Merge branch 'master' into deploy

2025-07-01 18:23:47 +00:00 · 2020-02-28 13:26:07 -08:00
parent 333dcd6325 d92b554b3d
commit 10d1f78161
25 changed files with 323 additions and 222 deletions
--- a/devices/hololens/hololens-FAQ.md
+++ b/devices/hololens/hololens-FAQ.md
@ -154,7 +154,18 @@ To make sure HoloLens can see your gestures, keep your hand in the gesture frame
 ## HoloLens doesn't respond to my voice
-If Cortana isn't responding to your voice, make sure Cortana is on. In the **All apps** list, select **Cortana** > **Menu** > **Notebook** > **Settings** to make changes. To learn more about what you can say, see [Use your voice with HoloLens](hololens-cortana.md).
+If your HoloLens is not responding to your voice, make sure Speech recognition is on. Go to **Start > Settings > Privacy > Speech** and turn on **Speech recognition**. 
 > [!NOTE]
 > This setting isn't available on HoloLens (1st Gen) because speech recognition is always on and cannot be disabled
 If Cortana isn't responding to your voice, make sure Cortana is on by enabling **Online speech recognition** in that same menu.
 - You can also easily reach this menu on HoloLens 2 by selecting the "Speech settings" button, or saying "Speech settings" while in the start menu after enabling Speech recognition.  
 - If Cortana is still not responding after enabling Online speech recognition, In the **All apps** list, select and launch **Cortana** > select **Menu** > **Notebook** > **Settings** to make changes. 
 To learn more about what you can say, see [Use your voice with HoloLens](hololens-cortana.md).
 [Back to list](#list)
@ -194,7 +205,7 @@ If that doesn't help, see [Restart or recover the HoloLens clicker](hololens1-cl
 Here are some things to try if you can't connect to Wi-Fi on HoloLens:
- Make sure Wi-Fi is turned on. Bloom to go to Start, then select **Settings** > **Network &amp; Internet** > **Wi-Fi** to check. If Wi-Fi is on, try turning it off and on again.
+- Make sure Wi-Fi is turned on. Preform a Start gesture to open the menu, then select **Settings** > **Network &amp; Internet** > **Wi-Fi** to check. If Wi-Fi is on, try turning it off and on again.
 - Move closer to the router or access point.
 - Restart your Wi-Fi router, then [restart HoloLens](hololens-recovery.md). Try connecting again.
 - If none of these things work, check to make sure your router is using the latest firmware. You can find this information on the manufacturers website.
--- a/devices/hololens/hololens-commercial-infrastructure.md
+++ b/devices/hololens/hololens-commercial-infrastructure.md
@ -102,6 +102,7 @@ These steps ensure that your company’s users (or a group of users) can add dev
 > [!NOTE]
 > This step is only necessary if your company plans to manage the HoloLens.
 Ongoing device management will depend on your mobile device management infrastructure.  Most have the same general functionality but the user interface may vary widely.
 1. [CSPs (Configuration Service Providers)](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices) allows you to create and deploy management settings for the devices on your network. A list of CSPs for HoloLens can be found [here](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices).
--- a/devices/hololens/hololens-updates.md
+++ b/devices/hololens/hololens-updates.md
@ -67,7 +67,7 @@ To go back to a previous version of HoloLens (1st gen), follow these steps:
 > [!NOTE]
 > If the WDRT doesn't detect your HoloLens, try restarting your PC. If that doesn't work, select **My device was not detected**, select **Microsoft HoloLens**, and then follow the instructions.
-# Use policies to manage updates to HoloLens
+## Use policies to manage updates to HoloLens
 > [!NOTE]
 > HoloLens (1st gen) devices must be [upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md) to manage updates.
--- a/devices/hololens/index.md
+++ b/devices/hololens/index.md
@ -47,10 +47,11 @@ appliesto:
 | [What's new in HoloLens](hololens-whats-new.md) | Discover new features in the latest updates via HoloLens release notes. |
 | [Install and manage applications on HoloLens](hololens-install-apps.md) | Install and manage important applications on HoloLens at scale. |
 | [HoloLens update management](hololens-updates.md) | Use mobile device management (MDM) policies to configure settings for updates. |
-| [HoloLens user management](hololens-multiple-users.md) | Multiple users can shared a HoloLens device by using their Azure Active Directory accounts. |
+| [HoloLens user management](hololens-multiple-users.md) | Multiple users can share a HoloLens device by using their Azure Active Directory accounts. |
 | [HoloLens application access management](hololens-kiosk.md) | Manage application access for different user groups.  |
 | [Recover and troubleshoot HoloLens issues](https://support.microsoft.com/products/hololens) |  Learn how to gather logs from HoloLens, recover a misbehaving device, or reset HoloLens when necessary. |
-| [Get support](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in enterprise.  |
+| [Contact Support](https://support.microsoft.com/supportforbusiness/productselection) | Create a new support request for the business support team. | 
 | [More support options](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in the enterprise. |
 ## Related resources
--- a/devices/surface-hub/surface-hub-2s-manage-intune.md
+++ b/devices/surface-hub/surface-hub-2s-manage-intune.md
@ -9,7 +9,7 @@ ms.author: greglin
 manager: laurawi
 audience: Admin
 ms.topic: article
-ms.date: 06/20/2019
+ms.date: 02/28/2020
 ms.localizationpriority: Medium
 ---
@ -48,9 +48,9 @@ To ensure optimal video and audio quality on Surface Hub 2S, add the following Q
 |**Name**|**Description**|**OMA-URI**|**Type**|**Value**|
 |:------ |:------------- |:--------- |:------ |:------- |
-|**Audio Ports**| Audio Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubAudio/SourcePortMatchCondition | String  | 50000-50019 |
+|**Audio Ports**| Audio Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubAudio/DestinationPortMatchCondition | String  | 3478-3479 |
 |**Audio DSCP**| Audio ports marking | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubAudio/DSCPAction | Integer | 46 |
-|**Video Ports**| Video Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubVideo/SourcePortMatchCondition | String  | 50020-50039 |
+|**Video Ports**| Video Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubVideo/DestinationPortMatchCondition | String  | 3480 |
 |**Video DSCP**| Video ports marking | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubVideo/DSCPAction | Integer | 34 |
 > [!NOTE]
--- a/devices/surface/surface-dock-firmware-update.md
+++ b/devices/surface/surface-dock-firmware-update.md
@ -1,6 +1,6 @@
 ---
 title: Microsoft Surface Dock Firmware Update
-description: This article explains how to use Microsoft Surface Dock Firmware Update, newly redesigned to update Surface Dock firmware while running in the background on your Surface device.
+description: This article explains how to use Microsoft Surface Dock Firmware Update to update Surface Dock firmware. When installed on your Surface device, it will update any Surface Dock attached to your Surface device.
 ms.localizationpriority: medium
 ms.prod: w10
 ms.mktglfcycl: manage
@ -11,6 +11,7 @@ ms.topic: article
 ms.reviewer: scottmca
 manager: dansimp
 ms.audience: itpro
 ms.date: 02/07/2020
 ---
 # Microsoft Surface Dock Firmware Update
@ -32,12 +33,14 @@ This section is optional and provides an overview of how to monitor installation
 To monitor the update:
 1. Open Event Viewer, browse to **Windows Logs > Application**, and then under **Actions** in the right-hand pane click **Filter Current Log**, enter **SurfaceDockFwUpdate** next to **Event sources**, and then click **OK**.
 2. Type the following command at an elevated command prompt:
    ```cmd
    Reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters"
    ```
 3. Install the update as described in the [next section](#install-the-surface-dock-firmware-update) of this article.
 4. Event 2007 with the following text indicates a successful update: **Firmware update finished. hr=0 DriverTelementry EventCode = 2007**. 
    - If the update is not successful, then event ID 2007 will be displayed as an **Error** event rather than **Information**. Additionally, the version reported in the Windows Registry will not be current.
 5. When the update is complete, updated DWORD values will be displayed in the Windows Registry, corresponding to the current version of the tool. See the [Versions reference](#versions-reference) section in this article for details. For example:
--- a/windows/client-management/mdm/policy-csp-restrictedgroups.md
+++ b/windows/client-management/mdm/policy-csp-restrictedgroups.md
@ -127,11 +127,10 @@ Here is an example:
 <groupmembership>
    <accessgroup desc = "Administrators">
        <member name = "AzureAD\CSPTest@contoso.com" />
        <member name = "CSPTest22306\administrator" />
        <member name = "AzureAD\patlewis@contoso.com" />
        <member name = "S-1-15-1233433-23423432423-234234324"/>
    </accessgroup>
    <accessgroup desc = "testcsplocal">
        <member name = "CSPTEST22306\patlewis" />
        <member name = "AzureAD\CSPTest@contoso.com" />
    </accessgroup>
 </groupmembership>
@ -157,4 +156,3 @@ Footnotes:
 -   6 - Added in Windows 10, version 1903.
 <!--/Policies-->
--- a/windows/privacy/manage-windows-1903-endpoints.md
+++ b/windows/privacy/manage-windows-1903-endpoints.md
@ -161,7 +161,6 @@ The following methodology was used to derive these network endpoints:
 |||HTTPS|ris.api.iris.microsoft.com|
 |Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads will not be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network will not use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)|
 |||HTTPS|*.prod.do.dsp.mp.microsoft.com|
 |||HTTP|cs9.wac.phicdn.net|
 |||HTTP|emdl.ws.microsoft.com|
 ||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device will not be able to download updates for the operating system.|HTTP|*.dl.delivery.mp.microsoft.com|
 |||HTTP|*.windowsupdate.com|
--- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
+++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml
@ -37,7 +37,6 @@ sections:
      <tr><td><div id='374msg'></div><b>MSRT might fail to install and be re-offered from Windows Update or WSUS </b><br>The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.<br><br><a href = '#374msgdesc'>See details ></a></td><td><br><a href ='' target='_blank'></a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>January 23, 2020 <br>02:08 PM PT</td></tr>
      <tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='329msg'></div><b>You may receive an error when opening or using the Toshiba Qosmio AV Center</b><br>Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.<br><br><a href = '#329msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>September 24, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><div id='307msg'></div><b>Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV</b><br>Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed<br><br><a href = '#307msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved External<br></td><td>August 27, 2019 <br>02:29 PM PT</td></tr>
      </table>
      "
@ -84,12 +83,3 @@ sections:
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='329msgdesc'></div><b>You may receive an error when opening or using the Toshiba Qosmio AV Center</b><div>After installing <a href='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a>, you may receive an error when opening or using the Toshiba <strong>Qosmio AV Center</strong>.&nbsp;You may also receive an error in <strong>Event Log</strong> related to cryptnet.dll.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a>.</div><br><a href ='#329msg'>Back to top</a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>Resolved:<br>September 24, 2019 <br>10:00 AM PT<br><br>Opened:<br>September 10, 2019 <br>09:48 AM PT</td></tr>
      </table>
      "
 - title: August 2019
 - items:
  - type: markdown
    text: "
      <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='307msgdesc'></div><b>Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV</b><div>Symantec identified the potential for a negative interaction that may occur after Windows Updates code signed with SHA-2 only certificates are installed on devices with Symantec or Norton antivirus programs installed. The software may not correctly identify files included in the update as code signed by Microsoft, putting the device at risk for a delayed or incomplete update.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 7 SP1</li><li>Server: Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>The safeguard hold has been removed.&nbsp;Symantec has completed its evaluation of the impact of this update and future updates to Windows 7/Windows 2008 R2 and has determined that there is no increased risk of a false positive detection for all in-field versions of Symantec Endpoint Protection and Norton antivirus programs. See the <a href=\"https://support.symantec.com/us/en/article.tech255857.html\" target=\"_blank\">Symantec support article</a> for additional detail and please reach out to Symantec or Norton support if you encounter any issues.</div><br><a href ='#307msg'>Back to top</a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Resolved External<br></td><td>Last updated:<br>August 27, 2019 <br>02:29 PM PT<br><br>Opened:<br>August 13, 2019 <br>10:05 AM PT</td></tr>
      </table>
      "
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@ -50,6 +50,7 @@ sections:
    text: "
      <table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
      <tr><td id='397'><a href = 'https://support.microsoft.com/help/4535996' target='_blank'><b>February 2020 Windows 10, version 1909 and Windows 10, version 1903 \"D\" optional release is available</b></a><a class='docon docon-link heading-anchor' aria-labelledby='397' href='#397'></a><br><div>The February 2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>February 27, 2020 <br>01:30 PM PT</td></tr>
      <tr><td id='396'><b>February 2020 Windows \"C\" optional release is available.</b><a class='docon docon-link heading-anchor' aria-labelledby='396' href='#396'></a><br><div>The February 2020<strong> </strong>optional monthly “C” release for all supported versions of Windows&nbsp;prior to Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>February 25, 2020 <br>08:00 AM PT</td></tr>
      <tr><td id='394'><b>Status of February 2020 “C” release</b><a class='docon docon-link heading-anchor' aria-labelledby='394' href='#394'></a><br><div>The optional monthly “C” release for February 2020 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our&nbsp;<a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" rel=\"noopener noreferrer\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow <a href=\"https://twitter.com/windowsupdate\" rel=\"noopener noreferrer\" target=\"_blank\"><u>@WindowsUpdate</u></a> for the latest on the availability of this release.</div></td><td>February 21, 2020 <br>12:00 PM PT</td></tr>
      <tr><td id='391'><a href = 'https://support.microsoft.com/help/4542617' target='_blank'><b>Compatibility issue with some Windows Server container images</b></a><a class='docon docon-link heading-anchor' aria-labelledby='391' href='#391'></a><br><div>If you are encountering issues with Windows Server container images, please see <a href=\"https://support.microsoft.com/help/4542617\" rel=\"noopener noreferrer\" target=\"_blank\">KB4542617</a>.</div></td><td>February 13, 2020 <br>03:21 PM PT</td></tr>
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@ -407,6 +407,8 @@
 #### [Next-generation protection](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
 ##### [Better together: Windows Defender Antivirus and Microsoft Defender ATP](windows-defender-antivirus/why-use-microsoft-antivirus.md)
 ##### [Better together: Windows Defender Antivirus and Office 365](windows-defender-antivirus/office-365-windows-defender-antivirus.md)
 #### [Endpoint detection and response](microsoft-defender-atp/overview-endpoint-detection-response.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md
@ -1,5 +1,5 @@
 ---
-title: Create an Application to access Microsoft Defender ATP without a user
+title: Create an app to access Microsoft Defender ATP without a user
 ms.reviewer: 
 description: Learn how to design a web app to get programmatic access to Microsoft Defender ATP without a user.
 keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query
@ -23,104 +23,88 @@ ms.topic: article
 - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-This page describes how to create an application to get programmatic access to Microsoft Defender ATP without a user.
+This page describes how to create an application to get programmatic access to Microsoft Defender ATP without a user. If you need programmatic access to Microsoft Defender ATP on behalf of a user, see [Get access with user context](exposed-apis-create-app-nativeapp.md). If you are not sure which access you need, see [Get started](apis-intro.md).
 If you need programmatic access Microsoft Defender ATP on behalf of a user, see [Get access with user context](exposed-apis-create-app-nativeapp.md)
 If you are not sure which access you need, see [Get started](apis-intro.md).
 Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate work flows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code).
 In general, you’ll need to take the following steps to use the APIs:
- Create an AAD application
+- Create an Azure Active Directory (Azure AD) application.
- Get an access token using this application
+- Get an access token using this application.
- Use the token to access Microsoft Defender ATP API
+- Use the token to access Microsoft Defender ATP API.
-This page explains how to create an AAD application, get an access token to Microsoft Defender ATP and validate the token.
+This article explains how to create an Azure AD application, get an access token to Microsoft Defender ATP, and validate the token.
 ## Create an app
-1. Log on to [Azure](https://portal.azure.com) with user that has **Global Administrator** role.
+1. Log on to [Azure](https://portal.azure.com) with a user that has the **Global Administrator** role.
 2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**. 
   ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png)
-3. In the registration form, choose a name for your application and then click **Register**.
+3. In the registration form, choose a name for your application, and then select **Register**.
-4. Allow your Application to access Microsoft Defender ATP and assign it **'Read all alerts'** permission:
+4. To enable your app to access Microsoft Defender ATP and assign it **'Read all alerts'** permission, on your application page, select **API Permissions** > **Add permission** > **APIs my organization uses** >, type **WindowsDefenderATP**, and then select **WindowsDefenderATP**.
-   - On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**.
+   > [!NOTE]
-
+   > WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
   - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
   ![Image of API access and API selection](images/add-permission.png)
-   - Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions**
+   - Select **Application permissions** > **Alert.Read.All**, and then select **Add permissions**.
   ![Image of API access and API selection](images/application-permissions.png)
-   **Important note**: You need to select the relevant permissions. 'Read All Alerts' is only an example!
+     Note that you need to select the relevant permissions. 'Read All Alerts' is only an example. For instance:
-     For instance,
+     - To [run advanced queries](run-advanced-query-api.md), select the 'Run advanced queries' permission.
-
+     - To [isolate a machine](isolate-machine.md), select the 'Isolate machine' permission.
     - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission
     - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission
     - To determine which permission you need, please look at the **Permissions** section in the API you are interested to call.
-5. Click **Grant consent**
+5. Select **Grant consent**.
-	- **Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect.
+     > [!NOTE]
     > Every time you add a permission, you must select **Grant consent** for the new permission to take effect.
    ![Image of Grant permissions](images/grant-consent.png)
-6. Add a secret to the application.
+6. To add a secret to the application, select **Certificates & secrets**, add a description to the secret, and then select **Add**.
-	- Click **Certificates & secrets**, add description to the secret and click **Add**.
+    > [!NOTE]
-
+    > After you select **Add**, select **copy the generated secret value**. You won't be able to retrieve this value after you leave.
    **Important**: After click Add, **copy the generated secret value**. You won't be able to retrieve after you leave!
    ![Image of create app key](images/webapp-create-key2.png)
-7. Write down your application ID and your tenant ID:
+7. Write down your application ID and your tenant ID. On your application page, go to **Overview** and copy the following.
   - On your application page, go to **Overview** and copy the following:
   ![Image of created app id](images/app-and-tenant-ids.png)
-8. **For Microsoft Defender ATP Partners only** - Set your application to be multi-tenanted (available in all tenants after consent)
+8. **For Microsoft Defender ATP Partners only**. Set your app to be multi-tenanted (available in all tenants after consent). This is **required** for third-party apps (for example, if you create an app that is intended to run in multiple customers' tenant). This is **not required** if you create a service that you want to run in your tenant only (for example, if you create an application for your own usage that will only interact with your own data). To set your app to be multi-tenanted:
-    This is **required** for 3rd party applications (for example, if you create an application that is intended to run in multiple customers tenant).
+    - Go to **Authentication**, and add https://portal.azure.com as the **Redirect URI**.
-    This is **not required** if you create a service that you want to run in your tenant only (i.e. if you create an application for your own usage that will only interact with your own data)
+    - On the bottom of the page, under **Supported account types**, select the **Accounts in any organizational directory** application consent for your multi-tenant app.
-    - Go to **Authentication** > Add https://portal.azure.com as **Redirect URI**.
+    You need your application to be approved in each tenant where you intend to use it. This is because your application interacts Microsoft Defender ATP on behalf of your customer.
-    - On the bottom of the page, under **Supported account types**, mark **Accounts in any organizational directory**
+    You (or your customer if you are writing a third-party app) need to select the consent link and approve your app. The consent should be done with a user who has administrative privileges in Active Directory.
-    - Application consent for your multi-tenant Application:
+    The consent link is formed as follows: 
    You need your application to be approved in each tenant where you intend to use it. This is because your application interacts with Microsoft Defender ATP application on behalf of your customer.
    You (or your customer if you are writing a 3rd party application) need to click the consent link and approve your application. The consent should be done with a user who has admin privileges in the active directory.
    Consent link is of the form: 
    ```
    https://login.microsoftonline.com/common/oauth2/authorize?prompt=consent&client_id=00000000-0000-0000-0000-000000000000&response_type=code&sso_reload=true
    ```
-    where 00000000-0000-0000-0000-000000000000 should be replaced with your Application ID
+    Where 00000000-0000-0000-0000-000000000000 is replaced with your application ID.
- **Done!** You have successfully registered an application! 
+**Done!** You have successfully registered an application! See examples below for token acquisition and validation.
 - See examples below for token acquisition and validation.
-## Get an access token examples:
+## Get an access token
-For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds)
+For more details on Azure AD tokens, see the [Azure AD tutorial](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds).
-### Using PowerShell
+### Use PowerShell
 ```
 # That code gets the App Context Token and save it to a file named "Latest-token.txt" under the current directory
@ -144,19 +128,19 @@ Out-File -FilePath "./Latest-token.txt" -InputObject $token
 return $token
 ```
-### Using C#:
+### Use C#:
->The below code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8
+The following code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8.
- Create a new Console Application
+1. Create a new console application.
- Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/)
+1. Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/).
- Add the below using
+1. Add the following:
    ```
    using Microsoft.IdentityModel.Clients.ActiveDirectory;
    ```
- Copy/Paste the below code in your application (do not forget to update the 3 variables: ```tenantId, appId, appSecret```)
+1. Copy and paste the following code in your app (don't forget to update the three variables: ```tenantId, appId, appSecret```):
    ```
    string tenantId = "00000000-0000-0000-0000-000000000000"; // Paste your own tenant ID here
@ -173,26 +157,25 @@ return $token
    ```
-### Using Python
+### Use Python
-Refer to [Get token using Python](run-advanced-query-sample-python.md#get-token)
+See [Get token using Python](run-advanced-query-sample-python.md#get-token).
-### Using Curl
+### Use Curl
 > [!NOTE]
-> The below procedure supposed Curl for Windows is already installed on your computer
+> The following procedure assumes that Curl for Windows is already installed on your computer.
- Open a command window
+1. Open a command prompt, and set CLIENT_ID to your Azure application ID.
- Set CLIENT_ID to your Azure application ID
+1. Set CLIENT_SECRET to your Azure application secret.
- Set CLIENT_SECRET to your Azure application secret
+1. Set TENANT_ID to the Azure tenant ID of the customer that wants to use your app to access Microsoft Defender ATP.
- Set TENANT_ID to the Azure tenant ID of the customer that wants to use your application to access Microsoft Defender ATP application
+1. Run the following command:
 - Run the below command:
 ```
 curl -i -X POST -H "Content-Type:application/x-www-form-urlencoded" -d "grant_type=client_credentials" -d "client_id=%CLIENT_ID%" -d "scope=https://securitycenter.onmicrosoft.com/windowsatpservice/.default" -d "client_secret=%CLIENT_SECRET%" "https://login.microsoftonline.com/%TENANT_ID%/oauth2/v2.0/token" -k
 ```
-You will get an answer of the form:
+You will get an answer in the following form:
 ```
 {"token_type":"Bearer","expires_in":3599,"ext_expires_in":0,"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIn <truncated> aWReH7P0s0tjTBX8wGWqJUdDA"}
@ -200,20 +183,21 @@ You will get an answer of the form:
 ## Validate the token
-Sanity check to make sure you got a correct token:
+Ensure that you got the correct token:
- Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it
+
- Validate you get a 'roles' claim with the desired permissions
+1. Copy and paste the token you got in the previous step into [JWT](https://jwt.ms) in order to decode it.
- In the screen shot below you can see a decoded token acquired from an Application with permissions to all of Microsoft Defender ATP's roles:
+1. Validate that you get a 'roles' claim with the desired permissions
 1. In the following image, you can see a decoded token acquired from an app with permissions to all of Microsoft Defender ATP's roles:
 ![Image of token validation](images/webapp-decoded-token.png)
 ## Use the token to access Microsoft Defender ATP API
- Choose the API you want to use, for more information, see [Supported Microsoft Defender ATP APIs](exposed-apis-list.md)
+1. Choose the API you want to use. For more information, see [Supported Microsoft Defender ATP APIs](exposed-apis-list.md).
- Set the Authorization header in the Http request you send to "Bearer {token}" (Bearer is the Authorization scheme)
+1. Set the authorization header in the http request you send to "Bearer {token}" (Bearer is the authorization scheme).
- The Expiration time of the token is 1 hour (you can send more then one request with the same token)
+1. The expiration time of the token is one hour. You can send more then one request with the same token.
- Example of sending a request to get a list of alerts **using C#** 
+The following is an example of sending a request to get a list of alerts **using C#**: 
    ```
    var httpClient = new HttpClient();
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
@ -22,11 +22,16 @@ ms.topic: conceptual
 This topic describes how to install, configure, update, and use Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux.
 > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4q3yP]
 <p></p>
 > [!CAUTION]
 > Running other third-party endpoint protection products alongside Microsoft Defender ATP for Linux is likely to cause performance problems and unpredictable system errors.
-> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4q3yP]
+
 ## How to install Microsoft Defender ATP for Linux
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
@ -22,7 +22,7 @@ ms.topic: conceptual
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-Microsoft Threat Experts is a managed detection and response (MDR) service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed.
+Microsoft Threat Experts is a managed threat hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed.
 This new capability provides expert-driven insights and data through targeted attack notification and access to experts on demand. 
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
@ -8,8 +8,8 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
-ms.author: dolmont
+ms.author: ellevin
-author: DulceMontemayor
+author: levinec
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
@ -18,7 +18,9 @@ ms.topic: article
 ---
 # Threat & Vulnerability Management scenarios
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
@ -26,7 +28,9 @@ ms.topic: article
 [!include[Prerelease information](../../includes/prerelease.md)]
 ## Before you begin
 Ensure that your machines:
 - Are onboarded to Microsoft Defender Advanced Threat Protection
 - Run with Windows 10 1709 (Fall Creators Update) or later
@ -47,15 +51,18 @@ Ensure that your machines:
 - Are tagged or marked as co-managed
 ## Reduce your threat and vulnerability exposure
 Threat & Vulnerability Management introduces a new exposure score metric, which visually represents how exposed your machines are to imminent threats.
 The exposure score is continuously calculated on each device in the organization and influenced by the following factors:
 - Weaknesses, such as vulnerabilities discovered on the device
 - External and internal threats such as public exploit code and security alerts
 - Likelihood of the device to get breached given its current security posture
 - Value of the device to the organization given its role and content
 The exposure score is broken down into the following levels:
 - 0–29: low exposure score
 - 30–69: medium exposure score
 - 70–100: high exposure score
@ -66,13 +73,17 @@ To lower down your threat and vulnerability exposure:
 1. Review the **Top security recommendations** from your **Threat & Vulnerability Management dashboard**, and select the first item on the list. The **Security recommendation** page opens.  
-   >>![Top security recommendations](images/tvm_security_recommendations.png)
+   There are two types of recommendations:
-   >[!NOTE]
+   - *Security update* which refers to recommendations that require a package installation
-   > There are two types of recommendations: 
+   - *Configuration change* which refers to recommendations that require a registry or GPO modification
-   > - <i>Security update</i> which refers to recommendations that require a package installation
+
-   > - <i>Configuration</i> change which refers to recommendations that require a registry or GPO modification
+   Always prioritize recommendations that are associated with ongoing threats:
-   > Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight ![Threat insight](images/tvm_bug_icon.png) icon and possible active alert ![Possible active alert](images/tvm_alert_icon.png) icon.  
+
   - ![Threat insight](images/tvm_bug_icon.png) Threat insight icon
   - ![Possible active alert](images/tvm_alert_icon.png) Active alert icon
   >![Top security recommendations](images/tvm_security_recommendations.png)
 2. The **Security recommendations** page shows the list of items to remediate. Select the security recommendation that you need to investigate. When you select a recommendation from the list, a fly-out panel will display a description of what you need to remediate, number of vulnerabilities, associated exploits in machines, number of exposed machines and their machine names, business impact, and a list of CVEs. Click **Open software page** option from the flyout panel.  ![Details in security recommendations page](images/tvm_security_recommendations_page.png)
@ -87,7 +98,7 @@ To lower down your threat and vulnerability exposure:
 ## Improve your security configuration
 >[!NOTE]
-> Secure score is now part of Threat & Vulnerability Management as [configuration score](configuration-score.md).
+> Secure score is now part of Threat & Vulnerability Management as [Configuration score](configuration-score.md).
 You can improve your security configuration when you remediate issues from the security recommendations list. As you do so, your configuration score improves, which means your organization becomes more resilient against cybersecurity threats and vulnerabilities.
@ -96,13 +107,14 @@ You can improve your security configuration when you remediate issues from the s
   >![Configuration score widget](images/tvm_config_score.png)
 2. Select the first item on the list. The flyout panel will open with a description of the security controls issue, a short description of the potential risk, insights, configuration ID, exposed machines, and business impact. Click **Remediation options**.
   ![Security controls related security recommendations](images/tvm_security_controls.png)
 3. Read the description to understand the context of the issue and what to do next. Select a due date, add notes, and select **Export all remediation activity data to CSV** so you can attach it to the email that you can send to your IT Administrator for follow-up.
   >![Request remediation](images/tvm_request_remediation.png).
-   >You will see a confirmation message that the remediation task has been created.
+   You will see a confirmation message that the remediation task has been created.
   >![Remediation task creation confirmation](images/tvm_remediation_task_created.png)
 4. Save your CSV file.
@ -113,6 +125,7 @@ You can improve your security configuration when you remediate issues from the s
 6. Review the machine **Configuration score** widget again. The number of the security controls issues will decrease. When you click **Security controls** to go back to the **Security recommendations** page, the item that you have addressed will not be listed there anymore, and your configuration score should increase.
 ## Request a remediation 
 >[!NOTE]
 >To use this capability, enable your Microsoft Intune connections. Navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle on.
@ -134,6 +147,7 @@ See [Use Intune to remediate vulnerabilities identified by Microsoft Defender AT
 >If your request involves remediating more than 10,000 machines, we can only send 10,000 machines for remediation to Intune.
 ## File for exception
 With Threat & Vulnerability Management, you can create exceptions for recommendations, as an alternative to a remediation request.
 There are many reasons why organizations create exceptions for a recommendation. For example, if there's a business justification that prevents the company from applying the recommendation, the existence of a compensating or alternative control that provides as much protection than the recommendation would, a false positive, among other reasons.
@ -142,7 +156,6 @@ Exceptions can be created for both *Security update* and *Configuration change*
 When an exception is created for a recommendation, the recommendation is no longer active. The recommendation state changes to **Exception**, and it no longer shows up in the security recommendations list.
 1. Navigate to the **Security recommendations** page under the **Threat & Vulnerability Management** section menu.
 2. Click the top-most recommendation. A flyout panel opens with the recommendation details.
@ -183,24 +196,27 @@ DeviceName=any(DeviceName) by DeviceId, AlertId
 ```
-## Conduct an inventory of software or software versions which have reached their end-of-life
+## Conduct an inventory of software or software versions which have reached end-of-support (EOS)
 End-of-life for software or software versions means that they will no longer be supported nor serviced. When you use software or software versions which have reached their end-of-life, you're exposing your organization to security vulnerabilities, legal, and financial risks. 
-It is crucial for you as Security and IT Administrators to work together and ensure that your organization's software inventory is configured for optimal results, compliance, and a healthy network ecosystem. 
+End-of-support (otherwise known as end-of-life) for software or software versions means that they will no longer be supported or serviced. When you use software or software versions which have reached end-of-support, you're exposing your organization to security vulnerabilities, legal, and financial risks.
 It is crucial for Security and IT Administrators to work together and ensure that the organization's software inventory is configured for optimal results, compliance, and a healthy network ecosystem.
 To conduct an inventory of software or software versions which have reached end-of-support:
 To conduct an inventory of software or software versions which have reached their end of life:
 1. From the Threat & Vulnerability Management menu, navigate to **Security recommendations**.
-2. Go to the **Filters** panel and select **Software uninstall** from **Remediation Type** options if you want to see the list of software recommendations associated with software which have reached their end-of-life (tagged as **EOL software**). Select **Software update** from **Remediation Type** options if you want to see the list of software recommendations associated with software and software versions which have reached their end-of-life (tagged as **EOL versions installed**). 
+2. Go to the **Filters** panel and select **Software uninstall** from **Remediation Type** options to see the list of software recommendations associated with software which have reached end of support (tagged as **EOS software**).
-3. Select a software that you'd like to investigate. A fly-out screen opens where you can select **Open software page**.
+3. Select **Software update** from **Remediation Type** options to see the list of software recommendations associated with software and software versions which have reached end-of-support (tagged as **EOS versions installed**).
 4. Select software that you'd like to investigate. A fly-out screen opens where you can select **Open software page**.
 ![Screenshot of Security recommendation for a software that reached its end of life page](images/secrec_flyout.png)
-4. In the **Software page** select the **Version distribution** tab to know which versions of the software have reached their end-of-life, and how many vulnerabilities were discovered in it.
+5. In the **Software page** select the **Version distribution** tab to know which versions of the software have reached their end-of-support, and how many vulnerabilities were discovered in it.
-![Screenshot of software details for a software that reached its end of life](images/secrec_sw_details.png) 
+![Screenshot of software details for a software that reached its end of support](images/secrec_sw_details.png)
 After you have identified which software and software versions are vulnerable due to its end-of-life status, remediate them to lower your organizations exposure to vulnerabilities and advanced persistent threats. See [Remediation and exception](tvm-remediation.md) for details.
 After you have identified which software and software versions are vulnerable due to its end-of-support status, remediate them to lower your organizations exposure to vulnerabilities and advanced persistent threats. See [Remediation and exception](tvm-remediation.md) for details.
 ## Related topics
 - [Supported operating systems and platforms](tvm-supported-os.md)
 - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
 - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)
--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@ -83,6 +83,9 @@ Learn more at https://www.cyren.com/products/url-filtering.
 Cyren is offering a 60-day free trial for all Microsoft Defender ATP customers. To sign up, please follow the steps below from the portal.
 >[!NOTE]
 >Make sure to add the URL you get redirected to by the signup process to the list of approved domains. 
 >[!NOTE]
 >A user with AAD app admin/global admin permissions is required to complete these steps.
--- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md
@ -0,0 +1,87 @@
 ---
 title: Windows Defender Antivirus together with Office 365 (including OneDrive) - better protection from ransomware and cyberthreats
 description: Office 365, which includes OneDrive, goes together wonderfully with Windows Defender Antivirus. Read this article to learn more.
 keywords: windows defender, antivirus, office 365, onedrive
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
 audience: ITPro 
 ms.topic: article 
 author: denisebmsft
 ms.author: deniseb
 ms.custom: nextgen
 ms.date: 02/26/2020
 ms.reviewer: 
 manager: dansimp
 ---
 # Windows Defender Antivirus together with Office 365
 **Applies to:**
 - Windows Defender Antivirus
 - Office 365
 You might already know that:
 - **Windows Defender Antivirus protects your Windows 10 device from software threats, such as viruses, malware, and spyware**. Windows Defender Antivirus is your complete, ongoing protection, built into Windows 10 and ready to go. [Windows Defender Antivirus is your next-generation protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10). 
 - **Office 365 includes antiphishing, antispam, and antimalware protection**. With your Office 365 subscription, you get premium email and calendars, Office apps, 1 TB of cloud storage (via OneDrive), and advanced security across all your devices. This is true for home and business users. And if you're a business user, and your organization is using Office 365 E5, you get even more protection through Office 365 Advanced Threat Protection. [Protect against threats with Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/protect-against-threats).
 - **OneDrive, included in Office 365, enables you to store your files and folders online, and share them as you see fit**. You can work together with people (for work or fun), and coauthor files that are stored in OneDrive. You can also access your files across all your devices (your PC, phone, and tablet). [Manage sharing in OneDrive](https://docs.microsoft.com/OneDrive/manage-sharing).
 **But did you know there are good security reasons to use Windows Defender Antivirus together with Office 365**? Here are two:
 1. [You get ransomware protection and recovery](#ransomware-protection-and-recovery).
 2. [Integration means better protection](#integration-means-better-protection).
 Read the following sections to learn more.
 ## Ransomware protection and recovery
 When you save your files to [OneDrive](https://docs.microsoft.com/onedrive), and [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) detects a ransomware threat on your device, the following things occur:
 1. **You are told about the threat**. (If your organization is using Microsoft Defender Advanced Threat Protection, your security operations team is notified, too.)
 2. **Windows Defender Antivirus helps you (and your organization's security team) remove the ransomware** from your device(s).
 3. **You get the option to recover your files in OneDrive**. With the OneDrive Files Restore feature, you can recover your files in OneDrive to the state they were in before the ransomware attack occurred. See [Ransomware detection and recovering your files](https://support.office.com/article/0d90ec50-6bfd-40f4-acc7-b8c12c73637f).
 Think of the time and hassle this can save. 
 ## Integration means better protection
 Office 365 Advanced Threat Protection integrated with Microsoft Defender Advanced Threat Protection means better protection. Here's how:
 - [Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp) safeguards your organization against malicious threats posed in email messages, email attachments, and links (URLs) in Office documents.
    AND
 - [Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection) protects your devices from cyber threats, detects advanced attacks and data breaches, automates security incidents, and improves your security posture.
    SO
 - Once integration is enabled, your security operations team can see a list of devices that are used by the recipients of any detected URLs or email messages, along with recent alerts for those devices, in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)).
 If you haven't already done so, [integrate Office 365 Advanced Threat Protection with Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/integrate-office-365-ti-with-wdatp).
 ## More good reasons to use OneDrive
 Protection from ransomware is one great reason to put your files in OneDrive. And there are several more good reasons, summarized in this video: <br/><br/>
 > [!VIDEO https://www.microsoft.com/videoplayer/embed/70b4d256-46fb-481f-ad9b-921ef5fd7bed]
 ## Want to learn more?
 [OneDrive](https://docs.microsoft.com/onedrive)
 [Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp?view=o365-worldwide)
 [Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection/)