Merge pull request #4779 from MicrosoftDocs/chrisda

chrisda · web-flow · commit 58208e45dfdd · 2025-08-19T15:14:07.000-07:00
Intune link updates
diff --git a/defender-business/mdb-configure-security-settings.md b/defender-business/mdb-configure-security-settings.md
@@ -56,7 +56,7 @@ Before you begin setting up your security policies, you'll need to choose which
 |Option|Description|
 |---|---|
 |**Microsoft Defender portal**|The Microsoft Defender portal ([https://security.microsoft.com/](https://security.microsoft.com/)) is a one-stop shop for managing your company's devices, security policies, and security settings in Defender for Business. With a simplified configuration process, you can use the Microsoft Defender portal to onboard devices, access your security policies and settings, use the [Microsoft Defender Vulnerability Management dashboard](mdb-view-tvm-dashboard.md), and [view and manage incidents](mdb-view-manage-incidents.md) in one place. <br/><br/>Note that currently, controlled folder access and attack surface reduction rules are set up and configured in the Microsoft Intune admin center.|
-|**Microsoft Intune admin center**|The Microsoft Intune admin center ([https://intune.microsoft.com/](https://intune.microsoft.com/)) lets you manage your workforce's devices and apps, including how they access your company data. You can onboard devices and access your security policies and settings in Intune. You can also use Intune to set up and configure attack surface reduction rules in Defender for Business. Intune is not included in the standalone version of Defender for Business, but it can be added on. <br/><br/>If your company has been using Intune, you can choose to continue using it to manage your devices and security policies. To learn more, see [Manage device security with endpoint security policies in Microsoft Intune](/mem/intune/protect/endpoint-security-policy)|
+|**Microsoft Intune admin center**|The Microsoft Intune admin center ([https://intune.microsoft.com/](https://intune.microsoft.com/)) lets you manage your workforce's devices and apps, including how they access your company data. You can onboard devices and access your security policies and settings in Intune. You can also use Intune to set up and configure attack surface reduction rules in Defender for Business. Intune is not included in the standalone version of Defender for Business, but it can be added on. <br/><br/>If your company has been using Intune, you can choose to continue using it to manage your devices and security policies. To learn more, see [Manage device security with endpoint security policies in Microsoft Intune](/intune/intune-service/protect/endpoint-security-policy)|
 
 If you're using Intune, and you attempt to view or edit security policies in the Microsoft Defender portal by going to **Configuration management** > **Device configuration**, you'll be prompted to choose whether to continue using Intune, or switch to using the Microsoft Defender portal instead, as shown in the following screenshot:
 
diff --git a/defender-business/mdb-faq.yml b/defender-business/mdb-faq.yml
@@ -90,7 +90,7 @@ sections:
 
           |OS|Method|Notes|
           |---|---|---|
-          |Windows|[Attack surface reduction rules](/defender-endpoint/attack-surface-reduction-rules-deployment)|On Windows devices, you can configure device control through ASR rules. You'll need [Microsoft Intune](/mem/intune/fundamentals/what-is-intune) to set up your ASR rules. Intune is not included in the standalone version of Defender for Business, but you can add it on. Intune is included in [Microsoft 365 Business Premium](/microsoft-365/business-premium). <br/><br/>[ASR capabilities in Defender for Business](mdb-asr.md)|
+          |Windows|[Attack surface reduction rules](/defender-endpoint/attack-surface-reduction-rules-deployment)|On Windows devices, you can configure device control through ASR rules. You'll need [Microsoft Intune](/intune/intune-service/fundamentals/what-is-intune) to set up your ASR rules. Intune is not included in the standalone version of Defender for Business, but you can add it on. Intune is included in [Microsoft 365 Business Premium](/microsoft-365/business-premium). <br/><br/>[ASR capabilities in Defender for Business](mdb-asr.md)|
           |Mac|Jamf or Intune|You can use Jamf or Intune to set up device control on Mac. See [Device Control for macOS](/defender-endpoint/mac-device-control-overview).|
 
       - question: How do I run custom reports with Defender for Business?
@@ -122,7 +122,7 @@ sections:
           For more information, see the following articles:
 
           - [Set up, review, and edit your security policies and settings in Microsoft Defender for Business](/defender-business/mdb-configure-security-settings)
-          - [Manage device security with endpoint security policies in Microsoft Intune](/mem/intune/protect/endpoint-security-policy)
+          - [Manage device security with endpoint security policies in Microsoft Intune](/intune/intune-service/protect/endpoint-security-policy)
 
       - question: If I'm already using Microsoft 365 Business Premium, why do I need Defender for Business?
         answer: |
diff --git a/defender-business/mdb-firewall.md b/defender-business/mdb-firewall.md
@@ -56,7 +56,7 @@ Depending on whether you're using the Microsoft Defender portal or Intune to man
 
 2. Select **Endpoint security**.
 
-3. Select **Firewall** to view your policies in that category. Custom rules that are defined for firewall protection are listed as separate policies. To get help with managing your security settings in Intune, start with [Manage endpoint security in Microsoft Intune](/mem/intune/protect/endpoint-security).
+3. Select **Firewall** to view your policies in that category. Custom rules that are defined for firewall protection are listed as separate policies. To get help with managing your security settings in Intune, start with [Manage endpoint security in Microsoft Intune](/intune/intune-service/protect/endpoint-security).
 
 ## Manage your custom rules for firewall policies in Microsoft Defender for Business
 
diff --git a/defender-business/mdb-get-started.md b/defender-business/mdb-get-started.md
@@ -40,7 +40,7 @@ Use the navigation bar on the left side of the screen to access your incidents,
 |**Learning hub**|Security training and other resources are available online at [learn.microsoft.com](https://go.microsoft.com/fwlink/?linkid=2273118). You can filter by product, skill level, role, and more. The Learning hub can help your security team ramp up on security features and capabilities in Defender for Business and more Microsoft offerings, such as [Microsoft Defender for Endpoint](/defender-endpoint/microsoft-defender-endpoint) and [Microsoft Defender for Office 365](/defender-office-365/mdo-about).|
 |**Trials**|Try additional security and compliance capabilities by adding on a trial subscription. If you do not see **Trials** in your navigation bar, and you want to add on another trial, you can take one of the following steps: <br/>- Visit the [Small Business Solutions page](https://www.microsoft.com/en-us/store/b/business?icid=CNavBusinessStore), and choose **Questions? Talk to an expert** to get some help adding on a trial subscription. <br/>- Go to the [Microsoft 365 admin center](https://admin.microsoft.com/?auth_upn=admin%40M365B614031.onmicrosoft.com&source=applauncher#/catalog), and choose **Billing** > **Purchase services**. If you need help, choose **Help & support**.|
 |**Partner catalog**|Lists Microsoft partners who provide technical and professional services.|
-|**Assets** > **Devices**|Takes you to the device inventory view, where you can view devices, such as computers and mobile devices that are enrolled in [Microsoft Intune](/mem/intune/fundamentals/what-is-intune). If no devices are onboarded yet, you can select **Onboard devices** to get started. For more information, see [Onboard devices to Microsoft Defender for Business](mdb-onboard-devices.md).|
+|**Assets** > **Devices**|Takes you to the device inventory view, where you can view devices, such as computers and mobile devices that are enrolled in [Microsoft Intune](/intune/intune-service/fundamentals/what-is-intune). If no devices are onboarded yet, you can select **Onboard devices** to get started. For more information, see [Onboard devices to Microsoft Defender for Business](mdb-onboard-devices.md).|
 |**Endpoints** > **Vulnerability management**|Enables you to access your [Microsoft Defender Vulnerability Management](/defender-vulnerability-management/defender-vulnerability-management) capabilities. Provides a dashboard, recommendations, remediation activities, a software inventory, and a list of potential weaknesses within your company.|
 |**Endpoints** > **Configuration management** > **Device configuration**|Lists your security policies by operating system and by type. To learn more about your security policies, see [View or edit policies in Defender for Business](mdb-view-edit-create-policies.md).|
 |**Email & collaboration** > **Policies & rules**|If your subscription includes Exchange Online Protection or Microsoft Defender for Office 365, this section is where you'll manage your security policies and settings for email and collaboration services. [Learn more about Office 365 security](/defender-office-365/mdo-about). *The standalone version of Defender for Business does not include email & collaboration policies, but Microsoft 365 Business Premium does include Exchange Online Protection and Defender for Office 365 Plan 1*.|
diff --git a/defender-business/mdb-mtd.md b/defender-business/mdb-mtd.md
@@ -37,15 +37,15 @@ The following table summarizes the capabilities that are included in mobile thre
 |**Microsoft Defender Vulnerability Management**<br/>Vulnerability assessment of onboarded mobile devices. Includes vulnerability assessments for operating systems and apps for Android and iOS. <br/>See [Use your vulnerability management dashboard in Microsoft Defender for Business](mdb-view-tvm-dashboard.md).|:::image type="content" source="/defender/media/d238e041-6854-4a78-9141-049224df0795.png" alt-text="Included checkmark.":::|See note 1 (below)|
 |**Network Protection** <br/>Protection against rogue Wi-Fi related threats and rogue certificates. <br/>Network protection is turned on by default with [next-generation protection](mdb-next-generation-protection.md). <br/>As part of mobile threat defense, network protection also includes the ability to allow root certification authority and private root certification authority certificates in Intune. It also establishes trust with endpoints.|See note 2 (below)|See note 2 (below)|
 |**Unified alerting** <br/>Alerts from all platforms are listed in the unified Microsoft Defender portal ([https://security.microsoft.com](https://security.microsoft.com)). In the navigation pane, choose **Incidents**). <br/>See [View and manage incidents in Microsoft Defender for Business](mdb-view-manage-incidents.md)|:::image type="content" source="/defender/media/d238e041-6854-4a78-9141-049224df0795.png" alt-text="Included checkmark.":::|:::image type="content" source="/defender/media/d238e041-6854-4a78-9141-049224df0795.png" alt-text="Included checkmark.":::|
-|**Conditional Access** and **conditional launch** <br/>[Conditional Access](/mem/intune/protect/conditional-access) and [conditional launch](/mem/intune/apps/app-protection-policies-access-actions) block risky devices from accessing corporate resources.<br/>-  Conditional Access policies require certain criteria to be met before a user can access company data on their mobile device. <br/>- Conditional launch policies enable your security team to block access or wipe devices that don't meet certain criteria.<br/>- Defender for Business risk signals can also be added to app protection policies.|Requires Intune|Requires Intune|
+|**Conditional Access** and **conditional launch** <br/>[Conditional Access](/intune/intune-service/protect/conditional-access) and [conditional launch](/intune/intune-service/apps/app-protection-policies-access-actions) block risky devices from accessing corporate resources.<br/>-  Conditional Access policies require certain criteria to be met before a user can access company data on their mobile device. <br/>- Conditional launch policies enable your security team to block access or wipe devices that don't meet certain criteria.<br/>- Defender for Business risk signals can also be added to app protection policies.|Requires Intune|Requires Intune|
 |**Privacy controls** <br/>Configure privacy in threat reports by controlling the data sent by Defender for Business. Privacy controls are available for admin and end users, and for both enrolled and unenrolled devices.|Requires Intune|Requires Intune|
-|**Integration with Microsoft Tunnel** <br/>Integration with [Microsoft Tunnel](/mem/intune/protect/microsoft-tunnel-overview), a VPN gateway solution for Intune.|Requires Intune VPN Tunnel <br/>(see note 3 below)|Requires Intune VPN Tunnel <br/>(see note 3 below)|
+|**Integration with Microsoft Tunnel** <br/>Integration with [Microsoft Tunnel](/intune/intune-service/protect/microsoft-tunnel-overview), a VPN gateway solution for Intune.|Requires Intune VPN Tunnel <br/>(see note 3 below)|Requires Intune VPN Tunnel <br/>(see note 3 below)|
 
 > [!NOTE]
 >
 > - Intune is used for software/app vulnerabilities to be reported. Operating system vulnerabilities are included by default.
 > - Use Intune to configure or manage an allow list of root certification authority and private root certification authority certificates.
-> - See [Prerequisites for the Microsoft Tunnel in Intune](/mem/intune/protect/microsoft-tunnel-prerequisites).
+> - See [Prerequisites for the Microsoft Tunnel in Intune](/intune/intune-service/protect/microsoft-tunnel-prerequisites).
 
 ## How to get mobile threat defense capabilities
 
diff --git a/defender-business/mdb-next-generation-protection.md b/defender-business/mdb-next-generation-protection.md
@@ -60,7 +60,7 @@ You can choose from several options for managing your next-generation protection
 
 4. Select an individual policy to edit it.
 
-   For help with managing your security settings in Intune, start with [Manage endpoint security in Microsoft Intune](/mem/intune/protect/endpoint-security).
+   For help with managing your security settings in Intune, start with [Manage endpoint security in Microsoft Intune](/intune/intune-service/protect/endpoint-security).
 
 ---
 
diff --git a/defender-business/mdb-offboard-devices.md b/defender-business/mdb-offboard-devices.md
@@ -28,7 +28,7 @@ Data from a device, such as alerts, vulnerabilities, and detected threats, remai
 Devices that weren't active within the last 30 days aren't factored into your organization's [exposure score](mdb-view-tvm-dashboard.md).
 
 > [!IMPORTANT]
-> The procedures in this article describe how to remove a device from monitoring by Defender for Business. If you're using Microsoft Intune to manage devices, and you prefer to remove the device from Intune, see [Remove devices by using wipe, retire, or manually unenrolling the device](/mem/intune/remote-actions/devices-wipe).
+> The procedures in this article describe how to remove a device from monitoring by Defender for Business. If you're using Microsoft Intune to manage devices, and you prefer to remove the device from Intune, see [Remove devices by using wipe, retire, or manually unenrolling the device](/intune/intune-service/remote-actions/devices-wipe).
 
 ## What to do
 
@@ -129,7 +129,7 @@ Choose the operating system for your server:
 
 You can use Microsoft Intune to manage mobile devices, such as iOS, iPadOS, and Android devices.
 
-See [Microsoft Intune device management](/mem/intune/remote-actions/device-management).
+See [Microsoft Intune device management](/intune/intune-service/remote-actions/device-management).
 
 ---
 
diff --git a/defender-business/mdb-onboard-devices.md b/defender-business/mdb-onboard-devices.md
diff --git a/defender-business/mdb-tutorials.md b/defender-business/mdb-tutorials.md
diff --git a/defender-business/mdb-view-edit-create-policies.md b/defender-business/mdb-view-edit-create-policies.md
