updated text

diannegali · diannegali · commit 645ae1f0b205 · 2025-04-25T10:15:54.000+01:00
diff --git a/defender-xdr/phishing-triage-agent.md b/defender-xdr/phishing-triage-agent.md
@@ -14,7 +14,7 @@ ms.collection:
 - tier1
 - security-copilot
 - magic-ai-copilot 
-ms.topic: how-to
+ms.topic: concept-article
 search.appverid:
 - MOE150
 - MET150
@@ -36,9 +36,9 @@ Phishing remains one of the most common ways attackers gain initial access. It a
 
 To help security teams address phishing efficiently, Microsoft Security Copilot is introducing the Phishing Triage Agent in Microsoft Defender. This AI-powered virtual agent is designed to scale security teams' response in triaging and classifying user-submitted phishing incidents, allowing organizations to improve their efficiency by reducing manual effort and streamlining their phishing response.
 
-The Phishing Triage Agent uses advanced large language model (LLM)-based analysis to understand the content of reported emails and autonomously determine whether a submission is a genuine phishing attempt or a false alarm. Unlike rule-based systems, it does not rely on predefined input or code to operate. Instead, it applies dynamic reasoning to analyze and act on incoming reports at scale.
+The Phishing Triage Agent uses advanced large language model (LLM)-based analysis to understand the content of reported emails and autonomously determine whether a submission is a genuine phishing attempt or a false alarm. Unlike rule-based systems, it doesn't rely on predefined input or code to operate. Instead, it applies dynamic reasoning to analyze and act on incoming reports at scale.
 
-By removing false positives from the queue, the agent significantly reduces the team's manual workload and allows them to focus on higher-priority tasks. With this automation, security teams can more efficiently process hundreds or thousands of phishing submissions, accelerating detection and response for incidents that require immediate attention
+By removing false alarms from the queue, the agent significantly reduces the team's manual workload and allows them to focus on higher-priority tasks. With this automation, security teams can more efficiently process hundreds or thousands of phishing submissions, accelerating detection and response for incidents that require immediate attention.
 
 ## Overview
 
diff --git a/defender-xdr/security-copilot-agents-defender.md b/defender-xdr/security-copilot-agents-defender.md
@@ -33,30 +33,20 @@ Microsoft Security Copilot agents are available in Microsoft Defender to help yo
 
 ## Agents in Microsoft Defender
 
-> [!IMPORTANT]
-> Some information in this article relates to a prereleased product, which may be substantially modified before it's commercially released. Microsoft makes no warranties expressed or implied, with respect to the information provided here.
-
 ### Phishing Triage Agent
 
 The [Phishing Triage Agent](phishing-triage-agent.md) helps security operations analysts to triage and classify user-submitted phishing incidents. The agent operates autonomously, provides a transparent rationale for its classification verdicts in natural language, and continuously learns and improves its accuracy based on feedback provided by analysts.
 
 #### Trigger
 
-The agent is triggered when a user in your organization submits a phishing incident. The agent automatically analyzes the submitted email to classify them as either phishing or not phishing based on its training and the context of the organization.
-
-#### Role-based access
-
-A Security Administrator role is required to setup and manage the agent. Users with the same permissions as the agent can view the agent's output.
-
-#### Identity
-
-The agent runs in the context of the identity you associate with it. The agent uses the identity to access the data it needs to perform its tasks.
+The agent is triggered when a user in your organization submits a phishing incident. The agent autonomously analyzes the submitted email to classify them as either phishing or not phishing based on its training and the context of the organization.
 
 #### Products
 
 Tenants must have the following products enabled to use the agent:
 
-- Microsoft Defender for Office 365 Plan 2
+- An active subscription to Security Copilot and provisioned capacity in Security Compute Units (SCU) to power Security Copilot workload. See [Get started with Security Copilot](/copilot/security/get-started-security-copilot) for more information.
+- Microsoft Defender for Office 365 Plan 2 deployed
 
 #### Plugins
 
