Merge branch 'main' into WI44-589-remove-dlp-policy-template

Author: aditisrivastava07

defender-endpoint/android-whatsnew.md

@@ -15,29 +15,40 @@ ms.collection:
 ms.topic: reference
 ms.subservice: android
 search.appverid: met150
-ms.date: 11/06/2025
+ms.date: 11/17/2025
 appliesto:
   - Microsoft Defender for Endpoint
 
 ---
 
 # What's new in Microsoft Defender for Endpoint on Android
 
-
 Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://go.microsoft.com/fwlink/p/?linkid=2225630)
 
 ### Releases for Defender for Endpoint on Android
 
 #### November 2025
 
+| Build| 1.0.8315.0101|
+| -------- | -------- |
+| Release Date 	| November 17, 2025 |
+
+**What's New**
+
+- Performance improvement and accessibility bug fixes
+
+#### November 2025
+
 | Build| 1.0.8303.0101|
 | -------- | -------- |
 | Release Date |November 4, 2025|
 
 **What's New**
 
 - An improved user feedback experience: See [Key changes - November 2025](./android-new-ux.md#key-changes---november-2025) for details.
-  
+
+- Added landscape mode UI support for the Defender app.
+
 - Additional telemetry features to improve app performance monitoring and detect specific scenarios, such as entering landscape mode or invalid authentication attempts.
 
 #### October 2025

defender-endpoint/enable-attack-surface-reduction.md

@@ -168,6 +168,12 @@ The following procedures for enabling attack surface reduction rules include ins
 
 1. Select **Next** on the three configuration panes, then select **Create** if you're creating a new policy or **Save** if you're editing an existing policy.
 
+> [!NOTE]
+> In the latest Intune interface, **Configuration profiles** is located under  **Devices > Configuration profiles**.  
+> Earlier versions of Intune showed this under **Device configuration > Profiles**.  
+> If you don't see "Configuration Profile" as written in older instructions, look for **Configuration profiles** under the Devices menu.
+
+
 #### Device Configuration Profiles (Alternative 1)
 
 1. Select **Device configuration** > **Profiles**. Choose an existing endpoint protection profile or create a new one. To create a new one, select **Create profile** and enter information for this profile. For **Profile type**, select **Endpoint protection**. If you've chosen an existing profile, select **Properties** and then select **Settings**.

defender-endpoint/evaluate-mdav-using-gp.md

@@ -231,7 +231,7 @@ Assign the policies to the OU where the test machines are located.
 
 #### Enable Tamper Protection
 
-In the Microsoft XDR portal (security.microsoft.com), go to **Settings** > **Endpoints** > **Advanced features** > **Tamper Protection** > **On**.
+In the Microsoft Defender portal at [https://security.microsoft.com](https://security.microsoft.com), go to **Settings** > **Endpoints** > **Advanced features** > **Tamper Protection** > **On**.
 
 For more information, see [How do I configure or manage tamper protection?](/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection).
 

defender-endpoint/ios-configure-features.md

@@ -430,7 +430,7 @@ Defender for Endpoint on iOS enables bulk tagging the mobile devices during onbo
 This configuration is available for both the enrolled (MDM) devices and unenrolled (MAM) devices. Admins can use the following steps to configure the Device tags.
 
 > [!NOTE]
-> Configuring more than one device tags from Intune isn't supported as only one device tag reflects when configured. However, multiple device tags can be added manually in the XDR portal.
+> Configuring more than one device tags from Intune isn't supported as only one device tag reflects when configured. However, multiple device tags can be added manually in the Microsoft Defender portal.
 
 ### Configure device tags using MDM
 

defender-endpoint/review-detected-threats.md

@@ -33,7 +33,7 @@ appliesto:
 
 In the Microsoft Defender portal, you can view and manage threat detections using the following steps:
 
-1. Visit [Microsoft XDR portal](https://security.microsoft.com/) and sign-in.
+1. Visit the Microsoft Defender portal at [https://security.microsoft.com](https://security.microsoft.com) and sign-in.
 
     On the landing page, you see the **Devices with active malware** card with the following information:
 
@@ -68,7 +68,7 @@ You can manage threat detections for any devices that are [enrolled in Microsoft
 
 ## FAQs
 
-#### In the Microsoft XDR portal > Devices with active malware > Devices with malware detections report, why does the Last update seem to be occurring today?
+#### In the Microsoft Defender portal > Devices with active malware > Devices with malware detections report, why does the Last update seem to be occurring today?
 
 To see when the malware was detected, you can take the following steps:
 

defender-for-cloud-apps/app-governance-anomaly-detection-alerts.md

@@ -25,7 +25,7 @@ For more information, see [App governance in Microsoft Defender for Cloud Apps](
 
 ### Finding App Governance Related Alerts
 
-To locate alerts specifically related to App Governance, navigate to the XDR portal Alerts page. In the alerts list, use the "Service/detection sources" field to filter alerts. Set the value of this field to "App Governance" to view all alerts generated by App Governance.
+To locate alerts specifically related to App Governance, navigate to the Microsoft Defender portal Alerts page. In the alerts list, use the "Service/detection sources" field to filter alerts. Set the value of this field to "App Governance" to view all alerts generated by App Governance.
 
 ### General Guidelines
 

defender-for-cloud-apps/applications-inventory.md

@@ -3,7 +3,7 @@ title: Application inventory
 ms.date: 03/20/2025
 ms.topic: overview
 ms.reviewer: anandd512
-description: The new Applications page located under Assets in Microsoft Defender XDR portal provides a centralized location for users to view and manage SaaS and SaaS connected OAuth apps information across their environment, ensuring optimal visibility and a comprehensive experience
+description: The new Applications page located under Assets in the Microsoft Defender portal provides a centralized location for users to view and manage SaaS and SaaS connected OAuth apps information across their environment, ensuring optimal visibility and a comprehensive experience
 #customer intent: As a security administrator, I want to discover, monitor, and manage all SaaS and OAuth connected apps in my organization so that I can ensure security and compliance.
 ---
 # Applications inventory 

defender-for-cloud-apps/attack-paths.md

@@ -49,7 +49,7 @@ Microsoft Defender for Cloud Apps defines a set of critical privilege OAuth perm
 
 To view the full list of permissions, go to the  [Microsoft Defender portal](https://security.microsoft.com) and navigate to Settings > Microsoft Defender XDR > Rules > Critical asset management.
 
-:::image type="content" source="media/saas-securty-initiative/screenshot-of-the-critical-asset-management-page.png" alt-text="Screenshot of the Critical asset management page in the Defender XDR portal." lightbox="media/saas-securty-initiative/Screenshot-of-the-critical-asset-management-page.png":::
+:::image type="content" source="media/saas-securty-initiative/screenshot-of-the-critical-asset-management-page.png" alt-text="Screenshot of the Critical asset management page in the Microsoft Defender portal." lightbox="media/saas-securty-initiative/Screenshot-of-the-critical-asset-management-page.png":::
 
 
 ## Investigation user flow: View attack paths involving OAuth applications

defender-for-cloud-apps/discovery-docker-ubuntu-azure.md

@@ -165,7 +165,7 @@ This procedure describes how to deploy your machine with Ubuntu. The deployment
     (echo db3a7c73eb7e91a0db53566c50bab7ed3a755607d90bb348c875825a7d1b2fce) | docker run --name MyLogCollector -p 21:21 -p 20000-20099:20000-20099 -e "PUBLICIP='192.168.1.1'" -e "PROXY=192.168.10.1:8080" -e "CONSOLE=mod244533.us.portal.cloudappsecurity.com" -e "COLLECTOR=MyLogCollector" --security-opt apparmor:unconfined --cap-add=SYS_ADMIN --restart unless-stopped -a stdin -i mcr.microsoft.com/mcas/logcollector starter
     ```
 
-1. To verify that the log collector is running properly, run the following command: `Docker logs <collector_name>`. You should get the results: **Finished successfully!**
+1. To verify that the log collector is running properly, run the following command: `docker logs <collector_name>`. You should get the results: **Finished successfully!**
 
 ## Configure network appliance on-premises settings
 

defender-for-cloud-apps/ops-guide/ops-guide-ad-hoc.md

@@ -23,7 +23,7 @@ If you're experiencing issues with a cloud service, we recommend checking servic
 
 ## Run advanced hunting queries
 
-**Where**: In the Microsoft Defender XDR Portal, select **Hunting > Advanced hunting** and query for Defender for Cloud Apps data.
+**Where**: In the Microsoft Defender portal at [https://security.microsoft.com](https://security.microsoft.com), select **Hunting > Advanced hunting** and query for Defender for Cloud Apps data.
 
 **Persona**: SOC analysts
 
@@ -90,7 +90,7 @@ AccountDisplayName,GroupName
 
 ## Review file quarantines
 
-**Where**: In the Microsoft Defender XDR Portal, select **Cloud apps > Files**. Query for items where **Quarantined** = **True**.
+**Where**: In the [Microsoft Defender portal](https://security.microsoft.com), select **Cloud apps > Files**. Query for items where **Quarantined** = **True**.
 
 **Persona**: Compliance administrators
 
@@ -102,7 +102,7 @@ For more information, see [Understand how quarantine works](../use-case-admin-qu
 
 ## Review app risk scores
 
-**Where**: In the Microsoft Defender XDR Portal, select **Cloud apps > Cloud app catalog**.
+**Where**: In the [Microsoft Defender portal](https://security.microsoft.com), select **Cloud apps > Cloud app catalog**.
 
 **Persona**: Compliance administrators
 
@@ -114,7 +114,7 @@ For more information, see [Find your cloud app and calculate risk scores](../ris
 
 ## Delete cloud discovery data
 
-**Where**: In the Microsoft Defender XDR Portal, select **Settings > Cloud apps > Cloud Discovery > Delete Data**.
+**Where**: In the [Microsoft Defender portal](https://security.microsoft.com), select **Settings > Cloud apps > Cloud Discovery > Delete Data**.
 
 **Persona**: Compliance administrators
 
@@ -129,7 +129,7 @@ For more information, see [Deleting cloud discovery data](../discovered-apps.md#
 
 ## Generate a cloud discovery executive report
 
-**Where**: In the Microsoft Defender XDR Portal, select **Cloud apps > Cloud discovery > Dashboard > Actions**
+**Where**: In the [Microsoft Defender portal](https://security.microsoft.com), select **Cloud apps > Cloud discovery > Dashboard > Actions**
 
 **Persona**: Compliance administrators
 
@@ -139,7 +139,7 @@ For more information, see [Generate cloud discovery executive report](../discove
 
 ## Generate a cloud discovery snapshot report
 
-**Where**: In the Microsoft Defender XDR Portal, select **Cloud apps > Cloud discovery > Dashboard > Actions**
+**Where**: In the [Microsoft Defender portal](https://security.microsoft.com), select **Cloud apps > Cloud discovery > Dashboard > Actions**
 
 **Persona**: Security and Compliance administrators