Merge branch 'main' into mde-content-freshness-updates

Author: rjagiewich

defender-endpoint/ios-configure-features.md

@@ -14,7 +14,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: ios
 search.appverid: met150
-ms.date: 02/06/2025
+ms.date: 03/27/2025
 ---
 
 # Configure Microsoft Defender for Endpoint on iOS features
@@ -319,7 +319,7 @@ Defender for Endpoint on iOS enables admins to configure custom indicators on iO
 > [!NOTE]
 > Defender for Endpoint on iOS supports creating custom indicators only for URLs and domains. IP based custom indicators aren't supported on iOS. 
 > 
-> IP `245.245.0.1` is an internal Defender IP and should not be included in custom indicators by customers to avoid any functionality issues.
+> IP `245.245.0.1` is an internal Defender IP and shouldn't be included in custom indicators by customers to avoid any functionality issues.
 > 
 > For iOS, no alerts are generated in the Microsoft Defender portal when the URL or domain set in the indicator is accessed.
 
@@ -427,6 +427,9 @@ Defender for Endpoint on iOS enables bulk tagging the mobile devices during onbo
 
 This configuration is available for both the enrolled (MDM) devices and unenrolled (MAM) devices. Admins can use the following steps to configure the Device tags.
 
+> [!NOTE]
+> Configuring more than one device tags from Intune isn't supported as only one device tag reflects when configured. However, multiple device tags can be added manually in the XDR portal.
+
 ### Configure device tags using MDM
 
 **For enrolled devices (MDM)**

defender-endpoint/microsoft-defender-endpoint-ios.md

@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: ios
 search.appverid: met150
-ms.date: 03/21/2025
+ms.date: 03/27/2025
 ---
 
 # Microsoft Defender for Endpoint on iOS
@@ -44,10 +44,12 @@ ms.date: 03/21/2025
 
    Intune Company Portal app can be downloaded from the [Apple App Store](https://apps.apple.com/us/app/intune-company-portal/id719171358).
 
-   > [!NOTE]
-   > Apple doesn't allow redirecting users to download other apps from the app store so this step needs to be done by the user before onboarding to Microsoft Defender for Endpoint app.
-
-   Devices are registered with Microsoft Entra ID. This configuration requires the end user to be signed in through [Microsoft Authenticator app](https://apps.apple.com/app/microsoft-authenticator/id983156458).
+  > [!NOTE]
+  > Apple doesn't permit redirecting users to download other apps (Company Portal/Authenticator) from the App Store. Therefore, users need to complete this step themselves before onboarding to the Microsoft Defender for Endpoint app.
+  > Due to iOS platform restrictions, the MDE app allows onboarding without device registration, enabling MDE protections but leaving the device invisible on the security portal. For enrolled scenarios (MDM), the Company Portal or Authenticator app handles registration. For unenrolled scenarios (MAM), this is managed via the Authenticator app.
+  > If a user has a valid MDE license and is registered in the Authenticator App or Company Portal App, signing in to the Defender App allows the device appear in the Defender Portal.
+  
+     Devices are registered with Microsoft Entra ID. This configuration requires the end user to be signed in through [Microsoft Authenticator app](https://apps.apple.com/app/microsoft-authenticator/id983156458).
 
 - **For unenrolled devices**: Devices are registered with Microsoft Entra ID. This requires the end user to be signed in through [Microsoft Authenticator app](https://apps.apple.com/app/microsoft-authenticator/id983156458).
 
@@ -78,7 +80,7 @@ ms.date: 03/21/2025
 - The device should be either enrolled with the [Intune Company Portal app](https://apps.apple.com/us/app/intune-company-portal/id719171358) or is registered with Microsoft Entra ID through [Microsoft Authenticator](https://apps.apple.com/app/microsoft-authenticator/id983156458) with the same account to seamlessly onboard the device.
 
 > [!IMPORTANT]
-> Microsoft Defender for Endpoint is ending support for devices running iOS/iPadOS 15 on January 31, 2025. Moving forward, only devices running iOS/iPadOS 16 and later are supported.
+> Microsoft Defender for Endpoint is ending support for devices running iOS/iPadOS 15 on January 31, 2025. Only devices running iOS/iPadOS 16 and later are supported.
 
 > [!NOTE]
 > - Microsoft Defender for Endpoint on iOS isn't supported on user-less or shared devices.
@@ -88,10 +90,7 @@ ms.date: 03/21/2025
 Deployment of Microsoft Defender for Endpoint on iOS can be done via Microsoft Intune and both supervised and unsupervised devices are supported. End-users can also directly install the app from the [Apple app store](https://aka.ms/mdatpiosappstore).
 
 - For information on deploying on enrolled devices through Microsoft Configuration Manager or Intune, see [Deploy Microsoft Defender for Endpoint on iOS](ios-install.md).
-- For information on using Defender for Endpoint in app protection policy (MAM), see [Configure app protection policy to include Defender for Endpoint risk signals (MAM)](ios-install-unmanaged.md)
-
-> [!NOTE]
-> If a user has a valid MDE license and is registered in the Authenticator App or Company Portal App, and signs in to the Defender App, the device appears in the Defender Portal.
+- For information on using Defender for Endpoint in app protection policy (MAM), see [Configure app protection policy to include Defender for Endpoint risk signals (MAM)](ios-install-unmanaged.md). 
 
 ## Resources
 

unified-secops-platform/mto-tenantgroups.md

@@ -12,7 +12,7 @@ ms.collection:
 - highpri
 - tier1
 ms.topic: conceptual
-ms.date: 01/02/2025
+ms.date: 03/27/2025
 appliesto: 
 - ✅ <a href="https://learn.microsoft.com/microsoft-365/security/defender/microsoft-365-defender" target="_blank">Microsoft Defender XDR</a>
 ---
@@ -24,7 +24,7 @@ Content distribution helps you manage content at scale, across tenants in multit
 Distributing content in this manner, across tenants, enables you to organize tenants and content based on categories like business groups or location.
 
 > [!NOTE]
-> Multitenant management currently supports adding custom detection rules to a tenant group. Additional content types will be added in the future.
+> Multitenant management currently supports adding custom detection rules to a tenant group. Additional content types will be added in the future. 
 
 ## Requirements
 
@@ -41,7 +41,7 @@ The following table lists the requirements for content distribution in multitena
 To create a new tenant group:
 
 1. Go to the [Tenant groups page](https://mto.security.microsoft.com/tenantgroups) in multitenant management in Microsoft Defender XDR.
-2. Select **Create tenant group**. In the **Tenants** page, select **Add tenant** to see a list of available tenants that you can add to your tenant group. Choose the tenants you want to add to the tenant group, then select **Add**.:
+2. Select **Create tenant group**. In the **Tenants** page, select **Add tenant** to see a list of available tenants that you can add to your tenant group. Choose the tenants you want to add to the tenant group, then select **Add**.
 
     :::image type="content" source="media/mto-tenantgroups/mto-add-tenants-small.png" alt-text="Screenshot of the tenant group creation wizard." lightbox="media/mto-tenantgroups/mto-add-tenants.png":::
 
@@ -50,7 +50,7 @@ To create a new tenant group:
     :::image type="content" source="media/mto-tenantgroups/mto-add-content-small.png" alt-text="Screenshot of content selection wizard." lightbox="media/mto-tenantgroups/mto-add-content.png":::
 
 > [!NOTE]
-> The content type selection is currently limited to adding custom detection rules to a tenant group. Adding other content types will be available in the future. 
+> The content type selection is currently limited to adding custom detection rules to a tenant group. 
 
 4. In the **Custom detection rules** page, select **Add content** to add specific detection rules to your tenant group.
 
@@ -82,6 +82,9 @@ Check the sync results under the **Last sync result** column. If the result is *
 
 :::image type="content" source="media/mto-tenantgroups/mto-sync-results-small.png" alt-text="Screenshot of sync results side pane." lightbox="media/mto-tenantgroups/mto-sync-results.png":::
 
+> [!NOTE]
+> The maximum number of published items per publish operation is 9,500. Published items are calculated as the number of tenants multiplied by the number of templates. For example, if you publish 10 tenant groups with 10 target tenants and 95 content templates, then the published items equals to 9,500.
+
 ## Syncing content among tenant groups
 
 To sync content across tenant groups for the tenants you have permission for: