From 2afe4037d996376342eb0564909422a4b3f89635 Mon Sep 17 00:00:00 2001
From: Beth Levin <elizabeth.levin@microsoft.com>
Date: Mon, 19 Oct 2020 17:00:05 -0700
Subject: [PATCH] new notes

---
 .../microsoft-defender-atp/tvm-remediation.md                  | 3 +++
 .../microsoft-defender-atp/tvm-software-inventory.md           | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
index 328a47fcfc..441e815647 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
@@ -65,6 +65,9 @@ When you submit a remediation request from the Security recommendations page, it
 Once you are in the Remediation page, select the remediation activity that you want to view. You can follow the remediation steps, track progress, view the related recommendation, export to CSV, or mark as complete.
 ![Example of the Remediation page, with a selected remediation activity, and that activity's flyout listing the description, IT service and device management tools, and device remediation progress.](images/remediation_flyouteolsw.png)
 
+>[!NOTE]
+> There is a 180 day retention period for completed remediation activities. To keep the Remediation page performing optimally, the remediation activity will be removed 6 months after its completion.
+
 ### Top remediation activities in the dashboard
 
 View **Top remediation activities** in the [threat and vulnerability management dashboard](tvm-dashboard-insights.md). Select any of the entries to go to the **Remediation** page. You can mark the remediation activity as completed after the IT admin team remediates the task.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
index d34335654a..064ca53844 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
@@ -42,6 +42,9 @@ Access the Software inventory page by selecting **Software inventory** from the
 
 View software on specific devices in the individual devices pages from the [devices list](machines-view-overview.md).
 
+>[!NOTE]
+>If you search for software using the Microsoft Defender ATP global search, make sure to put an underscore instead of a space. For example, for the best search results you'd write "windows_10" instead of "Windows 10".
+
 ## Software inventory overview
 
 The **Software inventory** page opens with a list of software installed in your network, including the vendor name, weaknesses found, threats associated with them, exposed devices, impact to exposure score, and tags. You can filter the list view based on weaknesses found in the software, threats associated with them, and whether the software or software versions have reached end-of-support.