Merge pull request #1006 from MicrosoftDocs/main

publish main to live, 10:30 AM 7/23/24

Author: American-Dipper

defender-for-iot/microsoft-defender-iot.md

@@ -18,15 +18,16 @@ In this article, you learn how Microsoft Defender customers can extend their pro
 
 [!INCLUDE [defender-iot-preview](../includes//defender-for-iot-defender-public-preview.md)]
 
-## What are the different flavors for Microsoft Defender for IoT?
+## What are the different management portals for Microsoft Defender for IoT?
 
-You can work with these different flavors of Defender for IoT:
+You can work with these different management portals:
 
-|Flavor|Details|Next steps|
+|Portal|Details|Next steps|
 |---|---|---|
-|Defender for IoT in the Defender portal (Preview)|Microsoft Defender customers can use this flavor for a unified IT/OT experience, extending Defender XDR protection to OT environments. [Learn about the main use cases](#what-are-the-main-defender-for-iot-use-cases).|[Get started](get-started.md) with Defender for IoT in the Defender portal.|
-|Defender for IoT in the classic, Azure portal|All customers can use this flavor to identify OT devices, vulnerabilities, and threats in the Azure portal.|See the [Defender for IoT on Azure overview](/azure/defender-for-iot/organizations/overview).|
-|Protection for enterprise IoT devices|Microsoft Defender customers can enable protection for enterprise IoT devices, like printers, smart TVs, and conferencing systems and purpose-built, proprietary devices.|[Get started](/azure/defender-for-iot/organizations/eiot-sensor) with enterprise IoT monitoring.|
+|Defender for IoT in the Defender portal (Preview)|Microsoft Defender customers can use this portal for a unified IT/OT experience, extending Defender XDR protection to OT environments. [Learn about the main use cases](#what-are-the-main-defender-for-iot-use-cases).|[Get started](get-started.md) with Defender for IoT in the Defender portal.|
+|Defender for IoT in the classic, Azure portal|All customers can use this portal to identify OT devices, vulnerabilities, and threats in the Azure portal.|See the [Defender for IoT on Azure overview](/azure/defender-for-iot/organizations/overview).|
+
+Protection for enterprise IoT devices is available for Microsoft Defender customers. These customers can enable protection for enterprise IoT devices, like printers, smart TVs, and conferencing systems and purpose-built, proprietary devices. [Get started](/azure/defender-for-iot/organizations/eiot-sensor) with enterprise IoT monitoring.
 
 ## Who uses Defender for IoT?
 

defender-xdr/microsoft-xdr-auditing.md

@@ -11,7 +11,7 @@ ms.collection:
 - m365-security
 - tier3
 ms.topic: overview
-ms.date: 2/21/2024
+ms.date: 07/23/2024
 search.appverid: met150
 ---
 
@@ -40,7 +40,7 @@ For a complete list of Microsoft Defender XDR activities that are audited, see [
 
 To access the audit log, you need to have the **View-Only Audit Logs** or **Audit Logs** role in Exchange Online. By default, those roles are assigned to the Compliance Management and Organization Management role groups.
 
->[!Note]
+> [!NOTE]
 > Global administrators in Office 365 and Microsoft 365 are automatically added as members of the Organization Management role group in Exchange Online.
 
 ## Turn on auditing in Microsoft Defender XDR
@@ -57,6 +57,9 @@ Microsoft Defender XDR uses the [Microsoft Purview auditing solution](/purview/a
    :::image type="content" source="/defender/media/defender/unified-audit-log.png" alt-text="Screenshot of the unified audit log toggle in Microsoft Defender XDR advanced settings" lightbox="/defender/media/defender/unified-audit-log.png":::
     4. Select **Save preferences**.
 
+> [!IMPORTANT]
+> Global Administrator is a highly privileged role that should be limited to scenarios when you can't use an existing role. Microsoft recommends that you use roles with the fewest permissions. Using lower permissioned accounts helps improve security for your organization.
+
 ## Using the audit search in Microsoft Defender XDR
 
 1. To retrieve audit logs for Microsoft Defender XDR activities, navigate to the [Microsoft Defender XDR Audit page](https://security.microsoft.com/auditlogsearch) or go to the [Purview compliance portal](https://compliance.microsoft.com) and select **Audit**.
@@ -102,7 +105,7 @@ Import-PSSession $s
 Search-UnifiedAuditLog -StartDate 2023/03/12 -EndDate 2023/03/20 -RecordType <ID>
 ```
 
->[!Note]
+>[!NOTE]
 > See the API column in Audit activities included for the record type values.
 
 ## Additional resources

exposure-management/TOC.yml

@@ -69,4 +69,6 @@
       - name: Defender for Cloud
         href: /azure/defender-for-cloud
       - name: Entra
-        href: /entra/
+        href: /entra/
+      - name: Defender EASM
+        href: /azure/external-attack-surface-management/

includes/defender-for-iot-defender-public-preview.md

@@ -12,6 +12,6 @@ ms.service: microsoft-defender-iot
 >
 > If you're an existing customer working on the **classic Defender for IoT portal** (Azure portal), see the [Defender for IoT on Azure documentation](/azure/defender-for-iot/organizations/overview).
 >
-> Learn more about the [Defender for IoT flavors](/defender-for-iot/microsoft-defender-iot#what-are-the-different-flavors-for-microsoft-defender-for-iot).
+> Learn more about the [Defender for IoT management portals](/defender-for-iot/microsoft-defender-iot#what-are-the-different-management-portals-for-microsoft-defender-for-iot).
 >
 > Some information in this article relates to a prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, with respect to the information provided here.