Merge branch 'public' into patch-8

denisebmsft · web-flow · commit 217755e72038 · 2025-02-10T08:29:51.000-08:00
diff --git a/ATADocs/docfx.json b/ATADocs/docfx.json
@@ -48,7 +48,13 @@
       "uhfHeaderId": "MSDocsHeader-M365-IT",
       "searchScope": ["ATA"],
       "contributors_to_exclude": [
-        "beccarobins"
+        "beccarobins",
+        "rjagiewich",
+        "claydetels19",
+        "garycentric",
+        "padmagit77",
+        "aditisrivastava07",
+        "Ruchika-mittal01"
       ]
     },
     "markdownEngineName": "markdig"
diff --git a/CloudAppSecurityDocs/dcs-inspection.md b/CloudAppSecurityDocs/dcs-inspection.md
@@ -13,6 +13,9 @@ Microsoft Defender for Cloud Apps enables you to natively use the Microsoft Data
 >[!NOTE]
 > This feature is currently available in the US, Europe, Australia, India, Canada, Japan, and APAC.
 
+>[!NOTE]
+> To enable the Data Classification Service option in File Policies, the "Microsoft 365" App Connector is required.
+
 ## Enable content inspection with Data Classification Services
 
 You can set the **Inspection method** to use the **Microsoft Data Classification Service** with no additional configuration required. This option is useful when creating a data leak prevention policy for your files in Microsoft Defender for Cloud Apps.
diff --git a/CloudAppSecurityDocs/docfx.json b/CloudAppSecurityDocs/docfx.json
@@ -44,7 +44,13 @@
       "ms.service": "defender-for-cloud-apps",
       "ms.suite": "ems",
       "contributors_to_exclude": [
-        "beccarobins"
+        "beccarobins",
+        "rjagiewich",
+        "claydetels19",
+        "garycentric",
+        "padmagit77",
+        "aditisrivastava07",
+        "Ruchika-mittal01"
       ]
     },
     "fileMetadata": {},
diff --git a/CloudAppSecurityDocs/includes/entra-conditional-access-policy.md b/CloudAppSecurityDocs/includes/entra-conditional-access-policy.md
@@ -34,9 +34,9 @@ For more information, see [Conditional Access policies](/azure/active-directory/
 
 > [!NOTE]
 > Microsoft Defender for Cloud Apps utilizes the application **Microsoft Defender for Cloud Apps - Session Controls** as part of the Conditional Access App Control service for user sign-in. This application is located within the 'Enterprise Applications' section of Entra ID. 
-To protect your SaaS applications with Session Controls, you must allow access to this application. 
-If you block access to this application through an Entra ID Conditional Access policy, end users won't be able to access the protected applications under session controls. <br>
->
+To protect your SaaS applications with Session Controls, you must allow access to this application.
+> 
+>If you have any Conditional Access policies that have **“Block Access”** selected in the **“Grant Access”** Control under a Microsoft Entra ID Conditional Access policy scoped to this app, end users will not be able to access the protected applications under session controls. <br><br>
 >It's important to ensure that this application isn't unintentionally restricted by any Conditional Access policies. For policies that restrict all or certain applications, please ensure this application is listed as an exception in the **Target resources** or confirm that the blocking policy is deliberate.<br>  
 >
 >To ensure your location-based conditional access policies function correctly, include the **Microsoft Defender for Cloud Apps – Session Controls** application in those policies.
diff --git a/defender-business/docfx.json b/defender-business/docfx.json
@@ -51,16 +51,19 @@
       "searchScope": ["Microsoft Defender Business"],
       "contributors_to_exclude": [
         "dstrome",
-        "shdyas",
+        "shydas",
         "rjagiewich",
-        "American-Dipper",
+        "American-Dipper", 
         "claydetels19",
         "jborsecnik",
-        "v-stchambers",
+        "v-stchambers", 
         "Stacyrch140",
         "garycentric",
         "alekyaj",
-        "beccarobins"
+        "beccarobins",
+        "padmagit77",
+        "aditisrivastava07",
+        "Ruchika-mittal01"
       ]
     },
     "fileMetadata": {},
diff --git a/defender-endpoint/docfx.json b/defender-endpoint/docfx.json
@@ -53,14 +53,17 @@
         "dstrome",
         "shdyas",
         "rjagiewich",
-        "American-Dipper",
         "claydetels19",
+        "American-Dipper", 
         "jborsecnik",
         "v-stchambers",
-        "Stacyrch140",
+        "Stacyrch140", 
         "garycentric",
         "alekyaj",
-        "beccarobins"
+        "beccarobins",
+        "padmagit77",
+        "aditisrivastava07",
+        "Ruchika-mittal01"
       ]
     },
     "fileMetadata": {},
diff --git a/defender-endpoint/enable-exploit-protection.md b/defender-endpoint/enable-exploit-protection.md
@@ -14,7 +14,7 @@ ms.collection:
 - m365-security
 - tier3
 - mde-asr
-ms.date: 11/15/2024
+ms.date: 02/10/2025
 search.appverid: met150
 ---
 
@@ -48,7 +48,7 @@ This section includes recommendations for you to be successful with deploying ex
 - Use safe deployment practices.
 
 > [!WARNING]
-> If you do not test and do not go thru safe deployment practices, you could contribute to end-user productivity outages.
+> If you do not test and do not go through safe deployment practices, you could contribute to end-user productivity outages.
 
 ### Safe deployment practices
 
diff --git a/defender-endpoint/linux-support-offline-security-intelligence-update.md b/defender-endpoint/linux-support-offline-security-intelligence-update.md
@@ -15,7 +15,7 @@ ms.collection:
 - mde-linux
 ms.topic: conceptual
 search.appverid: met150
-ms.date: 01/30/2025
+ms.date: 02/07/2025
 ---
 
 # Configure offline security intelligence update for Microsoft Defender for Endpoint on Linux 
@@ -237,7 +237,7 @@ offline_definition_update_fallback_to_cloud : false[managed]
 
 ### Automatic update
 
-- If the fields `automaticDefinitionUpdateEnabled` and `offline_definition_update` in the managed json are set to `true`, then the "offline security intelligence updates" are triggered automatically at periodic intervals.
+- If the [enforcement level for the antivirus engine](/defender-endpoint/linux-preferences#enforcement-level-for-antivirus-engine) is set to `real_time`, and the fields `automaticDefinitionUpdateEnabled` and `offline_definition_update` in the managed json are set to `true`, then the offline security intelligence updates are triggered automatically at periodic intervals.
 - By default, this periodic interval is **8 hours**. But it can be configured by setting the `definitionUpdatesInterval` parameter in the managed json.
 
 ### Manual update
diff --git a/defender-endpoint/onboard-windows-multi-session-device.md b/defender-endpoint/onboard-windows-multi-session-device.md
@@ -15,7 +15,7 @@ ms.collection:
 - tier3
 ms.subservice: onboard
 search.appverid: met150
-ms.date: 01/18/2024
+ms.date: 02/10/2025
 ---
 
 # Onboard Windows devices in Azure Virtual Desktop
@@ -41,7 +41,7 @@ Familiarize yourself with the [considerations for non-persistent VDI](configure-
 > - Single entry for each virtual desktop
 > - Multiple entries for each virtual desktop
 
-Microsoft recommends onboarding Azure Virtual Desktop as a single entry per virtual desktop. This ensures that the investigation experience in the Microsoft Defender for Endpoint portal is in the context of one device based on the machine name. Organizations that frequently delete and redeploy AVD hosts should strongly consider using this method as it prevents multiple objects for the same machine from being created in the Microsoft Defender for Endpoint portal. This can lead to confusion when investigating incidents. For test or non-volatile environments, you may opt to choose differently.
+Microsoft recommends onboarding Azure Virtual Desktop as a single entry per virtual desktop. This ensures that the investigation experience in the Microsoft Defender for Endpoint portal is in the context of one device based on the machine name. Organizations that frequently delete and redeploy AVD hosts should strongly consider using this method as it prevents multiple objects for the same machine from being created in the Microsoft Defender for Endpoint portal. This can lead to confusion when investigating incidents. For test or non-volatile environments, you may opt to choose differently. When using the single entry per virtual desktop method, it is not necessary to offboard the virtual desktops.
 
 Microsoft recommends adding the Microsoft Defender for Endpoint onboarding script to the AVD golden image. This way, you can be sure that this onboarding script runs immediately at first boot. It's executed as a startup script at first boot on all the AVD machines that are provisioned from the AVD golden image. However, if you're using one of the gallery images without modification, place the script in a shared location and call it from either local or domain group policy.
 
diff --git a/defender-for-cloud/docfx.json b/defender-for-cloud/docfx.json
@@ -53,16 +53,20 @@
       ],
       "contributors_to_exclude": [
         "dstrome",
-        "shdyas",
+        "shdyas", 
         "rjagiewich",
         "American-Dipper",
+        "jborsecnic",
         "claydetels19",
         "jborsecnik",
         "v-stchambers",
-        "Stacyrch140",
+        "Stacyrch140", 
         "garycentric",
         "alekyaj",
-        "beccarobins"
+        "beccarobins",
+        "padmagit77",
+        "aditisrivastava07",
+        "Ruchika-mittal01"
       ]
     },
     "fileMetadata": {},
diff --git a/defender-for-iot/docfx.json b/defender-for-iot/docfx.json
@@ -62,7 +62,10 @@
         "Stacyrch140",
         "garycentric",
         "alekyaj",
-        "beccarobins"
+        "beccarobins",
+        "aditisrivastava07",
+        "padmagit77",
+        "Ruchika-mittal01"
       ]
     },
     "fileMetadata": {},
diff --git a/defender-office-365/configuration-analyzer-for-security-policies.md b/defender-office-365/configuration-analyzer-for-security-policies.md
@@ -189,7 +189,7 @@ To filter the entries, select :::image type="icon" source="media/m365-cc-sc-filt
 
 When you're finished in the **Filters** flyout, select **Apply**. To clear the filters, select :::image type="icon" source="media/m365-cc-sc-clear-filters-icon.png" border="false"::: **Clear filters**.
 
-Use the ::image type="icon" source="media/m365-cc-sc-search-icon.png" border="false"::: **Search** box to filter the entries by a specific **Modified by**, **Setting name**, or **Type** value.
+Use the :::image type="icon" source="media/m365-cc-sc-search-icon.png" border="false"::: **Search** box to filter the entries by a specific **Modified by**, **Setting name**, or **Type** value.
 
 To export the entries shown on the **Configuration drift analysis and history** tab to a .csv file, select :::image type="icon" source="media/m365-cc-sc-download-icon.png" border="false"::: **Export**.
 
diff --git a/defender-vulnerability-management/docfx.json b/defender-vulnerability-management/docfx.json
@@ -57,10 +57,13 @@
         "claydetels19",
         "jborsecnik",
         "v-stchambers",
-        "Stacyrch140",
+        "Stacyrch140",        
         "garycentric",
         "alekyaj",
-        "beccarobins"
+        "beccarobins",
+        "padmagit77",
+        "aditisrivastava07",
+        "Ruchika-mittal01"
       ]
     },
     "fileMetadata": {},
diff --git a/defender-vulnerability-management/tvm-certificate-inventory.md b/defender-vulnerability-management/tvm-certificate-inventory.md
@@ -57,7 +57,7 @@ The **Certificate inventory** page opens with a list of the certificates install
 > [!NOTE]
 > Only certificates found on Windows devices (in the local machine certificate store) will be displayed in certificate inventory list.
 
-   :::image type="content" source="/defender/media/defender-vulnerability-management/certificate_inventory.png" alt-text="Screenshot of the certificate inventory list" lightbox="/defender/media/defender-vulnerability-management/certificate_inventory.png":::::::::
+   :::image type="content" source="/defender/media/defender-vulnerability-management/certificate_inventory.png" alt-text="Screenshot of the certificate inventory list" lightbox="/defender/media/defender-vulnerability-management/certificate_inventory.png":::
 
 ## Gain insights into potentially vulnerable certificates
 
diff --git a/defender-xdr/docfx.json b/defender-xdr/docfx.json
@@ -58,10 +58,13 @@
         "claydetels19",
         "jborsecnik",
         "v-stchambers",
-        "Stacyrch140",
+        "Stacyrch140",        
         "garycentric",
         "alekyaj",
-        "beccarobins"
+        "beccarobins",
+        "Ruchika-mittal01",
+        "aditisrivastava07",
+        "padmagit77"
       ]
     },
     "template": [],
diff --git a/defender/docfx.json b/defender/docfx.json
@@ -53,16 +53,17 @@
         "dstrome",
         "shdyas",
         "rjagiewich",
-        "American-Dipper",
+        "American-Dipper",        
         "claydetels19",
         "jborsecnik",
         "v-stchambers",
-        "Stacyrch140",
+        "Stacyrch140",        
         "garycentric",
         "alekyaj",
         "padmagit77",
         "aditisrivastava07",
-        "beccarobins"
+        "beccarobins",
+        "Ruchika-mittal01"
       ]
     },
     "fileMetadata": {},
diff --git a/exposure-management/docfx.json b/exposure-management/docfx.json
@@ -61,7 +61,10 @@
         "garycentric",
         "dstrome",
         "alekyaj",
-        "beccarobins"
+        "beccarobins",
+        "padmagit77",
+        "aditisrivastava07",
+        "Ruchika-mittal01"
       ]
 
     },
diff --git a/unified-secops-platform/docfx.json b/unified-secops-platform/docfx.json
@@ -56,10 +56,13 @@
         "claydetels19",
         "jborsecnik",
         "v-stchambers",
-        "Stacyrch140",
+        "Stacyrch140",        
         "garycentric",
         "alekyaj",
-        "beccarobins"
+        "beccarobins",
+        "padmagit77",
+        "aditisrivastava07",
+        "Ruchika-mittal01"
       ]
     },
     "fileMetadata": {},
