edits!

windows/security/TOC.yml

@@ -13,7 +13,7 @@
           href: information-protection/tpm/trusted-platform-module-overview.md
         - name: TPM fundamentals
           href: information-protection/tpm/tpm-fundamentals.md
-        - name: How Windows 10 uses the TPM
+        - name: How Windows uses the TPM
           href: information-protection/tpm/how-windows-uses-the-tpm.md
         - name: TPM Group Policy settings
           href: information-protection/tpm/trusted-platform-module-services-group-policy-settings.md
@@ -54,7 +54,7 @@
      - name: Bitlocker 
        href: information-protection/bitlocker/bitlocker-overview.md
        items: 
-        - name: Overview of BitLocker Device Encryption in Windows 10
+        - name: Overview of BitLocker Device Encryption in Windows
           href: information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
         - name: BitLocker frequently asked questions (FAQ)
           href: information-protection/bitlocker/bitlocker-frequently-asked-questions.yml
@@ -125,7 +125,7 @@
                   href: information-protection/bitlocker/ts-bitlocker-tpm-issues.md
                 - name: Decode Measured Boot logs to track PCR changes
                   href: information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs.md
-     - name: Configure S/MIME for Windows 10
+     - name: Configure S/MIME for Windows
        href: identity-protection/configure-s-mime.md     
      - name: Windows Information Protection (WIP)
        href: information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
@@ -199,7 +199,7 @@
           href: identity-protection/vpn/how-to-configure-diffie-hellman-protocol-over-ikev2-vpn-connections.md
         - name: How to use single sign-on (SSO) over VPN and Wi-Fi connections
           href: identity-protection/vpn/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md
-        - name: Optimizing Office 365 traffic with the Windows 10 VPN client
+        - name: Optimizing Office 365 traffic with the Windows VPN client
           href: identity-protection/vpn/vpn-office-365-optimization.md
      - name: Windows Defender Firewall
        href: threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
@@ -223,6 +223,25 @@
 - name: Application security
   href: apps.md
   items:
+   - name: Windows Defender Application Control and virtualization-based protection of code integrity
+     href: device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md
+   - name: Windows Defender Application Control
+     href: threat-protection\windows-defender-application-control\windows-defender-application-control.md
+   - name: Microsoft Defender Application Guard
+     href: threat-protection\microsoft-defender-application-guard\md-app-guard-overview.md
+   - name: Windows Sandbox
+     href: windows-sandbox/windows-sandbox-overview.md
+     items: 
+        - name: Windows Sandbox architecture
+          href: windows-sandbox/windows-sandbox-architecture.md
+        - name: Windows Sandbox configuration
+          href: windows-sandbox/windows-sandbox-configure-using-wsb-file.md
+   - name: Microsoft Defender SmartScreen overview
+     href: threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
+   - name: Configure S/MIME for Windows
+     href: identity-protection\configure-s-mime.md
+   - name: Windows Credential Theft Mitigation Guide Abstract
+     href: identity-protection\windows-credential-theft-mitigation-guide-abstract.md 
 - name: Secured identity
   href: identity.md
   items:

windows/security/apps.md

@@ -22,7 +22,8 @@ The following table summarizes the Windows security features and capabilities fo
 
 | Security Measures | Features & Capabilities |
 |:---|:---|
-| Windows Defender Application Control | Application control is one of the most effective security controls to prevent unwanted or malicious code from running. It moves away from an application trust model where all code is assumed trustworthy to one where apps must earn trust to run. Learn more: [Application Control for Windows](/threat-protection/windows-defender-application-control/windows-defender-application-control.md) |
+| Windows Defender Application Control | Application control is one of the most effective security controls to prevent unwanted or malicious code from running. It moves away from an application trust model where all code is assumed trustworthy to one where apps must earn trust to run. Learn more: [Application Control for Windows](threat-protection/windows-defender-application-control/windows-defender-application-control.md) |
-| Microsoft Defender Application Guard | Application Guard uses chip-based hardware isolation to isolate untrusted websites and untrusted Office files, seamlessly running untrusted websites and files in an isolated Hyper-V-based container, separate from the desktop operating system, and making sure that anything that happens within the container remains isolated from the desktop. Learn more [Microsoft Defender Application Guard overview](/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md). |
+| Microsoft Defender Application Guard | Application Guard uses chip-based hardware isolation to isolate untrusted websites and untrusted Office files, seamlessly running untrusted websites and files in an isolated Hyper-V-based container, separate from the desktop operating system, and making sure that anything that happens within the container remains isolated from the desktop. Learn more [Microsoft Defender Application Guard overview](threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md). |
-| Email Security |  With Windows S/MIME email security, users can encrypt outgoing messages and attachments, so only intended recipients with digital identification (ID)—also called a certificate—can read them. Users can digitally sign a message, which verifies the identity of the sender and ensures the message has not been tampered with.[Configure S/MIME for Windows 10](/identity-protection/configure-s-mime.md) |
+| Windows Sandbox | Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine. A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Learn more: [Windows Sandbox](threat-protection\windows-sandbox\windows-sandbox-overview.md)
-| Microsoft Defender SmartScreen |  Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files. Learn more: [Microsoft Defender SmartScreen overview](/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) | 
+| Email Security |  With Windows S/MIME email security, users can encrypt outgoing messages and attachments, so only intended recipients with digital identification (ID)—also called a certificate—can read them. Users can digitally sign a message, which verifies the identity of the sender and ensures the message has not been tampered with.[Configure S/MIME for Windows 10](identity-protection/configure-s-mime.md) |
+| Microsoft Defender SmartScreen |  Microsoft Defender SmartScreen protects against phishing or malware websites and applications, and the downloading of potentially malicious files. Learn more: [Microsoft Defender SmartScreen overview](threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) | 

windows/security/identity-protection/windows-credential-theft-mitigation-guide-abstract.md

@@ -1,6 +1,6 @@
 ---
-title: Windows 10 Credential Theft Mitigation Guide Abstract (Windows 10)
+title: Windows Credential Theft Mitigation Guide Abstract
-description: Provides a summary of the Windows 10 credential theft mitigation guide.
+description: Provides a summary of the Windows credential theft mitigation guide.
 ms.assetid: 821ddc1a-f401-4732-82a7-40d1fff5a78a
 ms.reviewer: 
 ms.prod: w10
@@ -17,12 +17,12 @@ ms.localizationpriority: medium
 ms.date: 04/19/2017
 ---
 
-# Windows 10 Credential Theft Mitigation Guide Abstract
+# Windows Credential Theft Mitigation Guide Abstract
 
 **Applies to**
 -   Windows 10
 
-This topic provides a summary of the Windows 10 credential theft mitigation guide, which can be downloaded from the [Microsoft Download Center](https://download.microsoft.com/download/C/1/4/C14579CA-E564-4743-8B51-61C0882662AC/Windows%2010%20credential%20theft%20mitigation%20guide.docx).
+This topic provides a summary of the Windows credential theft mitigation guide, which can be downloaded from the [Microsoft Download Center](https://download.microsoft.com/download/C/1/4/C14579CA-E564-4743-8B51-61C0882662AC/Windows%2010%20credential%20theft%20mitigation%20guide.docx).
 This guide explains how credential theft attacks occur and the strategies and countermeasures you can implement to mitigate them, following these security stages:
 
 - Identify high-value assets