Merge pull request #5580 from MicrosoftDocs/main

m365-skilling-repo-management[bot] · web-flow · commit 79abf346ee9e · 2025-11-12T15:36:17.000Z
[AutoPublish] main to live - 11/12 07:34 PST | 11/12 21:04 IST
diff --git a/defender-for-cloud-apps/app-governance-get-started.md b/defender-for-cloud-apps/app-governance-get-started.md
@@ -64,6 +64,8 @@ You must have at least one of these roles to turn on app governance:
 - Compliance Admin  
 - Compliance Data Admin
 - Cloud App Security Admin
+  > [!NOTE]
+  > The Cloud App Security Admin role grants permissions turn on app governance for Microsoft Defender for Cloud Apps. However, this role doesn't grant access to view or manage app governance capabilities. To view or manage app governance capabilities, you must also have one of the other roles listed in the table  below.
 
 The following table lists the app governance capabilities for each role.
 
diff --git a/defender-for-identity/whats-new.md b/defender-for-identity/whats-new.md
@@ -1,7 +1,7 @@
 ---
 title: What's new | Microsoft Defender for Identity
 description: This article is updated frequently to let you know what's new in the latest release of Microsoft Defender for Identity.
-ms.date: 10/23/2025
+ms.date: 11/12/2025
 ms.topic: overview
 #CustomerIntent: As a Defender for Identity customer, I want to know what's new in the latest release of Defender for Identity, so that I can take advantage of new features and functionality. 
 ms.reviewer: AbbyMSFT
@@ -27,9 +27,15 @@ For updates about versions and features released six months ago or earlier, see
 
 ### New security posture assessment: Change password for on-prem account with potentially leaked credentials (Preview)
 
-The new security posture assessment lists users whose valid credentials have been leaked. For more information, see: [Change password for on-prem account with potentially leaked credentials(Preview)](/defender-for-identity/security-posture-assessments/accounts#change-password-for-on-prem-account-with-potentially-leaked-credentials-preview)
+The new security posture assessment lists users whose valid credentials have been leaked. For more information, see: [Change password for on-prem account with potentially leaked credentials (Preview)](/defender-for-identity/security-posture-assessments/accounts#change-password-for-on-prem-account-with-potentially-leaked-credentials-preview)
 
-### Expansion of identity scoping - support for Organizational units (Preview) 
+### Microsoft Defender for Identity sensor version updates
+
+|Version number |Updates |
+|---------|---------|
+|2.250|The improved event log query method captures a broader range of unique events at scale. As a result, you might notice an increase in captured activities. This update also includes security and performance improvements.|
+
+### Expansion of identity scoping: upport for Organizational units (Preview) 
 
 In addition to the GA release of scoping by Active Directory domains a few months ago, you can now scope by **Organizational Units (OUs)** as part of XDR User Role-Based Access Control (URBAC). This enhancement provides even more granular control over which entities and resources are included in security analysis.  
 For more information, see [Configure scoped access for Microsoft Defender for Identity](configure-scoped-access.md).
@@ -595,13 +601,13 @@ Changes include:
 
 - The previous **Sensitivity level** column is now renamed as **Threshold level**, with newly defined values. By default, all alerts are set to a **High** threshold, which represents the default behavior and a standard alert configuration.
 
-The following table lists the mapping between the previous **Sensitivity level** values and the new **Threshold level** values:
-
-|Sensitivity level (previous name) |Threshold level (new name) |
-|---------|---------|
-|**Normal**     |  **High**       |
-|**Medium**      |  **Medium**       |
-|**High**      |  **Low**       |
+  The following table lists the mapping between the previous **Sensitivity level** values and the new **Threshold level** values:
+  
+  |Sensitivity level (previous name) |Threshold level (new name) |
+  |---------|---------|
+  |**Normal**     |  **High**       |
+  |**Medium**      |  **Medium**       |
+  |**High**      |  **Low**       |
 
 If you had specific values defined on the **Advanced Settings** page, we transferred them to the new **Adjust alert thresholds** page as follows:
 
diff --git a/defender-xdr/configure-asset-rules.md b/defender-xdr/configure-asset-rules.md
@@ -38,9 +38,6 @@ You can create dynamic rules in the **Asset rule management** in the Microsoft D
 
 A rule can be based on device name, domain, OS platform, internet facing status, onboarding status and manual device tags. You can select or create a tag that will be applied based on the conditions you've set.
 
-> [!IMPORTANT]
-> Use of [dynamic device tagging](/defender-xdr/configure-asset-rules) capabilities in Defender for Endpoint to tag devices with `MDE-Management` isn't currently supported with security settings management. Devices tagged through this capability don't successfully enroll. This is currently under investigation.
-
 The following steps guide you on how to create a new dynamic rule in Microsoft Defender XDR:
 
 1. Sign in to the [Microsoft Defender portal](https://security.microsoft.com) as a user who can view and perform actions on all devices.
