Merge branch 'main' into maccruz-quotaupdates

Author: schmurky

defender-endpoint/endpoint-attack-notifications.md

@@ -12,9 +12,10 @@ ms.collection:
 - m365-security
 - tier2
 ms.topic: conceptual
+ms.custom: cx-ean
 ms.subservice: edr
 search.appverid: met150
-ms.date: 08/15/2024
+ms.date: 10/30/2024
 ---
 
 # Endpoint Attack Notifications

defender-endpoint/evaluate-mda-using-mde-security-settings-management.md

@@ -12,9 +12,10 @@ ms.collection:
 - m365-security
 - tier2
 ms.topic: conceptual
+ms.custom: cx-ean
 ms.subservice: edr
 search.appverid: met150
-ms.date: 05/13/2024
+ms.date: 10/30/2024
 ---
 
 # Evaluate Microsoft Defender Antivirus using Microsoft Defender Endpoint Security Settings Management (Endpoint security policies)

defender-xdr/access-den-graph-api.md

@@ -13,8 +13,9 @@ ms.collection:
   - m365-security
   - tier1
 ms.topic: conceptual
+ms.custom: cx-dex
 search.appverid: met150
-ms.date: 08/14/2024
+ms.date: 10/30/2024
 ---
 
 # Access incident notifications using Graph API

defender-xdr/additional-information-xdr.md

@@ -16,8 +16,9 @@ ms.collection:
   - m365-security
   - tier1
 ms.topic: conceptual
+ms.custom: cx-dex
 search.appverid: met150
-ms.date: 11/10/2023
+ms.date: 10/30/2024
 ---
 
 # Important considerations for Microsoft Defender Experts for XDR

defender-xdr/advanced-hunting-behaviorentities-table.md

@@ -20,7 +20,7 @@ ms.topic: reference
 ms.date: 12/29/2023
 ---
 
-# BehaviorEntities
+# BehaviorEntities (Preview)
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
@@ -32,6 +32,9 @@ The `BehaviorEntities` table in the [advanced hunting](advanced-hunting-overview
 > [!IMPORTANT]
 > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
+> [!IMPORTANT]
+> Behaviors feature is now in preview. Have feedback to share? Fill out our [feedback form](https://forms.office.com/r/x0mX5hBkGu).
+
 Behaviors are a type of data in Microsoft Defender XDR based on one or more raw events. Behaviors provide contextual insight into events and can, but not necessarily, indicate malicious activity. [Read more about behaviors](/defender-cloud-apps/behaviors)
 
 For information on other tables in the advanced hunting schema, [see the advanced hunting reference](advanced-hunting-schema-tables.md).

defender-xdr/advanced-hunting-behaviorinfo-table.md

@@ -20,7 +20,7 @@ ms.topic: reference
 ms.date: 12/29/2023
 ---
 
-# BehaviorInfo
+# BehaviorInfo (Preview)
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
@@ -36,6 +36,9 @@ The `BehaviorInfo` table in the [advanced hunting](advanced-hunting-overview.md)
 > [!IMPORTANT]
 > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
+> [!IMPORTANT]
+> Behaviors feature is now in preview. Have feedback to share? Fill out our [feedback form](https://forms.office.com/r/x0mX5hBkGu).
+
 Behaviors are a type of data in Microsoft Defender XDR based on one or more raw events. Behaviors provide contextual insight into events and can, but not necessarily, indicate malicious activity. [Read more about behaviors](/defender-cloud-apps/behaviors)
 
 For information on other tables in the advanced hunting schema, [see the advanced hunting reference](advanced-hunting-schema-tables.md).

defender-xdr/advanced-hunting-schema-tables.md

@@ -57,8 +57,8 @@ The following reference lists all the tables in the schema. Each table name link
 | **[AADSpnSignInEventsBeta](advanced-hunting-aadspnsignineventsbeta-table.md)** | Microsoft Entra service principal and managed identity sign-ins |
 | **[AlertEvidence](advanced-hunting-alertevidence-table.md)** | Files, IP addresses, URLs, users, or devices associated with alerts |
 | **[AlertInfo](advanced-hunting-alertinfo-table.md)** | Alerts from Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Cloud Apps, and Microsoft Defender for Identity, including severity information and threat categorization  |
-| **[BehaviorEntities](advanced-hunting-behaviorentities-table.md)** | Behavior data types in Microsoft Defender for Cloud Apps |
-| **[BehaviorInfo](advanced-hunting-behaviorinfo-table.md)** | Alerts from Microsoft Defender for Cloud Apps |
+| **[BehaviorEntities](advanced-hunting-behaviorentities-table.md)** (Preview) | Behavior data types in Microsoft Defender for Cloud Apps |
+| **[BehaviorInfo](advanced-hunting-behaviorinfo-table.md)** (Preview) | Alerts from Microsoft Defender for Cloud Apps |
 | **[CloudAppEvents](advanced-hunting-cloudappevents-table.md)** | Events involving accounts and objects in Office 365 and other cloud apps and services |
 | **[DeviceEvents](advanced-hunting-deviceevents-table.md)** | Multiple event types, including events triggered by security controls such as Microsoft Defender Antivirus and exploit protection |
 | **[DeviceFileCertificateInfo](advanced-hunting-DeviceFileCertificateInfo-table.md)** | Certificate information of signed files obtained from certificate verification events on endpoints |

defender-xdr/auditing.md

@@ -14,8 +14,9 @@ ms.collection:
   - tier1
   - essentials-manage
 ms.topic: conceptual
+ms.custom: cx-dex
 search.appverid: met150
-ms.date: 05/29/2023
+ms.date: 10/30/2024
 ---
 
 # Auditing

defender-xdr/before-you-begin-defender-experts.md

@@ -15,6 +15,7 @@ ms.collection:
   - tier1
   - essentials-compliance
 ms.topic: conceptual
+ms.custom: cx-ean
 search.appverid: met150
 ms.date: 08/14/2024
 ---

defender-xdr/before-you-begin-xdr.md

@@ -14,8 +14,9 @@ ms.collection:
   - tier1
   - essentials-compliance
 ms.topic: conceptual
+ms.custom: cx-dex
 search.appverid: met150
-ms.date: 06/19/2023
+ms.date: 10/31/2024
 ---
 
 # Before you begin