Merge branch 'M1_changes' of https://github.com/DebLanger/defender-docs-pr into M1_changes

Author: DebLanger

.openpublishing.redirection.defender-identity.json

@@ -869,6 +869,252 @@
       "source_path": "defender-for-identity/support.md",
       "redirect_url": "/defender-xdr/contact-defender-support",
       "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/assign-multi-factor-authentication-okta-privileged-user-accounts.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/cloud-identities",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/change-okta-password-privileged-user-accounts.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/cloud-identities",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/high-number-of-okta-accounts-with-privileged-role-assigned.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/cloud-identities",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/highly-privileged-okta-api-token.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/cloud-identities",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/limit-number-okta-super-admin-accounts.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/cloud-identities",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/remove-dormant-okta-privileged-accounts.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/cloud-identities",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/accounts-with-non-default-pgid.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-remove-suspicious-access-rights.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/change-password-krbtgt-account.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/change-password-domain-administrator-account.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-dormant-entities.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-non-admin-accounts-dcsync.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/ensure-privileged-accounts-with-sensitive-flag.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-clear-text.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-laps.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/remove-discoverable-passwords-active-directory-account-attributes.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/remove-inactive-service-account.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-riskiest-lmp.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-unconstrained-kerberos.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-unsecure-sid-history-attribute.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-unsecure-account-attributes.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-weak-cipher.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/accounts",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-enforce-encryption-rpc.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/certificates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-insecure-adcs-certificate-enrollment.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/certificates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-edit-misconfigured-owner.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/certificates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-edit-misconfigured-ca-acl.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/certificates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-edit-misconfigured-acl.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/certificates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-edit-misconfigured-enrollment-agent.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/certificates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-edit-overly-permissive-template.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/certificates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/prevent-certificate-enrollment-esc15.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/certificates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-prevent-users-request-certificate.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/certificates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-edit-vulnerable-ca-setting.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/certificates",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/gpo-assigns-unprivileged-identities.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/group-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/modified-unprivileged-accounts-gpo.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/group-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/reversible-passwords-group-policy.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/group-policy",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/built-in-active-directory-guest-account-is-enabled.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/identity-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/domain-controller-account-password-change.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/identity-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-print-spooler.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/identity-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-remove-local-admins.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/identity-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-unmonitored-domain-controller.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/identity-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/unmonitored-active-directory-certificate-services-server.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/identity-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/unmonitored-active-directory-federation-services-servers.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/identity-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/unmonitored-entra-connect-servers.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/identity-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/security-assessment-unsecure-domain-configurations.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/identity-infrastructure",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/remove-replication-permissions-microsoft-entra-connect.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/hybrid-security",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/remove-unsafe-permissions-sensitive-entra-connect.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/hybrid-security",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/replace-entra-connect-default-admin.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/hybrid-security",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/change-password-microsoft-entra-seamless-single-sign-on.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/hybrid-security",
+      "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-for-identity/rotate-password-microsoft-entra-connect.md",
+      "redirect_url": "/defender-for-identity/security-posture-assessments/hybrid-security",
+      "redirect_document_id": false
     }
+
   ]
 }

defender-endpoint/TOC.yml

@@ -8,7 +8,7 @@
     items:
     - name: What is Microsoft Defender for Endpoint?
       items: 
-      - name: Defender for Endpoint on Windows
+      - name: Defender for Endpoint
         href: microsoft-defender-endpoint.md
       - name: Defender for Endpoint on macOS
         href: microsoft-defender-endpoint-mac.md

defender-endpoint/android-configure.md

@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: how-to
 ms.subservice: android
 search.appverid: met150
-ms.date: 10/23/2025
+ms.date: 11/06/2025
 appliesto:
    - Microsoft Defender for Endpoint Plan 1
    - Microsoft Defender for Endpoint Plan 2
@@ -33,7 +33,7 @@ For more information about how to set up Defender for Endpoint on Android and Co
 ## Configure custom indicators
 
 > [!NOTE]
-> Defender for Endpoint on Android only supports creating custom indicators for IP addresses and URLs/domains.
+> Defender for Endpoint on Android supports creating custom indicators only for URLs and domains. IP-based custom indicators aren't supported on Android.
 > 
 > IP `245.245.0.1` is an internal Defender IP and should not be included in custom indicators by customers to avoid any functionality issues.
 > Also, alerts for custom indicators are currently not supported for Defender for Endpoint on Android.

defender-endpoint/api/exposed-apis-create-app-webapp.md

@@ -50,6 +50,8 @@ Having the [Microsoft Entra role](/entra/identity/role-based-access-control/mana
 
 ## Step 2: Add a secret to your app
 
+This section describes authenticating your app using an app secret. To authenticate your app using a certificate, see [Create a self-signed public certificate to authenticate your application](/entra/identity-platform/howto-create-self-signed-certificate).
+
 1. From the application page, select *Certificates & secrets* > *New client secret*.
 
 2. In the *Add a client secret* pane, add a description and expiration date.
@@ -163,11 +165,3 @@ var request = new HttpRequestMessage(HttpMethod.Get, "https://api.securitycenter
 request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
 var response = httpClient.SendAsync(request).GetAwaiter().GetResult();
 ```
-
-## See also
-
-* [Get access with user context](exposed-apis-create-app-nativeapp.md)
-
-* [Supported Microsoft Defender for Endpoint APIs](exposed-apis-list.md)
-
-* [Access Microsoft Defender for Endpoint on behalf of a user](exposed-apis-create-app-nativeapp.md)

defender-endpoint/defender-endpoint-trial-user-guide.md

@@ -39,19 +39,19 @@ This playbook is a simple guide to help you make the most of your free trial. Us
 <center><h2>Microsoft Defender for Endpoint</center></h2>
 <table>
 <tr>
-<td><a href="microsoft-defender-endpoint.md#tvm"><center><img src="media/logo-mdvm.png" alt="Vulnerability Management"> <br><b> Core Defender Vulnerability Management</b></center></a></td>
-<td><a href="microsoft-defender-endpoint.md#asr"><center><img src="media/asr-icon.png" alt="Attack surface reduction"><br><b>Attack surface reduction</b></center></a></td>
-<td><center><a href="microsoft-defender-endpoint.md#ngp"><img src="media/ngp-icon.png" alt="Next-generation protection"><br> <b>Next-generation protection</b></a></center></td>
-<td><center><a href="microsoft-defender-endpoint.md#edr"><img src="media/edr-icon.png" alt="Endpoint detection and response"><br> <b>Endpoint detection and response</b></a></center></td>
-<td><center><a href="microsoft-defender-endpoint.md#ai"><img src="media/air-icon.png" alt="Automated investigation and remediation"><br> <b>Automated investigation and remediation</b></a></center></td>
-<td><center><a href="microsoft-defender-endpoint.md#mte"><img src="media/mte-icon.png" alt="Microsoft Threat Experts"><br> <b>Microsoft Threat Experts</b></a></center></td>
+<td><a href="/defender-vulnerability-management/defender-vulnerability-management"><center><img src="media/logo-mdvm.png" alt="Vulnerability Management"> <br><b> Core Defender Vulnerability Management</b></center></a></td>
+<td><a href="overview-attack-surface-reduction.md"><center><img src="media/asr-icon.png" alt="Attack surface reduction"><br><b>Attack surface reduction</b></center></a></td>
+<td><center><a href="next-generation-protection.md"><img src="media/ngp-icon.png" alt="Next-generation protection"><br> <b>Next-generation protection</b></a></center></td>
+<td><center><a href="overview-endpoint-detection-response.md"><img src="media/edr-icon.png" alt="Endpoint detection and response"><br> <b>Endpoint detection and response</b></a></center></td>
+<td><center><a href="automated-investigations.md"><img src="media/air-icon.png" alt="Automated investigation and remediation"><br> <b>Automated investigation and remediation</b></a></center></td>
+<td><center><a href="endpoint-attack-notifications.md"><img src="media/mte-icon.png" alt="Microsoft Threat Experts"><br> <b>Microsoft Threat Experts</b></a></center></td>
 </tr>
 <tr>
 <td colspan="7">
-<a href="microsoft-defender-endpoint.md#apis"><center><b>Centralized configuration and administration, APIs</a></b></center></td>
+<a href="api/management-apis.md"><center><b>Centralized configuration and administration, APIs</a></b></center></td>
 </tr>
 <tr>
-<td colspan="7"><a href="microsoft-defender-endpoint.md#mtp"><center><b>Microsoft Defender portal</a></center></b></td>
+<td colspan="7"><a href="/unified-secops/overview-defender-portal"><center><b>Microsoft Defender portal</a></center></b></td>
 </tr>
 </table>
 <br>

defender-endpoint/ios-whatsnew.md

@@ -6,7 +6,7 @@ ms.author: lwainstein
 author: limwainstein
 ms.reviewer: sunasing; denishdonga
 ms.localizationpriority: medium
-ms.date: 09/05/2025
+ms.date: 11/06/2025
 manager: bagol
 audience: ITPro
 ms.collection: 
@@ -29,11 +29,25 @@ Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](
 
 ## Releases for Defender for Endpoint on iOS
 
+#### November 2025
+
+| Build| 1.1.70290103|
+| -------- | -------- |
+| Release Date   |November 6, 2025|
+
+**What's New**
+
+- An improved user feedback experience: See [Key Changes - November 2025](./ios-new-ux.md#key-changes---november-2025) for details.
+
+- Added Landscape mode UI support for the Defender app.
+
+- Additional telemetry features to improve app performance monitoring and detect specific scenarios, such as entering landscape mode or invalid authentication attempts.
+
 #### October 2025
 
 | Build| 1.1.70230101|
 | -------- | -------- |
-| Release Date   |October 28, 2025|
+| Release Date   |October 26, 2025|
 
 **What's New**