MicrosoftDocs
diff --git a/‎.acrolinx-config.edn‎
Lines changed: 1 addition & 1 deletion b/‎.acrolinx-config.edn‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.openpublishing.redirection.defender.json‎
Lines changed: 5 additions & 0 deletions b/‎.openpublishing.redirection.defender.json‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 86 additions & 1 deletion b/‎README.md‎
Lines changed: 86 additions & 1 deletion
diff --git a/‎defender-business/get-defender-business.md‎
Lines changed: 1 addition & 1 deletion b/‎defender-business/get-defender-business.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎defender-business/mdb-configure-security-settings.md‎
Lines changed: 1 addition & 2 deletions b/‎defender-business/mdb-configure-security-settings.md‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎defender-business/mdb-faq.yml‎
Lines changed: 2 additions & 2 deletions b/‎defender-business/mdb-faq.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎defender-business/mdb-manage-subscription.md‎
Lines changed: 1 addition & 1 deletion b/‎defender-business/mdb-manage-subscription.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎defender-business/mdb-troubleshooting.yml‎
Lines changed: 1 addition & 1 deletion b/‎defender-business/mdb-troubleshooting.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎defender-endpoint/TOC.yml‎
Lines changed: 8 additions & 4 deletions b/‎defender-endpoint/TOC.yml‎
Lines changed: 8 additions & 4 deletions
diff --git a/‎defender-endpoint/admin-submissions-mde.md‎
Lines changed: 2 additions & 2 deletions b/‎defender-endpoint/admin-submissions-mde.md‎
Lines changed: 2 additions & 2 deletions
@@ -1,6 +1,6 @@
 {:changed-files-limit 30
  :allowed-branchname-matches ["main" "release-.*"]
- :allowed-filename-matches ["defender-xdr/" "exposure-management/" "defender/" "defender-business/" "defender-vulnerability-management/" "defender-office-365/"] ;; Can be overridden in repo-specific edn file. This is an allow list that identifies which folders contain the files Acrolinx will check. Separate multiple folders as follows ["folder/" "folder2"]
+ :allowed-filename-matches ["defender-xdr/" "exposure-management/" "defender/" "defender-business/" "defender-vulnerability-management/" "defender-office-365/" "defender-endpoint/"] ;; Can be overridden in repo-specific edn file. This is an allow list that identifies which folders contain the files Acrolinx will check. Separate multiple folders as follows ["folder/" "folder2"]
 
 :use-gh-statuses true
 
 
@@ -4,6 +4,11 @@
         "source_path": "defender/advanced-hunting-overview.md",
         "redirect_url": "/defender-xdr/advanced-hunting-overview",
         "redirect_document_id": false
+    },
+    {
+      "source_path": "defender-endpoint/microsoft-defender-antivirus-using-mde-security-set-mngmnt.md",
+      "redirect_url": "/defender-endpoint/evaluate-mdav-using-gp",
+      "redirect_document_id": true
     }
   ]
 }
@@ -1,3 +1,88 @@
+---
+ms.date: 4/30/2024
+---
+
+# Overview
+
+## Learn how to contribute
+
+Anyone who is interested can contribute to the articles. When you contribute, your work goes into the content set after it's been reviewed and merged. It's then published to [Microsoft Learn](https://learn.microsoft.com/), and you're listed as a contributor at: <https://github.com/MicrosoftDocs/defender-docs/graphs/contributors>.
+
+### Quickly update an article using GitHub.com
+
+Contributors who make infrequent or small updates can edit the file directly on GitHub.com without installing any software. This article shows you how. [This two-minute video](https://www.microsoft.com/videoplayer/embed/RE1XQTG) also covers how to contribute.
+
+> [!TIP]
+> To edit an article, you need to get to it on the GitHub.com backend. If you're already on the GitHub.com page of the article, you're starting at step 4.
+>
+> Your permissions in the repo determine what you see in step 5 and later. People with no special privileges see the steps as described. People with permissions to approve their own pull requests see a similar experience with different button and page titles (for example, **Commit changes** instead of **Propose changes**), extra options for creating a new branch, and fewer confirmation pages. The point is: click any green buttons that are presented to you until there are no more.
+
+1. Verify that you're signed in to GitHub.com with your GitHub account.
+2. On learn.microsoft.com, find the article that you want to update.
+3. Above the title of the article, select ![Edit this document icon.](media/quick-update-learn-edit-icon.png) **Edit this document**.
+
+   ![Screenshot of how to edit this document button on a learn.microsoft.com article.](media/quick-update-edit-button-on-learn-page.png)
+
+4. The corresponding article file opens on GitHub. Select ![Fork this repository and edit this file icon.](media/quick-update-github-edit-icon.png) **Fork this repository and edit this file**.
+
+   ![Screenshot of how to edit this document button on a GitHub article file.](media/quick-update-edit-button-on-github-page.png)
+
+5. On the next page that opens, select **Fork this repository**.
+
+   ![Screenshot of the You need to fork this repository to propose changes page.](media/quick-update-fork-this-repository-page.png)
+
+6. The article file opens in a line-numbered editor page where you can make updates.
+
+   Articles on learn.microsoft.com are formatted using the Markdown language. For help on using Markdown, see [Mastering Markdown.](https://guides.github.com/features/mastering-markdown/).
+
+   Select **Preview** to view your changes as you go. Select **Edit** to go back to making updates.
+
+   When you're finished making changes, select the green **Commit changes** button.
+
+   ![Screenshot of how to select the green Commit changes button on the article editor page.](media/quick-update-editor-page.png)
+
+7. In the **Propose changes** dialog that opens, review and/or enter the following values:
+   - **Commit message**: This value is required. You can accept the default value ("Update \<filename\>") or you can change it.
+   - **Extended description**: This value is optional. For example:
+     - An explanation of the changes.
+     - @ include the GitHub alias of someone to review and merge your changes.
+
+   When you're finished on the **Propose changes** dialog, select the green **Propose changes** button.
+
+   ![Screenshot of how to select the green Propose changes button in the Propose changes dialog.](media/quick-update-propose-changes-dialog.png)
+
+8. On the **Comparing changes** page that opens, select the green **Create pull request** button.
+
+   ![Screenshot of how to select the green Create pull request button on the Comparing changes page.](media/quick-update-comparing-changes-page.png)
+
+9. On the **Open a pull request** page that opens, review the title and comments, and then select the green **Create pull request** button.
+
+   ![Screenshot of how to select the green Create pull request button on the Open a pull request page.](media/quick-update-open-a-pull-request-page.png)
+
+10. That's it. There's nothing more for you to do.
+
+   The article owner (identified in metadata) is notified about the changes to the article. Eventually, the article owner or another party will review, possibly edit, and approve your changes. After your pull request is merged, the article is updated on learn.microsoft.com.
+
 ## Microsoft Open Source Code of Conduct
+
 This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
-For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [[email protected]](mailto:[email protected]) with any additional questions or comments.
+
+For more information, see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [[email protected]](mailto:[email protected]) with any questions or comments.
+
+### Contributing
+
+This project welcomes contributions and suggestions.  Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit <https://cla.microsoft.com>.
+
+When you submit a pull request, a CLA-bot automatically determines whether you need to provide a CLA and decorate the PR appropriately (for example, label, comment). Follow the instructions provided by the bot. You only need to do this step once across all repos using our CLA.
+
+### Legal Notices
+
+Microsoft and any contributors grant you a license to the Microsoft documentation and other content in this repository under the [Creative Commons Attribution 4.0 International Public License](https://creativecommons.org/licenses/by/4.0/legalcode), see the [LICENSE](LICENSE) file, and grant you a license to any code in the repository under the [MIT License](https://opensource.org/licenses/MIT), see the [LICENSE-CODE](LICENSE-CODE) file.
+
+Microsoft, Windows, Microsoft Azure and/or other Microsoft products and services referenced in the documentation may be either trademarks or registered trademarks of Microsoft in the United States and/or other countries/regions.
+
+The licenses for this project don't grant you rights to use any Microsoft names, logos, or trademarks. Microsoft's general trademark guidelines can be found at <https://go.microsoft.com/fwlink/?LinkID=254653>.
+
+Privacy information can be found at <https://privacy.microsoft.com/>
+
+Microsoft and any contributors reserve all others rights, whether under their respective copyrights, patents, or trademarks, whether by implication, estoppel or otherwise.
@@ -87,7 +87,7 @@ Microsoft 365 Business Premium includes Defender for Business, Microsoft Defende
 
 Microsoft has a list of solution providers who are authorized to sell offerings, including Microsoft 365 Business Premium and Microsoft Defender for Business. If you'd prefer to work with a Microsoft partner, you can follow these steps to find a solution provider in your area:
 
-1. Go to the [Browse Partners](https://appsource.microsoft.com/marketplace/partner-dir).
+1. Go to the [Browse Partners](https://appsource.microsoft.com/en-us/marketplace/partner-dir).
 
 2. In the **Filters** pane, specify search criteria, such as:
 
 
@@ -62,7 +62,7 @@ If you're using Intune, and you attempt to view or edit security policies in the
 
 :::image type="content" source="media/mdb-usingintune-switchquestion.png" alt-text="Screenshot showing a screen that prompts the user to keep using Intune or switch to the Microsoft Defender portal.":::
 
-In the preceding image, **Use Defender for Business configuration instead** refers to using the Microsoft Defender portal, which provides a simplified configuration experience designed for small and medium-sized businesses. If you opt to use the Microsoft Defender portal, you must delete any existing security policies in Intune to avoid policy conflicts. For more details, see [I need to resolve a policy conflict](/defender-business/mdb-troubleshooting#i-need-to-resolve-a-policy-conflict).
+In the preceding image, **Use Defender for Business configuration instead** refers to using the Microsoft Defender portal, which provides a simplified configuration experience designed for small and medium-sized businesses. If you opt to use the Microsoft Defender portal, you must delete any existing security policies in Intune to avoid policy conflicts. For more details, see [I need to resolve a policy conflict](mdb-troubleshooting.yml#i-need-to-resolve-a-policy-conflict).
 
 > [!NOTE]
 > If you're managing your security policies in the Microsoft Defender portal, you can view those policies in the Intune admin center, where they're listed as **Antivirus** or **Firewall** policies. When you view your firewall policies in the Intune admin center, you'll see two policies listed: one policy for firewall protection and another for custom rules.
@@ -77,4 +77,3 @@ In the preceding image, **Use Defender for Business configuration instead** refe
 4. [Set up your controlled folder access policy](mdb-controlled-folder-access.md) for ransomware protection.
 5. [Enable your attack surface reduction rules](mdb-asr.md).
 6. [Review settings for advanced features and the Microsoft Defender portal](mdb-portal-advanced-feature-settings.md).
-
@@ -129,15 +129,15 @@ sections:
 
       - question: What are the differences between Defender for Business and Defender for Endpoint Plans 1 and 2?
         answer: |
-          Both [Defender for Business](/defender-business/mdb-overview) and [Defender for Endpoint](/defender-endpoint/microsoft-defender-endpoint) provide strong threat protection capabilities for your company's devices (computers, phones, and tablets, which are also referred to as endpoints). Defender for Business was designed for small and medium-sized businesses (up to 300 employees). With a [simplified configuration process](mdb-setup-configuration.md) and [device onboarding options](mdb-onboard-devices.md), Defender for Business enables customers who don't necessarily have a security background to set up, configure, and use Defender for Business to protect company devices.  
+          Both [Defender for Business](mdb-overview.md) and [Defender for Endpoint](/defender-endpoint/microsoft-defender-endpoint) provide strong threat protection capabilities for your company's devices (computers, phones, and tablets, which are also referred to as endpoints). Defender for Business was designed for small and medium-sized businesses (up to 300 employees). With a [simplified configuration process](mdb-setup-configuration.md) and [device onboarding options](mdb-onboard-devices.md), Defender for Business enables customers who don't necessarily have a security background to set up, configure, and use Defender for Business to protect company devices.  
 
           Defender for Endpoint is an enterprise endpoint security platform designed to help organizations like yours to prevent, detect, investigate, and respond to advanced threats. To learn more, see [Microsoft Defender for Endpoint](/defender-endpoint/microsoft-defender-endpoint).
 
       - question: What happens if I have a mix of Microsoft endpoint security subscriptions? 
         answer: |
           *Suppose you have assigned 10 users a Defender for Business license, 10 other users a Defender for Endpoint Plan 1 license, and 5 other users a Defender for Endpoint Plan 2 license. What happens if you have a mix of subscriptions like this example in your tenant?*
 
-          Depending on your subscription settings, your tenant can retain the Defender for Business experience, which includes a [simplified configuration process](mdb-setup-configuration.md). However, if you change your subscription settings to apply Microsoft Defender for Endpoint Plan 2 features and capabilities across devices, you're no longer using your Defender for Business licenses. In addition, the simplified configuration experience in Defender for Business changes to advanced settings in Defender for Endpoint. For more information, see [Manage your subscription settings](/defender-business/mdb-manage-subscription).
+          Depending on your subscription settings, your tenant can retain the Defender for Business experience, which includes a [simplified configuration process](mdb-setup-configuration.md). However, if you change your subscription settings to apply Microsoft Defender for Endpoint Plan 2 features and capabilities across devices, you're no longer using your Defender for Business licenses. In addition, the simplified configuration experience in Defender for Business changes to advanced settings in Defender for Endpoint. For more information, see [Manage your subscription settings](mdb-manage-subscription.md).
           
           For more information about licenses and product terms, see [Licensing and product terms for Microsoft 365 subscriptions](https://www.microsoft.com/licensing/terms/productoffering/Microsoft365/MCA).
 
 
@@ -79,6 +79,6 @@ To reduce management overhead, there's no requirement for device-to-user mapping
 
 - [Licensing and product terms for Microsoft 365 subscriptions](https://www.microsoft.com/licensing/terms/productoffering/Microsoft365/MCA).
 - [Microsoft Defender for Endpoint](/defender-endpoint/microsoft-defender-endpoint)
-- [Microsoft Defender for Business](/defender-business/mdb-overview) (endpoint protection for small and medium-sized businesses)
+- [Microsoft Defender for Business](mdb-overview.md) (endpoint protection for small and medium-sized businesses)
 
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
@@ -35,7 +35,7 @@ sections:
 
           If devices are running a non-Microsoft antivirus/antimalware solution, real-time protection might be turned off when those devices are onboarded to Defender for Business. Real-time protection is turned on by default in Defender for Business, but a non-Microsoft antivirus/antimalware solution might affect your settings. When real-time protection is turned off, you'll see notifications in the Microsoft Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) that some devices aren't protected. In these cases, make sure real-time protection is turned on.
 
-          To confirm that real-time protection is turned on, you can view, and if necessary, edit your next-generation protection policies. See [View or edit your next-generation protection policies](/defender-business/mdb-configure-security-settings?view=o365-worldwide#view-or-edit-your-next-generation-protection-policies).
+          To confirm that real-time protection is turned on, you can view, and if necessary, edit your next-generation protection policies. See [View or edit your security policies and settings](mdb-configure-security-settings.md).
           
           We recommend using Microsoft Defender Antivirus together with Defender for Business to get better protection that's coordinated across products and services. To learn more, see [Better together - Microsoft Defender Antivirus and Microsoft Defender for Endpoint](/defender-endpoint/why-use-microsoft-defender-antivirus). 
 
 
@@ -65,8 +65,10 @@
       items:
       - name: Overview
         href: evaluate-microsoft-defender-antivirus.md
-      - name: Evaluate Microsoft Defender Antivirus using Powershell
+      - name: Evaluate Microsoft Defender Antivirus using PowerShell
         href: microsoft-defender-antivirus-using-powershell.md
+      - name: Evaluate Microsoft Defender Antivirus using Group Policy 
+        href: evaluate-mdav-using-gp.md  
       - name: Microsoft Defender for Endpoint demonstration scenarios
         href: defender-endpoint-demonstrations.md
       - name: App reputation demonstration
@@ -184,8 +186,8 @@
             href: mac-jamfpro-policies.md
           - name: Enroll devices
             href: mac-jamfpro-enroll-devices.md        
-          - name: Deployment with Mobile Device Management (MDM) systems
-            href: mac-install-with-other-mdm.md
+        - name: Deployment with other Mobile Device Management (MDM) systems
+          href: mac-install-with-other-mdm.md
         - name: Manual deployment
           href: mac-install-manually.md
       - name: Configure Defender for Endpoint on macOS
@@ -363,7 +365,7 @@
     - name: General
       items:
       - name: Configure alert notifications
-        href: /defender/configure-email-notifications
+        href: /defender-xdr/configure-email-notifications
       - name: Configure vulnerability email notifications
         href: configure-vulnerability-email-notifications.md
       - name: Configure advanced features
@@ -454,6 +456,8 @@
         href: machines-view-overview.md
       - name: Exclude devices
         href: exclude-devices.md
+      - name: Identifying transient devices
+        href: transient-device-tagging.md
       - name: Internet facing devices
         href: internet-facing-devices.md
       - name: Device timeline
 
@@ -2,12 +2,12 @@
 title: Submit files in Microsoft Defender for Endpoint
 description: Learn how to use the unified submissions feature in Microsoft Defender XDR to submit suspicious emails, URLs, email attachments, and files to Microsoft for scanning.
 search.appverid: met150
-ms.date: 02/15/2024
+ms.date: 05/06/2024
 ms.service: defender-endpoint
 ms.author: siosulli
 author: siosulli
 manager: deniseb
-localization_priority: Normal
+ms.localizationpriority: medium
 audience: ITPro
 ms.topic: how-to
 ms.collection:
Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,11 @@`
`4`	`4`	`"source_path": "defender/advanced-hunting-overview.md",`
`5`	`5`	`"redirect_url": "/defender-xdr/advanced-hunting-overview",`
`6`	`6`	`"redirect_document_id": false`
	`7`	`+ },`
	`8`	`+ {`
	`9`	`+ "source_path": "defender-endpoint/microsoft-defender-antivirus-using-mde-security-set-mngmnt.md",`
	`10`	`+ "redirect_url": "/defender-endpoint/evaluate-mdav-using-gp",`
	`11`	`+ "redirect_document_id": true`
`7`	`12`	`}`
`8`	`13`	`]`
`9`	`14`	`}`