update images

DebLanger · DebLanger · commit ed41ae3c2f51 · 2024-11-11T14:57:25.000+02:00
diff --git a/exposure-management/microsoft-security-exposure-management.md b/exposure-management/microsoft-security-exposure-management.md
@@ -75,7 +75,6 @@ Currently, Security Exposure Management consolidates security posture informatio
 In addition to Microsoft services, Security Exposure Management allows you to connect to external data sources to further enrich and extend your security posture management.
 For more information on data connectors, see [Data connectors overview](overview-data-connectors.md).
 
-
 ## Next steps
 
 Review [prerequisites](prerequisites.md) to get started with Security Exposure Management.
diff --git a/exposure-management/prerequisites.md b/exposure-management/prerequisites.md
@@ -23,10 +23,10 @@ Permissions are based on [Microsoft Entra ID Roles](/entra/identity/role-based-a
 
 - For full Security Exposure Management access, user roles need access to all Defender for Endpoint  [device groups](/microsoft-365/security//defender-endpoint/machine-groups).
 - Users who have access restricted to some of the organization's device groups (and not to all), can:
-    - Access global exposure insights data.
-    - View affected assets under metrics, recommendations, events, and initiatives history only within users' scope
-    - View devices in attack paths that are within the users' scope
-    - Access the Security Exposure Management attack surface map and advanced hunting schemas (ExposureGraphNodes and ExposureGraphEdges) for the device groups to which they have access
+      - Access global exposure insights data.
+      - View affected assets under metrics, recommendations, events, and initiatives history only within users' scope
+      - View devices in attack paths that are within the users' scope
+      - Access the Security Exposure Management attack surface map and advanced hunting schemas (ExposureGraphNodes and ExposureGraphEdges) for the device groups to which they have access
 
 ### Permissions for Security Exposure Management tasks
 
@@ -73,13 +73,11 @@ You can access Security Exposure Management in the Microsoft Defender portal usi
 
     You can check which sensor version a device is running as follows:
 
-    - On a specific device, browse to the MsSense.exe file in
+  - On a specific device, browse to the MsSense.exe file in
 C:\Program Files\Windows Defender Advanced Threat Protection. Right-click the file, and select **Properties**. On the **Details** tab, check the file version.
-    - For multiple devices, it's easier to run an [advanced hunting Kusto query](/defender-xdr/advanced-hunting-query-language) to check device sensor versions, as follows:
-
-        ``` DeviceInfo | project DeviceName, ClientVersion ```
-
+  - For multiple devices, it's easier to run an [advanced hunting Kusto query](/defender-xdr/advanced-hunting-query-language) to check device sensor versions, as follows:
 
+       ``` DeviceInfo | project DeviceName, ClientVersion ```
 
 ## Getting support
 
diff --git a/exposure-management/value-data-connectors.md b/exposure-management/value-data-connectors.md
@@ -33,7 +33,7 @@ Data ingested from the Connectors gets normalized and incorporated into the Expo
 
 Eventually this data will additionally serve to enhance security metrics that measure your exposure risk against a particular criteria, and it will also impact broader organizational initiatives that measure exposure risk across a workload or related to a specific threat area.
 
-:::image type="content" source="media/value-data-connectors/device inventory with 3P.png" alt-text="Screenshot of device inventory with discovery source highlighted" lightbox="media/value-data-connectors/device inventory with 3P.png":::
+:::image type="content" source="media/value-data-connectors/device inventory with 3P.png" alt-text="Screenshot of device inventory with discovery source" lightbox="media/value-data-connectors/device inventory with 3P.png":::
 
 Benefits of using the external data connectors include:
 
@@ -66,7 +66,7 @@ Enrichment information on criticality of assets is retrieved from the data conne
 
 To explore your assets and enrichment data retrieved from external data products, you can also view this information in the Exposure Graph. Within the Attack Surface map, you can view the nodes representing assets discovered by your connectors, with built-in icons showing the discovery sources for each asset.
 
-:::image type="content" source="media/value-data-connectors/exposure graph data connectors main.png" alt-text="Screenshot of data connectors in exposure graph" lightbox="media/value-data-connectors/exposure graph data connectors main.png":::
+:::image type="content" source="media/value-data-connectors/exposure graph data connectors main.png" alt-text="Screenshot of data connectors in exposure graph shown" lightbox="media/value-data-connectors/exposure graph data connectors main.png":::
 
 By opening the side pane for the asset, you can also view the detailed data retrieved from the connector for each asset.
 
diff --git a/exposure-management/whats-new.md b/exposure-management/whats-new.md
@@ -43,15 +43,15 @@ For more information, see, [SaaS security initiative](/defender-cloud-apps/saas-
 
 ### New in attack paths
 
-We have introduced four new features designed to enhance your security management and risk mitigation efforts. These features provide valuable insights into the attack paths identified within your environment, enabling you to prioritize risk mitigation strategies effectively and reduce the impact of potential threats. 
+We have introduced four new features designed to enhance your security management and risk mitigation efforts. These features provide valuable insights into the attack paths identified within your environment, enabling you to prioritize risk mitigation strategies effectively and reduce the impact of potential threats.
 
 The new features include:
 
 - **Attack path widget on exposure management overview page**: Provides users with an at-a-glance, high-level view of discovered attack paths. It displays a timeline of newly identified paths, key entry points, target types, and more, ensuring security teams stay informed about emerging threats and can respond quickly.
 - **Attack path dashboard**: Provides a high-level overview of all identified attack paths within the environment. This feature enables security teams to gain valuable insights into the types of paths identified, top entry points, target assets, and more, helping to prioritize risk mitigation efforts effectively.
 - **Choke points**: Highlights critical assets that multiple attack paths intersect, identifying them as key vulnerabilities within the environment. By focusing on these choke points, security teams can efficiently reduce risk by addressing high-impact assets, thus preventing attackers from progressing through various paths.
 - **Blast radius**: Allows users to visually explore the paths from a choke point. It provides a detailed visualization showing how the compromise of one asset could affect others, enabling security teams to assess the broader implications of an attack and prioritize mitigation strategies more effectively.
- 
+
 For more information, see [Overview of attack paths](work-attack-paths-overview.md).
 
 ## September 2024
@@ -76,7 +76,6 @@ This change now allows users who have been granted access to only some of the or
 
 For more information, see [Prerequisites and support](prerequisites.md).
 
-
 ### Proactively manage your security posture
 
 Read how the *ExposureGraphEdges* and *ExposureGraphNodes* tables in Advanced Hunting helps your organizations proactively manage and understand your security posture by analyzing asset relationships and potential vulnerabilities.
@@ -151,7 +150,7 @@ The following predefined classification rules were added to the critical assets
 | **Azure Virtual Machine has a Critical Signed-in user**            | This rule applies to Azure Virtual Machines with a Critical user signed in protected by Defender for Endpoint with high or very high-criticality users signed in. |
 | **Azure Key Vaults with Many Connected Identities**          | This rule applies to Azure Key Vaults with high access compared to others, indicating critical workload usage. |
 
-For more information, see, [Predefined classifications](predefined-classification-rules-and-levels.md) 
+For more information, see, [Predefined classifications](predefined-classification-rules-and-levels.md)
 
 ## May 2024
 
