Merge branch 'main' of https://github.com/MicrosoftDocs/defender-docs-pr

Author: DebLanger

.openpublishing.redirection.defender.json

@@ -204,6 +204,11 @@
       "source_path": "defender-endpoint/mssp-support.md",
       "redirect_url": "/defender-endpoint/configure-mssp-support",
       "redirect_document_id": true
+    },
+    {
+      "source_path": "defender-endpoint/evaluate-mde.md",
+      "redirect_url": "/defender-endpoint/evaluate-microsoft-defender-antivirus",
+      "redirect_document_id": false
     }
   ]
 }

defender-endpoint/admin-submissions-mde.md

@@ -10,7 +10,7 @@ manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
 ms.topic: how-to
-ms.collection: 
+ms.collection:
 - m365-security
 - tier3
 ms.custom: FPFN
@@ -35,13 +35,15 @@ The new unified submissions experience is available only in subscriptions that i
 You need to assign permissions before you can perform the procedures in this article. Use one of the following options:
 
 **Microsoft Defender for Endpoint** permissions:
- - Submit files / file hashes: _"Alerts investigation" or "Manage security settings in Security Center"_
- - View submissions: "_View Data - Security operations"_
-                  
-**Microsoft Defender XDR** unified RBAC permissions:
- - Submit files / file hashes: *"Alerts (Manage)" or "Core security settings (manage)"*
- - View submissions: _"Security data basics (read)"_
-                        
+
+- Submit files / file hashes: _"Alerts investigation" or "Manage security settings in Security Center"_
+- View submissions: "_View Data - Security operations"_
+
+**Microsoft Defender XDR Unified RBAC** permissions:
+
+- Submit files / file hashes: _"Alerts (Manage)" or "Core security settings (manage)"_
+- View submissions: _"Security data basics (read)"_
+
 For more information about how you can submit spam, phish, URLs, and email attachments to Microsoft, see [Use the Submissions page to submit suspected spam, phish, URLs, legitimate email getting blocked, and email attachments to Microsoft](/defender-office-365/submissions-admin).
 
 ## Submit a file or file hash to Microsoft from the Defender portal
@@ -54,7 +56,7 @@ For more information about how you can submit spam, phish, URLs, and email attac
 
    :::image type="content" source="/defender/media/unified-admin-submission-new.png" alt-text="Screenshot showing how to add a new submission.":::
 
-2. In the **Submit items to Microsoft for review** flyout that opens, select **Files** or **File hash** from the **Select the submission type** dropdown list.
+4. In the **Submit items to Microsoft for review** flyout that opens, select **Files** or **File hash** from the **Select the submission type** dropdown list.
 
    - If you selected **Files**, configure the following options:
      - Select **Browse files**. In the dialog that opens, find and select the file, and then select **Open**. Repeat this step as many times as necessary. To remove an entry from the flyout, select :::image type="icon" source="/defender/media/m365-cc-sc-close-icon.png" border="false"::: next to the entry.

defender-endpoint/android-configure-mam.md

@@ -14,7 +14,7 @@ ms.collection:
 - mde-android
 ms.topic: conceptual
 ms.subservice: android
-ms.date: 01/13/2023
+ms.date: 07/25/2024
 ---
 
 # Configure Microsoft Defender for Endpoint on Android risk signals using App Protection Policies (MAM)
@@ -138,7 +138,7 @@ End users also need to take steps to install Microsoft Defender for Endpoint on
 
 ## Configure Web protection
 
-Defender for Endpoint on Android allows IT Administrators to configure web protection. Web protection is available within the [Microsoft Intune admin center](https://endpoint.microsoft.com).
+Defender for Endpoint on Android allows IT Administrators to configure web protection. Web protection is available within the [Microsoft Intune admin center](https://intune.microsoft.com).
 
 Web protection helps to secure devices against web threats and protect users from phishing attacks. Note that anti-phishing and custom indicators (URL and IP addresses) are supported as part of web protection. Web content filtering is currently not supported on mobile platforms.
 

defender-endpoint/android-intune.md

@@ -15,7 +15,7 @@ ms.custom: partner-contribution
 ms.topic: conceptual
 ms.subservice: android
 search.appverid: met150
-ms.date: 05/22/2024
+ms.date: 07/25/2024
 ---
 
 # Deploy Microsoft Defender for Endpoint on Android with Microsoft Intune
@@ -293,7 +293,7 @@ Android low touch onboarding is disabled by default. Admins can enable it throug
 
 ### Set up Microsoft Defender in Personal Profile
 
-Admins can go to the [Microsoft Endpoint Management admin center](https://endpoint.microsoft.com) to set up and configure Microsoft Defender support in personal profiles by following these steps:
+Admins can go to the [Microsoft Endpoint Management admin center](https://intune.microsoft.com) to set up and configure Microsoft Defender support in personal profiles by following these steps:
 
 1. Go to **Apps> App configuration policies** and click on **Add**. Select **Managed Devices**.
 

defender-endpoint/attack-surface-reduction-rules-deployment.md

@@ -17,7 +17,7 @@ ms.collection:
  - highpri
  - tier1
  - mde-asr
-ms.date: 07/13/2023
+ms.date: 07/25/2024
 search.appverid: met150
 ---
 
@@ -199,7 +199,7 @@ Some rules don't work well if unsigned, internally developed application and scr
 
 ### Management sites
 
-[Microsoft Intune admin center](https://endpoint.microsoft.com/#home)
+[Microsoft Intune admin center](https://intune.microsoft.com/#home)
 
 [Attack surface reduction](https://security.microsoft.com/asr?viewid=detections)
 

defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus.md

@@ -8,7 +8,7 @@ ms.author: siosulli
 ms.reviewer: marcmcc
 manager: deniseb
 ms.custom: nextgen
-ms.date: 02/16/2024
+ms.date: 07/25/2024
 ms.subservice: ngp
 ms.topic: conceptual
 ms.collection: 
@@ -69,7 +69,7 @@ Microsoft Defender Antivirus uses multiple detection and prevention technologies
 
 ## Turn on block at first sight with Microsoft Intune
 
-1. In the Microsoft Intune admin center (<https://endpoint.microsoft.com>), go to **Endpoint security** \> **Antivirus**.
+1. In the Microsoft Intune admin center (<https://intune.microsoft.com>), go to **Endpoint security** \> **Antivirus**.
 
 2. Select an existing policy, or create a new policy using the **Microsoft Defender Antivirus** profile type. In our example, we selected **Windows 10, Windows 11, or Windows Server** for the platform.
 
@@ -128,7 +128,7 @@ You can confirm that block at first sight is enabled on individual client device
 
 ### Turn off block at first sight with Microsoft Intune
 
-1. Go to the Microsoft Intune admin center (<https://endpoint.microsoft.com>) and sign in.
+1. Go to the Microsoft Intune admin center (<https://intune.microsoft.com>) and sign in.
 
 2. Go to **Endpoint security** \> **Antivirus**, and then select your Microsoft Defender Antivirus policy.
 

defender-endpoint/configure-cloud-block-timeout-period-microsoft-defender-antivirus.md

@@ -10,7 +10,7 @@ ms.reviewer: yongrhee
 manager: deniseb
 ms.subservice: ngp
 ms.topic: conceptual
-ms.date: 02/18/2024
+ms.date: 07/25/2024
 ms.collection: 
 - m365-security
 - tier2
@@ -58,7 +58,7 @@ To specify the cloud block timeout period with Microsoft Defender for Endpoint S
 
 You can specify the cloud block timeout period with an [endpoint security policy in Microsoft Intune](/mem/intune/protect/endpoint-security-policy).
 
-1. Go to the Intune admin center ([https://endpoint.microsoft.com/](https://endpoint.microsoft.com/)) and sign in.
+1. Go to the Intune admin center ([https://intune.microsoft.com/](https://intune.microsoft.com/)) and sign in.
 
 2. Select **Endpoint security**, and then under **Manage**, choose **Antivirus**.
 

defender-endpoint/configure-local-policy-overrides-microsoft-defender-antivirus.md

@@ -8,7 +8,7 @@ author: siosulli
 ms.author: siosulli
 ms.topic: conceptual
 ms.custom: nextgen
-ms.date: 07/13/2023
+ms.date: 07/25/2024
 ms.reviewer: 
 manager: deniseb
 ms.collection: 
@@ -92,7 +92,7 @@ By default, lists that have been configured in local group policy and the Window
 
 ### Use Microsoft Intune to disable local list merging
 
-1. In the [Microsoft Intune admin center](https://endpoint.microsoft.com), select **Endpoint security** > **Antivirus**.
+1. In the [Microsoft Intune admin center](https://intune.microsoft.com), select **Endpoint security** > **Antivirus**.
 
 2. Choose **Create Policy**, or modify an existing Microsoft Defender Antivirus policy.
 

defender-endpoint/controlled-folders.md

@@ -3,7 +3,7 @@ title: Protect important folders from ransomware from encrypting your files with
 description: Files in default folders can be protected from being changed by malicious apps. Prevent ransomware from encrypting your files.
 ms.service: defender-endpoint
 ms.localizationpriority: medium
-ms.date: 03/05/2024
+ms.date: 07/30/2024
 author: siosulli
 ms.author: siosulli
 audience: ITPro
@@ -112,7 +112,7 @@ You can query Microsoft Defender for Endpoint data by using [Advanced hunting](/
 
 Example query:
 
-```PowerShell
+```
 DeviceEvents
 | where ActionType in ('ControlledFolderAccessViolationAudited','ControlledFolderAccessViolationBlocked')
 ```

defender-endpoint/device-control-deploy-manage-intune.md

@@ -4,7 +4,7 @@ description: Learn how to deploy and manage device control in Defender for Endpo
 author: siosulli
 ms.author: siosulli
 manager: deniseb 
-ms.date: 05/15/2024
+ms.date: 07/25/2024
 ms.topic: overview
 ms.service: defender-endpoint
 ms.subservice: asr
@@ -147,7 +147,7 @@ In the **Add Row** pane, specify the following settings:
 
 In Intune, device control groups appear as reusable settings.
 
-1. Go to the [Microsoft Intune admin center](https://endpoint.microsoft.com) and sign in.
+1. Go to the [Microsoft Intune admin center](https://intune.microsoft.com) and sign in.
 
 2. Go to **Endpoint Security** > **Attack Surface Reduction**.