Upd hunts entries

Author: cwatson-cat

defender-xdr/unified-soc-platform/TOC.yml

@@ -8,7 +8,7 @@
         href: /defender-xdr/microsoft-365-defender ## PLACEHOLDER LINK
       - name: What's new
         href: /defender-xdr/unified-soc-platform/whats-new.md
-      - name: Service integration in the portal
+      - name: Defender portal service integration
         items:
         - name: Microsoft Defender XDR
           href: /defender-xdr/microsoft-365-defender-portal ## Placeholder article
@@ -64,28 +64,32 @@
             href: /defender-xdr/secure-score-data-storage-privacy.md
     - name: Detect threats ## Have each writer provide article and then we summarize in one article. Our outline and scope should align to datasheet: "Get visiblity into, and disrupt attacks in real time across identities, endpoints, email, cloud apps, data in hybrid and multicloud environments"
       href: /azure/sentinel/threat-detection ## PLACEHOLDER LINK
-    - name: Hunt for threats with advanced hunting
+    - name: Hunt for threats ## Seperating this out because per PM hunting might happen in different scenarios. Also wanting it higher level as advanced hunting is one of the things highlighted for USX. 
       items:
       - name: Overview
-        href: /defender-xdr/advanced-hunting-overview
-      - name: Advanced hunting in the Microsoft Defender portal
-        href: /defender-xdr/advanced-hunting-microsoft-defender
-      - name: Guided and advanced modes
-        href: /defender-xdr/advanced-hunting-modes
-      - name: Generate KQL queries with Security Copilot
-        href: /defender-xdr/advanced-hunting-security-copilot
-      - name: Build hunting queries using guided mode
-        href: /defender-xdr/advanced-hunting-query-builder
-      - name: Work with query results
-        href: /defender-xdr/advanced-hunting-query-results
-      - name: Take action on query results
-        href: /defender-xdr/advanced-hunting-take-action
-      - name: Hunt for ransomware
-        href: /defender-xdr/advanced-hunting-find-ransomware
-      - name: Learn the query language
-        href: /defender-xdr/advanced-hunting-query-language
-      - name: Get expert training
-        href: /defender-xdr/advanced-hunting-expert-training
+        href: /defender-xdr/advanced-hunting-overview ## PLACEHOLDER - Need overview article about the hunting features across services. Advanced hunting, custom detections, hunts in Sentinel
+      - name: Search for threats with advanced hunting 
+        items:
+        - name: Overview
+          href: /defender-xdr/advanced-hunting-overview
+        - name: Advanced hunting in the Microsoft Defender portal
+          href: /defender-xdr/advanced-hunting-microsoft-defender
+        - name: Guided and advanced modes
+          href: /defender-xdr/advanced-hunting-modes
+        - name: Generate KQL queries with Security Copilot
+          href: /defender-xdr/advanced-hunting-security-copilot
+        - name: Build hunting queries using guided mode
+          href: /defender-xdr/advanced-hunting-query-builder
+        - name: Work with query results
+          href: /defender-xdr/advanced-hunting-query-results
+        - name: Take action on query results
+          href: /defender-xdr/advanced-hunting-take-action
+        - name: Hunt for ransomware
+          href: /defender-xdr/advanced-hunting-find-ransomware
+        - name: Learn the query language
+          href: /defender-xdr/advanced-hunting-query-language
+        - name: Get expert training
+          href: /defender-xdr/advanced-hunting-expert-training
     - name: Investigate incidents ## could be incidents, threats, posture findings. Need an overview article for USX. Current overviews (XDR/Sentinel) don't appear to be updated for USX.
       items:
         - name: Overview