Merge branch '8.x' into mergify/bp/8.x/pr-5977

nastasha-solomon · web-flow · commit 599e978c0772 · 2024-11-12T14:55:59.000-05:00
diff --git a/docs/getting-started/configure-integration-policy.asciidoc b/docs/getting-started/configure-integration-policy.asciidoc
@@ -90,8 +90,8 @@ The quarantine folder location varies by operating system:
 
 - macOS: `/System/Volumes/Data/.equarantine`
 - Linux: `.equarantine` at the root of the mount point of the file being quarantined
-- Windows - {elastic-defend} versions 8.5 and later: `[DriveLetter:]\.quarantine`, unless the files are from the `C:` drive. These files are moved to `C:\Program Files\Elastic\Endpoint\state\.equarantine`.
-- Windows - {elastic-defend} versions 8.4 and earlier: `[DriveLetter:]\.quarantine`, for any drive
+- Windows - {elastic-defend} versions 8.5 and later: `[DriveLetter:]\.equarantine`, unless the files are from the `C:` drive. These files are moved to `C:\Program Files\Elastic\Endpoint\state\.equarantine`.
+- Windows - {elastic-defend} versions 8.4 and earlier: `[DriveLetter:]\.equarantine`, for any drive
 
 To restore a quarantined file to its original state and location, <<add-exceptions, add an exception>> to the rule that identified the file as malicious. If the exception would've stopped the rule from identifying the file as malicious, {elastic-defend} restores the file.
 
diff --git a/docs/getting-started/defend-feature-privs.asciidoc b/docs/getting-started/defend-feature-privs.asciidoc
@@ -12,7 +12,11 @@ To configure roles and privileges, find **Roles** in the navigation menu or by u
 
 NOTE: {elastic-defend}'s feature privileges must be assigned to *All Spaces*. You can't assign them to an individual space. 
 
-To grant access, select *All* for the *Security* feature in the *{kib} privileges* configuration UI, then turn on the *Customize sub-feature privileges* switch. For each of the following sub-feature privileges, select the type of access you want to allow:
+To grant access, select *All* for the *Security* feature in the *Assign role to space* configuration UI, then turn on the *Customize sub-feature privileges* switch. 
+
+IMPORTANT: Selecting **All** for the overall **Security** feature does NOT enable any sub-features. You must also enable the **Customize sub-feature privileges** switch, and then enable each sub-feature privilege individually.
+
+For each of the following sub-feature privileges, select the type of access you want to allow:
 
 * *All*: Users have full access to the feature, which includes performing all available actions and managing configuration.
 * *Read*: Users can view the feature, but can't perform any actions or manage configuration (some features don't have this privilege).
