Merge branch 'main' into diannegali-filterupdates

Author: diannegali

.openpublishing.redirection.defender-cloud-apps.json

@@ -994,6 +994,11 @@
       "source_path": "CloudAppSecurityDocs/what-is-cloud-app-security.md",
       "redirect_url": "/defender-cloud-apps/what-is-defender-for-cloud-apps",
       "redirect_document_id": true
+    },
+     {
+      "source_path": "CloudAppSecurityDocs/tutorial-ueba.md",
+      "redirect_url": "/defender-cloud-apps/",
+      "redirect_document_id": true
     },
     {
       "source_path": "CloudAppSecurityDocs/file-filters.md",

CloudAppSecurityDocs/in-browser-protection.md

@@ -1,7 +1,7 @@
 ---
 title: In-browser protection with Microsoft Edge for Business | Microsoft Defender for Cloud Apps
 description: Learn about using in-browser protection with Microsoft Defender for Cloud Apps session policies and Microsoft Edge for Business.
-ms.date: 10/31/2024
+ms.date: 01/26/2025
 ms.topic: conceptual
 #customerIntent: As a Defender for Cloud Apps admin, I want to learn about the user experience with in-browser protection.
 ---
@@ -105,6 +105,8 @@ Administrators who understand the power of Microsoft Edge browser protection can
 
 4. When you're finished on the **Edge for Business protection** page, select **Save**.
 
+:::image type="content" source="media/in-browser-protection/edge-for-business-protection-settings.png" alt-text="Screenshot of Microsoft Edge for business protection settings." lightbox="media/in-browser-protection/edge-for-business-protection-settings.png":::
+
 ## Related content
 
 For more information, see [Microsoft Defender for Cloud Apps Conditional Access app control](proxy-intro-aad.md).

CloudAppSecurityDocs/index.yml

@@ -94,16 +94,6 @@ landingContent:
           - text: Threat response governance actions
             url: governance-actions.md
 
-      - linkListType: how-to-guide
-        links:
-          - text: Use in-browser protection with Microsoft Edge
-            url: in-browser-protection.md
-          - text: Investigate behaviors by hunting
-            url: behaviors.md
-          - text: Investigate anomaly detection alerts
-            url: investigate-anomaly-alerts.md
-          - text: Investigate risky users
-            url: tutorial-ueba.md
 
   # Card (optional)
   - title: Information protection

CloudAppSecurityDocs/mde-integration.md

@@ -65,13 +65,12 @@ To enable Defender for Endpoint integration with Defender for Cloud Apps:
 
 1. In the [Microsoft Defender portal](https://security.microsoft.com), from the navigation pane, select **Settings** > **Endpoints** > **General** > **Advanced features**.
 1. Toggle the **Microsoft Defender for Cloud Apps** to **On**.
-1. Select **Apply**.
+1. Select **Save preferences**.
 
 >[!NOTE]
 > It takes up to two hours after you enable the integration for the data to show up in Defender for Cloud Apps.
 >
-
-![Screenshot of the Defender for Endpoint settings.](media/mde-settings.png)
+![Screenshot of the Defender for Endpoint settings.](media\turn-on-advanced-features-for-microsoft-defender-for-cloud-apps.png)
 
 To configure the severity for alerts sent to Microsoft Defender for Endpoint:
 

CloudAppSecurityDocs/media/in-browser-protection/edge-for-business-protection-settings.png

@@ -79,7 +79,7 @@ This section describes how to connect Microsoft Defender for Cloud Apps to your
 >[!NOTE]
 >- Microsoft recommends using a short lived access token. Egnyte doesn't currently support short lived tokens. We recommend our customers to refresh the access token every 6 months as a security best practice. To refresh the access token, revoke the old token by following [Revoking an oAuth token](https://developers.egnyte.com/docs/read/Public_API_Authentication#Revoking-an-OAuth-Token). Once the old token is revoked, reconnect the Egnyte connector by following the process documented above.
 >
->- Defender for Cloud Apps intentionally provides a lower rate limit than Egnyte's maximum to avoid exceeding the API constraints. For more infomration, see the relevant Egnyte documentation: [Rate limiting](https://developers.egnyte.com/docs/read/Best_Practices) | [Audit Reporting API v2](https://developers.egnyte.com/docs/read/Audit_Reporting_API_V2)
+>- Defender for Cloud Apps intentionally provides a lower rate limit than Egnyte's maximum to avoid exceeding the API constraints. For more information, see the relevant Egnyte documentation: [Rate limiting](https://developers.egnyte.com/docs/read/Best_Practices) | [Audit Reporting API v2](https://developers.egnyte.com/docs/read/Audit_Reporting_API_V2)
 
 ## Next steps
 

CloudAppSecurityDocs/media/mde-settings.png

@@ -310,8 +310,6 @@ items:
     items:
     - name: Investigate anomaly detection alerts
       href: investigate-anomaly-alerts.md
-    - name: Investigate risky users
-      href: tutorial-ueba.md
   - name: Respond to threats
     items:
     - name: Governing connected apps