Merge pull request #1938 from MicrosoftDocs/branding

Branding

Author: mjcaparas

defender-xdr/advanced-hunting-security-copilot.md

@@ -1,6 +1,6 @@
 ---
-title: Microsoft Copilot for Security in advanced hunting
-description: Learn how Microsoft Copilot for Security advanced hunting (NL2KQL) plugin can generate a KQL query for you.
+title: Microsoft Security Copilot in advanced hunting
+description: Learn how Microsoft Security Copilot advanced hunting (NL2KQL) plugin can generate a KQL query for you.
 search.appverid: met150
 ms.service: defender-xdr
 ms.subservice: adv-hunting
@@ -27,22 +27,30 @@ appliesto:
 - Microsoft Sentinel in the Microsoft Defender portal
 ---
 
-# Microsoft Copilot for Security in advanced hunting
+# Microsoft Security Copilot in advanced hunting
 
-[Microsoft Copilot for Security in Microsoft Defender](security-copilot-in-microsoft-365-defender.md) comes with a query assistant capability in advanced hunting.
 
-Threat hunters or security analysts who aren't yet familiar with or have yet to learn KQL can make a request or ask a question in natural language (for instance, *Get all alerts involving user admin123*). Copilot for Security then generates a KQL query that corresponds to the request using the advanced hunting data schema.
+**Applies to:**
+
+- Microsoft Defender
+- Microsoft Defender XDR
+
+## Security Copilot in advanced hunting
+
+[Microsoft Security Copilot in Microsoft Defender](security-copilot-in-microsoft-365-defender.md) comes with a query assistant capability in advanced hunting.
+
+Threat hunters or security analysts who aren't yet familiar with or have yet to learn KQL can make a request or ask a question in natural language (for instance, *Get all alerts involving user admin123*). Security Copilot then generates a KQL query that corresponds to the request using the advanced hunting data schema.
 
 This feature reduces the time  it takes to write a hunting query from scratch so that threat hunters and security analysts can focus on hunting and investigating threats.
 
-Users with access to Copilot for Security have access to this capability in advanced hunting.
+Users with access to Security Copilot have access to this capability in advanced hunting.
 
 > [!NOTE]
-> The advanced hunting capability is also available in the Copilot for Security standalone experience through the Microsoft Defender XDR plugin. Know more about [preinstalled plugins in Copilot for Security](/security-copilot/manage-plugins#preinstalled-plugins).
+> The advanced hunting capability is also available in the Security Copilot standalone experience through the Microsoft Defender XDR plugin. Know more about [preinstalled plugins in Security Copilot](/security-copilot/manage-plugins#preinstalled-plugins).
 
 ## Try your first request
 
-1. Open the **advanced hunting** page from the navigation bar in the Microsoft Defender portal. The Copilot for Security side pane for advanced hunting appears at the right hand side.
+1. Open the **advanced hunting** page from the navigation bar in Microsoft Defender XDR. The Security Copilot side pane for advanced hunting appears at the right hand side.
 
     :::image type="content" source="/defender/media/advanced-hunting-security-copilot-pane.png" alt-text="Screenshot of the Copilot pane in advanced hunting." lightbox="/defender/media/advanced-hunting-security-copilot-pane-big.png":::
 
@@ -51,11 +59,11 @@ Users with access to Copilot for Security have access to this capability in adva
 
 
 
-    :::image type="content" source="/defender/media/advanced-hunting-security-copilot-query.png" alt-text="Screenshot that shows prompt bar in the Copilot for Security for advanced hunting." lightbox="/defender/media/advanced-hunting-security-copilot-query-big.png":::
+    :::image type="content" source="/defender/media/advanced-hunting-security-copilot-query.png" alt-text="Screenshot that shows prompt bar in the Security Copilot for advanced hunting." lightbox="/defender/media/advanced-hunting-security-copilot-query-big.png":::
 
 1. Copilot generates a KQL query from your text instruction or question. While Copilot is generating, you can cancel the query generation by selecting **Stop generating**.
 
-    ![Screenshot of Copilot for Security in advanced hunting generating a response.](/defender/media/advanced-hunting-security-copilot-generate.png)
+    ![Screenshot of Security Copilot in advanced hunting generating a response.](/defender/media/advanced-hunting-security-copilot-generate.png)
 
 
 1. Review the generated query. You can then choose to run the query by selecting **Add and run**.
@@ -66,7 +74,7 @@ Users with access to Copilot for Security have access to this capability in adva
 
     If you need to make further tweaks, select **Add to editor**.
 
-   ![Screenshot of Copilot for Security in advanced hunting showing the Add to editor option.](/defender/media/advanced-hunting-security-copilot-add-editor.png)
+   ![Screenshot of Security Copilot in advanced hunting showing the Add to editor option.](/defender/media/advanced-hunting-security-copilot-add-editor.png)
 
     The generated query appears in the query editor as the last query, where you can edit it before running using the regular **Run query** above the query editor.
 
@@ -75,23 +83,24 @@ Users with access to Copilot for Security have access to this capability in adva
 
 
 > [!TIP]
-> Providing feedback is an important way to let the Copilot for Security team know how well the query assistant was able to help in generating a useful KQL query. Feel free to articulate what could have made the query better, what adjustments you had to make before running the generated KQL query, or share the KQL query that you eventually used.
+> Providing feedback is an important way to let the Security Copilot team know how well the query assistant was able to help in generating a useful KQL query. Feel free to articulate what could have made the query better, what adjustments you had to make before running the generated KQL query, or share the KQL query that you eventually used.
 
 
-In the [Microsoft Defender portal](advanced-hunting-microsoft-defender.md), you can prompt Copilot for Security to generate advanced hunting queries for both Defender XDR and Microsoft Sentinel tables. Not all Microsoft Sentinel tables are currently supported, but support for these tables can be expected in the future.
+> [!NOTE]
+> In the [unified Microsoft Defender portal](advanced-hunting-microsoft-defender.md), you can prompt Security Copilot to generate advanced hunting queries for both Defender XDR and Microsoft Sentinel tables. Not all Microsoft Sentinel tables are currently supported, but support for these tables can be expected in the future.
 
 ## Query sessions
 
 You can start your first session anytime by asking a question in the Copilot side pane in advanced hunting. Your session contains the requests you made using your user account. Closing the side pane or refreshing the advanced hunting page doesn't discard the session. You can still access the generated queries should you need them.
 
 Select the chat bubble icon (**New chat**) to discard the current session.
 
-   ![Screenshot of Copilot for Security in advanced hunting showing the new chat icon.](/defender/media/advanced-hunting-security-copilot-clear-session.png)
+   ![Screenshot of Security Copilot in advanced hunting showing the new chat icon.](/defender/media/advanced-hunting-security-copilot-clear-session.png)
 
 ## Modify settings
 
 Select the ellipses in the Copilot side pane to choose whether or not to automatically add and run the generated query in advanced hunting.
 
-   ![Screenshot of Copilot for Security in advanced hunting showing the settings ellipses icon.](/defender/media/advanced-hunting-security-copilot-settings.png)
+   ![Screenshot of Security Copilot in advanced hunting showing the settings ellipses icon.](/defender/media/advanced-hunting-security-copilot-settings.png)
 
 Deselecting the **Run generated query automatically** setting gives you the option of running the generated query automatically (**Add and run**) or adding the generated query to the query editor for further modification (**Add to editor**).

defender-xdr/copilot-in-defender-device-summary.md

@@ -28,27 +28,27 @@ appliesto:
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
-[Microsoft Copilot for Security](/security-copilot/microsoft-security-copilot) in the Microsoft Defender portal helps security teams in speeding up device inspection through AI-powered investigation capabilities.
+[Microsoft Security Copilot](/security-copilot/microsoft-security-copilot) in the Microsoft Defender portal helps security teams in speeding up device inspection through AI-powered investigation capabilities.
 
 ## Know before you begin
 
-If you're new to Copilot for Security, you should familiarize yourself with it by reading the following articles:
+If you're new to Security Copilot, you should familiarize yourself with it by reading the following articles:
 
-- [What is Copilot for Security?](/security-copilot/microsoft-security-copilot)
-- [Copilot for Security experiences](/security-copilot/experiences-security-copilot)
-- [Get started with Copilot for Security](/security-copilot/get-started-security-copilot)
-- [Understand authentication in Copilot for Security](/security-copilot/authentication)
-- [Prompting in Copilot for Security](/security-copilot/prompting-security-copilot)
+- [What is Security Copilot?](/security-copilot/microsoft-security-copilot)
+- [Security Copilot experiences](/security-copilot/experiences-security-copilot)
+- [Get started with Security Copilot](/security-copilot/get-started-security-copilot)
+- [Understand authentication in Security Copilot](/security-copilot/authentication)
+- [Prompting in Security Copilot](/security-copilot/prompting-security-copilot)
 
 Security operations teams are tasked to sift through device data to find suspicious activities or entities to prevent malicious attacks. These teams need to summarize large amounts of data and simplify complex information to quickly assess, triage, and connect a device's status and activities to potentially malicious attacks.
 
 The device summary capability of Copilot in Defender enables security teams to get a device's security posture, vulnerable software information, and any unusual behaviors. Security analysts can use a device's summary to speed up their investigation of incidents and alerts.
 
-## Copilot for Security integration in Microsoft Defender
+## Security Copilot integration in Microsoft Defender
 
-The device summary capability is available in the Microsoft Defender portal for customers who have provisioned access to Copilot for Security. 
+The device summary capability is available in the Microsoft Defender portal for customers who have provisioned access to Security Copilot. 
 
-This capability is also available in the Copilot for Security standalone portal through the Microsoft Defender XDR plugin. Know more about [preinstalled plugins in Copilot for Security](/security-copilot/manage-plugins#preinstalled-plugins).
+This capability is also available in the Security Copilot standalone portal through the Microsoft Defender XDR plugin. Know more about [preinstalled plugins in Security Copilot](/security-copilot/manage-plugins#preinstalled-plugins).
 
 ## Key features
 
@@ -75,24 +75,24 @@ You can access the device summary capability through the following ways:
 
    :::image type="content" source="/defender/media/copilot-in-defender/device-summary/copilot-defender-device-summary-assets-small.png" alt-text="Screenshot highlighting the device summary option in the assets tab of an incident page in Copilot in Defender." lightbox="/defender/media/copilot-in-defender/device-summary/copilot-defender-device-summary-assets.png":::
 
-Review the results of the device summary. You can copy the results to clipboard, regenerate the results, or open the Copilot for Security portal by selecting the More actions ellipsis (...) on top of the device summary card.
+Review the results of the device summary. You can copy the results to clipboard, regenerate the results, or open the Security Copilot portal by selecting the More actions ellipsis (...) on top of the device summary card.
 
 ## Sample device summary prompt
 
-In the Copilot for Security standalone portal, you can use the following prompt to generate a device summary:
+In the Security Copilot standalone portal, you can use the following prompt to generate a device summary:
 
 - *Summarize device information in Defender incident {incident number.*
 
 > [!TIP]
-> When investigating devices in the Copilot for Security portal, Microsoft recommends including the word ***Defender*** in your prompts to ensure that the device summary capability delivers the results.
+> When investigating devices in the Security Copilot portal, Microsoft recommends including the word ***Defender*** in your prompts to ensure that the device summary capability delivers the results.
 
 ## Provide feedback
 
 Your feedback helps improve the quality of the results generated by Copilot. You can provide feedback about the results by navigating to the bottom of the Copilot pane and selecting the feedback icon ![Screenshot of the feedback icon for Copilot in Defender cards](/defender/media/copilot-in-defender/copilot-defender-feedback.png).
 
 ## See also
 
-- [Learn about other Copilot for Security embedded experiences](/security-copilot/experiences-security-copilot)
-- [Privacy and data security in Copilot for Security](/copilot/security/privacy-data-security)
+- [Learn about other Security Copilot embedded experiences](/security-copilot/experiences-security-copilot)
+- [Privacy and data security in Security Copilot](/copilot/security/privacy-data-security)
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/defender-m3d-techcommunity.md)]

defender-xdr/copilot-in-defender-file-analysis.md

@@ -28,27 +28,27 @@ appliesto:
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
-[Microsoft Copilot for Security](/security-copilot/microsoft-security-copilot) in the Microsoft Defender portal enables security teams to quickly identify malicious and suspicious files through AI-powered file analysis capabilities.
+[Microsoft Security Copilot](/security-copilot/microsoft-security-copilot) in the Microsoft Defender portal enables security teams to quickly identify malicious and suspicious files through AI-powered file analysis capabilities.
 
 ## Know before you begin
 
-If you're new to Copilot for Security, you should familiarize yourself with it by reading the following articles:
+If you're new to Security Copilot, you should familiarize yourself with it by reading the following articles:
 
-- [What is Copilot for Security?](/security-copilot/microsoft-security-copilot)
-- [Copilot for Security experiences](/security-copilot/experiences-security-copilot)
-- [Get started with Copilot for Security](/security-copilot/get-started-security-copilot)
-- [Understand authentication in Copilot for Security](/security-copilot/authentication)
-- [Prompting in Copilot for Security](/security-copilot/prompting-security-copilot)
+- [What is Security Copilot?](/security-copilot/microsoft-security-copilot)
+- [Security Copilot experiences](/security-copilot/experiences-security-copilot)
+- [Get started with Security Copilot](/security-copilot/get-started-security-copilot)
+- [Understand authentication in Security Copilot](/security-copilot/authentication)
+- [Prompting in Security Copilot](/security-copilot/prompting-security-copilot)
 
 Security operations teams tracking and resolving attacks need tools and techniques to quickly analyze potentially malicious files. Sophisticated attacks often use files that mimic legitimate or system files to avoid detection. In addition, new-to-the-field security analysts might require time and gain significant experience to use available analysis tools and techniques.
 
 The file analysis capability of Copilot in Defender reduces the barrier to learning file analysis by immediately delivering reliable and complete file investigation results. This capability empowers security analysts from all levels to complete their investigation with a shorter turnaround time. The report includes an overview of the file, details of the file's contents, and a summary of the file's assessment.
 
-## Copilot for Security integration in Microsoft Defender
+## Security Copilot integration in Microsoft Defender
 
-The file analysis capability is available in Microsoft Defender for customers who have provisioned access to Copilot for Security. 
+The file analysis capability is available in Microsoft Defender for customers who have provisioned access to Security Copilot. 
 
-Copilot for Security standalone portal users also have the file analysis capability and other Defender XDR capabilities through the Microsoft Defender XDR plugin. Know more about [preinstalled plugins in Copilot for Security](/security-copilot/manage-plugins#preinstalled-plugins).
+Security Copilot standalone portal users also have the file analysis capability and other Defender XDR capabilities through the Microsoft Defender XDR plugin. Know more about [preinstalled plugins in Security Copilot](/security-copilot/manage-plugins#preinstalled-plugins).
 
 ## Key features
 
@@ -71,24 +71,24 @@ You can access the file analysis capability through the following ways:
   Select a file to investigate, then select **Analyze** on the side pane to begin analysis. The results are then displayed on the Copilot pane.
   :::image type="content" source="/defender/media/copilot-in-defender/file-analysis/copilot-defender-file-analysis-file-pane-small.png" alt-text="Screenshot of the incident page with the file analysis button highlighted." lightbox="/defender/media/copilot-in-defender/file-analysis/copilot-defender-file-analysis-file-pane.png":::
 
-You can copy the results to clipboard, regenerate the results, or open the Copilot for Security portal by selecting the More actions ellipsis (...) on top of the file analysis card.
+You can copy the results to clipboard, regenerate the results, or open the Security Copilot portal by selecting the More actions ellipsis (...) on top of the file analysis card.
 
 ## Sample file analysis prompt
 
-In the Copilot for Security standalone portal, you can use the following prompt to generate a device summary:
+In the Security Copilot standalone portal, you can use the following prompt to generate a device summary:
 
 - *Tell me about the files in Defender incident {incident number). Which files are malicious?*
 
 > [!TIP]
-> When investigating files in the Copilot for Security portal, Microsoft recommends including the word ***Defender*** in your prompts to ensure that the file analysis capability delivers the results.
+> When investigating files in the Security Copilot portal, Microsoft recommends including the word ***Defender*** in your prompts to ensure that the file analysis capability delivers the results.
 
 ## Provide feedback
 
 Always review the results generated by Copilot in Defender. Your feedback helps improve the quality of the results generated by Copilot. Select the feedback icon ![Screenshot of the feedback icon for Copilot in Defender cards](/defender/media/copilot-in-defender/copilot-defender-feedback.png) at the bottom of the Copilot pane to provide feedback.
 
 ## See also
 
-- [Learn about other Copilot for Security embedded experiences](/security-copilot/experiences-security-copilot)
-- [Privacy and data security in Copilot for Security](/copilot/security/privacy-data-security)
+- [Learn about other Security Copilot embedded experiences](/security-copilot/experiences-security-copilot)
+- [Privacy and data security in Security Copilot](/copilot/security/privacy-data-security)
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/defender-m3d-techcommunity.md)]