From 10728657decd59d4f540b7adcfca9e4503ac40f9 Mon Sep 17 00:00:00 2001
From: Lovina Saldanha <v-lsaldanha@microsoft.com>
Date: Wed, 4 Nov 2020 14:57:02 +0530
Subject: [PATCH 01/39] Updated-4567381-Batch6

Rebranding
---
 .../fix-unhealthy-sensors.md                  | 25 +++++++++----------
 .../get-alert-info-by-id.md                   |  4 +--
 .../get-alert-related-domain-info.md          |  6 ++---
 .../get-alert-related-files-info.md           |  6 ++---
 .../get-alert-related-ip-info.md              |  6 ++---
 .../get-alert-related-machine-info.md         |  6 ++---
 .../get-alert-related-user-info.md            |  6 ++---
 .../microsoft-defender-atp/get-alerts.md      | 10 ++++----
 .../get-all-recommendations.md                |  4 +--
 .../get-all-vulnerabilities-by-machines.md    |  4 +--
 .../get-all-vulnerabilities.md                |  4 +--
 .../get-cvekbmap-collection.md                |  2 +-
 .../get-device-secure-score.md                |  8 +++---
 .../get-discovered-vulnerabilities.md         |  4 +--
 .../get-domain-related-alerts.md              |  6 ++---
 .../get-domain-related-machines.md            |  4 +--
 .../get-domain-statistics.md                  |  6 ++---
 .../get-exposure-score.md                     |  6 ++---
 .../get-file-information.md                   |  6 ++---
 .../get-file-related-alerts.md                |  6 ++---
 .../get-file-related-machines.md              |  6 ++---
 .../get-file-statistics.md                    |  6 ++---
 .../get-installed-software.md                 |  4 +--
 .../get-investigation-collection.md           |  8 +++---
 .../get-investigation-object.md               |  6 ++---
 25 files changed, 79 insertions(+), 80 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
index 83511489cb..6348afa090 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
@@ -25,12 +25,11 @@ ms.date: 10/23/2017
 
 **Applies to:**
 
-
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 
 
->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-fixsensor-abovefoldlink)
+>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-fixsensor-abovefoldlink)
 
 Devices that are categorized as misconfigured or inactive can be flagged due to varying causes. This section provides some explanations as to what might have caused a device to be categorized as inactive or misconfigured.
 
@@ -42,14 +41,14 @@ An inactive device is not necessarily flagged due to an issue. The following act
 If the device has not been in use for more than 7 days for any reason, it will remain in an ‘Inactive’ status in the portal.
 
 **Device was reinstalled or renamed**</br>
-A reinstalled or renamed device will generate a new device entity in Microsoft Defender Security Center. The previous device entity will remain with an ‘Inactive’ status in the portal. If you reinstalled a device and deployed the Microsoft Defender ATP package, search for the new device name to verify that the device is reporting normally.
+A reinstalled or renamed device will generate a new device entity in Microsoft Defender Security Center. The previous device entity will remain with an ‘Inactive’ status in the portal. If you reinstalled a device and deployed the Defender for Endpoint package, search for the new device name to verify that the device is reporting normally.
 
 **Device was offboarded**</br>
 If the device was offboarded it will still appear in devices list. After 7 days, the device health state should change to inactive.
 
 
 **Device is not sending signals**
-If the device is not sending any signals for more than 7 days to any of the Microsoft Defender ATP channels for any reason including conditions that fall under misconfigured devices classification, a device can be considered inactive. 
+If the device is not sending any signals for more than 7 days to any of the Defender for Endpoint channels for any reason including conditions that fall under misconfigured devices classification, a device can be considered inactive. 
 
 
 Do you expect a device to be in ‘Active’ status? [Open a support ticket](https://support.microsoft.com/getsupport?wf=0&tenant=ClassicCommercial&oaspworkflow=start_1.0.0.0&locale=en-us&supportregion=en-us&pesid=16055&ccsid=636206786382823561).
@@ -65,10 +64,10 @@ This status indicates that there's limited communication between the device and
 The following suggested actions can help fix issues related to a misconfigured device with impaired communications:
 
 - [Ensure the device has Internet connection](troubleshoot-onboarding.md#troubleshoot-onboarding-issues-on-the-device)</br>
-  The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Microsoft Defender ATP service.
+  The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Defender for Endpoint service.
 
-- [Verify client connectivity to Microsoft Defender ATP service URLs](configure-proxy-internet.md#verify-client-connectivity-to-microsoft-defender-atp-service-urls)</br>
-  Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Microsoft Defender ATP service URLs.
+- [Verify client connectivity to Microsoft Defender for Endpoint service URLs](configure-proxy-internet.md#verify-client-connectivity-to-microsoft-defender-atp-service-urls)</br>
+  Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Defender for Endpoint service URLs.
 
 If you took corrective actions and the device status is still misconfigured, [open a support ticket](https://go.microsoft.com/fwlink/?LinkID=761093&clcid=0x409).
 
@@ -77,18 +76,18 @@ A misconfigured device with status ‘No sensor data’ has communication with t
 Follow theses actions to correct known issues related to a misconfigured device with status ‘No sensor data’:
 
 - [Ensure the device has Internet connection](troubleshoot-onboarding.md#troubleshoot-onboarding-issues-on-the-device)</br>
-  The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Microsoft Defender ATP service.
+  The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Defender for Endpoint service.
 
-- [Verify client connectivity to Microsoft Defender ATP service URLs](configure-proxy-internet.md#verify-client-connectivity-to-microsoft-defender-atp-service-urls)</br>
-  Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Microsoft Defender ATP service URLs.
+- [Verify client connectivity to Microsoft Defender for Endpoint service URLs](configure-proxy-internet.md#verify-client-connectivity-to-microsoft-defender-atp-service-urls)</br>
+  Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Defender for Endpoint service URLs.
 
 - [Ensure the diagnostic data service is enabled](troubleshoot-onboarding.md#ensure-the-diagnostics-service-is-enabled)</br>
 If the devices aren't reporting correctly, you might need to check that the Windows 10 diagnostic data service is set to automatically start and is running on the endpoint.
 
 - [Ensure that Microsoft Defender Antivirus is not disabled by policy](troubleshoot-onboarding.md#ensure-that-microsoft-defender-antivirus-is-not-disabled-by-a-policy)</br>
-If your devices are running a third-party antimalware client, the Microsoft Defender ATP agent needs the Microsoft Defender Antivirus Early Launch Antimalware (ELAM) driver to be enabled.
+If your devices are running a third-party antimalware client, the Defender for Endpoint agent needs the Microsoft Defender Antivirus Early Launch Antimalware (ELAM) driver to be enabled.
 
 If you took corrective actions and the device status is still misconfigured, [open a support ticket](https://go.microsoft.com/fwlink/?LinkID=761093&clcid=0x409).
 
 ## Related topic
-- [Check sensor health state in Microsoft Defender ATP](check-sensor-status.md)
+- [Check sensor health state in Microsoft Defender for Endpoint](check-sensor-status.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
index 676cdf63f1..746aec762a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
index eb2710fcca..7fb52034e5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -36,7 +36,7 @@ Retrieves all domains related to a specific alert.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type | Permission | Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
index 2de0da3586..7ae3ee74ec 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint ](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -36,7 +36,7 @@ Retrieves all files related to a specific alert.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type | Permission | Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
index e56d99aabd..4d0dc604db 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -36,7 +36,7 @@ Retrieves all IPs related to a specific alert.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
index 670802c075..baa4908c02 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -36,7 +36,7 @@ Retrieves [Device](machine.md) related to a specific alert.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
index 80df53a33e..63b8b20872 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -36,7 +36,7 @@ Retrieves the User related to a specific alert.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
index eb855902a3..94c1495185 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -34,7 +34,7 @@ Retrieves a collection of Alerts.
 <br>```$top``` with max value of 10,000 
 <br>```$skip```
 <br>```$expand``` of ```evidence```
-<br>See examples at [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)
+<br>See examples at [OData queries with Microsoft Defender for Endpoint](exposed-apis-odata-samples.md)
 
 
 ## Limitations
@@ -44,7 +44,7 @@ Retrieves a collection of Alerts.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
@@ -263,4 +263,4 @@ Here is an example of the response.
 
 
 ## Related topics
-- [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)
+- [OData queries with Defender for Endpoint](exposed-apis-odata-samples.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
index 31af35af76..72862eb668 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
@@ -21,14 +21,14 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
 Retrieves a list of all security recommendations affecting the organization.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
index 6bd9416f4b..12213ad3c3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
@@ -21,7 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Retrieves a list of all the vulnerabilities affecting the organization per [machine](machine.md) and [software](software.md).
 - If the vulnerability has a fixing KB, it will appear in the response.
@@ -32,7 +32,7 @@ Retrieves a list of all the vulnerabilities affecting the organization per [mach
 >This is great API for [Power BI integration](api-power-bi.md).
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
index 84d316b8b5..1e8908bc27 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
@@ -21,14 +21,14 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
 Retrieves a list of all the vulnerabilities affecting the organization.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
index 44275ce8f2..f9fc5e3a9a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
@@ -25,7 +25,7 @@ ROBOTS: NOINDEX
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Retrieves a map of CVE's to KB's and CVE details.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
index 3f79fbf1ce..8c7a21b885 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
@@ -21,15 +21,15 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint(https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 Retrieves your [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md). A higher Microsoft Secure Score for Devices means your endpoints are more resilient from cybersecurity threat attacks. 
 
 ## Permissions
 
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md) for details.
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
@@ -83,4 +83,4 @@ Here is an example of the response.
 
 ## Related topics
 
-- [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)
+- [OData queries with Microsoft Defender for Endpoint](exposed-apis-odata-samples.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
index 920d5431ca..fd85f7e3a0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
@@ -22,13 +22,13 @@ ms.topic: article
 
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 Retrieves a collection of discovered vulnerabilities related to a given device ID.
 
 ## Permissions
 
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type | Permission | Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
index 1f9e3ec5e7..cda757af8a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -36,7 +36,7 @@ Retrieves a collection of [Alerts](alerts.md) related to a given domain address.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |   Permission  |   Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
index 6170888f9c..36631ffd47 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint(https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
index acc31acf8e..5989615fb0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -35,7 +35,7 @@ Retrieves the statistics on the given domain.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
index bad530e3d7..8db583dd0d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
@@ -31,7 +31,7 @@ Retrieves the organizational exposure score.
 
 ## Permissions
 
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Defender for Endpoint APIs](apis-intro.md)
 
 Permission type | Permission | Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
index ff2d4103f1..0e7bbe1d96 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -35,7 +35,7 @@ Retrieves a [File](files.md) by identifier Sha1, or Sha256
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
index eb3a55ece2..5592be9955 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -35,7 +35,7 @@ Retrieves a collection of alerts related to a given file hash.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
index 82a5e5cf93..6ac24677f2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -35,7 +35,7 @@ Retrieves a collection of [Machines](machine.md) related to a given file hash.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
index 63001b875a..8416ce7563 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -35,7 +35,7 @@ Retrieves the statistics for the given file.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
index 58024c6bf6..08ade5839e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
@@ -21,14 +21,14 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
 Retrieves a collection of installed software related to a given device ID.
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
index 8d24a9f9a7..2053fd538b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
@@ -21,16 +21,16 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
 Retrieves a collection of [Investigations](investigation.md).
 <br>Supports [OData V4 queries](https://www.odata.org/documentation/).
 <br>The OData's ```$filter``` query is supported on: ```startTime```, ```state```, ```machineId``` and ```triggeringAlertId``` properties.
-<br>See examples at [OData queries with Microsoft Defender ATP](exposed-apis-odata-samples.md)
+<br>See examples at [OData queries with Defender for Endpoint](exposed-apis-odata-samples.md)
 
 
 ## Limitations
@@ -39,7 +39,7 @@ Retrieves a collection of [Investigations](investigation.md).
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
index b19d9dfb02..6eb7e95418 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
@@ -21,9 +21,9 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -36,7 +36,7 @@ Retrieves specific [Investigation](investigation.md) by its ID.
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---

From 59975a1a15389f61f29231669a00f3868c129453 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:36:12 -0800
Subject: [PATCH 02/39] Update fix-unhealthy-sensors.md

---
 .../microsoft-defender-atp/fix-unhealthy-sensors.md       | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
index 6348afa090..60dc0cbef1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
@@ -1,5 +1,5 @@
 ---
-title: Fix unhealthy sensors in Microsoft Defender ATP
+title: Fix unhealthy sensors in Microsoft Defender for Endpoint
 description: Fix device sensors that are reporting as misconfigured or inactive so that the service receives data from the device.
 keywords: misconfigured, inactive, fix sensor, sensor health,  no sensor data, sensor data, impaired communications, communication
 search.product: eADQiWindows 10XVcnh
@@ -15,10 +15,10 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance 
 ms.topic: article
-ms.date: 10/23/2017
+ms.date: 11/06/2020
 ---
 
-# Fix unhealthy sensors in Microsoft Defender ATP
+# Fix unhealthy sensors in Microsoft Defender for Endpoint
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
@@ -89,5 +89,5 @@ If your devices are running a third-party antimalware client, the Defender for E
 
 If you took corrective actions and the device status is still misconfigured, [open a support ticket](https://go.microsoft.com/fwlink/?LinkID=761093&clcid=0x409).
 
-## Related topic
+## See also
 - [Check sensor health state in Microsoft Defender for Endpoint](check-sensor-status.md)

From 20d0ee16f32a4cbf5fa80ba47ca9a247068f7463 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:37:44 -0800
Subject: [PATCH 03/39] Update get-alert-related-domain-info.md

---
 .../microsoft-defender-atp/get-alert-related-domain-info.md     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
index 7fb52034e5..e9d18d97e7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From 1a05c48da435cb22116a9a62b6e7998487b6ed4c Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:38:50 -0800
Subject: [PATCH 04/39] Update get-alert-related-ip-info.md

---
 .../microsoft-defender-atp/get-alert-related-ip-info.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
index 4d0dc604db..c2f6a5a3ff 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From 0d85527b56597dba533bca9745397ccdd96c410c Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:39:39 -0800
Subject: [PATCH 05/39] Update get-alert-related-machine-info.md

---
 .../microsoft-defender-atp/get-alert-related-machine-info.md  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
index baa4908c02..98f64ac8d1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
@@ -1,6 +1,6 @@
 ---
 title: Get alert related machine information 
-description: Retrieve all devices related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve all devices related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender for Endpoint).
 keywords: apis, graph api, supported apis, get alert information, alert information, related device
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From d31f473c19ef5045d93dd5ca22bff1be21b653a3 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:40:50 -0800
Subject: [PATCH 06/39] rebranding fixes

---
 .../microsoft-defender-atp/get-alert-info-by-id.md            | 2 +-
 .../microsoft-defender-atp/get-alert-related-files-info.md    | 4 ++--
 .../microsoft-defender-atp/get-alert-related-ip-info.md       | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
index 746aec762a..81cd7a519f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
@@ -1,6 +1,6 @@
 ---
 title: Get alert information by ID API
-description: Learn how to use the Get alert information by ID API to retrieve a specific alert by its ID in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get alert information by ID API to retrieve a specific alert by its ID in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, alert, information, id
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
index 7ae3ee74ec..6e61e17504 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
@@ -1,6 +1,6 @@
 ---
 title: Get alert related files information 
-description: Retrieve all files related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve all files related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender for Endpoint).
 keywords: apis, graph api, supported apis, get alert information, alert information, related files
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint ](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
index c2f6a5a3ff..62db50d08a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
@@ -1,6 +1,6 @@
 ---
 title: Get alert related IPs information 
-description: Retrieve all IPs related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve all IPs related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender for Endpoint).
 keywords: apis, graph api, supported apis, get alert information, alert information, related ip
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10

From e23407d8ebefeb3a3d4392f31247e4359d7b336a Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:42:11 -0800
Subject: [PATCH 07/39] Update get-alerts.md

---
 .../threat-protection/microsoft-defender-atp/get-alerts.md  | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
index 94c1495185..c2d2b8b8e3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
@@ -1,6 +1,6 @@
 ---
 title: List alerts API
-description: Learn how to use the List alerts API to retrieve a collection of alerts in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the List alerts API to retrieve a collection of alerts in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, alerts, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description
@@ -262,5 +262,5 @@ Here is an example of the response.
 ```
 
 
-## Related topics
+## See also
 - [OData queries with Defender for Endpoint](exposed-apis-odata-samples.md)

From c4c29801b1ffa9b05e6a6dc8cbb1b2f23c2e2d43 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:43:56 -0800
Subject: [PATCH 08/39] Update get-all-recommendations.md

---
 .../microsoft-defender-atp/get-all-recommendations.md           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
index 72862eb668..a5cde6e4a0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
@@ -105,7 +105,7 @@ Here is an example of the response.
      ]
 }
 ```
-## Related topics
+## See also
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
 

From e8ea082c270ab566668397f20b5c8015f80be872 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:44:50 -0800
Subject: [PATCH 09/39] Update get-all-vulnerabilities-by-machines.md

---
 .../get-all-vulnerabilities-by-machines.md                      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
index 12213ad3c3..f2de05191d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
@@ -103,7 +103,7 @@ Here is an example of the response.
 }
 ```
 
-## Related topics
+## See also
 
 - [Risk-based threat and vulnerability management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)

From f28238b641b8dfa3a588b45bce47496aeb77523e Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:45:33 -0800
Subject: [PATCH 10/39] Update get-all-vulnerabilities.md

---
 .../microsoft-defender-atp/get-all-vulnerabilities.md           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
index 1e8908bc27..9847c928d4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
@@ -94,6 +94,6 @@ Here is an example of the response.
 }
 ```
 
-## Related topics
+## See also
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)

From c86ec6d6abaf264b202edecca3593c38698ee5bd Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:46:03 -0800
Subject: [PATCH 11/39] Update get-cvekbmap-collection.md

---
 .../microsoft-defender-atp/get-cvekbmap-collection.md           | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
index f9fc5e3a9a..7a5a5aacb3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
@@ -1,6 +1,6 @@
 ---
 title: Get CVE-KB map API
-description: Learn how to use the Get CVE-KB map API to retrieve a map of CVE's to KB's and CVE details in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get CVE-KB map API to retrieve a map of CVE's to KB's and CVE details in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, cve, kb
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

From 8faae9fc20fa63be65b4a18290c1e7fccdcb62e9 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:46:34 -0800
Subject: [PATCH 12/39] Update get-device-secure-score.md

---
 .../microsoft-defender-atp/get-device-secure-score.md         | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
index 8c7a21b885..e14a6859a7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint(https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 Retrieves your [Microsoft Secure Score for Devices](tvm-microsoft-secure-score-devices.md). A higher Microsoft Secure Score for Devices means your endpoints are more resilient from cybersecurity threat attacks. 
 
@@ -81,6 +81,6 @@ Here is an example of the response.
 }
 ```
 
-## Related topics
+## See also
 
 - [OData queries with Microsoft Defender for Endpoint](exposed-apis-odata-samples.md)

From 291d75aa97dd1dc544eb46fd82cd16267d2cb241 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:47:25 -0800
Subject: [PATCH 13/39] Update get-discovered-vulnerabilities.md

---
 .../microsoft-defender-atp/get-discovered-vulnerabilities.md    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
index fd85f7e3a0..5b16a71cfc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
@@ -91,7 +91,7 @@ Here is an example of the response.
 }
 ```
 
-## Related topics
+## See also
 
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Vulnerabilities in your organization](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses)

From b939ad0d63b9054b798cb76316ebb0c877027208 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:48:11 -0800
Subject: [PATCH 14/39] Update get-domain-related-alerts.md

---
 .../microsoft-defender-atp/get-domain-related-alerts.md       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
index cda757af8a..26fdbad6f4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
@@ -1,6 +1,6 @@
 ---
 title: Get domain related alerts API
-description: Learn how to use the Get domain related alerts API to retrieve alerts related to a given domain address in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get domain related alerts API to retrieve alerts related to a given domain address in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, domain, related, alerts
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From 7ab8b5b4ebdf523d2bf3629e9f64d18097ef1a45 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:48:45 -0800
Subject: [PATCH 15/39] Update get-domain-related-machines.md

---
 .../microsoft-defender-atp/get-domain-related-machines.md     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
index 36631ffd47..bda2a9024c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
@@ -1,6 +1,6 @@
 ---
 title: Get domain related machines API
-description: Learn how to use the Get domain related machines API to get machines that communicated to or from a domain in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get domain related machines API to get machines that communicated to or from a domain in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, domain, related, devices
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint(https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From 12ed05bccc44e911ae54895d850fb413acc52781 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:49:20 -0800
Subject: [PATCH 16/39] Update get-domain-statistics.md

---
 .../microsoft-defender-atp/get-domain-statistics.md           | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
index 5989615fb0..cb49efb465 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
@@ -1,6 +1,6 @@
 ---
 title: Get domain statistics API
-description: Learn how to use the Get domain statistics API to retrieve the statistics on the given domain in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get domain statistics API to retrieve the statistics on the given domain in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, domain, domain related devices
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From 04cfc1efae495b8c772afd8954471fe08e06f3f9 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:50:04 -0800
Subject: [PATCH 17/39] Update get-exposure-score.md

---
 .../microsoft-defender-atp/get-exposure-score.md            | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
index 8db583dd0d..43d7ac20e9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
@@ -31,7 +31,7 @@ Retrieves the organizational exposure score.
 
 ## Permissions
 
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Defender for Endpoint APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type | Permission | Permission display name
 :---|:---|:---
@@ -84,7 +84,7 @@ Here is an example of the response.
 
 ```
 
-## Related topics
+## See also
 
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability exposure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score)

From 1c76ac96df58d730f2aeac1eb3f2f5f28b98e768 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:50:44 -0800
Subject: [PATCH 18/39] Update get-file-information.md

---
 .../microsoft-defender-atp/get-file-information.md            | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
index 0e7bbe1d96..61ab343580 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
@@ -1,6 +1,6 @@
 ---
 title: Get file information API
-description: Learn how to use the Get file information API to get a file by Sha1, Sha256, or MD5 identifier in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get file information API to get a file by Sha1, Sha256, or MD5 identifier in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, file, information, sha1, sha256, md5
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From 2e88ae5f8474060fdd93686960bfa2d4c3de47e7 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:51:24 -0800
Subject: [PATCH 19/39] Update get-file-related-alerts.md

---
 .../microsoft-defender-atp/get-file-related-alerts.md         | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
index 5592be9955..d1c53228ac 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
@@ -1,6 +1,6 @@
 ---
 title: Get file related alerts API
-description: Learn how to use the Get file related alerts API to get a collection of alerts related to a given file hash in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get file related alerts API to get a collection of alerts related to a given file hash in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, file, hash
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From 8d8ada16746b74a3bc16d1b4ea0151c8d282bc33 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:52:09 -0800
Subject: [PATCH 20/39] Update get-file-related-machines.md

---
 .../microsoft-defender-atp/get-file-related-machines.md       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
index 6ac24677f2..c60f272c69 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
@@ -1,6 +1,6 @@
 ---
 title: Get file related machines API
-description: Learn how to use the Get file related machines API to get a collection of machines related to a file hash in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get file related machines API to get a collection of machines related to a file hash in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, devices, hash
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From 7464123c7927fda74e8b9466c6cdcb9f1c1bc529 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:52:44 -0800
Subject: [PATCH 21/39] Update get-file-statistics.md

---
 .../microsoft-defender-atp/get-file-statistics.md             | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
index 8416ce7563..59f525f594 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
@@ -1,6 +1,6 @@
 ---
 title: Get file statistics API
-description: Learn how to use the Get file statistics API to retrieve the statistics for the given file in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get file statistics API to retrieve the statistics for the given file in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, file, statistics
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From 8a2abb4fed5bab248e69e64d092afea36c5f170d Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:53:24 -0800
Subject: [PATCH 22/39] Update get-installed-software.md

---
 .../microsoft-defender-atp/get-installed-software.md           | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
index 08ade5839e..293d458f27 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
@@ -87,6 +87,7 @@ Here is an example of the response.
 }
 ```
 
-## Related topics
+## See also
+
 - [Risk-based Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt)
 - [Threat & Vulnerability software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory)

From e36404b9f0321dee2e53fb2e9d841fbfea614a58 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:54:22 -0800
Subject: [PATCH 23/39] Update get-investigation-collection.md

---
 .../microsoft-defender-atp/get-investigation-collection.md      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
index 2053fd538b..9963f6cf47 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From a2c793472dc46f089a01e146c4ec42a28b7e7702 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 6 Nov 2020 10:54:52 -0800
Subject: [PATCH 24/39] Update get-investigation-object.md

---
 .../microsoft-defender-atp/get-investigation-object.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
index 6eb7e95418..6ad036b722 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From 29f1b2b0a51760c17d3d05966edb8fdb9354d80d Mon Sep 17 00:00:00 2001
From: MaratMussabekov <48041687+MaratMussabekov@users.noreply.github.com>
Date: Sun, 8 Nov 2020 08:11:07 +0500
Subject: [PATCH 25/39] Update microsoft-defender-advanced-threat-protection.md

---
 .../microsoft-defender-advanced-threat-protection.md            | 2 --
 1 file changed, 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index c25bf6630c..b37274b4cb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -22,8 +22,6 @@ ms.topic: conceptual
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink)
->
 > For more info about Windows 10 Enterprise Edition features and functionality, see [Windows 10 Enterprise edition](https://www.microsoft.com/WindowsForBusiness/buy).
 
 Microsoft Defender Advanced Threat Protection is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.

From 66498185beb06e200089e0c58a218d832e65c3de Mon Sep 17 00:00:00 2001
From: Alekhya Jupudi <v-ajupudi@microsoft.com>
Date: Mon, 9 Nov 2020 16:35:20 +0530
Subject: [PATCH 26/39] Task 4611644-Rebranding task for Windows-docs-pr-
 Branch-1

Rebranding work of Folder (Files under the Path): windows-docs-pr\windows\security\threat-protection\microsoft-defender-antivirus
---
 .../antivirus-false-positives-negatives.md    |  6 ++---
 ...irst-sight-microsoft-defender-antivirus.md |  4 ++--
 ...exclusions-microsoft-defender-antivirus.md |  2 +-
 ...onnections-microsoft-defender-antivirus.md |  4 ++--
 ...age-report-microsoft-defender-antivirus.md |  4 ++--
 ...oyment-vdi-microsoft-defender-antivirus.md |  2 +-
 ...anted-apps-microsoft-defender-antivirus.md |  6 ++---
 ...protection-microsoft-defender-antivirus.md |  8 +++----
 .../evaluate-microsoft-defender-antivirus.md  |  2 +-
 ...on-updates-microsoft-defender-antivirus.md |  2 +-
 ...rosoft-defender-antivirus-in-windows-10.md |  6 ++---
 ...fender-antivirus-on-windows-server-2016.md |  2 +-
 ...soft-defender-security-center-antivirus.md |  2 +-
 ...office-365-microsoft-defender-antivirus.md | 18 +++++++--------
 ...nteraction-microsoft-defender-antivirus.md |  2 +-
 ...osoft-defender-antivirus-when-migrating.md |  6 ++---
 ...oubleshoot-microsoft-defender-antivirus.md |  2 +-
 .../troubleshoot-reporting.md                 |  4 ++--
 ...oup-policy-microsoft-defender-antivirus.md |  2 +-
 .../use-wmi-microsoft-defender-antivirus.md   |  2 +-
 ...protection-microsoft-defender-antivirus.md |  2 +-
 .../why-use-microsoft-defender-antivirus.md   | 22 +++++++++----------
 22 files changed, 55 insertions(+), 55 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/antivirus-false-positives-negatives.md b/windows/security/threat-protection/microsoft-defender-antivirus/antivirus-false-positives-negatives.md
index cd9480eafa..273298bf6c 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/antivirus-false-positives-negatives.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/antivirus-false-positives-negatives.md
@@ -44,7 +44,7 @@ What if something gets detected wrongly as malware, or something is missed? We c
 
 ## Create an "Allow" indicator to prevent a false positive from recurring
 
-If a file, IP address, URL, or domain is treated as malware on a device, even though it's safe, you can create an "Allow" indicator. This indicator tells Microsoft Defender Antivirus (and Microsoft Defender Advanced Threat Protection) that the item is safe.
+If a file, IP address, URL, or domain is treated as malware on a device, even though it's safe, you can create an "Allow" indicator. This indicator tells Microsoft Defender Antivirus (and Microsoft Defender for Endpoint) that the item is safe.
 
 To set up your "Allow" indicator, follow the guidance in [Manage indicators](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/manage-indicators).
 
@@ -72,6 +72,6 @@ To learn more, see:
 
 ## Related articles
 
-[What is Microsoft Defender Advanced Threat Protection?](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection)
+[What is Microsoft Defender for Endpoint?](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection)
 
-[Microsoft Threat Protection](https://docs.microsoft.com/microsoft-365/security/mtp/microsoft-threat-protection)
+[Microsoft 365 Defender](https://docs.microsoft.com/microsoft-365/security/mtp/microsoft-threat-protection)
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md
index 75752637b1..43aa53b445 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md
@@ -29,13 +29,13 @@ Block at first sight provides a way to detect and block new malware within secon
 You can [specify how long a file should be prevented from running](configure-cloud-block-timeout-period-microsoft-defender-antivirus.md) while the cloud-based protection service analyzes the file. And, you can [customize the message displayed on users' desktops](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information) when a file is blocked. You can change the company name, contact information, and message URL.
 
 >[!TIP]
->Visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
+>Visit the Microsoft Defender for Endpoint demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
 
 ## How it works
 
 When Microsoft Defender Antivirus encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend applies heuristics, machine learning, and automated analysis of the file to determine whether the files are malicious or not a threat.
 
-Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, intelligent, and real-time protection. To learn more, see this blog: [Get to know the advanced technologies at the core of Microsoft Defender ATP next-generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
+Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, intelligent, and real-time protection. To learn more, see this blog: [Get to know the advanced technologies at the core of Microsoft Defender for Endpoint next-generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
 ![List of Microsoft Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
 
 In Windows 10, version 1803 or later, block at first sight can block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
index 7212b18c2f..88a2e71534 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
@@ -25,7 +25,7 @@ ms.date: 10/21/2020
 - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
 > [!IMPORTANT]
-> Microsoft Defender Antivirus exclusions don't apply to other Microsoft Defender ATP capabilities, including [endpoint detection and response (EDR)](../microsoft-defender-atp/overview-endpoint-detection-response.md), [attack surface reduction (ASR) rules](../microsoft-defender-atp/attack-surface-reduction.md), and [controlled folder access](../microsoft-defender-atp/controlled-folders.md). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections. To exclude files broadly, add them to the Microsoft Defender ATP [custom indicators](../microsoft-defender-atp/manage-indicators.md).
+> Microsoft Defender Antivirus exclusions don't apply to other Microsoft Defender for Endpoint capabilities, including [endpoint detection and response (EDR)](../microsoft-defender-atp/overview-endpoint-detection-response.md), [attack surface reduction (ASR) rules](../microsoft-defender-atp/attack-surface-reduction.md), and [controlled folder access](../microsoft-defender-atp/controlled-folders.md). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections. To exclude files broadly, add them to the Microsoft Defender for Endpoint [custom indicators](../microsoft-defender-atp/manage-indicators.md).
 
 ## Exclusion lists
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md
index f19baf44aa..8ee17ca054 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md
@@ -32,7 +32,7 @@ This article lists the connections that must be allowed, such as by using firewa
 See the blog post [Important changes to Microsoft Active Protection Services endpoint](https://techcommunity.microsoft.com/t5/Configuration-Manager-Archive/Important-changes-to-Microsoft-Active-Protection-Service-MAPS/ba-p/274006) for some details about network connectivity.
 
 >[!TIP]
->You can also visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
+>You can also visit the Microsoft Defender for Endpoint demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
 >
 >- Cloud-delivered protection
 >- Fast learning (including block at first sight)
@@ -49,7 +49,7 @@ See [Enable cloud-delivered protection](enable-cloud-protection-microsoft-defend
 
 After you've enabled the service, you may need to configure your network or firewall to allow connections between it and your endpoints.
 
-Because your protection is a cloud service, computers must have access to the internet and reach the ATP machine learning services. Do not exclude the URL `*.blob.core.windows.net` from any kind of network inspection. 
+Because your protection is a cloud service, computers must have access to the internet and reach the Microsoft Defender for Office 365 machine learning services. Do not exclude the URL `*.blob.core.windows.net` from any kind of network inspection. 
 
 The table below lists the services and their associated URLs. Make sure that there are no firewall or network filtering rules denying access to these URLs, or you may need to create an allow rule specifically for them (excluding the URL `*.blob.core.windows.net`). Below mention URLs are using port 443 for communication.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
index 5faf7d7a5b..a543229569 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
@@ -29,7 +29,7 @@ You can deploy, manage, and report on Microsoft Defender Antivirus in a number o
 
 Because the Microsoft Defender Antivirus client is installed as a core part of Windows 10, traditional deployment of a client to your endpoints does not apply.
 
-However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Azure Security Center, or Group Policy Objects, which is described in the following table.
+However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Azure Defender*, or Group Policy Objects, which is described in the following table.
 
 You'll also see additional links for:
 
@@ -46,7 +46,7 @@ Microsoft Endpoint Configuration Manager ([1](#fn1))|Use the [Endpoint Protectio
 Group Policy and Active Directory (domain-joined)|Use a Group Policy Object to deploy configuration changes and ensure Microsoft Defender Antivirus is enabled.|Use Group Policy Objects (GPOs) to [Configure update options for Microsoft Defender Antivirus][] and [Configure Windows Defender features][]|Endpoint reporting is not available with Group Policy. You can generate a list of [Group Policies to determine if any settings or policies are not applied][]
 PowerShell|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set-MpPreference] and [Update-MpSignature] cmdlets available in the Defender module.|Use the appropriate [Get- cmdlets available in the Defender module][]
 Windows Management Instrumentation|Deploy with Group Policy, Microsoft Endpoint Configuration Manager, or manually on individual endpoints.|Use the [Set method of the MSFT_MpPreference class][] and the [Update method of the MSFT_MpSignature class][]|Use the [MSFT_MpComputerStatus][] class and the get method of associated classes in the [Windows Defender WMIv2 Provider][]
-Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Microsoft Defender Antivirus events][] and add that tool as an app in AAD.
+Microsoft Azure|Deploy Microsoft Antimalware for Azure in the [Azure portal, by using Visual Studio virtual machine configuration, or using Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#antimalware-deployment-scenarios). You can also [Install Endpoint protection in Azure Defender*](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection)|Configure [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) or [use code samples](https://gallery.technet.microsoft.com/Antimalware-For-Azure-5ce70efe)|Use [Microsoft Antimalware for Virtual Machines and Cloud Services with Azure PowerShell cmdlets](https://docs.microsoft.com/azure/security/azure-security-antimalware#enable-and-configure-antimalware-using-powershell-cmdlets) to enable monitoring. You can also review usage reports in Azure Active Directory to determine suspicious activity, including the [Possibly infected devices][] report and configure an SIEM tool to report on [Microsoft Defender Antivirus events][] and add that tool as an app in AAD.
 
 1. <span id="fn1" />The availability of some functions and features, especially related to cloud-delivered protection, differ between Microsoft Endpoint Configuration Manager (Current Branch) and System Center 2012 Configuration Manager. In this library, we've focused on Windows 10, Windows Server 2016, and Microsoft Endpoint Configuration Manager (Current Branch). See [Use Microsoft cloud-provided protection in Microsoft Defender Antivirus](utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md) for a table that describes the major differences. [(Return to table)](#ref2)
   
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
index 3f783ede5b..a5a51e53c9 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
@@ -28,7 +28,7 @@ In addition to standard on-premises or hardware configurations, you can also use
 
 See [Windows Virtual Desktop Documentation](https://docs.microsoft.com/azure/virtual-desktop) for more details on Microsoft Remote Desktop Services and VDI support.
 
-For Azure-based virtual machines, you can also review the [Install Endpoint Protection in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection) topic.
+For Azure-based virtual machines, you can also review the [Install Endpoint Protection in Azure Defender*](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection) topic.
 
 With the ability to easily deploy updates to VMs running in VDIs, we've shortened this guide to focus on how you can get updates on your machines quickly and easily. You no longer need to create and seal golden images on a periodic basis, as updates are expanded into their component bits on the host server and then downloaded directly to the VM when it's turned on.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md
index 142782c145..4c9c47828e 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md
@@ -29,7 +29,7 @@ manager: dansimp
 > [!NOTE]
 > Potentially unwanted applications (PUA) are a category of software that can cause your machine to run slowly, display unexpected ads, or at worst, install other software which might be unexpected or unwanted. By default in Windows 10 (version 2004 and later), Microsoft Defender Antivirus blocks apps that are considered PUA, for Enterprise (E5) devices.
 
-Potentially unwanted applications (PUA) are not considered viruses, malware, or other types of threats, but they might perform actions on endpoints which adversely affect endpoint performance or use. _PUA_ can also refer to an application that has a poor reputation, as assessed by Microsoft Defender ATP, due to certain kinds of undesirable behavior.
+Potentially unwanted applications (PUA) are not considered viruses, malware, or other types of threats, but they might perform actions on endpoints which adversely affect endpoint performance or use. _PUA_ can also refer to an application that has a poor reputation, as assessed by Microsoft Defender for Endpoint, due to certain kinds of undesirable behavior.
 
 For example:
 
@@ -66,7 +66,7 @@ Admins can [configure](https://docs.microsoft.com/DeployEdge/configure-microsoft
 Defender SmartScreen available, including [one for blocking PUA](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreenpuaenabled). In addition, admins can
 [configure Windows Defender SmartScreen](https://docs.microsoft.com/microsoft-edge/deploy/available-policies?source=docs#configure-windows-defender-smartscreen) as a whole, using group policy settings to turn Windows Defender SmartScreen on or off.
 
-Although Microsoft Defender ATP has its own block list, based upon a data set managed by Microsoft, you can customize this list based on your own threat intelligence. If you [create and manage indicators](../microsoft-defender-atp/manage-indicators.md) in the Microsoft Defender ATP portal, Windows Defender SmartScreen will respect the new settings.
+Although Microsoft Defender for Endpoint has its own block list, based upon a data set managed by Microsoft, you can customize this list based on your own threat intelligence. If you [create and manage indicators](../microsoft-defender-atp/manage-indicators.md) in the Microsoft Defender for Endpoint portal, Windows Defender SmartScreen will respect the new settings.
 
 ### Microsoft Defender Antivirus
 
@@ -88,7 +88,7 @@ You can enable PUA protection with Microsoft Intune, Microsoft Endpoint Configur
 You can also use the PUA audit mode to detect PUAs without blocking them. The detections will be captured in the Windows event log.
 
 > [!TIP]
-> You can visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com/Page/UrlRep) to confirm that the feature is working, and see it in action.
+> You can visit the Microsoft Defender for Endpoint demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com/Page/UrlRep) to confirm that the feature is working, and see it in action.
 
 PUA audit mode is useful if your company is conducting an internal software security compliance check and you'd like to avoid any false positives.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md
index e62fd3c943..7e6ac508a9 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md
@@ -26,7 +26,7 @@ ms.custom: nextgen
 > [!NOTE]
 > The Microsoft Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud; rather, it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
 
-Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next-generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
+Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender for Endpoint next-generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
 ![List of Microsoft Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
 
 You can enable or disable Microsoft Defender Antivirus cloud-delivered protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app.
@@ -55,7 +55,7 @@ There are specific network-connectivity requirements to ensure your endpoints ca
         > The **Send safe samples automatically** option means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation.
 
         > [!WARNING]
-        > Setting to **Always Prompt** will lower the protection state of the device. Setting to **Never send** means the [Block at First Sight](configure-block-at-first-sight-microsoft-defender-antivirus.md) feature of Microsoft Defender ATP won't work.
+        > Setting to **Always Prompt** will lower the protection state of the device. Setting to **Never send** means the [Block at First Sight](configure-block-at-first-sight-microsoft-defender-antivirus.md) feature of Microsoft Defender for Endpoint won't work.
 
 8. Click **OK** to exit the **Microsoft Defender Antivirus** settings pane, click **OK** to exit the **Device restrictions** pane, and then click **Save** to save the changes to your **Device restrictions** profile.
 
@@ -86,7 +86,7 @@ See [How to create and deploy antimalware policies: Cloud-protection service](ht
         > The **Send safe samples** (1) option means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation.
 
         > [!WARNING]
-        > Setting the option to **Always Prompt** (0) will lower the protection state of the device. Setting it to **Never send** (2) means that the [Block at First Sight](configure-block-at-first-sight-microsoft-defender-antivirus.md) feature of Microsoft Defender ATP won't work.
+        > Setting the option to **Always Prompt** (0) will lower the protection state of the device. Setting it to **Never send** (2) means that the [Block at First Sight](configure-block-at-first-sight-microsoft-defender-antivirus.md) feature of Microsoft Defender for Endpoint won't work.
 
 7. Click **OK**.
 
@@ -105,7 +105,7 @@ See [Use PowerShell cmdlets to configure and run Microsoft Defender Antivirus](u
 > You can also set **-SubmitSamplesConsent** to `SendSafeSamples` (the default setting), `NeverSend`, or `AlwaysPrompt`. The `SendSafeSamples` setting means that most samples will be sent automatically. Files that are likely to contain personal information will still prompt and require additional confirmation.
 
 >[!WARNING]
-> Setting **-SubmitSamplesConsent** to `NeverSend` or `AlwaysPrompt` will lower the protection level of the device. In addition, setting it to `NeverSend` means that the [Block at First Sight](configure-block-at-first-sight-microsoft-defender-antivirus.md) feature of Microsoft Defender ATP won't work.
+> Setting **-SubmitSamplesConsent** to `NeverSend` or `AlwaysPrompt` will lower the protection level of the device. In addition, setting it to `NeverSend` means that the [Block at First Sight](configure-block-at-first-sight-microsoft-defender-antivirus.md) feature of Microsoft Defender for Endpoint won't work.
 
 ## Use Windows Management Instruction (WMI) to enable cloud-delivered protection
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md
index 6f1c2b1ce8..0cba7e0b50 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md
@@ -27,7 +27,7 @@ manager: dansimp
 Use this guide to determine how well Microsoft Defender Antivirus protects you from viruses, malware, and potentially unwanted applications.
 
 >[!TIP]
->You can also visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work:
+>You can also visit the Microsoft Defender for Endpoint demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work:
 >- Cloud-delivered protection
 >- Fast learning (including Block at first sight)
 >- Potentially unwanted application blocking
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md
index 2ac2800429..604fc20a9a 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ ms.custom: nextgen
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
 <a id="protection-updates"></a>
 <!-- this has been used as anchor in VDI content -->
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md
index e9bcff7d72..f141caebc4 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md
@@ -23,11 +23,11 @@ ms.custom: nextgen
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
 ## Microsoft Defender Antivirus: Your next-generation protection
 
-Microsoft Defender Antivirus is the next-generation protection component of Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP). Next-generation protection brings together machine learning, big-data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect devices in your enterprise organization. Next-generation protection services include the following:
+Microsoft Defender Antivirus is the next-generation protection component of Microsoft Defender for Endpoint. Next-generation protection brings together machine learning, big-data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect devices in your enterprise organization. Next-generation protection services include the following:
 
 - [Behavior-based, heuristic, and real-time antivirus protection](configure-protection-features-microsoft-defender-antivirus.md). This includes always-on scanning using file and process behavior monitoring and other heuristics (also known as "real-time protection"). It also includes detecting and blocking apps that are deemed unsafe, but may not be detected as malware.
 - [Cloud-delivered protection](utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md). This includes near-instant detection and blocking of new and emerging threats.
@@ -35,7 +35,7 @@ Microsoft Defender Antivirus is the next-generation protection component of Micr
 
 ## Try a demo!
 
-Visit the [Microsoft Defender ATP demo website](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following protection features are working and explore them using demo scenarios:
+Visit the [Microsoft Defender for Endpoint demo website](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following protection features are working and explore them using demo scenarios:
 - Cloud-delivered protection
 - Block at first sight (BAFS) protection
 - Potentially unwanted applications (PUA) protection
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md
index 76701c22f2..0b7e4ccdd6 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md
@@ -179,7 +179,7 @@ If you are using a third-party antivirus solution and you're running into issues
 
 - See the question "Should I run Microsoft security software at the same time as other security products?" on the [Windows Defender Security Intelligence Antivirus and antimalware software FAQ](https://www.microsoft.com/wdsi/help/antimalware-faq#multiple-products).
 
-- See [Better together: Microsoft Defender Antivirus and Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/why-use-microsoft-antivirus). This article describes 10 advantages to using Microsoft Defender Antivirus together with Microsoft Defender Advanced Threat Protection.
+- See [Better together: Microsoft Defender Antivirus and Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/why-use-microsoft-antivirus). This article describes 10 advantages to using Microsoft Defender Antivirus together with Defender for Endpoint.
 
 If you determine you do want to uninstall Microsoft Defender Antivirus, follow the steps in the following sections.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md
index 75153c281f..e4f4d4c952 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md
@@ -39,7 +39,7 @@ Settings that were previously part of the Windows Defender client and main Windo
 
 See the [Windows Security article](/windows/threat-protection/windows-defender-security-center/windows-defender-security-center) for more information on other Windows security features that can be monitored in the app.
 
-The Windows Security app is a client interface on Windows 10, version 1703 and later. It is not the Microsoft Defender Security Center web portal that is used to review and manage [Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md).
+The Windows Security app is a client interface on Windows 10, version 1703 and later. It is not the Microsoft Defender Security Center web portal that is used to review and manage [Microsoft Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md).
 
 ## Review virus and threat protection settings in the Windows Security app
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/office-365-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/office-365-microsoft-defender-antivirus.md
index 30030fb3b1..eb9a31fb16 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/office-365-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/office-365-microsoft-defender-antivirus.md
@@ -32,7 +32,7 @@ You might already know that:
 
 - **Microsoft Defender Antivirus protects your Windows 10 device from software threats, such as viruses, malware, and spyware**. Microsoft Defender Antivirus is your complete, ongoing protection, built into Windows 10 and ready to go. [Microsoft Defender Antivirus is your next-generation protection](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10). 
 
-- **Office 365 includes antiphishing, antispam, and antimalware protection**. With your Office 365 subscription, you get premium email and calendars, Office apps, 1 TB of cloud storage (via OneDrive), and advanced security across all your devices. This is true for home and business users. And if you're a business user, and your organization is using Office 365 E5, you get even more protection through Office 365 Advanced Threat Protection. [Protect against threats with Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/protect-against-threats).
+- **Office 365 includes antiphishing, antispam, and antimalware protection**. With your Office 365 subscription, you get premium email and calendars, Office apps, 1 TB of cloud storage (via OneDrive), and advanced security across all your devices. This is true for home and business users. And if you're a business user, and your organization is using Office 365 E5, you get even more protection through Microsoft Defender for Office 365 [Protect against threats with Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/protect-against-threats).
 
 - **OneDrive, included in Office 365, enables you to store your files and folders online, and share them as you see fit**. You can work together with people (for work or fun), and coauthor files that are stored in OneDrive. You can also access your files across all your devices (your PC, phone, and tablet). [Manage sharing in OneDrive](https://docs.microsoft.com/OneDrive/manage-sharing).
 
@@ -48,9 +48,9 @@ Read the following sections to learn more.
 
 When you save your files to [OneDrive](https://docs.microsoft.com/onedrive), and [Microsoft Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10) detects a ransomware threat on your device, the following things occur:
 
-1. **You are told about the threat**. (If your organization is using [Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection) (ATP), your security operations team is notified, too.)
+1. **You are told about the threat**. (If your organization is using [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection), your security operations team is notified, too.)
 
-2. **Microsoft Defender Antivirus helps you (and your organization's security team) remove the ransomware** from your device(s). (If your organization is using Microsoft Defender ATP, your security operations team can determine whether other devices are infected and take appropriate action, too.)
+2. **Microsoft Defender Antivirus helps you (and your organization's security team) remove the ransomware** from your device(s). (If your organization is using Microsoft Defender for Endpoint, your security operations team can determine whether other devices are infected and take appropriate action, too.)
 
 3. **You get the option to recover your files in OneDrive**. With the OneDrive Files Restore feature, you can recover your files in OneDrive to the state they were in before the ransomware attack occurred. See [Ransomware detection and recovering your files](https://support.office.com/article/0d90ec50-6bfd-40f4-acc7-b8c12c73637f).
 
@@ -58,19 +58,19 @@ Think of the time and hassle this can save.
 
 ## Integration means better protection
 
-Office 365 Advanced Threat Protection integrated with Microsoft Defender Advanced Threat Protection means better protection for your organization. Here's how:
+Microsoft Defender for Office 365 integrated with Microsoft Defender for Endpoint means better protection for your organization. Here's how:
 
-- [Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp) safeguards your organization against malicious threats posed in email messages, email attachments, and links (URLs) in Office documents.
+- [Microsoft Defender for Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp) safeguards your organization against malicious threats posed in email messages, email attachments, and links (URLs) in Office documents.
 
     AND
 
-- [Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection) protects your devices from cyber threats, detects advanced attacks and data breaches, automates security incidents, and improves your security posture.
+- [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection) protects your devices from cyber threats, detects advanced attacks and data breaches, automates security incidents, and improves your security posture.
 
     SO
 
 - Once integration is enabled, your security operations team can see a list of devices that are used by the recipients of any detected URLs or email messages, along with recent alerts for those devices, in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)).
 
-If you haven't already done so, [integrate Office 365 Advanced Threat Protection with Microsoft Defender ATP](https://docs.microsoft.com/microsoft-365/security/office-365-security/integrate-office-365-ti-with-wdatp).
+If you haven't already done so, [integrate Microsoft Defender for Office 365 with Microsoft Defender for Endpoint](https://docs.microsoft.com/microsoft-365/security/office-365-security/integrate-office-365-ti-with-wdatp).
 
 ## More good reasons to use OneDrive
 
@@ -82,8 +82,8 @@ Protection from ransomware is one great reason to put your files in OneDrive. An
 
 [OneDrive](https://docs.microsoft.com/onedrive)
 
-[Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp?view=o365-worldwide)
+[Microsoft Defender for Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp?view=o365-worldwide)
 
-[Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection/)
+[Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md
index e12cd18d65..bc77598593 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md
@@ -40,7 +40,7 @@ With the setting set to **Disabled** or not configured:
 ![Screenshot of Windows Security showing the shield icon and virus and threat protection section](images/defender/wdav-headless-mode-off-1703.png)
 
 >[!NOTE]
->Hiding the interface will also prevent Microsoft Defender Antivirus notifications from appearing on the endpoint. Microsoft Defender Advanced Threat Protection notifications will still appear. You can also individually [configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md)
+>Hiding the interface will also prevent Microsoft Defender Antivirus notifications from appearing on the endpoint. Microsoft Defender for Endpoint notifications will still appear. You can also individually [configure the notifications that appear on endpoints](configure-notifications-microsoft-defender-antivirus.md)
 
 In earlier versions of Windows 10, the setting will hide the Windows Defender client interface. If the user attempts to open it, they will receive a warning that says, "Your system administrator has restricted access to this app."
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
index 09535418a1..801706b95c 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
@@ -21,7 +21,7 @@ manager: dansimp
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
 You can find help here if you encounter issues while migrating from a third-party security solution to Microsoft Defender Antivirus.
 
@@ -49,7 +49,7 @@ This issue can manifest in the form of  several different event IDs, all of whic
 
 ### How to tell if Microsoft Defender Antivirus won't start because a third-party antivirus is installed
 
-On a Windows 10 device, if you are not using Microsoft Defender Advanced Threat Protection (ATP), and you have a third-party antivirus installed, then Microsoft Defender Antivirus will be automatically turned off. If you are using Microsoft Defender ATP with a third-party antivirus installed, Microsoft Defender Antivirus will start in passive mode, with reduced functionality.
+On a Windows 10 device, if you are not using Microsoft Defender for Endpoint, and you have a third-party antivirus installed, then Microsoft Defender Antivirus will be automatically turned off. If you are using Microsoft Defender for Endpoint with a third-party antivirus installed, Microsoft Defender Antivirus will start in passive mode, with reduced functionality.
 
 > [!TIP]
 > The scenario just described applies only to Windows 10. Other versions of Windows have [different responses](microsoft-defender-antivirus-compatibility.md) to Microsoft Defender Antivirus being run alongside third-party security software.
@@ -121,7 +121,7 @@ Microsoft Defender Antivirus will automatically turn on if no other antivirus is
 > [!WARNING]
 > Solutions suggesting that you edit the *Windows Defender* start values for *wdboot*, *wdfilter*, *wdnisdrv*, *wdnissvc*, and *windefend* in  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services are unsupported, and may force you to re-image your system.
 
-Passive mode is available if you start using Microsoft Defender ATP and a third-party antivirus together with Microsoft Defender Antivirus. Passive mode allows Microsoft Defender to scan files and update itself, but it will not remediate threats. In addition, behavior monitoring via [Real Time Protection](configure-real-time-protection-microsoft-defender-antivirus.md) is not available under passive mode, unless [Endpoint data loss prevention (DLP)](../microsoft-defender-atp/information-protection-in-windows-overview.md) is deployed.
+Passive mode is available if you start using Microsoft Defender for Endpoint and a third-party antivirus together with Microsoft Defender Antivirus. Passive mode allows Microsoft Defender to scan files and update itself, but it will not remediate threats. In addition, behavior monitoring via [Real Time Protection](configure-real-time-protection-microsoft-defender-antivirus.md) is not available under passive mode, unless [Endpoint data loss prevention (DLP)](../microsoft-defender-atp/information-protection-in-windows-overview.md) is deployed.
 
 Another feature, known as [limited periodic scanning](limited-periodic-scanning-microsoft-defender-antivirus.md), is available to end-users when Microsoft Defender Antivirus is set to automatically turn off. This feature allows Microsoft Defender Antivirus to scan files periodically alongside a third-party antivirus, using a limited number of detections.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md
index 5448d13ec7..ba1346ed98 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md
@@ -33,7 +33,7 @@ The tables list:
 - [Internal Microsoft Defender Antivirus client error codes (used by Microsoft during development and testing)](#internal-error-codes)
 
 > [!TIP]
-> You can also visit the Microsoft Defender ATP demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
+> You can also visit the Microsoft Defender for Endpoint demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
 > 
 > - Cloud-delivered protection
 > - Fast learning (including Block at first sight)
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md
index a66172ee17..4693016f63 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md
@@ -27,7 +27,7 @@ manager: dansimp
 > [!IMPORTANT]
 > On March 31, 2020, the Microsoft Defender Antivirus reporting feature of Update Compliance will be removed. You can continue to define and review security compliance policies using [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager), which allows finer control over security features and updates.
 
-You can use Microsoft Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the [Microsoft Defender ATP portal](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see [Windows 10 product licensing options](https://www.microsoft.com/licensing/product-licensing/windows10.aspx).
+You can use Microsoft Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the [Microsoft Defender for Endpoint portal](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see [Windows 10 product licensing options](https://www.microsoft.com/licensing/product-licensing/windows10.aspx).
 
 When you use [Windows Analytics Update Compliance to obtain reporting into the protection status of devices or endpoints](/windows/deployment/update/update-compliance-using#wdav-assessment) in your network that are using Microsoft Defender Antivirus, you might encounter problems or issues.
 
@@ -59,7 +59,7 @@ In order for devices to properly show up in Update Compliance, you have to meet
 > - If the endpoint is running Windows 10 version 1607 or earlier, [Windows 10 diagnostic data must be set to the Enhanced level](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization#enhanced-level).
 > - It has been 3 days since all requirements have been met
 
-“You can use Microsoft Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the Microsoft Defender ATP portal (https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see Windows 10 product licensing options"
+“You can use Microsoft Defender Antivirus with Update Compliance. You’ll see status for E3, B, F1, VL, and Pro licenses. However, for E5 licenses, you need to use the Microsoft Defender for Endpoint portal (https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints). To learn more about licensing options, see Windows 10 product licensing options"
 
 If the above prerequisites have all been met, you might need to proceed to the next step to collect diagnostic information and send it to us.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
index 898e5fcc09..87f46b0cd9 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
 title: Configure Microsoft Defender Antivirus with Group Policy
-description: Learn how to use a Group Policy to configure and manage Microsoft Defender Antivirus on your endpoints in Microsoft Defender ATP.
+description: Learn how to use a Group Policy to configure and manage Microsoft Defender Antivirus on your endpoints in Microsoft Defender for Endpoint.
 keywords: group policy, GPO, configuration, settings
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md
index 6b486451ae..51137f3e9e 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md
@@ -1,6 +1,6 @@
 ---
 title: Configure Microsoft Defender Antivirus with WMI
-description: Learn how to configure and manage Microsoft Defender Antivirus by using WMI scripts to retrieve, modify, and update settings in Microsoft Defender ATP.
+description: Learn how to configure and manage Microsoft Defender Antivirus by using WMI scripts to retrieve, modify, and update settings in Microsoft Defender for Endpoint.
 keywords: wmi, scripts, windows management instrumentation, configuration
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md
index b24a051f44..da103c7192 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md
@@ -25,7 +25,7 @@ ms.custom: nextgen
 
 Microsoft next-generation technologies in Microsoft Defender Antivirus provide near-instant, automated protection against new and emerging threats. To dynamically identify new threats, these technologies work with large sets of interconnected data in the Microsoft Intelligent Security Graph and powerful artificial intelligence (AI) systems driven by advanced machine learning models.  
 
-Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender ATP next-generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
+Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, real-time, and intelligent protection. [Get to know the advanced technologies at the core of Microsoft Defender for Endpoint next-generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
 ![List of Microsoft Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)  
 
 To take advantage of the power and speed of these next-generation technologies, Microsoft Defender Antivirus works seamlessly with Microsoft cloud services. These cloud protection services, also referred to as Microsoft Advanced Protection Service (MAPS), enhances standard real-time protection, providing arguably the best antivirus defense. 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/why-use-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/why-use-microsoft-defender-antivirus.md
index dc28f1eb2f..56c8f7668f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/why-use-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/why-use-microsoft-defender-antivirus.md
@@ -1,5 +1,5 @@
 ---
-title: "Why you should use Microsoft Defender Antivirus together with Microsoft Defender Advanced Threat Protection"
+title: "Why you should use Microsoft Defender Antivirus together with Microsoft Defender for Endpoint"
 description: "For best results, use Microsoft Defender Antivirus together with your other Microsoft offerings."
 keywords: windows defender, antivirus, third party av
 search.product: eADQiWindows 10XVcnh
@@ -16,39 +16,39 @@ ms.reviewer:
 manager: dansimp
 ---
 
-# Better together: Microsoft Defender Antivirus and Microsoft Defender Advanced Threat Protection
+# Better together: Microsoft Defender Antivirus and Microsoft Defender for Endpoint
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
 **Applies to:**
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp)
+- [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp)
 
-Microsoft Defender Antivirus is the next-generation protection component of [Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) (Microsoft Defender ATP). 
+Microsoft Defender Antivirus is the next-generation protection component of [Microsoft Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) (Microsoft Defender for Endpoint). 
 
-Although you can use a non-Microsoft antivirus solution with Microsoft Defender ATP, there are advantages to using Microsoft Defender Antivirus together with Microsoft Defender ATP. Not only is Microsoft Defender Antivirus an excellent next-generation antivirus solution, but combined with other Microsoft Defender ATP capabilities, such as [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) and [automated investigation and remediation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations), you get better protection that's coordinated across products and services. 
+Although you can use a non-Microsoft antivirus solution with Microsoft Defender for Endpoint, there are advantages to using Microsoft Defender Antivirus together with Defender for Endpoint. Not only is Microsoft Defender Antivirus an excellent next-generation antivirus solution, but combined with other Defender for Endpoint capabilities, such as [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) and [automated investigation and remediation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/automated-investigations), you get better protection that's coordinated across products and services. 
 
-## 11 reasons to use Microsoft Defender Antivirus together with Microsoft Defender ATP
+## 11 reasons to use Microsoft Defender Antivirus together with Microsoft Defender for Endpoint
 
 | |Advantage  |Why it matters |
 |--|--|--|
-|1|Antivirus signal sharing |Microsoft applications and services share signals across your enterprise organization, providing a stronger single platform. See [Insights from the MITRE ATT&CK-based evaluation of Microsoft Defender ATP](https://www.microsoft.com/security/blog/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp/). |
+|1|Antivirus signal sharing |Microsoft applications and services share signals across your enterprise organization, providing a stronger single platform. See [Insights from the MITRE ATT&CK-based evaluation of Microsoft Defender for Endpoint](https://www.microsoft.com/security/blog/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp/). |
 |2|Threat analytics and your score for devices |Microsoft Defender Antivirus collects underlying system data used by [threat analytics](../microsoft-defender-atp/threat-analytics.md) and [Microsoft Secure Score for Devices](../microsoft-defender-atp/tvm-microsoft-secure-score-devices.md). This provides your organization's security team with more meaningful information, such as recommendations and opportunities to improve your organization's security posture. |
-|3|Performance |Microsoft Defender ATP is designed to work with Microsoft Defender Antivirus, so you get better performance when you use these offerings together. [Evaluate Microsoft Defender Antivirus](evaluate-microsoft-defender-antivirus.md) and [Microsoft Defender ATP](../microsoft-defender-atp/evaluate-atp.md).|
-|4|Details about blocked malware |More details and actions for blocked malware are available with Microsoft Defender Antivirus and Microsoft Defender ATP. [Understand malware & other threats](../intelligence/understanding-malware.md).|
+|3|Performance |Microsoft Defender for Endpoint is designed to work with Microsoft Defender Antivirus, so you get better performance when you use these offerings together. [Evaluate Microsoft Defender Antivirus](evaluate-microsoft-defender-antivirus.md) and [Microsoft Defender for Endpoint](../microsoft-defender-atp/evaluate-atp.md).|
+|4|Details about blocked malware |More details and actions for blocked malware are available with Microsoft Defender Antivirus and Microsoft Defender for Endpoint. [Understand malware & other threats](../intelligence/understanding-malware.md).|
 |5|Network protection |Your organization's security team can protect your network by blocking specific URLs and IP addresses. [Protect your network](../microsoft-defender-atp/network-protection.md).|
 |6|File blocking |Your organization's security team can block specific files. [Stop and quarantine files in your network](../microsoft-defender-atp/respond-file-alerts.md#stop-and-quarantine-files-in-your-network).|
 |7|Attack Surface Reduction |Your organization's security team can reduce your vulnerabilities (attack surfaces), giving  attackers fewer ways to perform attacks. Attack surface reduction uses cloud protection for a number of rules. [Get an overview of attack surface reduction](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction).|
 |8|Auditing events |Auditing event signals are available in [endpoint detection and response capabilities](../microsoft-defender-atp/overview-endpoint-detection-response.md). (These signals are not available with non-Microsoft antivirus solutions.) |
 |9|Geographic data |Compliant with ISO 270001 and data retention, geographic data is provided according to your organization's selected geographic sovereignty. See [Compliance offerings: ISO/IEC 27001:2013 Information Security Management Standards](https://docs.microsoft.com/microsoft-365/compliance/offering-iso-27001). |
 |10|File recovery via OneDrive |If you are using Microsoft Defender Antivirus together with [Office 365](https://docs.microsoft.com/Office365/Enterprise), and your device is attacked by ransomware, your files are protected and recoverable. [OneDrive Files Restore and Windows Defender take ransomware protection one step further](https://techcommunity.microsoft.com/t5/Microsoft-OneDrive-Blog/OneDrive-Files-Restore-and-Windows-Defender-takes-ransomware/ba-p/188001).|
-|11|Technical support |By using Microsoft Defender ATP together with Microsoft Defender Antivirus, you have one company to call for technical support. [Troubleshoot service issues](../microsoft-defender-atp/troubleshoot-mdatp.md) and [review event logs and error codes with Microsoft Defender Antivirus](troubleshoot-microsoft-defender-antivirus.md). |
+|11|Technical support |By using Microsoft Defender for Endpoint together with Microsoft Defender Antivirus, you have one company to call for technical support. [Troubleshoot service issues](../microsoft-defender-atp/troubleshoot-mdatp.md) and [review event logs and error codes with Microsoft Defender Antivirus](troubleshoot-microsoft-defender-antivirus.md). |
 
 
 ## Learn more
 
-[Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md)
+[Microsoft Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md)
 
 [Threat & Vulnerability Management](../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md)
 

From 5678011fa0b2ef4bfbc4f55cf481e4139b74f1e5 Mon Sep 17 00:00:00 2001
From: Daniel Simpson <dansimp@microsoft.com>
Date: Mon, 9 Nov 2020 07:47:12 -0800
Subject: [PATCH 27/39] Update
 deploy-manage-report-microsoft-defender-antivirus.md

---
 .../deploy-manage-report-microsoft-defender-antivirus.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
index a543229569..d2339875a5 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
@@ -29,7 +29,7 @@ You can deploy, manage, and report on Microsoft Defender Antivirus in a number o
 
 Because the Microsoft Defender Antivirus client is installed as a core part of Windows 10, traditional deployment of a client to your endpoints does not apply.
 
-However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Azure Defender*, or Group Policy Objects, which is described in the following table.
+However, in most cases you will still need to enable the protection service on your endpoints with Microsoft Intune, Microsoft Endpoint Configuration Manager, Azure Defender, or Group Policy Objects, which is described in the following table.
 
 You'll also see additional links for:
 

From 8bebb8ce9893ed0927acdedf80653f6807281fd1 Mon Sep 17 00:00:00 2001
From: Daniel Simpson <dansimp@microsoft.com>
Date: Mon, 9 Nov 2020 07:47:39 -0800
Subject: [PATCH 28/39] Update deployment-vdi-microsoft-defender-antivirus.md

---
 .../deployment-vdi-microsoft-defender-antivirus.md              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
index a5a51e53c9..8139e27e9a 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
@@ -28,7 +28,7 @@ In addition to standard on-premises or hardware configurations, you can also use
 
 See [Windows Virtual Desktop Documentation](https://docs.microsoft.com/azure/virtual-desktop) for more details on Microsoft Remote Desktop Services and VDI support.
 
-For Azure-based virtual machines, you can also review the [Install Endpoint Protection in Azure Defender*](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection) topic.
+For Azure-based virtual machines, you can also review the [Install Endpoint Protection in Azure Defender](https://docs.microsoft.com/azure/security-center/security-center-install-endpoint-protection) topic.
 
 With the ability to easily deploy updates to VMs running in VDIs, we've shortened this guide to focus on how you can get updates on your machines quickly and easily. You no longer need to create and seal golden images on a periodic basis, as updates are expanded into their component bits on the host server and then downloaded directly to the VM when it's turned on.
 

From 858fbfad2840a4d2ea7bc53bf9890592cf57e5a3 Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:01:39 -0800
Subject: [PATCH 29/39] pencil edit

---
 .../microsoft-defender-atp/fix-unhealthy-sensors.md             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
index 8195b512e5..d99c088bfe 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
@@ -76,7 +76,7 @@ Follow theses actions to correct known issues related to a misconfigured device
   The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Defender for Endpoint service.
 
 - [Verify client connectivity to Microsoft Defender for Endpoint service URLs](configure-proxy-internet.md#verify-client-connectivity-to-microsoft-defender-atp-service-urls)</br>
-  Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Defender for Endpoint service URLs.
+  Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Microsoft Defender for Endpoint service URLs.
 
 - [Ensure the diagnostic data service is enabled](troubleshoot-onboarding.md#ensure-the-diagnostics-service-is-enabled)</br>
 If the devices aren't reporting correctly, you might need to check that the Windows 10 diagnostic data service is set to automatically start and is running on the endpoint.

From d41871c34f9d2e807c4860eb582efb18111a99cc Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:02:17 -0800
Subject: [PATCH 30/39] pencil edit

---
 .../microsoft-defender-atp/get-alert-info-by-id.md              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
index 81cd7a519f..14a50992e6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From ce3a589c2deb50ea222a75498393f9eb9776d068 Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:03:06 -0800
Subject: [PATCH 31/39] pencil edit

---
 .../microsoft-defender-atp/fix-unhealthy-sensors.md         | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
index d99c088bfe..a7ba836767 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
@@ -23,11 +23,9 @@ ms.date: 11/06/2020
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:**
+**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-
->Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-fixsensor-abovefoldlink)
+- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-fixsensor-abovefoldlink)
 
 Devices that are categorized as misconfigured or inactive can be flagged due to varying causes. This section provides some explanations as to what might have caused a device to be categorized as inactive or misconfigured.
 

From 1e4741c480f411848e6dbd9d7ec6e6363b4feb22 Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:03:59 -0800
Subject: [PATCH 32/39] pencil edit

---
 .../microsoft-defender-atp/fix-unhealthy-sensors.md             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
index a7ba836767..9fd27bc18b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
@@ -71,7 +71,7 @@ A misconfigured device with status ‘No sensor data’ has communication with t
 Follow theses actions to correct known issues related to a misconfigured device with status ‘No sensor data’:
 
 - [Ensure the device has Internet connection](troubleshoot-onboarding.md#troubleshoot-onboarding-issues-on-the-device)</br>
-  The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Defender for Endpoint service.
+  The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Microsoft Defender for Endpoint service.
 
 - [Verify client connectivity to Microsoft Defender for Endpoint service URLs](configure-proxy-internet.md#verify-client-connectivity-to-microsoft-defender-atp-service-urls)</br>
   Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Microsoft Defender for Endpoint service URLs.

From 4e81b7d2fe5a40fbee39ada0354fe62c84261c09 Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:04:38 -0800
Subject: [PATCH 33/39] pencil edit

---
 .../microsoft-defender-atp/fix-unhealthy-sensors.md             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
index 9fd27bc18b..56329342d7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
@@ -25,7 +25,7 @@ ms.date: 11/06/2020
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-fixsensor-abovefoldlink)
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-fixsensor-abovefoldlink)
 
 Devices that are categorized as misconfigured or inactive can be flagged due to varying causes. This section provides some explanations as to what might have caused a device to be categorized as inactive or misconfigured.
 

From 224218dd3188763879d1bcfc784b5676deb5825a Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:05:23 -0800
Subject: [PATCH 34/39] pencil edit

---
 .../microsoft-defender-atp/fix-unhealthy-sensors.md             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
index 56329342d7..d145c75685 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
@@ -59,7 +59,7 @@ This status indicates that there's limited communication between the device and
 The following suggested actions can help fix issues related to a misconfigured device with impaired communications:
 
 - [Ensure the device has Internet connection](troubleshoot-onboarding.md#troubleshoot-onboarding-issues-on-the-device)</br>
-  The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Defender for Endpoint service.
+  The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Microsoft Defender for Endpoint service.
 
 - [Verify client connectivity to Microsoft Defender for Endpoint service URLs](configure-proxy-internet.md#verify-client-connectivity-to-microsoft-defender-atp-service-urls)</br>
   Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Defender for Endpoint service URLs.

From 1a326c04827e7328202c54a7e0c7aa303202bba7 Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:07:20 -0800
Subject: [PATCH 35/39] pencil edit

---
 .../microsoft-defender-atp/fix-unhealthy-sensors.md             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
index d145c75685..ce92f63d99 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
@@ -62,7 +62,7 @@ The following suggested actions can help fix issues related to a misconfigured d
   The Window Defender ATP sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Microsoft Defender for Endpoint service.
 
 - [Verify client connectivity to Microsoft Defender for Endpoint service URLs](configure-proxy-internet.md#verify-client-connectivity-to-microsoft-defender-atp-service-urls)</br>
-  Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Defender for Endpoint service URLs.
+  Verify the proxy configuration completed successfully, that WinHTTP can discover and communicate through the proxy server in your environment, and that the proxy server allows traffic to the Microsoft Defender for Endpoint service URLs.
 
 If you took corrective actions and the device status is still misconfigured, [open a support ticket](https://go.microsoft.com/fwlink/?LinkID=761093&clcid=0x409).
 

From 9fb01d4e23f2cd53a0d6caf3e57ad2d8f199f01a Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:08:38 -0800
Subject: [PATCH 36/39] pencil edit

---
 .../microsoft-defender-atp/get-alert-related-user-info.md       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
index 63b8b20872..3e96ce7383 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
@@ -23,7 +23,7 @@ ms.topic: article
 
 **Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
 
-- Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
 ## API description

From eb2d95dcd5731f80176fd44d7544c1341be8274b Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:10:41 -0800
Subject: [PATCH 37/39] pencil edit

---
 .../threat-protection/microsoft-defender-atp/get-alerts.md      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
index c2d2b8b8e3..a7c825d739 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
@@ -263,4 +263,4 @@ Here is an example of the response.
 
 
 ## See also
-- [OData queries with Defender for Endpoint](exposed-apis-odata-samples.md)
+- [OData queries with Microsoft Defender for Endpoint](exposed-apis-odata-samples.md)

From ba96a4088330f20d275e86327ba4471d61c9f30b Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:14:02 -0800
Subject: [PATCH 38/39] pencil edit

---
 .../microsoft-defender-atp/get-investigation-collection.md      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
index 9963f6cf47..1e976abcb0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
@@ -39,7 +39,7 @@ Retrieves a collection of [Investigations](investigation.md).
 
 
 ## Permissions
-One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Defender for Endpoint APIs](apis-intro.md)
+One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender for Endpoint APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---

From 445d926765a8d0b98a73e15cd95d4b045fbf21e0 Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Mon, 9 Nov 2020 10:14:45 -0800
Subject: [PATCH 39/39] pencil edit

---
 .../microsoft-defender-atp/get-investigation-collection.md      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
index 1e976abcb0..296f7c81ce 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
@@ -30,7 +30,7 @@ ms.topic: article
 Retrieves a collection of [Investigations](investigation.md).
 <br>Supports [OData V4 queries](https://www.odata.org/documentation/).
 <br>The OData's ```$filter``` query is supported on: ```startTime```, ```state```, ```machineId``` and ```triggeringAlertId``` properties.
-<br>See examples at [OData queries with Defender for Endpoint](exposed-apis-odata-samples.md)
+<br>See examples at [OData queries with Microsoft Defender for Endpoint](exposed-apis-odata-samples.md)
 
 
 ## Limitations