Merge pull request #911 from tarTech23/addsi

Add site pane

Author: tarTech23

defender-for-iot/media/monitor-site-security/site-security-page-blurred.png

@@ -31,6 +31,8 @@ The **Site security** page gives you an overview of the security status of your
 - [Review the top **How protected are your sites** section](#review-site-protection-information) to get a general overview of your entire network, including sites with the highest number of devices that are exposed or at risk.
 - [Review the site list](#review-the-site-list) to monitor specific security information for each site.
 
+:::image type="content" source="media/monitor-site-security/site-security-page-blurred.png" alt-text="Screenshot showing the site security page with a list of sites." lightbox="media/monitor-site-security/site-security-page-blurred.png":::
+
 The data displayed in the **Site security** page is the total aggregated data for the entire environment, and might include data for sites that you don't have access to. When you drill down into device data from the [site list](#review-the-site-list), the **Device Inventory** page only displays data for devices you can access.
 
 ## Review site protection information
@@ -57,3 +59,7 @@ Note that the data displayed in this table is the total aggregated data for the
 |**Critical devices** |The number of critical devices at this site. A critical device is a self assigned device that has extra importance to your business or system, such as a server that contains confidential data. |- Use this data to prioritize protection for sites with critical devices.<br>- Select the number to open the **Device Inventory** page, filtered according to the site name and criticality level. |
 |**Highly-exposed devices** |The number of highly exposed devices at this site. |Select the number to open the **Device Inventory** page, filtered according to the site name and high exposure level. |
 |**Devices with high risk** |The number of high risk devices at this site. |Select the number to open the **Device Inventory** page, filtered according to the site name and high risk level. |
+
+When you select an individual site, the site specific pane open, with details and data about that site, for example:
+
+:::image type="content" source="media/monitor-site-security/site-security-side-pane.png" alt-text="Screenshot showing the site security page with a list of sites and the site specific side pane open displaying details and data for that site." lightbox="media/monitor-site-security/site-security-side-pane.png":::

defender-for-iot/media/monitor-site-security/site-security-side-pane.png

@@ -52,7 +52,7 @@ The permission settings listed in this section apply to the unified RBAC version
 
 Depending on your tenant, you might have access to RBAC version 1 or 2 instead of the unified version. For more information, see [permissions for RBAC version 1](/defender-endpoint/prepare-deployment), or [permissions for RBAC version 2](/defender-endpoint/user-roles#permission-options).
 
-If you're using the Defender portal for the first time, you need to set up all of your roles and permissions. For more information, see [manage portal access using role-based access control](/defender-endpoint/rbac).
+If you're using the Defender portal for the first time, you need to set up all of your roles and permissions. For more information, see [manage portal access using role-based access control](/defender-xdr/manage-rbac).
 
 ### Unified RBAC roles for Defender for IoT
 
@@ -70,7 +70,6 @@ This table shows the full roles and permissions needed for all MDE features used
 |Vulnerabilities | **MDE Roles**: Response (manage)\ Security operations \ Security data <br>**Entra ID roles**: Global Administrator, Security Administrator, Security Operator | Write roles<br> **MDE Roles**: Vulnerability management (read) <br> **Entra ID roles**: Global Reader, Security Reader |
 |Inventory| **MDE Roles**: Onboard offboard device: Detection tuning (manage) <br> Manage device tags: Alerts (manage) <br>**Entra ID roles**: Global Administrator, Security Administrator, Security Operator | Write roles <br>**MDE Roles**: Security data basics/Security operations \ Security data <br> **Entra ID roles**: Global Reader, Security Reader |
 |Device group| **MDE Roles**: Authorization (Read and manage) <br>**Entra ID roles**: Global Administrator, Security Administrator |**MDE Roles**: Authorization (write roles, Read-only) |
-|Defender for IoT| **MDE roles**: Core security settings. <br> **Entra ID roles**: Global Administrator, Security Administrator, Security Operator scoped to all device groups.|Write roles (including roles that aren't scoped to all device groups). <br> **MDE Roles**: Security data basics (under Security Operations).<br> **Entra ID roles**: Global Reader, Security Reader |
 
 To assign roles and permissions for other Microsoft Defender for Endpoint features, such as alerts, incidents and inventory, see [assign roles and permissions for Defender for Endpoint](/defender-endpoint/prepare-deployment).