Merge pull request #2040 from MicrosoftDocs/chrisda

Link fixes per build report

Author: chrisda

CloudAppSecurityDocs/posture-overview.md

@@ -1,16 +1,16 @@
 ---
-title: SaaS security posture management (SSPM) - overview 
+title: SaaS security posture management (SSPM) - overview
 description: Learn what is SaaS security posture management (SSPM) in Microsoft Defender for cloud apps
 ms.topic: how-to
 ms.date: 11/17/2024
 ---
 
-# SaaS security posture management (SSPM) - overview 
+# SaaS security posture management (SSPM) - overview
 
 > [!NOTE]
 > Microsoft Security Exposure Management data and capabilities are currently unavailable in U.S Government clouds - GCC, GCC High and DoD. For these environments, it is recommended to consume SaaS security posture recommendations via [Microsoft Secure Score](/microsoft-365/security/defender-endpoint/tvm-security-recommendation).
 
-One of Microsoft Defender for Cloud Apps’ core pillars is SaaS Security Posture Management (SSPM), which offers detailed visibility into the security state of your SaaS applications and provides actionable guidance to help you strengthen your security posture efficiently. Your SaaS application environments might be configured with a risky posture, and Defender for Cloud Apps provides risk-based security configuration assessments to help you identify and mitigate potential risks. These recommendations are shown in [Microsoft Security Exposure Management](../exposure-management/microsoft-security-exposure-management.md) once you have a connector to an application. For example:
+One of Microsoft Defender for Cloud Apps' core pillars is SaaS Security Posture Management (SSPM), which offers detailed visibility into the security state of your SaaS applications and provides actionable guidance to help you strengthen your security posture efficiently. Your SaaS application environments might be configured with a risky posture, and Defender for Cloud Apps provides risk-based security configuration assessments to help you identify and mitigate potential risks. These recommendations are shown in [Microsoft Security Exposure Management](/security-exposure-management/microsoft-security-exposure-management) once you have a connector to an application. For example:
 
 ![Screenshot of the SalesForce recommendations in Secure Score.](media/security-saas-sspm-in-secure-score-salesforce-filter.png)
 
@@ -20,10 +20,9 @@ One of Microsoft Defender for Cloud Apps’ core pillars is SaaS Security Postur
 
 - Your organization must have Microsoft Defender for Cloud Apps licenses.
 - Your app must be connected to Defender for Cloud Apps. For more information, see:
+  - [Connect apps to get visibility and control with Microsoft Defender for Cloud Apps](enable-instant-visibility-protection-and-governance-actions-for-your-apps.md)
+  - [Learn which of the apps connectors provides security recommendations ](enable-instant-visibility-protection-and-governance-actions-for-your-apps.md#user-app-governance-and-security-configuration-visibility)
 
-    - [Connect apps to get visibility and control with Microsoft Defender for Cloud Apps](enable-instant-visibility-protection-and-governance-actions-for-your-apps.md)
-    - [Learn which of the apps connectors provides security recommendations ](enable-instant-visibility-protection-and-governance-actions-for-your-apps.md#user-app-governance-and-security-configuration-visibility)
- 
 ## Turn on SaaS security recommendations
 
 Follow these steps to ensure that your application connector is set to show data in Microsoft Security Exposure Management.
@@ -57,7 +56,7 @@ For more information, see [Assess your security posture with Microsoft Secure Sc
 > [!IMPORTANT]
 > Since Microsoft Security Exposure Management data and capabilities are currently unavailable in U.S Government clouds - GCC, GCC High and DoD, it is recommended for these environments to consume SaaS security posture recommendations in [Microsoft Secure Score](/microsoft-365/security/defender-endpoint/tvm-security-recommendation) as explained above.
 
-To effectively manage your organization’s SaaS security posture, we recommend beginning with the SaaS Security initiative. This initiative consolidates best practices and measurable metrics specifically for securing SaaS applications, allowing you to prioritize and address the most impactful recommendations for SaaS environments. For more information, see:
+To effectively manage your organization's SaaS security posture, we recommend beginning with the SaaS Security initiative. This initiative consolidates best practices and measurable metrics specifically for securing SaaS applications, allowing you to prioritize and address the most impactful recommendations for SaaS environments. For more information, see:
 
 - [SaaS Security Initiative](/defender-cloud-apps/saas-security-initiative)
 
@@ -70,7 +69,6 @@ In addition you can find a variety of SSPM recommendations under different initi
 - Business Email Compromise - Financial fraud
 - Zero Trust (Foundational)
 
-
 ## Next steps
 
 > [!div class="nextstepaction"]

CloudAppSecurityDocs/saas-security-initiative.md

@@ -4,14 +4,14 @@ description: Learn how to use the "SaaS security initiative" in Microsoft XDR
 ms.topic: how-to
 ms.date: 10/31/2024
 ---
-# SaaS Security Initiative 
+# SaaS Security Initiative
 
 > [!NOTE]
 > Microsoft Security Exposure Management data and capabilities are currently unavailable in U.S Government clouds - GCC, GCC High and DoD.
 
 The SaaS Security Initiative provides a centralized place for SaaS security best practices, enabling organizations to manage and prioritize security recommendations effectively. By focusing on the most impactful metrics, organizations can enhance their SaaS security posture efficiently.
-![Screenshot of the SaaS security initiative home page.](<media\saas-securty-initiative\screenshot-of-the-saas-security-initiative-home-page.png>)
 
+![Screenshot of the SaaS security initiative home page.](<media\saas-securty-initiative\screenshot-of-the-saas-security-initiative-home-page.png>)
 
 ## What is the SaaS Security Initiative?
 
@@ -22,16 +22,16 @@ The SaaS Security Initiative serves as the main hub for SaaS Security Posture Ma
 - Your organization must have Microsoft Defender for Cloud Apps licenses.
 - The app which you wish to see security recommendations for, must be connected.
 - For more information, see:
-
-    - [Connect apps to get visibility and control with Microsoft Defender for Cloud Apps](enable-instant-visibility-protection-and-governance-actions-for-your-apps.md)
-    - [Learn which of the apps connectors provides security recommendations ](enable-instant-visibility-protection-and-governance-actions-for-your-apps.md#user-app-governance-and-security-configuration-visibility)
+  - [Connect apps to get visibility and control with Microsoft Defender for Cloud Apps](enable-instant-visibility-protection-and-governance-actions-for-your-apps.md)
+  - [Learn which of the apps connectors provides security recommendations ](enable-instant-visibility-protection-and-governance-actions-for-your-apps.md#user-app-governance-and-security-configuration-visibility)
 
 ## Operational Guidelines
+
 To initiate the process, navigate to the **Exposure Management** blade and select **Initiatives**. Click on the **SaaS Security** initiative and then select **Open Initiative Page**.
 
-On this page, you'll find 12 measurable metrics that categorize hundreds of best practice recommendations. 
+On this page, you'll find 12 measurable metrics that categorize hundreds of best practice recommendations.
 
-It's recommended to prioritize metrics with the highest **Impact on Initiative Score**, which is a composite measure that considers both the **Weight** of each recommendation and the percentage of **Non-Compliant** recommendations. To effectively monitor progress, it's advisable to set a **target score** for your organization’s security posture. This target will serve as a benchmark for improvement and help track advancements over time.
+It's recommended to prioritize metrics with the highest **Impact on Initiative Score**, which is a composite measure that considers both the **Weight** of each recommendation and the percentage of **Non-Compliant** recommendations. To effectively monitor progress, it's advisable to set a **target score** for your organization's security posture. This target will serve as a benchmark for improvement and help track advancements over time.
 
 For instance, to gain visibility into all best practice recommendations pertaining to privileged access within SaaS applications, select the metric labeled **Missing Best Practices to Secure Privileged Access in SaaS Apps**.
 
@@ -40,6 +40,4 @@ Once selected, you can click on any of the **Non-Compliant** recommendations to
 ## Additional Information
 
 - Each metric includes a list of associated app connectors, encouraging organizations to enable more connectors for enhanced visibility. If you're interested in recommendations for specific applications, navigate to the **Security Recommendations** tab and filter by the relevant application.
-- To learn more about Exposure Management initiatives visit [here](../exposure-management/initiatives.md).
-
-
+- To learn more about Exposure Management initiatives visit [here](/security-exposure-management/initiatives).