Merge pull request #3568 from MicrosoftDocs/main

[AutoPublish] main to live - 04/24 04:29 PDT | 04/24 16:59 IST

Author: padmagit77

defender-endpoint/linux-install-with-ansible.md

@@ -115,7 +115,7 @@ Pull the [installer bash script](https://github.com/microsoft/mdatp-xplat/tree/m
 
 ### Create Ansible YAML files
 
-Create installation YAML file. You can also download the file directly from [GitHub](/defender-endpoint/linux-support-events)
+Create installation YAML file. You can also download the file directly from [GitHub](https://github.com/microsoft/mdatp-xplat/blob/master/linux/installation/third_party_installation_playbooks/ansible.install_mdatp_simplified.yaml).
 
 ```bash
 - name: Install and Onboard MDE

defender-xdr/before-you-begin-defender-experts.md

@@ -1,7 +1,7 @@
 ---
-title: Key infrastructure requirements before enrolling in the Microsoft Defender Experts for Hunting service
+title: Before you begin using the Microsoft Defender Experts for Hunting service
 ms.reviewer:
-description: This section outlines the key infrastructure requirements you must meet and important information on data access and compliance.
+description: To enable us to get started with the defender experts managed service, we require the following prerequisites
 ms.service: defender-experts-for-hunting
 ms.author: vpattnaik
 author: vpattnai
@@ -18,7 +18,7 @@ ms.custom:
 - cx-ti
 - cx-ean
 search.appverid: met150
-ms.date: 04/07/2025
+ms.date: 04/24/2025
 ---
 
 # Before you begin using Defender Experts for Hunting
@@ -75,21 +75,21 @@ Any detection that's not from Microsoft Defender products (for example, detectio
 
 [Ask Defender Experts](experts-on-demand.md) is intended to provide a better understanding of complex threats affecting your organization. It focuses on products included in Microsoft Defender XDR (Defender for Endpoint, Defender for Office 365, Defender for Cloud Apps, and Defender for Identity). [See sample questions you can ask Defender Experts](experts-on-demand.md#sample-questions-you-can-ask-from-defender-experts).
 
-Defender Experts for Hunting customers are assigned 10 Ask Defender Experts credits, which you can use to submit questions, at the start of each calendar quarter. Unused credits from the current quarter roll up to the next one. You can use up to 20 credits only per quarter. All unused credits expire by the end of the calendar year or at the end of your subscription term, whichever comes first. 
+Defender Experts for Hunting customers are assigned 10 Ask Defender Experts credits, which you can use to submit questions, at the start of each calendar quarter. Unused credits from the current quarter roll up to the next one. You can use up to 20 credits only per quarter. All unused credits expire by the end of the calendar year or at the end of your subscription term, whichever comes first.
 
 [Learn more about Microsoft's commercial licensing terms](https://www.microsoft.com/licensing/terms/productoffering/Microsoft365/MCA)
 
 ## Access requirements
 
-Anyone from your organization can [apply for the Defender Experts for Hunting service](#apply-for-microsoft-defender-experts-for-hunting-service). However, you need to work with your Commercial Executive to transact the SKU. 
+Anyone from your organization can [apply for the Defender Experts for Hunting service](#apply-for-microsoft-defender-experts-for-hunting-service). However, you need to work with your Commercial Executive to transact the SKU.
 
 You might need certain roles and permissions to fully access the service capabilities. Refer to [Custom roles in role-based access control for Microsoft Defender XDR](custom-roles.md) for details.
 
 ## Service availability and data protection
 
 Defender Experts for Hunting is a managed threat hunting service that proactively hunts for threats across endpoints, email, identity, and cloud apps. To carry out hunting on your behalf, Microsoft experts need access to your Microsoft Defender XDR advanced hunting data. Enrolling in this service means you're granting permission to Microsoft experts to access the said data.
 
-The following sections enumerate additional information about the service's data usage, compliance, and availability. For more information about Microsoft's commitment in valuing and protecting your data, visit the [Trust Center](https://www.microsoft.com/trust-center/product-overview) then scroll down to **Additional products and services** > **Managed Security Services** > [**Microsoft Defender Experts**](https://aka.ms/trustcenter-defenderexperts).
+The following sections enumerate additional information about the service's data usage, compliance, and availability. For more information about Microsoft's commitment in valuing and protecting your data, visit the [Trust Center](https://www.microsoft.com/trust-center/product-overview) then scroll down to **Additional products and services** > **Managed Security Services** > **Microsoft Defender Experts**.
 
 ### Data collection, usage, and retention
 

defender-xdr/before-you-begin-xdr.md

@@ -1,7 +1,7 @@
 ---
-title: Before you begin using Defender Experts for XDR
+title: Before you begin using the Microsoft Defender Experts for XDR service
 ms.reviewer:
-description: To enable us to get started with this managed service, we require the following licensing prerequisites
+description: To enable us to get started with the defender experts managed service, we require the following licensing prerequisites
 ms.service: defender-experts-for-xdr
 ms.author: vpattnaik
 author: vpattnai
@@ -17,10 +17,10 @@ ms.custom:
 - cx-ti
 - cx-dex
 search.appverid: met150
-ms.date: 04/08/2025
+ms.date: 04/24/2025
 ---
 
-# Before you begin
+# Before you begin using Defender Experts for XDR
 
 **Applies to:**
 
@@ -71,7 +71,7 @@ Defender Experts for XDR requests for certain roles and permissions for you to f
 
 Defender Experts for XDR is a managed extended detection and response service that proactively hunts for threats across endpoints, email, identity, and cloud apps. To carry out hunting on your behalf, Microsoft experts need access to your Microsoft Defender XDR advanced hunting data. Purchasing this service means you're granting permission to Microsoft experts to access the said data.
 
-The following sections enumerate additional information about the service's data usage, compliance, and availability. For more information about Microsoft's commitment in valuing and protecting your data, visit the [Trust Center](https://www.microsoft.com/en-us/trust-center/product-overview) then scroll down to **Additional products and services** > **Managed Security Services** > **[Microsoft Defender Experts](https://aka.ms/trustcenter-defenderexperts)**.
+The following sections enumerate additional information about the service's data usage, compliance, and availability. For more information about Microsoft's commitment in valuing and protecting your data, visit the [Trust Center](https://www.microsoft.com/en-us/trust-center/product-overview) then scroll down to **Additional products and services** > **Managed Security Services** > **Microsoft Defender Experts**.
 
 ### Data collection, usage, and retention
 

unified-secops-platform/microsoft-sentinel-onboard.md

@@ -29,14 +29,12 @@ ms.date: 03/17/2025
 
 # Connect Microsoft Sentinel to the Microsoft Defender portal
 
-Microsoft Sentinel is generally available within Microsoft's unified security operations (SecOps) platform in the Microsoft Defender portal. When you onboard Microsoft Sentinel to the Defender portal with Microsoft Defender XDR, you unify capabilities like incident management and advanced hunting. Reduce tool switching and build a more context-focused investigation that expedites incident response and stops breaches faster. For more information, see:
+Microsoft Sentinel is generally available within Microsoft's unified security operations (SecOps) platform in the Microsoft Defender portal, with or without Microsoft Defender XDR or an E5 license. When you onboard Microsoft Sentinel to the Defender portal together Microsoft Defender XDR, you unify capabilities like incident management and advanced hunting. Reduce tool switching and build a more context-focused investigation that expedites incident response and stops breaches faster. For more information, see:
 
 - [What is Microsoft's unified security operations platform?](overview-unified-security.md)
 - [Microsoft Sentinel in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2263690)
 - [Microsoft Defender XDR integration with Microsoft Sentinel](/azure/sentinel/microsoft-365-defender-sentinel-integration)
 
-For preview, Microsoft Sentinel is available in the Defender portal without Microsoft Defender XDR or an E5 license.
-
 ## Prerequisites
 
 Before you begin, review the feature documentation to understand the product changes and limitations.
@@ -110,7 +108,7 @@ After your workspace is connected, the banner on the **Overview** page shows tha
 
 ## Explore Microsoft Sentinel features in the Defender portal
 
-After you connect your workspace to the Defender portal, **Microsoft Sentinel** is on the left-hand side navigation pane. If you have Defender XDR enabled, pages like  **Overview**, **Incidents**, and **Advanced Hunting** have unified data from the primary workspace for Microsoft Sentinel and Defender XDR. If you don't have Defender XDR enabled, these pages just include data from Microsoft Sentinel (preview). For more information about the unified capabilities and differences between portals, see  [Microsoft Sentinel in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2263690).
+After you connect your workspace to the Defender portal, **Microsoft Sentinel** is on the left-hand side navigation pane. If you have Defender XDR enabled, pages like  **Overview**, **Incidents**, and **Advanced Hunting** have unified data from the primary workspace for Microsoft Sentinel and Defender XDR. If you don't have Defender XDR enabled, these pages just include data from Microsoft Sentinel. For more information about the unified capabilities and differences between portals, see  [Microsoft Sentinel in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2263690).
 
 Many of the existing Microsoft Sentinel features are integrated into the Defender portal. For these features, notice that the experience between Microsoft Sentinel in the Azure portal and Defender portal are similar. Use the following articles to help you start working with Microsoft Sentinel in the Defender portal. When using these articles, keep in mind that your starting point in this context is the [Defender portal](https://security.microsoft.com/) instead of the Azure portal.