Update defender-endpoint-false-positives-negatives.md

Author: denisebmsft

defender-endpoint/defender-endpoint-false-positives-negatives.md

@@ -48,7 +48,7 @@ When you have a false positive, a good first step is to try to determine its det
 |Endpoint Detection and Response (EDR) | The alert is related to EDR in Defender for Endpoint <br/>- Solution: Submit the false positive to [https://aka.ms/wdsi](/defender-endpoint/defender-endpoint-false-positives-negatives) <br/>- Work-around: Tune the alerts|
 |Antivirus|The alert relates to Microsoft Defender Antivirus in active mode (primary) where it blocks. If Microsoft Defender Antivirus is in passive mode, EDR in block mode might just detect.<br/>- Solution: Submit the false positive to [https://aka.ms/wdsi](https://aka.ms/wdsi) <br/>- Work-around: Add [Indicators - File hash - allow ](/defender-endpoint/defender-endpoint-false-positives-negatives)or an [Antivirus exclusion](/defender-endpoint/defender-endpoint-false-positives-negatives)|
 | Custom TI| Custom indicators (Indicators <br/>- [file hash](/defender-endpoint/indicator-file)<br/>- [ip address or URL](/defender-endpoint/indicator-ip-domain)<br/>- [certificates](/defender-endpoint/indicator-certificates)) <br/><br/>Solution: [Manage indicators](/defender-endpoint/indicator-manage). <br/><br/> Or, if you see `CustomEnterpriseBlock`, your detection source could be one of the following capabilities in Defender for Endpoint: <br/><br/>1. [Automated investigation and remediation](automated-investigations.md)<br/>-- Solution: Submit the false positive to [https://aka.ms/wdsi](/defender-endpoint/defender-endpoint-false-positives-negatives) <br/>-- Work-around: [Automation folder exclusions  ](/defender-endpoint/manage-automation-folder-exclusions)<br/><br/>2. Custom detection rules deriving from [Advanced Hunting](/defender-xdr/advanced-hunting-overview) <br/>-- Solution: [Manage existing custom detection rules  ](/defender-xdr/custom-detection-rules)<br/><br/>3. [EDR in block mode](/defender-endpoint/edr-in-block-mode) <br/>-- Solution: Submit the false positive to [https://aka.ms/wdsi](/defender-endpoint/defender-endpoint-false-positives-negatives)<br/>-- Work-around: [Indicators – File hash – allow](/defender-endpoint/defender-endpoint-false-positives-negatives) or [Antivirus exclusions](/defender-endpoint/defender-endpoint-false-positives-negatives)<br/><br/>4. [Live response](live-response.md)<br/>-- Solution: Submit the false positive to [https://aka.ms/wdsi](/defender-endpoint/defender-endpoint-false-positives-negatives)<br/>-- Work-around: [Indicators – File hash – allow](/defender-endpoint/defender-endpoint-false-positives-negatives) or [Antivirus exclusions](/defender-endpoint/defender-endpoint-false-positives-negatives)<br/><br/>5. [PUA protection](detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md)<br/>-- Solution: Submit the false positive to [https://aka.ms/wdsi](/defender-endpoint/defender-endpoint-false-positives-negatives)<br/>-- Work-around: [Indicators – File hash – allow](/defender-endpoint/defender-endpoint-false-positives-negatives) or [Antivirus exclusions](/defender-endpoint/defender-endpoint-false-positives-negatives)|
-| Smartscreen|[Smartscreen](https://feedback.smartscreen.microsoft.com/smartscreenfaq.aspx)<br/>- [Report unsafe site](https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site); <br/>or<br/>- It could be related to [Network Protection detection](https://www.microsoft.com/wdsi/support/report-exploit-guard)|
+| Smartscreen|[Smartscreen](https://feedback.smartscreen.microsoft.com/smartscreenfaq.aspx): You can [Report an unsafe site](https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site) or [submit a network protection detection](https://www.microsoft.com/wdsi/support/report-exploit-guard)|
 
 ## False positives and how to address them