Merge pull request #2075 from MicrosoftDocs/main

Publish main to live, 12/02/24, 3:30 PM PT

Author: Ruchika-mittal01

CloudAppSecurityDocs/app-governance-faq.yml

@@ -2,6 +2,7 @@
 metadata:
   title: Frequently asked questions about app governance
   description: Get answers to your questions about app governance.
+  ms.date: 05/28/2023
 
 title: Frequently asked questions about app governance
 summary: |

defender-endpoint/attack-surface-reduction-rules-reference.md

@@ -15,7 +15,7 @@ ms.collection:
 - m365-security
 - tier2
 - mde-asr
-ms.date: 11/18/2024
+ms.date: 12/02/2024
 search.appverid: met150
 ---
 
@@ -528,9 +528,6 @@ Dependencies: Microsoft Defender Antivirus
 
 This rule prevents malware from abusing WMI to attain persistence on a device.
 
-> [!IMPORTANT]
-> File and folder exclusions don't apply to this attack surface reduction rule.
-
 Fileless threats employ various tactics to stay hidden, to avoid being seen in the file system, and to gain periodic execution control. Some threats can abuse the WMI repository and event model to stay hidden.
 
 > [!NOTE]

defender-endpoint/ios-troubleshoot.md

@@ -14,7 +14,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: ios
 search.appverid: met150
-ms.date: 06/19/2024
+ms.date: 12/02/2024
 ---
 
 # Troubleshoot issues and find answers to FAQs on Microsoft Defender for Endpoint on iOS
@@ -28,12 +28,11 @@ ms.date: 06/19/2024
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
- 
 This article provides troubleshooting information to help you address issues that might arise with Microsoft Defender for Endpoint on iOS.
 
 > [!NOTE]
 > - Defender for Endpoint on iOS requires configuring its VPN to activate the Web Protection feature and to send periodic status signals while the app operates in the background. This VPN is local and pass-through, meaning it does not route traffic through a remote VPN server.
-> - Customers who opt not to set up a Defender for Endpoint VPN can disable Web Protection and still deploy Defender for Endpoint. In such cases, Defender for Endpoint will only send status signals to the Microsoft Defender portal when the user opens the app. If the app is not opened for 7 days, the device may be marked as inactive in the Microsoft Defender Portal.
+> - Customers who opt not to set up a Defender for Endpoint VPN can disable Web Protection and still deploy Defender for Endpoint. In such cases, Defender for Endpoint will only send status signals to the Microsoft Defender portal when the user opens the app. If the app is not opened for seven days, the device may be marked as inactive in the Microsoft Defender portal.
 
 ## Apps don't work when VPN is turned on
 
@@ -88,12 +87,12 @@ In addition, a notification is shown on the iOS device. Tapping on the notificat
 > [!div class="mx-imgBorder"]
 > :::image type="content" source="media/ios-phish-alert.png" alt-text="The site reported as unsafe notification" lightbox="media/ios-phish-alert.png":::
 
-## Device not seen on the Defender for Endpoint console after onboarding
+## Device not seen in the Microsoft Defender portal after onboarding
 
-After onboarding, it takes few hours for device to show up in the Device inventory in the Defender for Endpoint security console. Also, ensure that device is registered correctly with Microsoft Entra ID and device has internet connectivity. For successful onboarding, the device has to be registered via Microsoft Authenticator or Intune Company Portal and the user needs to sign-in using the same account with which device is registered with Microsoft Entra ID.
+After onboarding, it takes few hours for device to show up in the Device inventory in the Microsoft Defender portal. Also, ensure that device is registered correctly with Microsoft Entra ID and device has internet connectivity. For successful onboarding, the device has to be registered via Microsoft Authenticator or Intune Company Portal and the user needs to sign-in using the same account with which device is registered with Microsoft Entra ID.
 
 > [!NOTE]
-> Sometimes, the device name is not consistent with that in Microsoft Intune admin center. The device name in Defender for Endpoint console is of the format <username_iPhone/iPad model>. You can also use Microsoft Entra device ID to identify the device in the Defender for Endpoint console.
+> Sometimes, the device name is not consistent with that in Microsoft Intune admin center. The device name in the Microsoft Defender portal is of the format <username_iPhone/iPad*>. You can also use your Microsoft Entra device ID to identify the device in the Microsoft Defender portal.
 
 ## Data and Privacy
 

defender-endpoint/linux-whatsnew.md

@@ -6,7 +6,7 @@ ms.author: deniseb
 author: denisebmsft
 ms.reviewer: kumasumit, gopkr
 ms.localizationpriority: medium
-ms.date: 11/13/2024
+ms.date: 12/02/2024
 manager: deniseb
 audience: ITPro
 ms.collection:
@@ -56,7 +56,7 @@ Nov-2024 Build: 101.24092.0002 | Release version: 30.124092.0002.0
 <details>
 <summary> Oct-2024 (Build: 101.24082.0004 | Release version: 30.124082.0004.0)</summary>
 
-## Sept-2024 Build: 101.24082.0004 | Release version: 30.124082.0004.0
+## Oct-2024 Build: 101.24082.0004 | Release version: 30.124082.0004.0
 
 &ensp;Released: **October 15, 2024**<br/>
 &ensp;Published: **October 15, 2024**<br/>

defender-endpoint/mac-install-with-intune.md

@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: macos
 search.appverid: met150
-ms.date: 10/28/2024
+ms.date: 12/02/2024
 ---
 
 # Deploy Microsoft Defender for Endpoint on macOS with Microsoft Intune
@@ -337,7 +337,7 @@ For more information, see [Set preferences for Microsoft Defender for Endpoint o
 
 ### Step 10: Network protection for Microsoft Defender for Endpoint on macOS
 
-In the [Microsoft Defender portal](https://sip.security.microsoft.com/homepage?tid=72f988bf-86f1-41af-91ab-2d7cd011db47):
+In the [Microsoft Defender portal](https://sip.security.microsoft.com/homepage):
 
 1. Go to **Configuration management** > **Endpoint security policies** > **Mac policies** > **Create new policy**.
 

defender-endpoint/mac-jamfpro-policies.md

@@ -2,9 +2,10 @@
 title: Set up the Microsoft Defender for Endpoint on macOS policies in Jamf Pro
 description: Learn how to set up the Microsoft Defender for Endpoint on macOS policies in Jamf Pro.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: denisebmsft
+ms.author: deniseb
 manager: deniseb
+ms.reviewer: yongrhee
 ms.localizationpriority: medium
 audience: ITPro
 ms.collection: 
@@ -14,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: macos
 search.appverid: met150
-ms.date: 09/30/2024
+ms.date: 12/02/2024
 ---
 
 # Set up the Microsoft Defender for Endpoint on macOS policies in Jamf Pro
@@ -115,7 +116,7 @@ In this step, we go over *Preferences* so you can configure anti-malware and EDR
 
 1. Follow the guidance in [Configure Microsoft Defender for Endpoint in Intune](/mem/intune/protect/advanced-threat-protection-configure) before setting the security policies using Microsoft Defender.
 
-2. In the [Microsoft Defender portal](https://sip.security.microsoft.com/homepage?tid=72f988bf-86f1-41af-91ab-2d7cd011db47), go to **Configuration management** > **Endpoint security policies** > **Mac policies** > **Create new policy**.
+2. In the [Microsoft Defender portal](https://sip.security.microsoft.com/homepage), go to **Configuration management** > **Endpoint security policies** > **Mac policies** > **Create new policy**.
 
 3. Under **Select Platform**, select **macOS**.
 

defender-endpoint/mtd.md

@@ -1,13 +1,13 @@
 ---
 title: Microsoft Defender for Endpoint - Mobile Threat Defense
-ms.reviewer: tdoucette, sunasing
+ms.reviewer: tdoucette, sunasing, denishdonga
 description: Overview of Mobile Threat Defense in Microsoft Defender for Endpoint
 ms.service: defender-endpoint
 ms.subservice: onboard
-ms.author: denishdonga
-author: denishdonga27 
+ms.author: deniseb
+author: denisebmsft  
 ms.localizationpriority: medium
-ms.date: 11/15/2024
+ms.date: 12/02/2024
 manager: deniseb
 audience: ITPro
 ms.collection: 
@@ -37,7 +37,7 @@ Microsoft Defender for Endpoint on Android and iOS provides the below key capabi
 |Capability|Description|
 |---|---|
 |Web Protection|Anti-phishing, blocking unsafe network connections, and support for custom indicators for URLs and domains. (File and IP indicators aren't currently supported.)|
-|Malware Protection (Android-only)|Scanning for malicious apps.|
+|Malware Protection (Android-only)|Scanning for malicious apps and APK Files.|
 |Jailbreak Detection (iOS-only)|Detection of jailbroken devices.|
 |Microsoft Defender Vulnerability Management (MDVM) |Vulnerability assessment of onboarded mobile devices. Includes OS and Apps vulnerabilities assessment for both Android and iOS. Visit this [page](/defender-vulnerability-management/defender-vulnerability-management) to learn more about Microsoft Defender Vulnerability Management in Microsoft Defender for Endpoint.|
 |Network Protection | Protection against rogue Wi-Fi related threats and rogue certificates; ability to add to the "allow" list the root CA and private root CA certificates in Intune; establish trust with endpoints.|

defender-endpoint/supported-capabilities-by-platform.md

@@ -13,7 +13,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: onboard
 search.appverid: met150
-ms.date: 09/23/2024
+ms.date: 12/02/2024
 ---
 
 # Supported Microsoft Defender for Endpoint capabilities by platform
@@ -51,7 +51,7 @@ The following table gives information about the supported Microsoft Defender for
 |[Passive Mode](microsoft-defender-antivirus-compatibility.md)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|
 |Sense detection sensor|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|
 |Endpoint & network device discovery|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg) <sup>[5]</sup>|![No](media/svg/check-no.svg)|![No](media/svg/check-no.svg)|
-|[Vulnerability management](/defender-vulnerability-management/defender-vulnerability-management)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|
+|[Vulnerability management](/defender-vulnerability-management/defender-vulnerability-management)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg)|![Yes.](media/svg/check-yes.svg) <sup>[6]</sup>|
 ||||||
 |**Response**     |         |         |         ||
 |[Automated Investigation & Response (AIR)](automated-investigations.md)        | ![Yes.](media/svg/check-yes.svg)        | ![Yes.](media/svg/check-yes.svg)  |  ![No](media/svg/check-no.svg)       |  ![No](media/svg/check-no.svg)        |
@@ -71,6 +71,7 @@ The following table gives information about the supported Microsoft Defender for
 
 <sup>[5]</sup> Endpoint & network device discovery is supported on Windows Server 2019 or later, Windows 10, and Windows 11.
 
+<sup>[6]</sup>  Microsoft Defender Vulnerability Management is not supported on Rocky and Alma currently.
 > [!NOTE]
 > Windows 7, 8.1, Windows Server 2008 R2 include support for the EDR sensor, and antivirus using System Center Endpoint Protection (SCEP).
 

defender-office-365/TOC.yml

@@ -27,6 +27,8 @@
        href: mail-flow-about.md
      - name: Microsoft Defender portal overview
        href: /defender-xdr/microsoft-365-defender-portal
+     - name: Integrate non-Microsoft security services with Microsoft 365
+       href: mdo-integrate-security-service.md
 
    - name: Evaluate
      items: