MicrosoftDocs
diff --git a/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/2-implement-microsoft-defender-for-cloud.md
Lines changed: 1 addition & 1 deletion b/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/2-implement-microsoft-defender-for-cloud.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/3-secure-score.md
Lines changed: 9 additions & 9 deletions b/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/3-secure-score.md
Lines changed: 9 additions & 9 deletions
diff --git a/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/4-regulatory-compliance-dashboard.md
Lines changed: 4 additions & 4 deletions b/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/4-regulatory-compliance-dashboard.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/5-microsoft-cloud-security-benchmark.md
Lines changed: 1 addition & 1 deletion b/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/5-microsoft-cloud-security-benchmark.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/6-microsoft-defender-for-cloud-secure-score.md
Lines changed: 3 additions & 3 deletions b/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/6-microsoft-defender-for-cloud-secure-score.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/8-microsoft-defender-external-attack-surface-management.md
Lines changed: 4 additions & 4 deletions b/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/includes/8-microsoft-defender-external-attack-surface-management.md
Lines changed: 4 additions & 4 deletions
diff --git a/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/assign-policy-basics-policy-definition-compute-90aece43.png renamed to ‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/assign-policy-basics-policy-definition-compute-90aece43-faccd0c0.png b/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/assign-policy-basics-policy-definition-compute-90aece43.png renamed to ‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/assign-policy-basics-policy-definition-compute-90aece43-faccd0c0.png
diff --git a/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/center-for-internet-security-benchmark-example-cd4ac1a6.png renamed to ‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/center-for-internet-security-benchmark-example-cd4ac1a6-58c5a26e.png b/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/center-for-internet-security-benchmark-example-cd4ac1a6.png renamed to ‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/center-for-internet-security-benchmark-example-cd4ac1a6-58c5a26e.png
diff --git a/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/deny-icon-4444b813.png renamed to ‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/deny-icon-4444b813-bcf93499.png b/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/deny-icon-4444b813.png renamed to ‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/deny-icon-4444b813-bcf93499.png
diff --git a/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/enforce-icon-cd64da95.png renamed to ‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/enforce-icon-cd64da95-b65e146e.png b/‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/enforce-icon-cd64da95.png renamed to ‎learn-pr/wwl-azure/microsoft-defender-cloud-security-posture/media/enforce-icon-cd64da95-b65e146e.png
@@ -2,7 +2,7 @@ Microsoft Defender for Cloud is a cloud-native application protection platform (
 
 For an interactive overview of how to Manage your cloud security posture with Microsoft Defender for Cloud, **click on the image below**.
 
-[:::image type="content" source="../media/manage-cloud-security-posture-microsoft-defender-cloud-landing-page-8605516a.png" alt-text="Screenshot of the interactive guide landing page for Manage your cloud security posture with Microsoft Defender for Cloud.":::
+[:::image type="content" source="../media/manage-cloud-security-posture-microsoft-defender-cloud-landing-page-8605516a-ae32fc61.png" alt-text="Screenshot of the interactive guide landing page for Manage your cloud security posture with Microsoft Defender for Cloud.":::
  ](https://mslearn.cloudguides.com/guides/Manage%20your%20cloud%20security%20posture%20with%20Microsoft%20Defender%20for%20Cloud)
 
 Defender for Cloud combines the capabilities of:
 
@@ -11,26 +11,26 @@ Defender for Cloud continually assesses your cross-cloud resources for security
 
  -  In the Azure portal pages, the secure score is shown as a percentage value, and the underlying values are also clearly presented:
 
-:::image type="content" source="../media/single-secure-score-via-ui-1-fb053ea6.png" alt-text="Screenshot showing security poster page.":::
+:::image type="content" source="../media/single-secure-score-via-ui-1-fb053ea6-c6539f78.png" alt-text="Screenshot showing security poster page.":::
 
 
  -  In the Azure mobile app, the secure score is shown as a percentage value, and you can tap the secure score to see the details that explain the score:
 
-:::image type="content" source="../media/single-secure-score-via-mobile1a-0a8df228.png" alt-text="Screenshot showing secure score results.":::
+:::image type="content" source="../media/single-secure-score-via-mobile1a-0a8df228-4ffb230b.png" alt-text="Screenshot showing secure score results.":::
 
 
 To increase your security, review Defender for Cloud's recommendations page and remediate the recommendation by implementing the remediation instructions for each issue. Recommendations are grouped into security controls. Each control is a logical group of related security recommendations and reflects your vulnerable attack surfaces. Your score only improves when you *remediate all* of the recommendations for a *single resource within a control*. To see how well your organization is securing each individual attack surface, review the scores for each security control.
 
 ## How your secure score is calculated
 
-:::image type="content" source="../media/security-controls-large-2c356a99.png" alt-text="Screenshot showing Microsoft Defender for Cloud recommendations page.":::
+:::image type="content" source="../media/security-controls-large-2c356a99-1403136f.png" alt-text="Screenshot showing Microsoft Defender for Cloud recommendations page.":::
 
 
 To get all the possible points for security control, all of your resources must comply with all of the security recommendations within the security control. For example, Defender for Cloud has multiple recommendations regarding how to secure your management ports. You'll need to remediate them all to make a difference to your secure score.
 
 ## Example scores for a control
 
-:::image type="content" source="../media/remediate-vulnerabilities-control-large-354f7019.png" alt-text="Screenshot showing Microsoft Defender for Cloud example scores for a control.":::
+:::image type="content" source="../media/remediate-vulnerabilities-control-large-354f7019-55f011bd.png" alt-text="Screenshot showing Microsoft Defender for Cloud example scores for a control.":::
 
 
 **In this example**:
@@ -42,19 +42,19 @@ To get all the possible points for security control, all of your resources must
  -  Insights - Gives you extra details for each recommendation, such as:
 
 
-     -  :::image type="content" source="../media/preview-icon-d9b46adc.png" alt-text="Screenshot of the preview recommendation icon that provides extra detail.":::
+     -  :::image type="content" source="../media/preview-icon-d9b46adc-1b64ef91.png" alt-text="Screenshot of the preview recommendation icon that provides extra detail.":::
 
 
         Preview recommendation - This recommendation won't affect your secure score until general availability (GA).
-     -  :::image type="content" source="../media/fix-icon-c7b18e7c.png" alt-text="Screenshot of the fix icon that enables you to resolve issues.":::
+     -  :::image type="content" source="../media/fix-icon-c7b18e7c-8b8c6189.png" alt-text="Screenshot of the fix icon that enables you to resolve issues.":::
 
 
         Fix - From within the recommendation details page, you can use 'Fix' to resolve this issue.
-     -  :::image type="content" source="../media/enforce-icon-cd64da95.png" alt-text="Screenshot of the enforce icon that enables you to automatically deploy a policy to fix an issue.":::
+     -  :::image type="content" source="../media/enforce-icon-cd64da95-b65e146e.png" alt-text="Screenshot of the enforce icon that enables you to automatically deploy a policy to fix an issue.":::
 
 
         Enforce - From within the recommendation details page, you can automatically deploy a policy to fix this issue whenever someone creates a non-compliant resource.
-     -  :::image type="content" source="../media/deny-icon-4444b813.png" alt-text="Screenshot of the deny icon that enables you to prevent new resources from being created with identified issues.":::
+     -  :::image type="content" source="../media/deny-icon-4444b813-bcf93499.png" alt-text="Screenshot of the deny icon that enables you to prevent new resources from being created with identified issues.":::
 
 
         Deny - From within the recommendation details page, you can prevent new resources from being created with this issue.
@@ -65,7 +65,7 @@ To get all the possible points for security control, all of your resources must
  -  Recommendations flagged as Preview aren't included in the calculations of your secure score. They should still be remediated wherever possible so that when the preview period ends, they'll contribute towards your score.
  -  Preview recommendations are marked with:
 
-    :::image type="content" source="../media/preview-icon-d9b46adc.png" alt-text="Screenshot of the preview recommendations icon for secure score options after General Availability.":::
+    :::image type="content" source="../media/preview-icon-d9b46adc-1b64ef91.png" alt-text="Screenshot of the preview recommendations icon for secure score options after General Availability.":::
 
 
 ## Improve your secure score
 
@@ -30,7 +30,7 @@ You can use the information in the regulatory compliance dashboard to investigat
 4.  Select a compliance control to expand it.<br>
 5.  Select **Control details**.<br>
 
-:::image type="content" source="../media/new-control-details-6b59bc2b.png" alt-text="Screenshot showing the Defender for Cloud Regulatory compliance Control details.":::
+:::image type="content" source="../media/new-control-details-6b59bc2b-43f4c38a.png" alt-text="Screenshot showing the Defender for Cloud Regulatory compliance Control details.":::
 
 
  -  Select Overview to see the specific information about the Control you selected.
@@ -39,7 +39,7 @@ You can use the information in the regulatory compliance dashboard to investigat
 
 6.  Under **Your Actions**, you can select a down arrow to view more details and resolve the recommendation for that resource.
 
-:::image type="content" source="../media/new-your-actions-45615309.png" alt-text="Screenshot showing how to to view more details and resolve the recommendation for a resource.":::
+:::image type="content" source="../media/new-your-actions-45615309-1429d34d.png" alt-text="Screenshot showing how to to view more details and resolve the recommendation for a resource.":::
 
 
 > [!NOTE]
@@ -58,12 +58,12 @@ The regulatory compliance has both automated and manual assessments that might n
 5.  Select any of the failing assessments that appear in the dashboard to view the details for that recommendation. Each recommendation includes a set of remediation steps to resolve the issue.<br>
 6.  Select a particular resource to view more details and resolve the recommendation for that resource.<br>
 
-:::image type="content" source="../media/new-sample-recommendation-example-273b7ee0.png" alt-text="Screenshot showing that disk encryption should be applied on virtual machines.":::
+:::image type="content" source="../media/new-sample-recommendation-example-273b7ee0-e45ce999.png" alt-text="Screenshot showing that disk encryption should be applied on virtual machines.":::
 
 
 7.  In this example, when you select **Take action** from the recommendation details page, you arrive in the Azure Virtual Machine pages of the Azure portal, where you can enable encryption from the **Security** tab:
 
-:::image type="content" source="../media/new-encrypting-virtual-machine-disks-4949d026.png" alt-text="Screenshot showing how to enable encryption from the Security tab.":::
+:::image type="content" source="../media/new-encrypting-virtual-machine-disks-4949d026-086e2964.png" alt-text="Screenshot showing how to enable encryption from the Security tab.":::
 
 
 8.  After you take action to resolve recommendations, you'll see the result in the compliance dashboard report because your compliance score improves.
 
@@ -17,7 +17,7 @@ Automated control monitoring for AWS in Microsoft Defender for Cloud: You can us
 
 Example: Microsoft Defender for Cloud - Regulatory compliance dashboard
 
-:::image type="content" source="../media/new-regulatory-dahaboard-network-security-view-722c2d1b.png" alt-text="Screenshot showing how the Microsoft cloud security benchmark provides prescriptive best practices and recommendations.":::
+:::image type="content" source="../media/new-regulatory-dahaboard-network-security-view-722c2d1b-c6bddeae.png" alt-text="Screenshot showing how the Microsoft cloud security benchmark provides prescriptive best practices and recommendations.":::
 
 
 Azure guidance and security principles: Azure security guidance, security principles, features, and capabilities.
 
@@ -20,7 +20,7 @@ Defender for Cloud offers the following options for working with security initia
 
 Example: Builtin security initiative
 
-:::image type="content" source="../media/center-for-internet-security-benchmark-example-cd4ac1a6.png" alt-text="Screenshot showing an example of the CIS Microsoft Azure Foundations Benchmark.":::
+:::image type="content" source="../media/center-for-internet-security-benchmark-example-cd4ac1a6-58c5a26e.png" alt-text="Screenshot showing an example of the CIS Microsoft Azure Foundations Benchmark.":::
 
 
 ## What is a security policy?
@@ -33,7 +33,7 @@ There are different types of policies in Azure Policy. Defender for Cloud mainly
 
 Example: Built-in security policy
 
-:::image type="content" source="../media/assign-policy-basics-policy-definition-compute-90aece43.png" alt-text="Screenshot showing an example of a basic policy definition to audit VMs without managed disks.":::
+:::image type="content" source="../media/assign-policy-basics-policy-definition-compute-90aece43-faccd0c0.png" alt-text="Screenshot showing an example of a basic policy definition to audit VMs without managed disks.":::
 
 
 Defender for Cloud uses Azure role-based access control (Azure RBAC), which provides built-in roles you can assign to Azure users, groups, and services. When users open Defender for Cloud, they see only information related to the resources they can access. Users are assigned the owner, contributor, or reader role to the resource's subscription.
@@ -43,7 +43,7 @@ There are two specific roles for Defender for Cloud:
 1.  Security Administrator: Has the same view rights as security reader. Can also update the security policy and dismiss alerts.
 2.  Security reader: Has rights to view Defender for Cloud items such as recommendations, alerts, policy, and health. Can't make changes.
 
-:::image type="content" source="../media/view-edit-security-policies-17d2ecb9.png" alt-text="Diagram showing which security role can view, update, and dismiss alerts.":::
+:::image type="content" source="../media/view-edit-security-policies-17d2ecb9-762da64b.png" alt-text="Diagram showing which security role can view, update, and dismiss alerts.":::
 
 
 You can edit security policies through the Azure Policy portal via Representational State Transfer Application Programming Interface (REST API) or using Windows PowerShell.
 
@@ -1,6 +1,6 @@
 Microsoft Defender External Attack Surface Management (Defender EASM) continuously discovers and maps your digital attack surface to provide an external view of your online infrastructure. This visibility enables security and IT teams to identify unknowns, prioritize risk, eliminate threats, and extend vulnerability and exposure control beyond the firewall. Attack Surface Insights are generated by leveraging vulnerability and infrastructure data to showcase the key areas of concern for your organization.
 
-:::image type="content" source="../media/new-microsoft-defender-external-attack-surface-management-36fb2332.png" alt-text="Screenshot showing the Microsoft Defender External Attack Surface Management dashboard.":::
+:::image type="content" source="../media/new-microsoft-defender-external-attack-surface-management-36fb2332-8ec6b2ef.png" alt-text="Screenshot showing the Microsoft Defender External Attack Surface Management dashboard.":::
 
 
 ## Discovery and inventory
@@ -18,21 +18,21 @@ Defender EASM includes the discovery of the following kinds of assets:
  -  SSL Certificates
  -  WHOIS Contacts
 
-:::image type="content" source="../media/new-discovery-and-inventory-80f902e9.png" alt-text="Screenshot showing the Defender EASM add discovery group page.":::
+:::image type="content" source="../media/new-discovery-and-inventory-80f902e9-558bb71c.png" alt-text="Screenshot showing the Defender EASM add discovery group page.":::
 
 
 ## Dashboards
 
 Defender EASM provides a series of dashboards that help users quickly understand their online infrastructure and any key risks to their organization. These dashboards are designed to provide insight on specific areas of risk, including vulnerabilities, compliance, and security hygiene. These insights help customers quickly address the components of their attack surface that pose the greatest risk to their organization.
 
-:::image type="content" source="../media/new-external-attack-surface-management-security-posture-b6e25dbd.png" alt-text="Screenshot showing the Microsoft Defender External Attack Surface Management Security posture page.":::
+:::image type="content" source="../media/new-external-attack-surface-management-security-posture-b6e25dbd-24ebab77.png" alt-text="Screenshot showing the Microsoft Defender External Attack Surface Management Security posture page.":::
 
 
 ## Managing assets
 
 Customers can filter their inventory to surface the specific insights they care about most. Filtering offers a level of flexibility and customization that enables users to access a specific subset of assets. This allows you to leverage Defender EASM data according to your specific use case, whether searching for assets that connect to deprecating infrastructure or identifying new cloud resources.
 
-:::image type="content" source="../media/new-assest-management-9f38538e.png" alt-text="Screenshot showing the Microsoft Defender External Attack Surface Management inventory page.":::
+:::image type="content" source="../media/new-assest-management-9f38538e-4d4edc1a.png" alt-text="Screenshot showing the Microsoft Defender External Attack Surface Management inventory page.":::
 
 
 ## User permissions