Merge pull request #579 from cwatson-cat/5-29-24-usx-prod-def

denisebmsft · web-flow · commit 44d18c7b6ad7 · 2024-05-29T13:44:53.000-07:00
Sentinel - USX production ready - rmv preview
diff --git a/defender-xdr/automatic-attack-disruption.md b/defender-xdr/automatic-attack-disruption.md
@@ -18,7 +18,7 @@ ms.topic: conceptual
 search.appverid: 
   - MOE150
   - MET150
-ms.date: 02/21/2024
+ms.date: 05/29/2024
 ---
 
 # Automatic attack disruption in Microsoft Defender XDR
@@ -71,7 +71,7 @@ Automatic attack disruption uses Microsoft-based XDR response actions. Examples
 
 For more information, see [remediation actions](m365d-remediation-actions.md) in Microsoft Defender XDR.
 
-### Automated response actions for SAP with Microsoft Sentinel (Preview)
+### Automated response actions for SAP with Microsoft Sentinel
 
 If you're using the [unified security operations platform](microsoft-sentinel-onboard.md) and you deployed the Microsoft Sentinel solution for SAP applications, you can also deploy automatic attack disruption for SAP.
 
diff --git a/defender-xdr/entity-page-device.md b/defender-xdr/entity-page-device.md
@@ -314,6 +314,6 @@ Response actions run along the top of a specific device page and include:
 - [User entity page in Microsoft Defender](investigate-users.md)
 - [IP address entity page in Microsoft Defender](entity-page-ip.md)
 - [Microsoft Defender XDR integration with Microsoft Sentinel](microsoft-365-defender-integration-with-azure-sentinel.md)
-- [Connect Microsoft Sentinel to Microsoft Defender XDR (preview)](microsoft-sentinel-onboard.md)
+- [Connect Microsoft Sentinel to Microsoft Defender XDR](microsoft-sentinel-onboard.md)
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/defender-m3d-techcommunity.md)]
diff --git a/defender-xdr/entity-page-ip.md b/defender-xdr/entity-page-ip.md
@@ -127,5 +127,5 @@ Response actions run along the top of a specific IP entity page and include:
 - [Device entity page in Microsoft Defender](entity-page-device.md)
 - [User entity page in Microsoft Defender](investigate-users.md)
 - [Microsoft Defender XDR integration with Microsoft Sentinel](microsoft-365-defender-integration-with-azure-sentinel.md)
-- [Connect Microsoft Sentinel to Microsoft Defender XDR (preview)](microsoft-sentinel-onboard.md)
+- [Connect Microsoft Sentinel to Microsoft Defender XDR](microsoft-sentinel-onboard.md)
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
diff --git a/defender-xdr/investigate-users.md b/defender-xdr/investigate-users.md
@@ -265,7 +265,7 @@ As needed for in-process incidents, continue your [investigation](investigate-in
 - [Device entity page in Microsoft Defender](entity-page-device.md)
 - [IP address entity page in Microsoft Defender](entity-page-ip.md)
 - [Microsoft Defender XDR integration with Microsoft Sentinel](microsoft-365-defender-integration-with-azure-sentinel.md)
-- [Connect Microsoft Sentinel to Microsoft Defender XDR (preview)](microsoft-sentinel-onboard.md)
+- [Connect Microsoft Sentinel to Microsoft Defender XDR](microsoft-sentinel-onboard.md)
 
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/defender-m3d-techcommunity.md)]
diff --git a/defender-xdr/microsoft-365-defender-portal.md b/defender-xdr/microsoft-365-defender-portal.md
@@ -204,7 +204,7 @@ Keep exploring the features and capabilities in the Defender portal:
 - [Email & collaboration alerts](/Microsoft-365/compliance/alert-policies#default-alert-policies)
 - [Create a phishing attack simulation](/defender-office-365/attack-simulation-training-simulations) and [create a payload for training your teams](/defender-office-365/attack-simulation-training-payloads)
 
-To explore capabilities related to the Microsoft Sentinel integration with Microsoft Defender XDR in the unified security operations platform (preview), see [Microsoft Sentinel in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2263690).
+To explore capabilities related to the Microsoft Sentinel integration with Microsoft Defender XDR in the unified security operations platform, see [Microsoft Sentinel in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2263690).
 
 ## Training for security analysts
 
diff --git a/defender-xdr/microsoft-sentinel-onboard.md b/defender-xdr/microsoft-sentinel-onboard.md
@@ -1,5 +1,5 @@
 ---
-title: Connect Microsoft Sentinel to Microsoft Defender XDR (preview)
+title: Connect Microsoft Sentinel to Microsoft Defender XDR
 description: Learn how to connect your Microsoft Sentinel environment to Microsoft Defender XDR to unify your security operations.
 ms.service: defender-xdr
 f1.keywords: 
@@ -22,25 +22,23 @@ search.appverid:
 appliesto:
     - Microsoft Defender XDR
     - Microsoft Sentinel in the Microsoft Defender portal
-ms.date: 04/03/2024
+ms.date: 05/29/2024
 ---
 
-# Connect Microsoft Sentinel to Microsoft Defender XDR (preview)
+# Connect Microsoft Sentinel to Microsoft Defender XDR
 
-Microsoft Sentinel is available as part of the public preview for the unified security operations platform in the Microsoft Defender portal. When you onboard Microsoft Sentinel to the Microsoft Defender portal, you unify capabilities with Microsoft Defender XDR like incident management and advanced hunting. Reduce tool switching and build a more context-focused investigation that expedites incident response and stops breaches faster. For more information, see:
+Microsoft Sentinel is available as part of the unified security operations platform in the Microsoft Defender portal. Microsoft Sentinel in the Defender portal is now supported for production use. When you onboard Microsoft Sentinel to the Microsoft Defender portal, you unify capabilities with Microsoft Defender XDR like incident management and advanced hunting. Reduce tool switching and build a more context-focused investigation that expedites incident response and stops breaches faster. For more information, see:
 
 - [Microsoft Sentinel in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2263690)
 - [Unified security operations platform with Microsoft Sentinel and Defender XDR](https://aka.ms/unified-soc-announcement)
 
-> [!IMPORTANT]
-> Information in this article relates to a prerelease product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
-
 ## Prerequisites
 
-Before you begin, review the feature documentation to understand the product changes and limitations: 
-   - [Microsoft Sentinel in the Microsoft Defender portal](/azure/sentinel/microsoft-sentinel-defender-portal)
-   - [Advanced hunting in the Microsoft Defender portal](advanced-hunting-microsoft-defender.md)
-   - [Automation with the unified security operations platform](/azure/sentinel/automation#automation-with-the-unified-security-operations-platform)
+Before you begin, review the feature documentation to understand the product changes and limitations:
+
+- [Microsoft Sentinel in the Microsoft Defender portal](/azure/sentinel/microsoft-sentinel-defender-portal)
+- [Advanced hunting in the Microsoft Defender portal](advanced-hunting-microsoft-defender.md)
+- [Automation with the unified security operations platform](/azure/sentinel/automation#automation-with-the-unified-security-operations-platform)
 
 The Microsoft Defender portal supports a single Microsoft Entra tenant and the connection to one workspace at a time. In the context of this article, a workspace is a Log Analytics workspace with Microsoft Sentinel enabled.
 
@@ -133,3 +131,4 @@ If you want to connect to a different workspace, from the **Workspaces** page, s
 - [Advanced hunting in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2264410)
 - [Automatic attack disruption in Microsoft Defender XDR](automatic-attack-disruption.md)
 - [Investigate incidents in Microsoft Defender XDR](investigate-incidents.md)
+- [Optimize your security operations](/azure/sentinel/soc-optimization/soc-optimization-access?tabs=defender-portal)
diff --git a/includes/unified-soc-preview-no-alert.md b/includes/unified-soc-preview-no-alert.md
@@ -1,7 +1,7 @@
 ---
 title: "include file" 
 description: "include file" 
-ms.date: 03/27/2024
+ms.date: 05/29/2024
 manager: dansimp
 ms.author: cwatson
 author: cwatson-cat
@@ -10,4 +10,4 @@ ms.topic: include
 ms.custom: "include file"
 ---
 
-Microsoft Sentinel is available as part of the public preview for the unified security operations platform in the Microsoft Defender portal. For more information, see [Microsoft Sentinel in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2263690).
+Microsoft Sentinel is available as part of the unified security operations platform in the Microsoft Defender portal. Microsoft Sentinel in the Defender portal is now supported for production use. For more information, see [Microsoft Sentinel in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2263690).
diff --git a/includes/unified-soc-preview.md b/includes/unified-soc-preview.md
@@ -1,7 +1,7 @@
 ---
 title: "include file" 
 description: "include file" 
-ms.date: 03/27/2024
+ms.date: 05/29/2024
 manager: dansimp
 ms.author: cwatson
 author: cwatson-cat
@@ -11,4 +11,4 @@ ms.custom: "include file"
 ---
 
 > [!IMPORTANT]
-> Microsoft Sentinel is available as part of the public preview for the unified security operations platform in the Microsoft Defender portal. For more information, see [Microsoft Sentinel in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2263690).
+> Microsoft Sentinel is available as part of the unified security operations platform in the Microsoft Defender portal. Microsoft Sentinel in the Defender portal is now supported for production use. For more information, see [Microsoft Sentinel in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2263690).
