03/11/2025
+ms.date: 03/12/2025
 ---
 
 # Isolate machine API

defender-endpoint/api/unisolate-machine.md

@@ -15,7 +15,7 @@ ms.topic: reference
 ms.subservice: reference
 ms.custom: api
 search.appverid: met150
-ms.date: 03/01/2025
+ms.date: 03/12/2025
 ---
 
 # Release device from isolation API
@@ -47,7 +47,7 @@ Undo isolation of a device.
 > [!IMPORTANT]
 >
 > - Full isolation is available for devices on Windows 10, version 1703.
-> - Full isolation is available in **public preview** for all supported Microsoft Defender for Endpoint on Linux listed in [System requirements](../microsoft-defender-endpoint-linux.md#system-requirements).
+> - Full isolation is available in **public preview** for all supported Microsoft Defender for Endpoint on Linux listed in [System requirements](/defender-endpoint/mde-linux-prerequisites).
 > - Selective isolation is available for devices on Windows 10, version 1709 or later.
 > - When isolating a device, only certain processes and destinations are allowed. Therefore, devices that are behind a full VPN tunnel won't be able to reach the Microsoft Defender for Endpoint cloud service after the device is isolated. We recommend using a split-tunneling VPN for Microsoft Defender for Endpoint and Microsoft Defender Antivirus cloud-based protection-related traffic.