Merge branch 'main' into WI516033-whats-new-macos-mde-release-version

DeCohen · web-flow · commit 3f4ccf61bcc0 · 2025-12-04T13:57:50.000+02:00
diff --git a/defender-for-cloud-apps/anomaly-detection-policy.md b/defender-for-cloud-apps/anomaly-detection-policy.md
@@ -36,7 +36,6 @@ Based on the policy results, security alerts are triggered. Defender for Cloud A
 > - [Suspicious inbox forwarding](#suspicious-inbox-forwarding).
 > - [Unusual ISP for an OAuth App](#unusual-isp-for-an-oauth-app).
 > - [Suspicious file access activity (by user)](#unusual-activities-by-user).
-> - [Ransomware activity](#ransomware-activity).
 >
 > You will continue to receive the same standard of protection without disruption to your existing security coverage. No action is required from your side.
 
@@ -92,10 +91,6 @@ This detection identifies that users were active from an IP address that has bee
 
 ### Ransomware activity
 
-> [!NOTE]
-> As part of ongoing improvements to Defender for Cloud Apps alert threat protection capabilities, this policy has been disabled, migrated to the new dynamic model and renamed to **Ransomware payment instruction file uploaded to {Application}**.
-> If you previously configured governance actions or email notifications for this policy, you can re-enable it at any time in the Microsoft Defender portal > Cloud Apps > Policy management page.
-
 Defender for Cloud Apps extended its ransomware detection capabilities with anomaly detection to ensure a more comprehensive coverage against sophisticated Ransomware attacks. Using our security research expertise to identify behavioral patterns that reflect ransomware activity, Defender for Cloud Apps ensures holistic and robust protection. If Defender for Cloud Apps identifies, for example, a high rate of file uploads or file deletion activities it may represent an adverse encryption process. This data is collected in the logs received from connected APIs and is then combined with learned behavioral patterns and threat intelligence, for example, known ransomware extensions. For more information about how Defender for Cloud Apps detects ransomware, see [Protecting your organization against ransomware](best-practices.md#detect-cloud-threats-compromised-accounts-malicious-insiders-and-ransomware).
 
 ### Activity performed by terminated user
diff --git a/defender-vulnerability-management/defender-vulnerability-management-capabilities.md b/defender-vulnerability-management/defender-vulnerability-management-capabilities.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Compare Microsoft Defender Vulnerability Management plans and capabilities
 description: Compare Defender Vulnerability Management Offerings. Learn about the differences between the plans and select the plan that suits your organization's needs.
 search.appverid: MET150  
diff --git a/defender-vulnerability-management/defender-vulnerability-management-faq.md b/defender-vulnerability-management/defender-vulnerability-management-faq.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Microsoft Defender Vulnerability Management frequently asked questions
 description: Find answers to frequently asked questions (FAQs) about Microsoft Defender Vulnerability Management.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/defender-vulnerability-management-trial.md b/defender-vulnerability-management/defender-vulnerability-management-trial.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: About the Microsoft Defender Vulnerability Management trial
 description: Learn about the Microsoft Defender Vulnerability Management trial
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/defender-vulnerability-management.md b/defender-vulnerability-management/defender-vulnerability-management.md
@@ -1,9 +1,9 @@
 ﻿---
 title: Microsoft Defender Vulnerability Management
 description: Microsoft Defender Vulnerability Management uses a risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
-author: denisebmsft
-ms.author: deniseb
-manager: deniseb
+author: limwainstein
+ms.author: lwainstein
+manager: bagol
 ms.topic: overview
 ms.service: defender-vuln-mgmt
 ms.localizationpriority: medium
diff --git a/defender-vulnerability-management/device-restart-status.md b/defender-vulnerability-management/device-restart-status.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Device restart status
 description: Learn about the device restart status tag in Microsoft Defender Vulnerability Management
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/fixed-reported-inaccuracies.md b/defender-vulnerability-management/fixed-reported-inaccuracies.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Vulnerability support in Microsoft Defender Vulnerability Management
 description: List the reported inaccuracies that were fixed
 search.appverid: MET150
diff --git a/defender-vulnerability-management/get-defender-vulnerability-management.md b/defender-vulnerability-management/get-defender-vulnerability-management.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Sign up for Microsoft Defender Vulnerability Management
 description: Get Microsoft Defender Vulnerability Management
 search.appverid: MET150
diff --git a/defender-vulnerability-management/mdvm-onboard-devices.md b/defender-vulnerability-management/mdvm-onboard-devices.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Onboard to Microsoft Defender Vulnerability Management
 description: Learn how to onboard endpoints to Microsoft Defender Vulnerability Management service
 ms.author: lwainstein
diff --git a/defender-vulnerability-management/retention-logic-mdvm.md b/defender-vulnerability-management/retention-logic-mdvm.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Understand retention logic in Microsoft Defender Vulnerability Management
 description: Get an overview of retention logic for inactive devices or uninstalled software in Microsoft Defender Vulnerability Management.
 author: limwainstein
diff --git a/defender-vulnerability-management/threat-and-vuln-mgt-event-timeline.md b/defender-vulnerability-management/threat-and-vuln-mgt-event-timeline.md
@@ -5,7 +5,7 @@ ms.service: defender-vuln-mgmt
 ms.author: lwainstein
 author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection: 
 - m365-security
diff --git a/defender-vulnerability-management/trial-user-guide-defender-vulnerability-management.md b/defender-vulnerability-management/trial-user-guide-defender-vulnerability-management.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Trial user guide - Microsoft Defender Vulnerability Management 
 description: Learn how Microsoft Defender Vulnerability Management can help you protect all your users and data. 
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-assign-device-value.md b/defender-vulnerability-management/tvm-assign-device-value.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Assign device value
 description: Learn how to assign a low, normal, or high value to a device to help you differentiate between asset priorities.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-block-vuln-apps.md b/defender-vulnerability-management/tvm-block-vuln-apps.md
@@ -1,12 +1,12 @@
-﻿---
+---
 title: Block vulnerable applications with Microsoft Defender Vulnerability Management
 description: Use Microsoft Defender Vulnerability Management to block vulnerable applications.
 ms.service: defender-vuln-mgmt
 ms.pagetype: security
 ms.author: lwainstein
 author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection:
   - m365-security
diff --git a/defender-vulnerability-management/tvm-browser-extensions.md b/defender-vulnerability-management/tvm-browser-extensions.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Browser extensions assessment in Microsoft Defender Vulnerability Management
 description: Find out about the browser extensions installed in your environment through Microsoft Defender Vulnerability Management.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-certificate-inventory.md b/defender-vulnerability-management/tvm-certificate-inventory.md
@@ -3,7 +3,7 @@ title: Certificate inventory
 description: Find out about the certificates installed in your environment.
 ms.service: defender-vuln-mgmt
 ms.author: lwainstein
-author: lwainstein
+author: limwainstein
 ms.localizationpriority: medium
 manager: bagol
 audience: ITPro
diff --git a/defender-vulnerability-management/tvm-end-of-support-software.md b/defender-vulnerability-management/tvm-end-of-support-software.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Plan for end-of-support software and software versions
 description: Discover and plan for software and software versions that are no longer supported and won't receive security updates.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-exception-overview.md b/defender-vulnerability-management/tvm-exception-overview.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Exceptions in Microsoft Defender Vulnerability Management
 description: Learn about exceptions in Microsoft Defender Vulnerability Management.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-exception.md b/defender-vulnerability-management/tvm-exception.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Create, view, and manage exceptions
 description: Create, view, and manage exceptions in Microsoft Defender Vulnerability Management.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-exposure-score.md b/defender-vulnerability-management/tvm-exposure-score.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Exposure score in Defender Vulnerability Management
 description: The Microsoft Defender Vulnerability Management exposure score reflects how vulnerable your organization is to cybersecurity threats.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-hardware-and-firmware.md b/defender-vulnerability-management/tvm-hardware-and-firmware.md
@@ -3,7 +3,7 @@ title: Firmware and hardware assessment
 description: Find out about the firmware and hardware installed in your environment
 ms.service: defender-vuln-mgmt
 ms.author: lwainstein
-author: lwainstein
+author: limwainstein
 ms.localizationpriority: medium
 manager: bagol
 audience: ITPro
diff --git a/defender-vulnerability-management/tvm-hunt-exposed-devices.md b/defender-vulnerability-management/tvm-hunt-exposed-devices.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Hunt for exposed devices
 description: Learn how Microsoft Defender Vulnerability Management can be used to help security admins, IT admins, and SecOps collaborate.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-manage-Log4shell-guidance.md b/defender-vulnerability-management/tvm-manage-Log4shell-guidance.md
@@ -4,10 +4,10 @@ description: Learn how to mitigate the Log4Shell vulnerability in Microsoft Defe
 ms.service: defender-vuln-mgmt
 f1.keywords:
 - NOCSH
-ms.author: deniseb
-author: denisebmsft
+ms.author: lwainstein
+author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection:
   - M365-security
diff --git a/defender-vulnerability-management/tvm-microsoft-secure-score-devices.md b/defender-vulnerability-management/tvm-microsoft-secure-score-devices.md
@@ -1,11 +1,11 @@
-﻿---
+---
 title: Microsoft Secure Score for Devices
 description: Your score for devices shows the collective security configuration state of your devices across application, operating system, network, accounts, and security controls.
 ms.service: defender-vuln-mgmt
 ms.author: lwainstein
 author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection:
   - m365-security
diff --git a/defender-vulnerability-management/tvm-network-share-assessment.md b/defender-vulnerability-management/tvm-network-share-assessment.md
@@ -1,11 +1,11 @@
-﻿---
+---
 title: Network share configuration assessment
 description: Learn review recommendations related to network shares in your environment through vulnerability management.
 ms.service: defender-vuln-mgmt
 ms.author: lwainstein
 author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection:
   - m365-security
diff --git a/defender-vulnerability-management/tvm-prerequisites.md b/defender-vulnerability-management/tvm-prerequisites.md
@@ -2,10 +2,10 @@
 title: Prerequisites & permissions for Microsoft Defender Vulnerability Management
 description: Before you begin using Microsoft Defender Vulnerability Management, make sure you have the relevant configurations and permissions.
 ms.service: defender-vuln-mgmt
-ms.author: deniseb
-author: denisebmsft
+ms.author: lwainstein
+author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection: 
 - m365-security
diff --git a/defender-vulnerability-management/tvm-remediation.md b/defender-vulnerability-management/tvm-remediation.md
@@ -1,11 +1,11 @@
-﻿---
+---
 title: Remediate vulnerabilities with Microsoft Defender Vulnerability Management
 description: Remediate security weaknesses discovered through security recommendations, and create exceptions if needed, in Defender Vulnerability Management.
 ms.service: defender-vuln-mgmt
 ms.author: lwainstein
 author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection:
   - m365-security
diff --git a/defender-vulnerability-management/tvm-security-baselines.md b/defender-vulnerability-management/tvm-security-baselines.md
@@ -1,11 +1,11 @@
-﻿---
+---
 title: Security baselines assessment
 description: Find out about the security baselines in your environment
 ms.service: defender-vuln-mgmt
 ms.author: lwainstein
 author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection:
 - m365-security
diff --git a/defender-vulnerability-management/tvm-security-recommendation.md b/defender-vulnerability-management/tvm-security-recommendation.md
@@ -1,11 +1,11 @@
-﻿---
+---
 title: Security recommendations
 description: Get actionable security recommendations prioritized by threat, likelihood to be breached, and value, in vulnerability management.
 ms.service: defender-vuln-mgmt
 ms.author: lwainstein
 author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection:
   - m365-security
diff --git a/defender-vulnerability-management/tvm-software-inventory.md b/defender-vulnerability-management/tvm-software-inventory.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Software inventory
 description: The software inventory page for Microsoft Defender Vulnerability Management shows how many weaknesses and vulnerabilities were detected in software.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-supported-os.md b/defender-vulnerability-management/tvm-supported-os.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Supported operating systems platforms and capabilities
 description: Ensure that you meet the operating system or platform requisites for Microsoft Defender Vulnerability Management, so the activities in your all devices are properly accounted for.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-usage-insights.md b/defender-vulnerability-management/tvm-usage-insights.md
@@ -1,11 +1,11 @@
-﻿---
+---
 title: Software usage insights
 description: Use Microsoft Defender Vulnerability Management to assess software usage
 ms.service: defender-vuln-mgmt
 ms.author: lwainstein
 author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection:
   - m365-security
diff --git a/defender-vulnerability-management/tvm-vulnerable-components.md b/defender-vulnerability-management/tvm-vulnerable-components.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Vulnerable components
 description: The Vulnerable components page lists components with known critical vulnerabilities.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-vulnerable-devices-report.md b/defender-vulnerability-management/tvm-vulnerable-devices-report.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Vulnerable devices report 
 description: A report showing vulnerable device trends and current statistics so you can understand the breath and scope of your device exposure.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/tvm-weaknesses-security-advisories.md b/defender-vulnerability-management/tvm-weaknesses-security-advisories.md
@@ -1,11 +1,11 @@
-﻿---
+---
 title: Security advisories
 description: Lists the firmware security advisories for devices in your organization. Discovered by the Microsoft Defender vulnerability management capabilities.
 ms.service: defender-vuln-mgmt
 ms.author: lwainstein
 author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection:
   - m365-security
diff --git a/defender-vulnerability-management/tvm-weaknesses.md b/defender-vulnerability-management/tvm-weaknesses.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Vulnerabilities in my organization 
 description: Lists the common vulnerabilities and exposures (CVE) ID of weaknesses found in the software running in your organization. Discovered by the Microsoft Defender vulnerability management capabilities.
 ms.service: defender-vuln-mgmt
@@ -77,11 +77,11 @@ The threat insights icon ![Simple drawing of a red bug.](media/tvm-bug-icon.png)
 
 Hovering over the icon shows whether the threat is a part of an exploit kit or connected to specific advanced persistent campaigns or activity groups. When available, there's a link to a Threat Analytics report with zero-day exploitation news, disclosures, or related security advisories.
 
-![Threat insights text that that could show up when hovering over icon. This one has multiple bullet points and linked text.](/defender/media/defender-vulnerability-management/tvm-threat-insights.png)
+:::image type="content" source="/defender/media/defender-vulnerability-management/tvm-threat-insights.png" alt-text="Screenshot of threat insights shown when hovering over icon":::
 
 The breach insights icon is highlighted if there's a vulnerability found in your organization. ![Simple drawing of an arrow hitting a target.](media/tvm-alert-icon.png).
 
-![Example of a breach insights text that could show up when hovering over icon. This one says "possible active alert is associated with this recommendation.](/defender/media/defender-vulnerability-management/tvm-breach-insights.png)
+:::image type="content" source="/defender/media/defender-vulnerability-management/tvm-breach-insights.png" alt-text="Screenshot of breach insights shown when hovering over icon":::
 
 The **Exposed Devices** column shows how many devices are currently exposed to a vulnerability. If the column shows 0, that means you aren't at risk.
 
diff --git a/defender-vulnerability-management/tvm-zero-day-vulnerabilities.md b/defender-vulnerability-management/tvm-zero-day-vulnerabilities.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Mitigate zero-day vulnerabilities
 description: Learn how to find and mitigate zero-day vulnerabilities in your environment through Microsoft Defender Vulnerability Management.
 ms.service: defender-vuln-mgmt
diff --git a/defender-vulnerability-management/whats-new-in-microsoft-defender-vulnerability-management.md b/defender-vulnerability-management/whats-new-in-microsoft-defender-vulnerability-management.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: What's new in Microsoft Defender Vulnerability Management
 description: See what features are available in the latest release of Microsoft Defender Vulnerability Management
 search.appverid: met150
@@ -28,6 +28,10 @@ This article provides information about new features and important product updat
 > [!TIP]
 > Did you know you can try all the features in Microsoft Defender Vulnerability Management for free? Find out how to [sign up for a free trial](defender-vulnerability-management-trial.md).
 
+## December 2025
+
+(Preview) Microsoft Secure Score now includes the **Disable Remote Registry service on Windows** recommendation. This recommendation prevents remote access to the Windows registry, reducing attack surface and blocking unauthorized configuration changes, privilege escalation, and lateral movement.
+
 ## November 2025
 
 - (Preview) The **Vulnerability Management** section in the Microsoft Defender portal is now located under **Exposure management**. This change is part of the vulnerability management integration to Microsoft Security Exposure Management, which significantly expands the scope and capabilities of the platform. [Learn more](#microsoft-defender-vulnerability-management-and-microsoft-security-exposure-management-integration).
@@ -73,9 +77,9 @@ Learn more about the [integration with Microsoft Security Exposure Management](/
 
 - (Preview) You can now use **CVE exceptions** to exclude specific Common Vulnerabilities and Exposures (CVEs) from analysis in your environment. CVE exceptions allow you to control what type of data is relevant to your organization and to selectively exclude certain data from your remediation efforts. For more information, see [Exceptions in Microsoft Defender Vulnerability Management](tvm-exception-overview.md) and [Create, view, and manage exceptions](tvm-exception.md).
 - (Preview) **Microsoft Secure Score now includes new recommendations** to help organizations proactively prevent common endpoint attack techniques.
-    - **Block web shell creation on servers** â€“ reduces the risk of web-based persistence and remote code execution attacks.
-    - **Block use of copied or impersonated system tools** â€“ helps prevent attacker misuse of legitimate administrative utilities for lateral movement or privilege escalation.
-    - **Block rebooting a machine in Safe Mode** â€“ helps defend against attackers who attempt to disable endpoint protection or persist through reboots.
+    - **Block web shell creation on servers** – reduces the risk of web-based persistence and remote code execution attacks.
+    - **Block use of copied or impersonated system tools** – helps prevent attacker misuse of legitimate administrative utilities for lateral movement or privilege escalation.
+    - **Block rebooting a machine in Safe Mode** – helps defend against attackers who attempt to disable endpoint protection or persist through reboots.
 
 ## November 2024
 
diff --git a/defender-vulnerability-management/windows-authenticated-scan.md b/defender-vulnerability-management/windows-authenticated-scan.md
@@ -1,4 +1,4 @@
-﻿---
+---
 title: Authenticated scan for Windows in Defender Vulnerability Management
 description: Find out about how to create Authenticated scans for Windows through Microsoft Defender Vulnerability Management.
 search.appverid: MET150
diff --git a/defender-xdr/TOC.yml b/defender-xdr/TOC.yml
@@ -240,6 +240,8 @@
             href: advanced-hunting-behaviorentities-table.md
           - name: BehaviorInfo
             href: advanced-hunting-behaviorinfo-table.md
+          - name: CampaignIno
+            href: advanced-hunting-campaigninfo-table.md            
           - name: CloudAppEvents
             href: advanced-hunting-cloudappevents-table.md
           - name: CloudAuditEvents
@@ -320,6 +322,8 @@
             href: advanced-hunting-exposuregraphedges-table.md
           - name: ExposureGraphNodes
             href: advanced-hunting-exposuregraphnodes-table.md
+          - name: FileMaliciousContentInfo
+            href: advanced-hunting-filemaliciouscontentinfo-table.md            
           - name: GraphApiAuditEvents
             href: advanced-hunting-graphapiauditevents-table.md            
           - name: IdentityAccountInfo
diff --git a/defender-xdr/advanced-hunting-campaigninfo-table.md b/defender-xdr/advanced-hunting-campaigninfo-table.md
diff --git a/defender-xdr/advanced-hunting-filemaliciouscontentinfo-table.md b/defender-xdr/advanced-hunting-filemaliciouscontentinfo-table.md
diff --git a/defender-xdr/advanced-hunting-schema-tables.md b/defender-xdr/advanced-hunting-schema-tables.md
diff --git a/defender-xdr/whats-new.md b/defender-xdr/whats-new.md
diff --git a/defender/media/defender-vulnerability-management/tvm-breach-insights.png b/defender/media/defender-vulnerability-management/tvm-breach-insights.png
diff --git a/defender/media/defender-vulnerability-management/tvm-threat-insights.png b/defender/media/defender-vulnerability-management/tvm-threat-insights.png
diff --git a/defender/media/defender-vulnerability-management/tvm-weaknesses-epss-tip.png b/defender/media/defender-vulnerability-management/tvm-weaknesses-epss-tip.png
diff --git a/defender/media/defender-vulnerability-management/tvm-weaknesses-epss.png b/defender/media/defender-vulnerability-management/tvm-weaknesses-epss.png
diff --git a/exposure-management/exposure-insights-overview.md b/exposure-management/exposure-insights-overview.md
diff --git a/exposure-management/security-recommendations.md b/exposure-management/security-recommendations.md

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`----`
	`1`	`+---`
`2`	`2`	`title: Compare Microsoft Defender Vulnerability Management plans and capabilities`
`3`	`3`	`description: Compare Defender Vulnerability Management Offerings. Learn about the differences between the plans and select the plan that suits your organization's needs.`
`4`	`4`	`search.appverid: MET150`