s

windows/security/threat-protection/TOC.md

@@ -351,11 +351,11 @@
 ######## [Get user related alerts](windows-defender-atp/get-user-related-alerts-windows-defender-advanced-threat-protection-new.md)
 ######## [Get user related machines](windows-defender-atp/get-user-related-machines-windows-defender-advanced-threat-protection-new.md)
 
-####### [Ti Indicator](windows-defender-atp/ti-indicator-windows-defender-advanced-threat-protection-new.md)
+####### [TI Indicator](windows-defender-atp/ti-indicator-windows-defender-advanced-threat-protection-new.md)
-######## [List TiIndicators](windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md)
+######## [List TI Indicators](windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md)
-######## [Get TiIndicator by ID](windows-defender-atp/get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md)
+######## [Get TI Indicator by ID](windows-defender-atp/get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md)
-######## [Submit or Update TiIndicator](windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md)
+######## [Submit TI Indicator](windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md)
-######## [Delete TiIndicator](windows-defender-atp/delete-ti-indicator-windows-defender-advanced-threat-protection-new.md)
+######## [Delete TI Indicator](windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md)
 
 ###### How to use APIs - Samples
 ####### Advanced Hunting API

windows/security/threat-protection/windows-defender-atp/TOC.md

@@ -287,11 +287,11 @@
 ####### [Get user related alerts](get-user-related-alerts-windows-defender-advanced-threat-protection-new.md)
 ####### [Get user related machines](get-user-related-machines-windows-defender-advanced-threat-protection-new.md)
 
-###### [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md)
+###### [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md)
-####### [List TiIndicators](get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md)
+####### [List TI Indicators](get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md)
-####### [Get TiIndicator by ID](get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md)
+####### [Get TI Indicator by ID](get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md)
-####### [Submit or Update TiIndicator](post-ti-indicator-windows-defender-advanced-threat-protection-new.md)
+####### [Submit TI Indicator](post-ti-indicator-windows-defender-advanced-threat-protection-new.md)
-####### [Delete TiIndicator](delete-ti-indicator-windows-defender-advanced-threat-protection-new.md)
+####### [Delete TI Indicator](delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md)
 
 ##### How to use APIs - Samples
 ###### Advanced Hunting API

windows/security/threat-protection/windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md

@@ -13,7 +13,7 @@ ms.localizationpriority: medium
 ms.date: 12/08/2017
 ---
 
-# Delete Ti Indicator API
+# Delete TI Indicator API
 
 [!include[Prerelease<73>information](prerelease.md)]
 
@@ -24,14 +24,14 @@ ms.date: 12/08/2017
 **Applies to:**
 
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
-Retrieves a Ti Indicator entity by ID.
+Retrieves a TI Indicator entity by ID.
 
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
-Application |	Ti.ReadWrite |	'Read and write Ti Indicators'
+Application |	Ti.ReadWrite |	'Read and write TI Indicators'
 
 
 ## HTTP request
@@ -53,8 +53,8 @@ Authorization | String | Bearer {token}. **Required**.
 Empty
 
 ## Response
-If successful and machine exists - 204 OK without content.
+If TI Indicator exist and deleted successfully - 204 OK without content.
-If Ti Indicator with the specified id was not found - 404 Not Found.
+If TI Indicator with the specified id was not found - 404 Not Found.
 
 ## Example
 

windows/security/threat-protection/windows-defender-atp/get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md

@@ -13,7 +13,7 @@ ms.localizationpriority: medium
 ms.date: 12/08/2017
 ---
 
-# Get Ti Indicator by ID API
+# Get TI Indicator by ID API
 
 [!include[Prerelease<73>information](prerelease.md)]
 
@@ -24,14 +24,14 @@ ms.date: 12/08/2017
 **Applies to:**
 
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
-Retrieves a Ti Indicator entity by ID.
+Retrieves a TI Indicator entity by ID.
 
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
-Application |	Ti.ReadWrite |	'Read and write Ti Indicators'
+Application |	Ti.ReadWrite |	'Read and write TI Indicators'
 
 
 ## HTTP request
@@ -53,8 +53,8 @@ Authorization | String | Bearer {token}. **Required**.
 Empty
 
 ## Response
-If successful and machine exists - 200 OK with the [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity in the body.
+If successful and TI Indicator exists - 200 OK with the [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity in the body.
-If Ti Indicator with the specified id was not found - 404 Not Found.
+If TI Indicator with the specified id was not found - 404 Not Found.
 
 
 ## Example

windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md

@@ -25,15 +25,15 @@ ms.date: 12/08/2017
 
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
- Gets collection of Ti Indicators.
+ Gets collection of TI Indicators.
- Get TiIndicators collection API supports [OData V4 queries](https://www.odata.org/documentation/).
+ Get TI Indicators collection API supports [OData V4 queries](https://www.odata.org/documentation/).
 
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Windows Defender ATP APIs](apis-intro.md)
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
-Application |	Ti.ReadWrite |	'Read and write Ti Indicators'
+Application |	Ti.ReadWrite |	'Read and write TI Indicators'
 
 
 ## HTTP request
@@ -54,17 +54,17 @@ Authorization | String | Bearer {token}. **Required**.
 Empty
 
 ## Response
-If successful, this method returns 200, Ok response code with a collection of [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entities.
+If successful, this method returns 200, Ok response code with a collection of [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entities.
 
 >[!Note]
-> The response will only include Ti Indicators that submitted by the calling Application. 
+> The response will only include TI Indicators that submitted by the calling Application. 
 
 
 ## Example
 
 **Request**
 
-Here is an example of a request that gets all Ti Indicators
+Here is an example of a request that gets all TI Indicators
 
 ```
 GET https://api.securitycenter.windows.com/api/tiindicators

windows/security/threat-protection/windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md

@@ -13,7 +13,7 @@ ms.localizationpriority: medium
 ms.date: 12/08/2017
 ---
 
-# Submit or Update Ti Indicator API
+# Submit or Update TI Indicator API
 
 [!include[Prerelease information](prerelease.md)]
 
@@ -25,7 +25,7 @@ ms.date: 12/08/2017
 
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
-- Submits or Updates new [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity.
+- Submits or Updates new [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity.
 
 
 ## Permissions
@@ -33,7 +33,7 @@ One of the following permissions is required to call this API. To learn more, in
 
 Permission type |	Permission	|	Permission display name
 :---|:---|:---
-Application |	Ti.ReadWrite |	'Read and write Ti Indicators'
+Application |	Ti.ReadWrite |	'Read and write TI Indicators'
 
 
 ## HTTP request
@@ -56,10 +56,10 @@ In the request body, supply a JSON object with the following parameters:
 
 Parameter |	Type	| Description
 :---|:---|:---
-indicator | String | Identity of the [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. **Required**
+indicator | String | Identity of the [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity. **Required**
 indicatorType | Enum | Type of the indicator. Possible values are: "FileSha1", "FileSha256", "IpAddress", "DomainName" and "Url". **Required**
 action | Enum | The action that will be taken if the indicator will be discovered in the organization. Possible values are: "Alert", "AlertAndBlock", and "Allowed". **Required**
-title | String | Ti indicator title.
+title | String | TI indicator title.
 expirationTime | DateTimeOffset | The expiration time of the indicator.
 severity | Enum | The severity of the indicator. possible values are: "Informational", "Low", "Medium" and "High".
 description | String | Description of the indicator.
@@ -67,8 +67,8 @@ recommendedActions | String | Recommended actions for the indicator.
 
 
 ## Response
-- If successful, this method returns 200 - OK response code and the created / updated [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity in the response body.
+- If successful, this method returns 200 - OK response code and the created / updated [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity in the response body.
-- If not successful: this method return 400 - Bad Request / 409 - Conflict with the failure reason. Bad request usually indicates incorrect body and Conflict can happen if you try to submit a Ti Indicator with existing indicator value but with different Indicator type or Action.  
+- If not successful: this method return 400 - Bad Request / 409 - Conflict with the failure reason. Bad request usually indicates incorrect body and Conflict can happen if you try to submit a TI Indicator with existing indicator value but with different Indicator type or Action.  
 
 ## Example
 

windows/security/threat-protection/windows-defender-atp/ti-indicator-windows-defender-advanced-threat-protection-new.md

@@ -13,7 +13,7 @@ ms.localizationpriority: medium
 ms.date: 12/08/2017
 ---
 
-# TiIndicator resource type
+# TI(threat intelligence) Indicator resource type
 
 **Applies to:**
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
@@ -22,16 +22,16 @@ ms.date: 12/08/2017
 
 Method|Return Type |Description
 :---|:---|:---
-[List TiIndicators](get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md) | [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) Collection | List [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entities.
+[List TI Indicators](get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md) | [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) Collection | List [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entities.
-[Get TiIndicator by ID](get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md) | [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) | Gets the requested [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity.
+[Get TI Indicator by ID](get-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md) | [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) | Gets the requested [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity.
-[Submit or Update TiIndicator](post-ti-indicator-windows-defender-advanced-threat-protection-new.md) | [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) | Submits [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity.
+[Submit TI Indicator](post-ti-indicator-windows-defender-advanced-threat-protection-new.md) | [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) | Submits [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity.
-[Delete TiIndicator](delete-ti-indicator-windows-defender-advanced-threat-protection-new.md) | No Content | Deletes [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity.
+[Delete TI Indicator](delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md) | No Content | Deletes [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity.
 
 
 # Properties
 Property |	Type	|	Description
 :---|:---|:---
-indicator | String | Identity of the [Ti Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity.
+indicator | String | Identity of the [TI Indicator](ti-indicator-windows-defender-advanced-threat-protection-new.md) entity.
 indicatorType | Enum | Type of the indicator. Possible values are: "FileSha1", "FileSha256", "IpAddress", "DomainName" and "Url"
 title | String | Ti indicator title.
 creationTimeDateTimeUtc | DateTimeOffset | The date and time when the indicator was created.