Merge pull request #1468 from MicrosoftDocs/main

Published main to live, Thursday 10:30 AM PST, 09/26

Author: padmagit77

defender-endpoint/run-analyzer-macos-linux.md

@@ -7,7 +7,7 @@ f1.keywords:
 ms.author: deniseb
 author: denisebmsft
 ms.localizationpriority: medium
-ms.date: 06/28/2024
+ms.date: 09/25/2024
 manager: deniseb
 audience: ITPro
 ms.collection:
@@ -45,7 +45,7 @@ If you're using a terminal, download the tool by entering the following command:
 2. Verify the download.
 
     > [!NOTE]
-    > The current SHA256 hash of 'XMDEClientAnalyzerBinary.zip' that is downloaded from this link is: '6DF1D7F32F1C33B462067F029CA59742241AB6967A981161803A3BC4B5EBDBDF'
+    > The current SHA256 hash of `XMDEClientAnalyzerBinary.zip` that is downloaded from this link is: `6DF1D7F32F1C33B462067F029CA59742241AB6967A981161803A3BC4B5EBDBDF`.
 
    - Linux
 
@@ -74,13 +74,14 @@ If you're using a terminal, download the tool by entering the following command:
     cd XMDEClientAnalyzerBinary
     ```
 
-5. Three new zip files are produced:
+5. Two new zip files are produced:
 
    - **SupportToolLinuxBinary.zip** : For all Linux devices
    - **SupportToolMacOSBinary.zip** : For Mac devices
 
-6. Unzip one of the above 2 zip files based on the machine you need to investigate.\
-When using a terminal, unzip the file by entering one of the following commands based on OS type:
+6. Unzip one of the above 2 zip files based on the machine you need to investigate.
+
+   When using a terminal, unzip the file by entering one of the following commands based on OS type:
 
    - Linux
 

defender-xdr/microsoft-365-defender-portal.md

@@ -124,23 +124,22 @@ You can add and remove different cards depending on your needs.
 
 ### Global search
 
-> [!IMPORTANT]
-> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. The search bar is located at the top of the page. As you type, suggestions are provided so that it's easier to find entities. The enhanced search results page centralizes the results from all entities.
-
 The Microsoft Defender portal's search function is located at the top of the page. As you type, suggestions are provided so that it's easier to find entities. The enhanced search results page centralizes the results from all entities.
 
 :::image type="content" source="/defender/media/microsoft-365-defender-portal/search-panel.png" alt-text="Screenshot of the search bar in the Microsoft Defender portal." lightbox="/defender/media/microsoft-365-defender-portal/search-panel.png":::
 
 Search results are categorized by sections related to your search terms. You can search across the following entities in the Microsoft Defender portal:
 
-- **Devices** - supported for Defender for Endpoint, Defender for Identity, Defender for Cloud, and Microsoft Sentinel (Preview).
-- **Users** - supported for Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, and Microsoft Sentinel (Preview).
+- **Devices** - supported for Defender for Endpoint, Defender for Identity, Defender for Cloud, and Microsoft Sentinel.
+
+- **Users** - supported for Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, and Microsoft Sentinel.
+
 - **Files, IPs, and URLs** - same capabilities as in Defender for Endpoint.
 
   > [!NOTE]
   > IP and URL searches are exact match and don't appear in the search results page – they lead directly to the entity page.
 
-- **MDVM** - same capabilities as in Defender for Endpoint (vulnerabilities, software, and recommendations).
+- **Microsoft Defender Vulnerability Management** - same capabilities as in Defender for Endpoint (vulnerabilities, software, and recommendations).
 
 Search also provides results from relevant links in the Microsoft Tech Community portal, relevant documentation in Microsoft Learn, navigation items within the portal, and a link where you can provide feedback. Search history is stored in your browser and is accessible for the next 30 days.
 

defender-xdr/security-copilot-defender-identity-summary.md

@@ -51,21 +51,21 @@ You can access the identity summary capability in the following ways:
 
 - From an incident page, choose an identity on the incident graph and then (1) select **User details**. In the user details pane, (2) select **Summarize**. The results are displayed in the Copilot side panel.
 
-  :::image type="content" source="/defender/media/copilot-in-defender/identity-summary/identity-summary-incident-small.png" alt-text="Screenshot showing the Summarize option in the user details pane." lightbox="/defender/media/copilot-in-defender/identity-summary/identity-summary-incident-small.png":::
+  :::image type="content" source="/defender/media/copilot-in-defender/identity-summary/identity-summary-incident-small.png" alt-text="Screenshot showing the Summarize option in the user details pane." lightbox="/defender/media/copilot-in-defender/identity-summary/identity-summary-incident.png":::
 
 - Alternatively, you can select **Go to user page** on the bottom of the user details pane to open the user page. Copilot automatically generates the identity summary and displays the side panel upon opening the user page.
 
 - You can also access the identity summary capability by choosing a user in the **Assets** tab of an incident. Select **Summarize** in the user details pane to generate the identity summary.
 
-   :::image type="content" source="/defender/media/copilot-in-defender/identity-summary/identity-summary-assets-small.png" alt-text="Screenshot showing the Assets tab and a user account highlighted." lightbox="/defender/media/copilot-in-defender/identity-summary/identity-summary-assets-small.png":::
+   :::image type="content" source="/defender/media/copilot-in-defender/identity-summary/identity-summary-assets-small.png" alt-text="Screenshot showing the Assets tab and a user account highlighted." lightbox="/defender/media/copilot-in-defender/identity-summary/identity-summary-assets.png":::
 
 - In an alert page, select a user then select **Summarize** in the user details pane to generate the identity summary.
 
 - In the advanced hunting page, you can access the identity summary capability by selecting a user in the results table, then selecting the link to the user page. Copilot automatically generates the identity summary and displays the side panel upon opening the user page.
 
 - From the main menu, navigate to **Assets > Identities**. Select a username from the list, then select **View user page** to open the user page. Copilot automatically generates the identity summary and displays the side panel upon opening the user page.
 
-   :::image type="content" source="/defender/media/copilot-in-defender/identity-summary/identity-summary-viewuser-small.png" alt-text="Screenshot highlighting the view user page option in an username search within Identities." lightbox="/defender/media/copilot-in-defender/identity-summary/identity-summary-viewuser-small.png":::
+   :::image type="content" source="/defender/media/copilot-in-defender/identity-summary/identity-summary-viewuser-small.png" alt-text="Screenshot highlighting the view user page option in an username search within Identities." lightbox="/defender/media/copilot-in-defender/identity-summary/identity-summary-viewuser.png":::
 
 - Type a username in the Microsoft Defender portal’s **search box** then select the username from the search results. In the user details side panel, select **Summarize** to generate the identity summary.
 

defender-xdr/whats-new.md

@@ -31,6 +31,7 @@ You can also get product updates and important notifications through the [messag
 
 ## September 2024
 
+- (GA) The global search for entities in the Microsoft Defender portal is now generally available. The enhanced search results page centralizes the results from all entities. For more information, see [Global search in the Microsoft Defender portal](microsoft-365-defender-portal.md#global-search).
 - (GA) Copilot in Defender now includes the identity summary capability, providing instant insights into a user's risk level, sign in activity, and more. For more information, see [Summarize identity information with Copilot in Defender](security-copilot-defender-identity-summary.md).
 - [Microsoft Defender Threat Intelligence](/defender/threat-intelligence/what-is-microsoft-defender-threat-intelligence-defender-ti) customers can now view the [latest featured threat intelligence articles](/defender/threat-intelligence/learn-how-to-access-microsoft-defender-threat-intelligence-and-make-customizations-in-your-portal#featured-threat-intelligence-articles-widget) in the Microsoft Defender portal home page. The **Intel explorer** page now also has an [article digest](/defender/threat-intelligence/learn-how-to-access-microsoft-defender-threat-intelligence-and-make-customizations-in-your-portal#article-digest) that notifies them of the number of new Defender TI articles that were published since they last accessed the Defender portal.
 - [Microsoft Defender XDR Unified RBAC permissions](experts-on-demand.md#required-permissions-for-using-ask-defender-experts) are added to submit inquiries and view responses from [Microsoft Defender Experts](experts-on-demand.md). You can also [view responses](experts-on-demand.md#where-to-view-responses-from-defender-experts) to inquires submitted to Ask Defender Experts through your listed email addresses when submitting your inquiry or in the Defender portal by navigating to **Reports** > **Defender Experts messages**.