update step and add bullet in Important

windows/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md

@@ -41,7 +41,7 @@ You'll need to take the following steps to oboard non-Windows endpoints:
 
 3. 	Click **Generate access token** button and then **Copy**.
 
-4. 	Depending on the third-party implementation you're using, the implementation might vary. Refer to the third-party solution documentation for guidance on how to use the token.
+4. 	You’ll need to copy and paste the token to the third-party solution you’re using. The implementation may vary depending on the solution. 
 
 
 >[!WARNING] 

windows/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection.md

@@ -29,7 +29,8 @@ ms.date: 11/10/2017
 Quickly respond to detected attacks by isolating machines or collecting an investigation package. After taking action on machines, you can check activity details on the Action center.
 
 >[!IMPORTANT]
-> These response actions are only available for machines on Windows 10, version  1703 or later. 
+> - These response actions are only available for machines on Windows 10, version  1703 or later. 
+> - For non-Windows platforms, response capabilities (such as Machine isolation) are dependent on the third-party capabilities. 
 
 ## Collect investigation package from machines
 As part of the investigation or response process, you can collect an investigation package from a machine. By collecting the investigation package, you can identify the current state of the machine and further understand the tools and techniques used by the attacker.