Merge branch 'main' into docs-editor/microsoft-defender-antivirus-c-1737991884

Author: denisebmsft

.acrolinx-config.edn

@@ -39,7 +39,7 @@ For more information about the exception criteria and exception process, see [Mi
  
 Select the total score link to review all feedback on clarity, consistency, tone, brand, terms, spelling, grammar, readability, and inclusive language. _You should fix all spelling errors regardless of your total score_. Fixing spelling errors helps maintain customer trust in overall content quality.
 
-| Article | Total score<br>(Required: 80) | Words + phrases<br>(Brand, terms) | Correctness<br>(Spelling, grammar) | Clarity<br>(Readability) |
+| Article | Total score<br>(Required: 80) | Terminology | Spelling and Grammar| Clarity<br>(Readability) |
 |---------|:--------------:|:--------------------:|:------:|:---------:|
 "
 

.github/workflows/BuildValidation.yml

@@ -0,0 +1,21 @@
+name: PR has no warnings or errors
+
+permissions:
+  pull-requests: write
+  statuses: write
+      
+on: 
+  issue_comment:
+    types: [created]
+
+jobs:
+
+  build-status:
+    uses: MicrosoftDocs/microsoft-365-docs/.github/workflows/Shared-BuildValidation.yml@workflows-prod
+    with:
+      PayloadJson: ${{ toJSON(github) }}
+    secrets:
+      AccessToken: ${{ secrets.GITHUB_TOKEN }}
+
+
+  

ATADocs/index.yml

@@ -8,7 +8,6 @@ metadata:
   description: Protect your enterprise using information from multiple network data-sources to learn the behavior of users and entities in your organization.
   services: service
   ms.service: advanced-threat-analytics
-  ms.subservice: ms.subservice
   ms.topic: landing-page
   ms.collection: M365-security-compliance
   author: batamig

ATPDocs/index.yml

@@ -6,8 +6,7 @@ metadata:
   title: Microsoft Defender for Identity documentation
   description: Microsoft Defender for Identity cloud service helps protect your enterprise hybrid environments from multiple types of advanced targeted cyber attacks and insider threats.
   services: service
-  ms.service: azure-advanced-threat-protection
-  ms.subservice: subservice
+  ms.service: microsoft-defender-for-identity
   ms.topic: landing-page
   ms.collection: M365-security-compliance
   author: batamig

CloudAppSecurityDocs/discovery-docker-ubuntu-azure.md

@@ -46,7 +46,7 @@ If you require more than 10 data sources, we recommend that you split the data s
         To work with a network appliance that isn't listed, select **Other > Customer log format** or **Other (manual only)**. For more information, see [Working with the custom log parser](custom-log-parser.md).
 
     >[!NOTE]
-    >Integrating with secure transfer protocols (FTPS and Syslog – TLS) often requires additional settings or your firewall/proxy.
+    >Integrating with secure transfer protocols (FTPS and Syslog – TLS) often requires additional settings on your firewall/proxy. For more information, see [Advanced log collector management](log-collector-advanced-management.md).
 
 Repeat this process for each firewall and proxy whose logs can be used to detect traffic on your network.
 

CloudAppSecurityDocs/index.yml

@@ -8,7 +8,6 @@ metadata:
   description: Microsoft Defender for Cloud Apps delivers full protection for SaaS applications, helping you monitor and protect your cloud app data, using fundamental cloud access security broker (CASB) functionality, SaaS Security Posture Management (SSPM) features, advanced threat protection, and app-to-app protection.
   services: na
   ms.service: defender-for-cloud-apps
-  ms.subservice: na
   ms.topic: landing-page
   ms.collection: na
   author: batamig
@@ -49,6 +48,8 @@ landingContent:
         links:
           - text: Basic setup
             url: general-setup.md
+          - text: Connect cloud apps
+            url: enable-instant-visibility-protection-and-governance-actions-for-your-apps.md
           - text: View and manage security posture
             url: security-saas.md
       - linkListType: concept
@@ -71,8 +72,6 @@ landingContent:
         links:
           - text: Calculate risk scores
             url: risk-score.md
-          - text: Connect cloud apps
-            url: enable-instant-visibility-protection-and-governance-actions-for-your-apps.md
           - text: Collect logs
             url: discovery-docker.md
           - text: Discover and manage shadow IT
@@ -138,4 +137,4 @@ landingContent:
           - text: Monitor and respond to unusual data usage
             url: app-governance-monitor-apps-unusual-data-usage.md
           - text: Secure apps with app hygiene
-            url: app-governance-secure-apps-app-hygiene-features.md
+            url: app-governance-secure-apps-app-hygiene-features.md

CloudAppSecurityDocs/log-collector-advanced-management.md

@@ -50,9 +50,9 @@ You should be able to view the following contents:
 - `ssl_update`
 - `config.json`
 
-### Customize certificate files
+### Add certificate files
 
-This procedure describes how to customize the certificate files used for secure connections to the cloud discovery Docker instance.
+This procedure describes how to add the required certificate files used for secure connections to the cloud discovery Docker instance.
 
 1. Open an FTP client and connect to the log collector host.
 
@@ -63,7 +63,7 @@ This procedure describes how to customize the certificate files used for secure
     | **FTP** |- **pure-ftpd.pem**: Includes the key and certificate data |
     | **Syslog** |- **ca.pem**: The certificate authority's certificate that was used to sign the client’s certificate. <br>- **server-key.pem** and **server-cert.pem**: The log collector's certificate and key <br><br>Syslog messages are sent over TLS to the log collector, which requires mutual TLS authentication, including authenticating both the client and server certificates. |
 
-    Filenames are mandatory. If any of the files are missing, the update fails.
+Files are mandatory. If any of the files for the receiver type are missing, the update fails.
 
 1. In a terminal window, run:
 
@@ -161,7 +161,7 @@ docker cp Proxy-CA.crt Ubuntu-LogCollector:/var/adallom/ftp/discovery
 
 To secure the docker image and ensure that only one IP address is allowed to send the syslog messages to the log collector, create an IP table rule on the host machine to allow input traffic and drop the traffic coming over specific ports, such as TCP/601 or UDP/514, depending on the deployment.
 
-The following command shows an example of how to create an IP table rule that can be added to the host machine. This table rule allows the IP address `1.2.3.4`` to connect to the log collector container over TCP port 601, and drop all other connections coming from other IP addresses over the same port.
+The following command shows an example of how to create an IP table rule that can be added to the host machine. This table rule allows the IP address `1.2.3.4` to connect to the log collector container over TCP port 601, and drop all other connections coming from other IP addresses over the same port.
 
 ```bash
 iptables -I DOCKER-USER \! --src 1.2.3.4 -m tcp -p tcp --dport 601 -j DROP
@@ -171,7 +171,7 @@ iptables -I DOCKER-USER \! --src 1.2.3.4 -m tcp -p tcp --dport 601 -j DROP
 
 The container is now ready.
 
-Run the **collector_config** command using the API token that you used during the creation of your log collector. For example:
+Run the `collector_config` command using the API token that you used during the creation of your log collector. For example:
 
 :::image type="content" source="media/log-collector-advanced-tasks/docker-3.png" alt-text="Screenshot of the Create log collector dialog." border="false":::
 
@@ -520,7 +520,7 @@ Compare the output file (`/tmp/log.log`) to the messages stored in the `/var/ada
 When updating your log collector:
 
 - **Before installing the new version**, make sure to stop your log collector and remove the current image.
-- **After installing the new version**, [update your certificate files](#customize-certificate-files).
+- **After installing the new version**, [update your certificate files](#add-certificate-files).
 
 ## Next steps
 

CloudAppSecurityDocs/mde-integration.md

@@ -65,13 +65,12 @@ To enable Defender for Endpoint integration with Defender for Cloud Apps:
 
 1. In the [Microsoft Defender portal](https://security.microsoft.com), from the navigation pane, select **Settings** > **Endpoints** > **General** > **Advanced features**.
 1. Toggle the **Microsoft Defender for Cloud Apps** to **On**.
-1. Select **Apply**.
+1. Select **Save preferences**.
 
 >[!NOTE]
 > It takes up to two hours after you enable the integration for the data to show up in Defender for Cloud Apps.
 >
-
-![Screenshot of the Defender for Endpoint settings.](media/mde-settings.png)
+![Screenshot of the Defender for Endpoint settings.](media\turn-on-advanced-features-for-microsoft-defender-for-cloud-apps.png)
 
 To configure the severity for alerts sent to Microsoft Defender for Endpoint: