Merge branch 'main' into patch-1

Author: denisebmsft

.openpublishing.publish.config.json

@@ -51,7 +51,7 @@
     },
     {
       "docset_name": "defender-cloud-apps",
-      "build_source_folder": "CloudAppSecurityDocs",
+      "build_source_folder": "defender-for-cloud-apps",
       "build_output_subfolder": "defender-cloud-apps",
       "locale": "en-us",
       "monikers": [],

.openpublishing.redirection.defender-cloud-apps.json

@@ -96,7 +96,7 @@
     - name: Security, privacy, and compliance
       href: mdb-security-privacy-compliance.md
     - name: Top 10 ways to secure your business data
-      href: /Microsoft-365/business-premium/secure-your-business-data?bc=%2Fdefender-business%2Fbreadcrumb%2Ftoc.json&toc=%2Fdefender-business%2Ftoc.json
+      href: /microsoft-365/admin/security-and-compliance/m365b-security-best-practices?bc=%2Fdefender-business%2Fbreadcrumb%2Ftoc.json&toc=%2Fdefender-business%2Ftoc.json
     - name: How to get help or contact support
       href: /microsoft-365/admin/get-help-support
     - name: Frequently asked questions

defender-business/TOC.yml

@@ -86,7 +86,7 @@ When Microsoft Defender Antivirus detects threat, the following things happen:
 
 - Users receive [notifications in Windows](https://support.microsoft.com/windows/8942c744-6198-fe56-4639-34320cf9444e).
 - Detections are listed in the [Windows Security app](/windows/security/operating-system-security/system-security/windows-defender-security-center/windows-defender-security-center) on the **Protection history** page.
-- If you [secured your Windows devices](/microsoft-365/business-premium/m365bp-protect-managed-devices), the threat detections and insights are available on the **Threats and antivirus** page in the Microsoft 365 admin center at <https://admin.microsoft.com/Adminportal/Home#/activethreats>.
+- If you [secured your Windows devices](/microsoft-365/admin/security-and-compliance/m365bp-devices-enrollment), the threat detections and insights are available on the **Threats and antivirus** page in the Microsoft 365 admin center at <https://admin.microsoft.com/Adminportal/Home#/activethreats>.
 
   > [!TIP]
   > In Microsoft 365 Business Premium, if you have more than 800 devices [enrolled in Microsoft Intune](/intune/intune-service/fundamentals/deployment-guide-enroll), you're prompted to view threat detections and insights from Microsoft Intune instead of from the **Threats and antivirus** page.

defender-business/mdb-manage-devices.md

@@ -37,7 +37,7 @@ For information, see the [Microsoft Trust Center - Security](https://www.microso
 For related configuration information, see the following articles:
 
 - [Set up and configure Microsoft Defender for Business](mdb-setup-configuration.md)
-- [Microsoft 365 for business security best practices](/microsoft-365/business-premium/secure-your-business-data)
+- [Microsoft 365 for business security best practices](/microsoft-365/admin/security-and-compliance/m365b-security-best-practices)
 
 ## Privacy
 

defender-business/mdb-security-privacy-compliance.md

@@ -1,4 +1,4 @@
----
+---
 title: Access the Microsoft Defender XDR MSSP customer portal
 description: Access the Microsoft Defender XDR MSSP customer portal
 ms.service: defender-endpoint
@@ -14,19 +14,16 @@ ms.collection:
 ms.topic: how-to
 search.appverid: met150
 ms.date: 03/21/2025
----
+appliesto:
+  - Microsoft Defender for Endpoint Plan 1
+  - Microsoft Defender for Endpoint Plan 2
 
+---
 # Access the Microsoft Defender XDR MSSP customer portal
 
-**Applies to:**
-
-- [Microsoft Defender for Endpoint Plan 1](microsoft-defender-endpoint.md)
-- [Microsoft Defender for Endpoint Plan 2](microsoft-defender-endpoint.md)
-- [Microsoft Defender XDR](/defender-xdr)
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://go.microsoft.com/fwlink/p/?linkid=2225630)
 
 > [!IMPORTANT]
 > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
@@ -54,3 +51,4 @@ Use the following steps to obtain the MSSP customer tenant ID and then use the I
 - [Configure alert notifications](configure-mssp-notifications.md)
 - [Fetch alerts from customer tenant](api/fetch-alerts-mssp.md)
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
+

defender-endpoint/access-mssp-portal.md

@@ -3,6 +3,8 @@ title: Submit files in Microsoft Defender for Endpoint
 description: Learn how to use the unified submissions feature in Microsoft Defender XDR to submit suspicious emails, URLs, email attachments, and files to Microsoft for scanning.
 search.appverid: met150
 ms.date: 05/06/2024
+appliesto:
+  - Microsoft Defender for Endpoint
 ms.service: defender-endpoint
 ms.author: bagol
 author: batamig
@@ -20,12 +22,6 @@ ms.custom: FPFN
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
-**Applies to**
-
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146806)
-- [Microsoft Defender XDR](/defender-xdr)
-
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-usewdatp-abovefoldlink).
 
 In Microsoft Defender for Endpoint, admins can use the unified submissions feature to submit files and file hashes (SHAs) to Microsoft for review. The unified submissions experience is a one-stop shop for submitting emails, URLs, email attachments, and files in one, easy-to-use submission experience. Admins can use the Microsoft Defender portal or the Microsoft Defender for Endpoint Alert page to submit suspicious files.
 

defender-endpoint/admin-submissions-mde.md

@@ -1,4 +1,4 @@
----
+---
 title: Advanced technologies at the core of Microsoft Defender Antivirus
 description: Microsoft Defender Antivirus engines and advanced technologies
 author: batamig
@@ -13,18 +13,14 @@ ms.localizationpriority: medium
 ms.custom: partner-contribution
 f1.keyboards: NOSCH
 audience: ITPro
+appliesto:
+  - Microsoft Defender for Endpoint Plan 1
+  - Microsoft Defender for Endpoint Plan 2
+  - Microsoft Defender for Business
+  - Microsoft Defender for Individuals
 ---
-
 # Advanced technologies at the core of Microsoft Defender Antivirus
 
-**Applies to:**
-
-- [Microsoft Defender XDR](/defender-xdr)
-- [Microsoft Defender for Endpoint Plan 2](microsoft-defender-endpoint.md)
-- [Microsoft Defender for Business](https://www.microsoft.com/security/business/endpoint-security/microsoft-defender-business)
-- [Microsoft Defender for Endpoint Plan 1](microsoft-defender-endpoint.md)
-- Microsoft Defender Antivirus
-- [Microsoft Defender for Individuals](https://www.microsoft.com/microsoft-365/microsoft-defender-for-individuals?msockid=0f1c3b9963366db31ba02e78621b6c1e#Overview)
 
 Microsoft Defender Antivirus and the multiple engines that lead to the advanced detection and prevention technologies under the hood to detect and stop a wide range of threats and attacker techniques at multiple points, as depicted in the following diagram:
 
@@ -101,3 +97,4 @@ We focus on every industry.
 When you're pen-testing, you should demand where no human analysts are engaged on detect/protect, to see how the actual antivirus engine (prebreach) efficacy truly is, and a separate one where human analysts are engaged. You can add [Microsoft Defender Experts for XDR](/defender-xdr/dex-xdr-overview) a managed extended detection and response service to augment your SOC.
 
 The ***continuous iterative enhancement*** each of these engines to be increasingly effective at catching the latest strains of malware and attack methods. These enhancements show up in consistent [top scores in industry tests](/defender-xdr/top-scoring-industry-tests), but more importantly, translate to [threats and malware outbreaks](https://www.microsoft.com/security/blog/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/) stopped and [more customers protected](https://www.microsoft.com/security/blog/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise/).
+

defender-endpoint/adv-tech-of-mdav.md

@@ -1,4 +1,4 @@
----
+---
 title: Configure advanced features in Microsoft Defender for Endpoint
 description: Turn on advanced features such as block file in Microsoft Defender for Endpoint.
 ms.service: defender-endpoint
@@ -15,19 +15,16 @@ ms.topic: how-to
 ms.subservice: onboard
 search.appverid: met150
 ms.date: 02/25/2025
----
+appliesto:
+  - Microsoft Defender for Endpoint Plan 2
 
+---
 # Configure advanced features in Defender for Endpoint
 
-**Applies to:**
-- [Microsoft Defender for Endpoint Plan 2](microsoft-defender-endpoint.md)
-- [Microsoft Defender XDR](/defender-xdr)
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
 
-> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://go.microsoft.com/fwlink/p/?linkid=2225630)
-
 Depending on the Microsoft security products that you use, some advanced features might be available for you to integrate Defender for Endpoint with.
 
 ## Enable advanced features
@@ -219,3 +216,4 @@ For proactive hunting across the full scope of Microsoft Defender XDR, including
 - [Configure alert notifications](/defender-xdr/configure-email-notifications)
 
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
+

defender-endpoint/advanced-features.md

@@ -15,6 +15,9 @@ ms.collection:
 - mde-edr
 ms.topic: article
 ms.date: 03/26/2025
+appliesto:
+- Microsoft Defender for Endpoint Plan 1
+- Microsoft Defender for Endpoint Plan 2
 ms.subservice: edr
 search.appverid: met150
 ---
@@ -23,11 +26,7 @@ search.appverid: met150
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
-**Applies to:**
-- [Microsoft Defender for Endpoint Plan 1](microsoft-defender-endpoint.md)
-- [Microsoft Defender for Endpoint Plan 2](microsoft-defender-endpoint.md)
 
-> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://go.microsoft.com/fwlink/p/?linkid=2225630)
 
 Learn how you can view and manage the queue so that you can effectively investigate threats seen on entities such as devices, files, or user accounts.
 
@@ -43,4 +42,5 @@ Topic|Description
 [Investigate an IP address](investigate-ip.md)|Examine possible communication between devices in your network and external internet protocol (IP) addresses.
 [Investigate a domain](investigate-domain.md)|Investigate a domain to see if devices and servers in your network have been communicating with a known malicious domain.
 [Investigate a user account](investigate-user.md)|Identify user accounts with the most active alerts and investigate cases of potential compromised credentials.
+
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]