Merge branch 'main' of https://github.com/MicrosoftDocs/defender-docs-pr

Author: DebLanger

.openpublishing.redirection.defender.json

@@ -199,6 +199,11 @@
       "source_path": "defender-endpoint/attack-simulations.md",
       "redirect_url": "/defender-endpoint/defender-endpoint-demonstrations",
       "redirect_document_id": true
+    },
+    {
+      "source_path": "defender-endpoint/mssp-support.md",
+      "redirect_url": "/defender-endpoint/configure-mssp-support",
+      "redirect_document_id": true
     }
   ]
 }

defender-business/mdb-asr.md

@@ -4,7 +4,7 @@ description: Get an overview of attack surface reduction capabilities, including
 author: siosulli
 ms.author: siosulli
 manager: deniseb 
-ms.date: 06/07/2024
+ms.date: 07/23/2024
 ms.topic: conceptual
 ms.service: defender-business
 ms.localizationpriority: medium 
@@ -23,9 +23,6 @@ Your attack surfaces are all the places and ways that your organization's networ
 
 To help protect your network and devices, Microsoft Defender for Business includes several attack surface reduction capabilities, including attack surface reduction rules. This article describes how to set up your attack surface reduction rules and describes attack surface reduction capabilities.
 
-> [!NOTE]
-> Intune is not included in the standalone version of Defender for Business, but it can be added on.
-
 ## Standard protection ASR rules
 
 There are lots of attack surface reduction rules available. You don't have to set them all up at once. And, you can set up some rules in audit mode just to see how they work for your organization, and change them to work in block mode later. That said, we recommend enabling the following standard protection rules as soon as possible:

defender-business/mdb-mtd.md

@@ -4,7 +4,7 @@ description: Get an overview of mobile threat defense in Defender for Business.
 author: siosulli
 ms.author: siosulli
 manager: deniseb 
-ms.date: 06/19/2024
+ms.date: 07/23/2024
 ms.topic: conceptual
 ms.service: defender-business
 ms.localizationpriority: medium 
@@ -37,17 +37,17 @@ The following table summarizes the capabilities that are included in mobile thre
 | **Microsoft Defender Vulnerability Management**<br/>Vulnerability assessment of onboarded mobile devices. Includes vulnerability assessments for operating systems and apps for Android and iOS. <br/>See [Use your vulnerability management dashboard in Microsoft Defender for Business](mdb-view-tvm-dashboard.md). | :::image type="content" source="/defender/media/d238e041-6854-4a78-9141-049224df0795.png" alt-text="Included checkmark."::: |  See note 1 (below) |
 | **Network Protection** <br/>Protection against rogue Wi-Fi related threats and rogue certificates. <br/>Network protection is turned on by default with [next-generation protection](mdb-next-generation-protection.md). <br/>As part of mobile threat defense, network protection also includes the ability to allow root certification authority and private root certification authority certificates in Intune. It also establishes trust with endpoints. | See note 2 (below) | See note 2 (below) |
 | **Unified alerting** <br/>Alerts from all platforms are listed in the unified Microsoft Defender portal ([https://security.microsoft.com](https://security.microsoft.com)). In the navigation pane, choose **Incidents**). <br/>See [View and manage incidents in Microsoft Defender for Business](mdb-view-manage-incidents.md) | :::image type="content" source="/defender/media/d238e041-6854-4a78-9141-049224df0795.png" alt-text="Included checkmark."::: | :::image type="content" source="/defender/media/d238e041-6854-4a78-9141-049224df0795.png" alt-text="Included checkmark."::: |
-| **Conditional Access** and **conditional launch** <br/>[Conditional Access](/mem/intune/protect/conditional-access) and [conditional launch](/mem/intune/apps/app-protection-policies-access-actions) block risky devices from accessing corporate resources.<br/>-  Conditional Access policies require certain criteria to be met before a user can access company data on their mobile device. <br/>- Conditional launch policies enable your security team to block access or wipe devices that don't meet certain criteria.<br/>Defender for Business risk signals can also be added to app protection policies. | Requires Intune  | Requires Intune |
+| **Conditional Access** and **conditional launch** <br/>[Conditional Access](/mem/intune/protect/conditional-access) and [conditional launch](/mem/intune/apps/app-protection-policies-access-actions) block risky devices from accessing corporate resources.<br/>-  Conditional Access policies require certain criteria to be met before a user can access company data on their mobile device. <br/>- Conditional launch policies enable your security team to block access or wipe devices that don't meet certain criteria.<br/>- Defender for Business risk signals can also be added to app protection policies. | Requires Intune  | Requires Intune |
 | **Privacy controls** <br/>Configure privacy in threat reports by controlling the data sent by Defender for Business. Privacy controls are available for admin and end users, and for both enrolled and unenrolled devices. | Requires Intune | Requires Intune |
 | **Integration with Microsoft Tunnel** <br/>Integration with [Microsoft Tunnel](/mem/intune/protect/microsoft-tunnel-overview), a VPN gateway solution for Intune. | Requires Intune VPN Tunnel <br/>(see note 3 below) | Requires Intune VPN Tunnel <br/>(see note 3 below) |
 
 > [!NOTE]
-> 1. Intune is required for software/app vulnerabilities to be reported. Operating system vulnerabilities are included by default.
+> 1. Intune is used for software/app vulnerabilities to be reported. Operating system vulnerabilities are included by default.
 > 
-> 2. Intune is required to configure or manage an allow list of root certification authority and private root certification authority certificates.
+> 1. Use Intune to configure or manage an allow list of root certification authority and private root certification authority certificates.
 > 
 > 3. See [Prerequisites for the Microsoft Tunnel in Intune](/mem/intune/protect/microsoft-tunnel-prerequisites).
->
+
 
 ## How to get mobile threat defense capabilities
 

defender-endpoint/TOC.yml

@@ -1401,8 +1401,6 @@
         href: api/exposed-apis-create-app-partners.md
       - name: Fetch alerts from customer tenant
         href: api/fetch-alerts-mssp.md
-      - name: Managed security service provider opportunity
-        href: mssp-support.md
     - name: Partner integration scenarios
       items:
       - name: Technical partner opportunities

defender-endpoint/access-mssp-portal.md

@@ -2,6 +2,7 @@
 title: Access the Microsoft Defender XDR MSSP customer portal
 description: Access the Microsoft Defender XDR MSSP customer portal
 ms.service: defender-endpoint
+ms.subservice: onboard
 ms.author: siosulli
 author: siosulli
 ms.localizationpriority: medium

defender-endpoint/api-microsoft-flow.md

@@ -3,6 +3,7 @@ title: How to use Power Automate Connector to set up a Flow for events
 ms.reviewer: 
 description: Use Microsoft Defender for Endpoint Flow connector to create a flow that will be triggered anytime a new event occurs on your tenant.
 ms.service: defender-endpoint
+ms.subservice: reference
 ms.author: siosulli
 author: siosulli
 ms.localizationpriority: medium

defender-endpoint/application-deployment-via-mecm.md

@@ -3,6 +3,7 @@ title: Migrating servers from Microsoft Monitoring Agent to the unified solution
 description: Learn how to migrate down-level servers from Microsoft Monitoring Agent to the new unified solution step-by-step from this article.
 search.appverid: met150
 ms.service: defender-endpoint
+ms.subservice: onboard
 author: siosulli
 ms.author: siosulli
 ms.localizationpriority: medium

defender-endpoint/azure-server-integration.md

@@ -3,6 +3,7 @@ title: Integration with Microsoft Defender for Cloud
 description: Learn about Microsoft Defender for Endpoint integration with Microsoft Defender for Cloud
 search.appverid: met150
 ms.service: defender-endpoint
+ms.subservice: onboard
 author: siosulli
 ms.author: siosulli
 ms.localizationpriority: medium

defender-endpoint/conditional-access.md

@@ -3,6 +3,7 @@ title: Enable Conditional Access to better protect users, devices, and data
 description: Enable Conditional Access to prevent applications from running if a device is considered at risk and an application is determined to be non-compliant.
 search.appverid: met150
 ms.service: defender-endpoint
+ms.subservice: onboard
 ms.author: siosulli
 author: siosulli
 ms.localizationpriority: medium

defender-endpoint/configure-device-discovery.md

@@ -2,6 +2,7 @@
 title: Configure device discovery
 description: Learn how to configure device discovery in Microsoft Defender XDR using basic or standard discovery
 ms.service: defender-endpoint
+ms.subservice: onboard
 f1.keywords:
 - NOCSH
 ms.author: siosulli