MicrosoftDocs
diff --git a/‎defender-for-cloud-apps/protect-salesforce.md‎
Lines changed: 7 additions & 0 deletions b/‎defender-for-cloud-apps/protect-salesforce.md‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎defender-vulnerability-management/defender-vulnerability-management.md‎
Lines changed: 19 additions & 5 deletions b/‎defender-vulnerability-management/defender-vulnerability-management.md‎
Lines changed: 19 additions & 5 deletions
diff --git a/‎defender-vulnerability-management/device-restart-status.md‎
Lines changed: 13 additions & 13 deletions b/‎defender-vulnerability-management/device-restart-status.md‎
Lines changed: 13 additions & 13 deletions
diff --git a/‎defender-vulnerability-management/media/bios-vulnerability-details.png‎
-45.7 KB b/‎defender-vulnerability-management/media/bios-vulnerability-details.png‎
-45.7 KB
diff --git a/‎defender-vulnerability-management/media/image12.png‎
-48.4 KB b/‎defender-vulnerability-management/media/image12.png‎
-48.4 KB
diff --git a/‎defender-vulnerability-management/media/open-vulnerability-page.png‎
-298 KB b/‎defender-vulnerability-management/media/open-vulnerability-page.png‎
-298 KB
diff --git a/‎defender-vulnerability-management/media/tvm-exception-overview/cve-exception-create.png‎
-238 KB b/‎defender-vulnerability-management/media/tvm-exception-overview/cve-exception-create.png‎
-238 KB
diff --git a/‎defender-vulnerability-management/media/tvm-exception-overview/exception-button-small.png‎
-87.3 KB b/‎defender-vulnerability-management/media/tvm-exception-overview/exception-button-small.png‎
-87.3 KB
diff --git a/‎defender-vulnerability-management/media/update-apache-log4j.png‎
-117 KB b/‎defender-vulnerability-management/media/update-apache-log4j.png‎
-117 KB
diff --git a/‎defender-vulnerability-management/media/weaknesses-log4j.png‎
-59.3 KB b/‎defender-vulnerability-management/media/weaknesses-log4j.png‎
-59.3 KB
@@ -26,6 +26,13 @@ Connecting Salesforce to Defender for Cloud Apps gives you improved insights int
 - Ransomware
 - Unmanaged bring your own device (BYOD)
 
+
+### Prerequisites
+
+- Install and authorize the Salesforce Connected App in the target Salesforce org before you start the connection process. Salesforce enforces usage restrictions on Connected Apps. For more information, see:[Prepare for Connected App Usage Restrictions Change](https://help.salesforce.com/s/articleView?id=005132365&type=1)
+
+- Assign the **Approve Uninstalled Connected Apps** permission to the Salesforce service account used to connect Microsoft Defender for Cloud Apps. Salesforce requires this permission to connect third-party apps via OAuth.
+
 ## How Defender for Cloud Apps helps to protect your environment
 
 - [Detect cloud threats, compromised accounts, and malicious insiders](best-practices.md#detect-cloud-threats-compromised-accounts-malicious-insiders-and-ransomware)
 
@@ -27,10 +27,6 @@ Reducing cyber risk requires comprehensive risk-based vulnerability management t
 
 Defender Vulnerability Management delivers asset visibility, intelligent assessments, and built-in remediation tools for Windows, macOS, Linux, Android, iOS, and network devices. Using Microsoft threat intelligence, breach likelihood predictions, business contexts, and devices assessments, Defender Vulnerability Management rapidly and continuously prioritizes the biggest vulnerabilities on your most critical assets and provides security recommendations to mitigate risk.
 
-Watch the following video to learn more about Defender Vulnerability Management.
-
-> [!VIDEO https://learn-video.azurefd.net/vod/player?id=4ee839c5-4ccb-4cc9-9945-ae8228e35121]
-
 > [!TIP]
 > Did you know you can try all the features in Microsoft Defender Vulnerability Management for free? Find out how to [sign up for a free trial](defender-vulnerability-management-trial.md).
 
@@ -74,7 +70,23 @@ Enable security administrators and IT administrators to collaborate and seamless
 - **Alternate mitigations** - Gain insights on other mitigations, such as configuration changes that can reduce risk associated with software vulnerabilities.
 - **Real-time remediation status** - Real-time monitoring of the status and progress of remediation activities across the organization.
 
-## Navigation pane
+## Vulnerability management experience in Microsoft Defender portal
+
+# [Preview customers](#tab/preview-customers)
+
+[!INCLUDE [mdvm-msem-section](../includes/mdvm-msem-section.md)]
+
+|Area|Description|
+|---|---|
+| [**Exposure management > Vulnerability management > Overview**](tvm-dashboard-insights.md) |Get a high-level view of your organization's vulnerability information, including the endpoints exposure score, top recommendations, events, vulnerable software, remediation activities, and more. |
+|[**Exposure management > Recommendations**](tvm-security-recommendation.md)|See all Microsoft security recommendations in a single, streamlined experience. The **Vulnerabilities** section lists security recommendations and related threat information, where you can dive into recommendations related to specific vulnerabilities. |
+|[**Exposure management > Vulnerability management > Remediation**](tvm-remediation.md)|See remediation activities you've created and recommendation exceptions.|
+|[**Exposure management > Vulnerability management > Inventories**](tvm-software-inventory.md)|Discover and assess all your organization's assets in a single view.|
+|[**Exposure management > Vulnerability management > Vulnerabilities**](tvm-weaknesses.md)|See the list of common vulnerabilities and exposures (CVEs) in your organization.|
+|[**Exposure management > Vulnerability management > Overview > Top impactful events**](threat-and-vuln-mgt-event-timeline.md)|View events that may impact your organization's risk. You can also access the event timeline from the **Recommendations > Score history** section.|
+|[**Exposure management > Vulnerability management > Baseline assessments**](tvm-security-baselines.md)|Monitor security baseline compliance and identify changes in real-time.|
+
+# [Existing customers](#tab/existing-customers)
 
 |Area|Description|
 |---|---|
@@ -86,6 +98,8 @@ Enable security administrators and IT administrators to collaborate and seamless
 |[**Event timeline**](threat-and-vuln-mgt-event-timeline.md)|View events that may impact your organization's risk.|
 |[**Baselines assessment**](tvm-security-baselines.md)|Monitor security baseline compliance and identify changes in real-time.|
 
+---
+
 ## APIs
 
 Run vulnerability management related API calls to automate vulnerability management workflows. To get started, see [Supported Microsoft Defender for Endpoint APIs](/defender-endpoint/api/exposed-apis-list).
 
@@ -3,29 +3,29 @@ title: Device restart status
 description: Learn about the device restart status tag in Microsoft Defender Vulnerability Management
 ms.service: defender-vuln-mgmt
 ms.pagetype: security
-ms.author: deniseb
-author: denisebmsft
+ms.author: lwainstein
+author: limwainstein
 ms.localizationpriority: medium
-manager: deniseb
+manager: bagol
 audience: ITPro
 ms.collection:
   - m365-security
   - tier1
 ms.topic: concept-article
 search.appverid: met150
-ms.date: 03/04/2022
+ms.date: 11/25/2025
+appliesto:
+  - Microsoft Defender Vulnerability Management
+  - Microsoft Defender for Endpoint Plan 2
+  - Microsoft Defender XDR
+  - Microsoft Defender for Servers Plan 1 & 2
 ---
 
 # Device restart status
 
 [!INCLUDE [mdvm-msem-note](../includes/mdvm-msem-note.md)]
 
-**Applies to:**
-
-- [Microsoft Defender Vulnerability Management](defender-vulnerability-management.md)
-- [Microsoft Defender for Endpoint Plan 2](/defender-endpoint/microsoft-defender-endpoint)
-- [Microsoft Defender XDR](/defender-xdr)
-- [Microsoft Defender for Servers Plan 1 & 2](/azure/defender-for-cloud/plan-defender-for-servers-select-plan)
+Security recommendations can help reduce your overall vulnerability exposure and your exposure score. A robust update process is key when it comes to addressing these recommendations in your organization. If an update hasn't completed for some devices due to a pending restart, the effect of addressing the security recommendation isn't reflected in your exposure score.
 
 Security recommendations in Defender Vulnerability Management can help reduce your overall vulnerability exposure and your exposure score. A robust update process is key when it comes to addressing these recommendations in your organization. If an update hasn't completed for some devices due to a pending restart, the effect of addressing the security recommendation isn't reflected in your exposure score.
 
@@ -41,15 +41,15 @@ The **Pending restart** tag helps you identify devices in this state so you can
 
 The device restart status is visible in the following experiences in the Microsoft Defender portal.
 
-### Security recommendations page
+### Recommendations page
 
-On the security recommendations pages, filter by the **Pending restart** tag to only see security recommendations with devices pending a restart.
+On the **Recommendations** page, filter by the **Pending restart** tag to only see security recommendations with devices pending a restart.
 
 :::image type="content" alt-text="pending restart tag in the security recommendations page." source="/defender/media/defender-vulnerability-management/pending-restart.png" lightbox="/defender/media/defender-vulnerability-management/pending-restart.png":::
 
 ### Software page
 
-On the software page filter by, the **Pending restart** tag to see missing KBs with devices that are pending a restart:
+On the software page filter by the **Pending restart** tag to see missing KBs with devices that are pending a restart:
 
 :::image type="content" alt-text="pending restart tag in the software page." source="/defender/media/defender-vulnerability-management/pending-restart-KB.png" lightbox="/defender/media/defender-vulnerability-management/pending-restart-KB.png":::