Merge pull request #2494 from MicrosoftDocs/maccruz-linkandnrtga

GA NRT and Link to incident

Author: Ruchika-mittal01

defender-xdr/whats-new.md

@@ -33,11 +33,14 @@ You can also get product updates and important notifications through the [messag
 ## January 2025
 
 - (Preview) Users with provisioned access to Microsoft Purview Insider Risk Management can now view and manage insider risk management alerts and hunt for insider risk management events and behaviors in the Microsoft Defender portal. For more information, see [Investigate insider risk threats in the Microsoft Defender portal with insights from Microsoft Purview Insider Risk Management](irm-investigate-alerts-defender.md).
-- **Defender Boxed** is available for a limited time in January and July of each year. This series of slides highlights your organization's security successes, improvements, and response actions in the Microsoft Defender portal for the past six months/year. To learn how you can share your security operations team's achievements, see [Defender Boxed](incident-queue.md#defender-boxed).
+- **Defender Boxed** is available for a limited time in January and July of each year. This series of slides highlights your organization’s security successes, improvements, and response actions in the Microsoft Defender portal for the past six months/year. To learn how you can share your security operations team’s achievements, see [Defender Boxed](incident-queue.md#defender-boxed).
 - (GA) **Advanced hunting context panes** are now available in custom detection experiences. This allows you to access the advanced hunting feature without leaving your current workflow. 
     - For incidents and alerts generated by custom detections, you can select **Run query** to explore the results of the related custom detection. 
     - In the custom detection wizard's *Set rule logic* step, you can select **View query results** to verify the results of the query you are about to set. 
 
+- (GA) The **[Link to incident](advanced-hunting-defender-results.md#link-query-results-to-an-incident)** feature in Microsoft Defender advanced hunting now allows linking of Microsoft Sentinel query results. In both the Microsoft Defender unified experience and in [Defender XDR advanced hunting](advanced-hunting-link-to-incident.md), you can now specify whether an entity is an impacted asset or related evidence.
+- (GA) Migrating custom detection queries to **Continuous (near real-time or NRT) frequency** is now generally available in advanced hunting. Using the Continuous (NRT) frequency increases your organization's ability to identify threats faster. It has minimal to no impact to your resource usage, and should thus be considered for any qualified custom detection rule in your organization. Migrate compatible KQL queries by following the steps in [Continuous (NRT) frequency](custom-detection-rules.md#continuous-nrt-frequency).
+
 ## December 2024
 
 - (GA) [Content distribution via tenant groups in multitenant management](mto-tenantgroups.md) is now generally available. Create tenant groups to manage content across tenants in multitenant management in Microsoft Defender XDR.