Merge branch 'WI364634-remove-the-word-portal-correct-to-defender-for-cloud-apps' of https://github.com/DeCohen/defender-docs-pr1 into WI364634-remove-the-word-portal-correct-to-defender-for-cloud-apps

Author: DeCohen

ATPDocs/role-groups.md

@@ -28,7 +28,7 @@ For more information, see [Custom roles in role-based access control for Microso
 > [!NOTE]
 > Information included from the [Defender for Cloud Apps activity log](classic-mcas-integration.md#activities) may still contain Defender for Identity data. This content adheres to existing Defender for Cloud Apps permissions.
 > 
-> Exception: If you have configured [Scoped deployment](/defender-cloud-apps/scoped-deployment) for Microsoft Defender for Identity alerts in the Microsoft Defender for Cloud Apps portal, these permissions do not carry over and you will have to explicitly grant the Security operations \ Security data \ Security data basics (read) permissions for the relevant portal users.
+> Exception: If you have configured [Scoped deployment](/defender-cloud-apps/scoped-deployment) for Microsoft Defender for Identity alerts in Microsoft Defender for Cloud Apps, these permissions do not carry over and you will have to explicitly grant the Security operations \ Security data \ Security data basics (read) permissions for the relevant portal users.
 
 ## Required permissions Defender for Identity in Microsoft Defender XDR
 

CloudAppSecurityDocs/activity-filters-queries.md

@@ -15,7 +15,7 @@ This article provides descriptions and instructions for Defender for Cloud Apps
 
 Below is a list of the activity filters that can be applied. Most filters support multiple values as well as *NOT* to provide you with a powerful tool for policy creation.
 
-- Activity ID - Search only for specific activities by their ID. This filter is useful when you connect Microsoft Defender for Cloud Apps to your SIEM (using the SIEM agent) and you want to further investigate alerts within the Defender for Cloud Apps portal.
+- Activity ID - Search only for specific activities by their ID. This filter is useful when you connect Microsoft Defender for Cloud Apps to your SIEM (using the SIEM agent) and you want to further investigate alerts using Defender for Cloud Apps.
 
 - Activity objects – Search for the objects the activity was done on. This filter applies to files, folders, users, or app objects.
     - Activity object ID - the ID of the object (file, folder, user, or app ID).

CloudAppSecurityDocs/api-tokens-legacy.md

@@ -8,15 +8,15 @@ ms.topic: reference
 
 
 
-In order to access the Defender for Cloud Apps API, you have to create an API token and use it in your software to connect to the API. This token will be included in the header when Defender for Cloud Apps makes API requests.
+In order to access the Defender for Cloud Apps API, you have to create an API token and use it in your software to connect to the API. This token is included in the header when Defender for Cloud Apps makes API requests.
 
 The API tokens tab enables you to help you manage all the API tokens of your tenant.
 
 ## Generate a token
 
 1. In the Microsoft Defender Portal, select **Settings**. Then choose **Cloud Apps**. Under **System**, select **API tokens**.
 
-1. Select the **Add token** and provide a name to identify the token in the future, and select **Generate**.
+1. Select **Add token** and provide a name to identify the token in the future, and select **Generate**.
 
     ![Defender for Cloud Apps generates API token.](media/api-token-gen.png)
 
@@ -28,7 +28,7 @@ The API tokens tab enables you to help you manage all the API tokens of your ten
     - **Active:** Tokens that were generated and were used within the past seven days.
     - **Inactive:** Tokens that were used but there was no activity in the last seven days.
 
-1. After you generate a new token, you'll be provided with a new URL to use to access the Defender for Cloud Apps portal.
+1. After you generate a new token, you'll be provided with a new URL to use to access Defender for Cloud Apps.
 
     ![Defender for Cloud Apps API token.](media/generate-api-token.png)
 
@@ -46,7 +46,7 @@ After a token is revoked, it's removed from the table, and the software that was
 
 > [!NOTE]
 >
-> - SIEM connectors and log collectors also use API tokens. These tokens should be managed from the log collectors and SIEM agent sections and do not appear in this table.
-> - Deprovisioned users API tokens are retained in Defender for Cloud Apps but cannot be used. Any attempt to use them will result in a permission denied response. However, we recommend that such tokens are revoked on the **API tokens** page.
+> - SIEM connectors and log collectors also use API tokens. These tokens should be managed from the log collectors and SIEM agent sections and don't appear in this table.
+> - Deprovisioned users API tokens are retained in Defender for Cloud Apps but can't be used. Any attempt to use them will result in a permission denied response. However, we recommend that such tokens are revoked on the **API tokens** page.
 
 [!INCLUDE [Open support ticket](includes/support.md)]

CloudAppSecurityDocs/azip-integration.md

@@ -6,7 +6,7 @@ ms.topic: how-to
 ---
 # Integrate with Microsoft Purview for information protection
 
-Microsoft Defender for Cloud Apps lets you automatically apply sensitivity labels from Microsoft Purview. These labels are applied to files as a file policy governance action, and depending on the label configuration, can apply encryption for additional protection. You can also investigate files by filtering for the applied sensitivity label within the Defender for Cloud Apps portal. Using labels enables greater visibility and control of your sensitive data in the cloud. Integrating Microsoft Purview with Defender for Cloud Apps is as easy as selecting a single checkbox.
+Microsoft Defender for Cloud Apps lets you automatically apply sensitivity labels from Microsoft Purview. These labels are applied to files as a file policy governance action, and depending on the label configuration, can apply encryption for additional protection. You can also investigate files by filtering for the applied sensitivity label within Defender for Cloud Apps. Using labels enables greater visibility and control of your sensitive data in the cloud. Integrating Microsoft Purview with Defender for Cloud Apps is as easy as selecting a single checkbox.
 
 By integrating Microsoft Purview into Defender for Cloud Apps, you can use the full power of both services and secure files in your cloud, including:
 
@@ -82,7 +82,7 @@ In the Microsoft Defender Portal, select **Settings**. Then choose **Cloud Apps*
 
     ![Screenshot of enabling Microsoft Purview.](media/enable-azip.png)
 
-After enabling Microsoft Purview, you'll be able to see files that have sensitivity labels and filter them per label in Defender for Cloud Apps. After Defender for Cloud Apps is connected to the cloud app, you'll be able to use the Microsoft Purview integration features to apply sensitivity labels from Microsoft Purview (with or without encryption) in the Defender for Cloud Apps portal, by adding them directly to files or by configuring a file policy to apply sensitivity labels automatically as a governance action.
+After enabling Microsoft Purview, you'll be able to see files that have sensitivity labels and filter them per label in Defender for Cloud Apps. After Defender for Cloud Apps is connected to the cloud app, you'll be able to use the Microsoft Purview integration features to apply sensitivity labels from Microsoft Purview (with or without encryption) in the Defender for Cloud Apps, by adding them directly to files or by configuring a file policy to apply sensitivity labels automatically as a governance action.
 
 > [!NOTE]
 > Automatic scan does not scan existing files until they are modified again. To scan existing files for sensitivity labels from Microsoft Purview, you must have at least one **File policy** that includes content inspection. If you have none, create a new **File policy**, delete all the preset filters, under **Inspection method** select **Built-in DLP**. In the **Content inspection** field, select **Include files that match a preset expression** and select any predefined value, and save the policy. This enables content inspection, which automatically detects sensitivity labels from Microsoft Purview.

CloudAppSecurityDocs/cloud-discovery-anonymizer.md

@@ -8,7 +8,7 @@ ms.topic: how-to
 
 
 
-Cloud discovery data anonymization enables you to protect user privacy. Once the data log is uploaded to the Microsoft Defender for Cloud Apps portal, the log is sanitized and all username information is replaced with encrypted usernames. This way, all cloud activities are kept anonymous. When necessary, for a specific security investigation (for example, a security breach or suspicious user activity), admins can resolve the real username. If an admin has a reason to suspect a specific user, they can also look up the encrypted username of a known username, and then start investigating using the encrypted username. Each username conversion is audited in the portal's **Governance log**.
+Cloud discovery data anonymization enables you to protect user privacy. Once the data log is uploaded to Microsoft Defender for Cloud Apps, the log is sanitized and all username information is replaced with encrypted usernames. This way, all cloud activities are kept anonymous. When necessary, for a specific security investigation (for example, a security breach or suspicious user activity), admins can resolve the real username. If an admin has a reason to suspect a specific user, they can also look up the encrypted username of a known username, and then start investigating using the encrypted username. Each username conversion is audited in the portal's **Governance log**.
 
 Key points:
 

CloudAppSecurityDocs/ems-cloud-app-security-govt-service-byok-troubleshoot.md

@@ -11,19 +11,19 @@ ms.topic: conceptual
 This article provides a list of problems that can prevent Defender for Cloud Apps from accessing your Azure Key Vault key used to encrypt collected data at rest.
 
 > [!IMPORTANT]
-> If there is a problem accessing your Azure Key Vault key, Defender for Cloud Apps will fail to encrypt your data and your tenant will be lock down within an hour. When your tenant is locked down, all access to it will be blocked until the cause has been resolved. Once your key is accessible again, full access to your tenant will be restored
+> If there's a problem accessing your Azure Key Vault key, Defender for Cloud Apps will fail to encrypt your data, and your tenant will be locked down within an hour. When your tenant is locked down, all access to it will be blocked until the cause has been resolved. Once your key is accessible again, full access to your tenant will be restored
 
 ## Troubleshooting
 
 The following table lists the possible scenarios that can cause data encryption to fail and the actions you can take to resolve them:
 
 | Scenario | Actions |
 | --- | --- |
-| <a name="missing-kv-key-permissions"></a>**Missing Key Vault or key permissions** | In the selected Key Vault, under access policy, make sure that the following key permissions are selected:<br />Under **Key management operations**<br />- List<br />Under **Cryptographic operations**<br />- Wrap key<br />- Unwrap key<br /><br />For the selected key, make sure you are using an RSA encryption and that the following operations are permitted:<br />- Wrap key<br />- Unwrap key<br /> |
+| <a name="missing-kv-key-permissions"></a>**Missing Key Vault or key permissions** | In the selected Key Vault, under access policy, make sure that the following key permissions are selected:<br />Under **Key management operations**<br />- List<br />Under **Cryptographic operations**<br />- Wrap key<br />- Unwrap key<br /><br />For the selected key, make sure you're using an RSA encryption and that the following operations are permitted:<br />- Wrap key<br />- Unwrap key<br /> |
 | <a name="firewall-block"></a>**Azure Key Vault firewall blocking access to key** | In the selected Key Vault, make sure that the firewall is configured with the following IP addresses:<br />- 13.66.200.132<br />- 23.100.71.251<br />- 40.78.82.214<br />- 51.105.4.145<br />- 52.166.166.111 |
 | <a name="key-not-enabled"></a>**Encryption key is not enabled** | In the selected key's settings, make sure that the key is enabled.<br />![Screenshot showing key enable option.](media/cloud-app-security-byok/byok-kv-key-enabled.PNG) |
 | <a name="key-not-active"></a>**Encryption key is not active** | In the selected key's settings, make sure that the activation date and time is prior to the current date and time.<br />![Screenshot showing key activation date.](media/cloud-app-security-byok/byok-kv-key-activation-date.PNG) |
-| <a name="key-expired"></a>**Encryption key has expired** | In the selected key's settings, make sure that the expiration date and time has not passed.<br />![Screenshot showing key expiration date.](media/cloud-app-security-byok/byok-kv-key-expiration-date.PNG) |
+| <a name="key-expired"></a>**Encryption key has expired** | In the selected key's settings, make sure that the expiration date and time hasn't passed.<br />![Screenshot showing key expiration date.](media/cloud-app-security-byok/byok-kv-key-expiration-date.PNG) |
 | <a name="key-not-found"></a>**Encryption key not found or deleted** | Verify that the selected key exists in your Key Vault. If key was deleted, recover and enable it again. If the key was moved to another Key Vault, move it back to the selected Key Vault. |
 
 If you run into any problems, we're here to help. To get assistance or support for your product issue, please [open a support ticket](./support-and-ts.md).

CloudAppSecurityDocs/ems-cloud-app-security-govt-service-byok.md

@@ -15,7 +15,7 @@ Defender for Cloud Apps takes your security and privacy seriously. Therefore, on
 > [!IMPORTANT]
 > If there is a problem accessing your Azure Key Vault key, Defender for Cloud Apps will fail to encrypt your data and your tenant will be lock down within an hour. When your tenant is locked down, all access to it will be blocked until the cause has been resolved. Once your key is accessible again, full access to your tenant will be restored.
 >
-> This procedure is available only on the Microsoft Defender portal, and cannot be performed on the classic Microsoft Defender for Cloud Apps portal.
+> This procedure is available only on the Microsoft Defender portal, and cannot be performed on the classic Microsoft Defender for Cloud Apps.
 
 ## Prerequisites
 

CloudAppSecurityDocs/governance-actions.md

@@ -144,7 +144,7 @@ The Governance log provides a status record of each task that you set Defender f
 
 To view the governance log, in the Microsoft Defender Portal, under **Cloud Apps**, select **Governance log**.
 
-The following table is the full list of actions the Defender for Cloud Apps portal enables you to take. These actions are enabled in various places throughout the console as described in the **Location** column. Each governance action taken is listed in the Governance Log.
+The following table is the full list of actions Microsoft Defender for Cloud Apps enables you to take. These actions are enabled in various places throughout the console as described in the **Location** column. Each governance action taken is listed in the Governance Log.
 For information about how governance actions are treated when there are policy conflicts, see [Policy Conflicts](control-cloud-apps-with-policies.md).
 
 | Location | Target object type | Governance action |Description| Related connectors|

CloudAppSecurityDocs/includes/classic-banner.md

@@ -4,7 +4,7 @@
 >
 > Microsoft Defender for Cloud Apps is now part of [Microsoft Defender XDR](https://security.microsoft.com), which correlates signals from across the Microsoft Defender suite and provides incident-level detection, investigation, and powerful response capabilities. Automatic redirection from the classic portal is on by default for all customers.
 >
-> Starting June 16th, 2024, the redirection toggle to switch back to the clasisc portal will no longer be available. From then on, all users accessing the classic Microsoft Defender for Cloud Apps portal will be automatically rerouted to the Microsoft Defender portal, with no option to opt-out.
+> Starting June 16th, 2024, the redirection toggle to switch back to the classic portal will no longer be available. From then on, all users accessing the classic Microsoft Defender for Cloud Apps will be automatically rerouted to the Microsoft Defender portal, with no option to opt-out.
 >
 > To prepare for this change, we recommend that any customers still using the classic portal move operations to the Microsoft Defender portal. For more information, see [Microsoft Defender for Cloud Apps in the Microsoft Defender portal](/defender-xdr/microsoft-365-security-center-defender-cloud-apps).
 

CloudAppSecurityDocs/investigate-risky-oauth.md

@@ -20,7 +20,7 @@ For example, the following OAuth app consent page might look legitimate to the a
 
 As a security admin, you need visibility and control over the apps in your environment and that includes the permissions they have. You need the ability to prevent use of apps that require permission to resources you wish to revoke. Therefore, Microsoft Defender for Cloud Apps provides you with the ability to investigate and monitor the app permissions your users granted. This article is dedicated to helping you investigate the OAuth apps in your organization, and focus on the apps that are more likely to be suspicious.
 
-Our recommended approach is to investigate the apps by using the abilities and information provided in the Defender for Cloud Apps portal to filter out apps with a low chance of being risky, and focus on the suspicious apps.
+Our recommended approach is to investigate the apps by using the abilities and information provided in Defender for Cloud Apps to filter out apps with a low chance of being risky, and focus on the suspicious apps.
 
 In this tutorial, you'll learn how to: