diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 8f3ea8a965..5e59e1f357 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -13929,5 +13929,10 @@
"redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis",
"redirect_document_id": false
},
+{
+"source_path": "windows/security/threat-protection/windows-defender-atp/get-ti-indicator-by-id-windows-defender-advanced-threat-protection.md",
+"redirect_url": "/windows/security/threat-protection/windows-defender-atp/use-apis",
+"redirect_document_id": false
+},
]
}
diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 733e4324d7..66995768bb 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -236,7 +236,7 @@
####### [Troubleshoot subscription and portal access issues](windows-defender-atp/troubleshoot-onboarding-error-messages-windows-defender-advanced-threat-protection.md)
##### [Windows Defender ATP API](windows-defender-atp/use-apis.md)
-###### [Get started](windows-defender-atp/apis-intro.md)
+###### [Get started with Windows Defender ATP APIs](windows-defender-atp/apis-intro.md)
####### [Hello World](windows-defender-atp/api-hello-world.md)
####### [Get access with application context](windows-defender-atp/exposed-apis-create-app-webapp.md)
####### [Get access with user context](windows-defender-atp/exposed-apis-create-app-nativeapp.md)
diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md
index d1b16e488b..5904aa5d30 100644
--- a/windows/security/threat-protection/windows-defender-atp/TOC.md
+++ b/windows/security/threat-protection/windows-defender-atp/TOC.md
@@ -233,7 +233,7 @@
#### [Windows Defender ATP API](use-apis.md)
-##### [Get started](apis-intro.md)
+##### [Get started with Windows Defender ATP APIs](apis-intro.md)
###### [Hello World](api-hello-world.md)
###### [Get access with application context](exposed-apis-create-app-webapp.md)
###### [Get access with user context](exposed-apis-create-app-nativeapp.md)
diff --git a/windows/security/threat-protection/windows-defender-atp/alerts-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/alerts-windows-defender-advanced-threat-protection-new.md
index 5043e422a5..da5c717e31 100644
--- a/windows/security/threat-protection/windows-defender-atp/alerts-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/alerts-windows-defender-advanced-threat-protection-new.md
@@ -14,16 +14,15 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 12/08/2017
---
# Alert resource type
**Applies to:**
-- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[Prerelease information](prerelease.md)]
-Represents an alert entity in WDATP.
+Represents an alert entity in Windows Defender ATP.
# Methods
Method|Return Type |Description
diff --git a/windows/security/threat-protection/windows-defender-atp/api-hello-world.md b/windows/security/threat-protection/windows-defender-atp/api-hello-world.md
index 9821d5b681..9ee1dafbb9 100644
--- a/windows/security/threat-protection/windows-defender-atp/api-hello-world.md
+++ b/windows/security/threat-protection/windows-defender-atp/api-hello-world.md
@@ -14,14 +14,14 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 09/24/2018
---
-# Windows Defender ATP API - Hello Word
+# Windows Defender ATP API - Hello World
-**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
+**Applies to:**
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-> Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
+> Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
## Get Alerts using a simple PowerShell script
@@ -36,7 +36,7 @@ For the App registration stage, you must have a Global administrator role in you
### Step 1 - Create an App in Azure Active Directory
-1. Log on to [Azure](https://portal.azure.com) With your Global administrator user.
+1. Log on to [Azure](https://portal.azure.com) with your Global administrator user.
2. Navigate to **Azure Active Directory** > **App registrations** > **New application registration**.
@@ -181,7 +181,6 @@ Youāre all done! You have just successfully:
- Connected the API
- Used a PowerShell script to return alerts created in the past 48 hours
-Well done!
## Related topic
diff --git a/windows/security/threat-protection/windows-defender-atp/apis-intro.md b/windows/security/threat-protection/windows-defender-atp/apis-intro.md
index 7d3c84b87b..d05ecd0f1b 100644
--- a/windows/security/threat-protection/windows-defender-atp/apis-intro.md
+++ b/windows/security/threat-protection/windows-defender-atp/apis-intro.md
@@ -14,12 +14,12 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: conceptual
-ms.date: 09/03/2018
---
# Windows Defender ATP API overview
-**Applies to:** [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://wincom.blob.core.windows.net/documents/Windows10_Commercial_Comparison.pdf)
+**Applies to:**
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
> Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -36,26 +36,27 @@ You can access Windows Defender ATP API with **Application Context** or **User C
- **Application Context: (Recommended)**
Used by apps that run without a signed-in user present. for example, apps that run as background services or daemons.
- Steps that needs to be taken to access Windows Defender ATP API with application context:
- 1) Create AAD Web-Application.
- 2) Assign the desired permission to the application, e.g 'Read Alerts', 'Isolate Machines' etc.
- 3) Create a key for this Application.
- 4) Get token using the application with its key.
- 5) Use the token to access Windows Defender ATP API
+ Steps that need to be taken to access Windows Defender ATP API with application context:
- See - [Get access with application context](exposed-apis-create-app-webapp.md).
+ 1. Create an AAD Web-Application.
+ 2. Assign the desired permission to the application, for example, 'Read Alerts', 'Isolate Machines'.
+ 3. Create a key for this Application.
+ 4. Get token using the application with its key.
+ 5. Use the token to access Windows Defender ATP API
+
+ For more information, see [Get access with application context](exposed-apis-create-app-webapp.md).
- **User Context:**
Used to perform actions in the API on behalf of a user.
Steps that needs to be taken to access Windows Defender ATP API with application context:
- 1) Create AAD Native-Application.
- 2) Assign the desired permission to the application, e.g 'Read Alerts', 'Isolate Machines' etc.
- 3) Get token using the application with user credentials.
- 4) Use the token to access Windows Defender ATP API
+ 1. Create AAD Native-Application.
+ 2. Assign the desired permission to the application, e.g 'Read Alerts', 'Isolate Machines' etc.
+ 3. Get token using the application with user credentials.
+ 4. Use the token to access Windows Defender ATP API
- See - [Get access with user context](exposed-apis-create-app-nativeapp.md).
+ For more information, see [Get access with user context](exposed-apis-create-app-nativeapp.md).
## Related topics
diff --git a/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md
index 04c596750a..239c4d95db 100644
--- a/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection.md
@@ -22,7 +22,6 @@ ms.date: 10/16/2017
**Applies to:**
-
- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
>Want to experience Windows Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configuresiem-abovefoldlink)
diff --git a/windows/security/threat-protection/windows-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/windows-defender-atp/custom-detection-rules.md
index 632b9691c5..4998ae8a80 100644
--- a/windows/security/threat-protection/windows-defender-atp/custom-detection-rules.md
+++ b/windows/security/threat-protection/windows-defender-atp/custom-detection-rules.md
@@ -15,7 +15,6 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 10/29/2018
---
diff --git a/windows/security/threat-protection/windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md
index 2f50b903af..6399e4f311 100644
--- a/windows/security/threat-protection/windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/delete-ti-indicator-by-id-windows-defender-advanced-threat-protection-new.md
@@ -1,5 +1,5 @@
---
-title: Delete Indicator.
+title: Delete Indicator API.
description: Deletes Indicator entity by ID.
keywords: apis, public api, supported apis, delete, ti indicator, entity, id
search.product: eADQiWindows 10XVcnh
@@ -14,12 +14,12 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 12/08/2017
---
# Delete Indicator API
-**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
+**Applies to:**
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[Prerelease information](prerelease.md)]
diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md
index 3bd4aca5bd..56c66b472e 100644
--- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md
+++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-nativeapp.md
@@ -26,7 +26,7 @@ ms.date: 09/03/2018
[!include[PrereleaseĀ information](prerelease.md)]
-This page describe how to create an application to get programmatic access to Windows Defender ATP on behalf of a user.
+This page describes how to create an application to get programmatic access to Windows Defender ATP on behalf of a user.
If you need programmatic access Windows Defender ATP without a user, refer to [Access Windows Defender ATP with application context](exposed-apis-create-app-webapp.md).
diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md
index c485a8a19f..4d6b21364d 100644
--- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md
+++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-create-app-webapp.md
@@ -101,7 +101,7 @@ This page explains how to create an AAD application, get an access token to Wind
-11. **For WDATP Partners only** - Set your application to be multi-tenanted
+11. **For Windows Defender ATP Partners only** - Set your application to be multi-tenanted
This is **required** for 3rd party apps (for example, if you create an application that is intended to run in multiple customers tenant).
@@ -113,7 +113,7 @@ This page explains how to create an AAD application, get an access token to Wind
- Application consent for your multi-tenant App:
- You need your application to be approved in each tenant where you intend to use it. This is because your application interacts with WDATP application on behalf of your customer.
+ You need your application to be approved in each tenant where you intend to use it. This is because your application interacts with Windows Defender ATP application on behalf of your customer.
You (or your customer if you are writing a 3rd party application) need to click the consent link and approve your application. The consent should be done with a user who has admin privileges in the active directory.
@@ -199,7 +199,7 @@ Refer to [Get token using Python](run-advanced-query-sample-python.md#get-token)
- Open a command window
- āSet CLIENT_ID to your Azure application ID
- Set CLIENT_SECRET to your Azure application secret
-- Set TENANT_ID to the Azure tenant ID of the customer that wants to use your application to access WDATP application
+- Set TENANT_ID to the Azure tenant ID of the customer that wants to use your application to access Windows Defender ATP application
- Run the below command:
```
@@ -217,7 +217,7 @@ You will get an answer of the form:
Sanity check to make sure you got a correct token:
- Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it
- Validate you get a 'roles' claim with the desired permissions
-- In the screenshot below you can see a decoded token acquired from an app with permissions to all of Wdatp's roles:
+- In the screenshot below you can see a decoded token acquired from an app with permissions to all of Windows Defender ATP's roles:
diff --git a/windows/security/threat-protection/windows-defender-atp/exposed-apis-full-sample-powershell.md b/windows/security/threat-protection/windows-defender-atp/exposed-apis-full-sample-powershell.md
index b65c98cd30..80c3f2dfdf 100644
--- a/windows/security/threat-protection/windows-defender-atp/exposed-apis-full-sample-powershell.md
+++ b/windows/security/threat-protection/windows-defender-atp/exposed-apis-full-sample-powershell.md
@@ -19,7 +19,7 @@ ms.date: 09/24/2018
# Windows Defender ATP APIs using PowerShell
**Applies to:**
-- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[PrereleaseĀ information](prerelease.md)]
@@ -48,7 +48,7 @@ Set-ExecutionPolicy -ExecutionPolicy Bypass
- Run the below
> - $tenantId: ID of the tenant on behalf of which you want to run the query (i.e., the query will be run on the data of this tenant)
-> - $appId: ID of your AAD app (the app must have 'Run advanced queries' permission to WDATP)
+> - $appId: ID of your AAD app (the app must have 'Run advanced queries' permission to Windows Defender ATP)
> - $appSecret: Secret of your AAD app
> - $suspiciousUrl: The URL
diff --git a/windows/security/threat-protection/windows-defender-atp/files-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/files-windows-defender-advanced-threat-protection-new.md
index 6a846b32c3..0491fe98c9 100644
--- a/windows/security/threat-protection/windows-defender-atp/files-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/files-windows-defender-advanced-threat-protection-new.md
@@ -14,14 +14,15 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 12/08/2017
---
# File resource type
+**Applies to:**
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[PrereleaseĀ information](prerelease.md)]
-Represent a file entity in WDATP.
+Represent a file entity in Windows Defender ATP.
# Methods
Method|Return Type |Description
@@ -49,5 +50,5 @@ fileProductName | String | Product name.
signer | String | File signer.
issuer | String | File issuer.
signerHash | String | Hash of the signing certificate.
-isValidCertificate | Boolean | Was signing certificate successfully verified by WDATP agent.
+isValidCertificate | Boolean | Was signing certificate successfully verified by Windows Defender ATP agent.
diff --git a/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md
index 907c5e5838..7e2ad2eaf1 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-machines-windows-defender-advanced-threat-protection-new.md
@@ -14,18 +14,16 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 12/08/2017
---
# List machines API
**Applies to:**
-
-- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[Prerelease information](prerelease.md)]
-- Retrieves a collection of machines that have communicated with WDATP cloud on the last 30 days.
+- Retrieves a collection of machines that have communicated with Windows Defender ATP cloud on the last 30 days.
- Get Machines collection API supports [OData V4 queries](https://www.odata.org/documentation/).
- The OData's Filter query is supported on: "Id", "ComputerDnsName", "LastSeen", "LastIpAddress", "HealthStatus", "OsPlatform", "RiskScore", "MachineTags" and "RbacGroupId".
- See examples at [OData queries with Windows Defender ATP](exposed-apis-odata-samples.md)
diff --git a/windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md
index 5300c35401..837155f677 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-ti-indicators-collection-windows-defender-advanced-threat-protection-new.md
@@ -19,7 +19,8 @@ ms.date: 12/08/2017
# List Indicators API
-**Applies to:** - Windows Defender Advanced Threat Protection (Windows Defender ATP)
+**Applies to:**
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[Prerelease information](prerelease.md)]
diff --git a/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection-new.md
index c0f03256f8..75c9bc7f08 100644
--- a/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/get-user-information-windows-defender-advanced-threat-protection-new.md
@@ -14,17 +14,14 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 12/08/2017
---
# Get user information API
+**Applies to:**
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[PrereleaseĀ information](prerelease.md)]
-**Applies to:**
-
-- Windows Defender Advanced Threat Protection (Windows Defender ATP)
-
Retrieve a User entity by key (user name).
## Permissions
diff --git a/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md
index c1e9c27b9c..01fe090eca 100644
--- a/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/licensing-windows-defender-advanced-threat-protection.md
@@ -57,7 +57,7 @@ When accessing [Windows Defender Security Center](https://SecurityCenter.Windows
1. Each time you access the portal you will need to validate that you are authorized to access the product. This **Set up your permissions** step will only be available if you are not currently authorized to access the product.
- 
+ 
Once the authorization step is completed, the **Welcome** screen will be displayed.
diff --git a/windows/security/threat-protection/windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md
index ca3d047a98..40687ef4f7 100644
--- a/windows/security/threat-protection/windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/machine-windows-defender-advanced-threat-protection-new.md
@@ -14,10 +14,11 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 11/11/2018
---
# Machine resource type
+**Applies to:**
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
# Methods
@@ -35,17 +36,17 @@ Property | Type | Description
:---|:---|:---
id | String | [machine](machine-windows-defender-advanced-threat-protection-new.md) identity.
computerDnsName | String | [machine](machine-windows-defender-advanced-threat-protection-new.md) fully qualified name.
-firstSeen | DateTimeOffset | First date and time where the [machine](machine-windows-defender-advanced-threat-protection-new.md) was observed by WDATP.
-lastSeen | DateTimeOffset | Last date and time where the [machine](machine-windows-defender-advanced-threat-protection-new.md) was observed by WDATP.
+firstSeen | DateTimeOffset | First date and time where the [machine](machine-windows-defender-advanced-threat-protection-new.md) was observed by Windows Defender ATP.
+lastSeen | DateTimeOffset | Last date and time where the [machine](machine-windows-defender-advanced-threat-protection-new.md) was observed by Windows Defender ATP.
osPlatform | String | OS platform.
osVersion | String | OS Version.
lastIpAddress | String | Last IP on local NIC on the [machine](machine-windows-defender-advanced-threat-protection-new.md).
lastExternalIpAddress | String | Last IP through which the [machine](machine-windows-defender-advanced-threat-protection-new.md) accessed the internet.
-agentVersion | String | Version of WDATP agent.
+agentVersion | String | Version of Windows Defender ATP agent.
osBuild | Nullable long | OS build number.
healthStatus | Enum | [machine](machine-windows-defender-advanced-threat-protection-new.md) health status. Possible values are: "Active", "Inactive", "ImpairedCommunication", "NoSensorData" and "NoSensorDataImpairedCommunication"
rbacGroupId | Int | RBAC Group ID.
rbacGroupName | String | RBAC Group Name.
-riskScore | Nullable Enum | Risk score as evaluated by WDATP. Possible values are: 'None', 'Low', 'Medium' and 'High'.
+riskScore | Nullable Enum | Risk score as evaluated by Windows Defender ATP. Possible values are: 'None', 'Low', 'Medium' and 'High'.
aadDeviceId | Nullable Guid | AAD Device ID (when [machine](machine-windows-defender-advanced-threat-protection-new.md) is Aad Joined).
machineTags | String collection | Set of [machine](machine-windows-defender-advanced-threat-protection-new.md) tags.
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md
index 29d142c046..c4f16727e0 100644
--- a/windows/security/threat-protection/windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/machineaction-windows-defender-advanced-threat-protection-new.md
@@ -20,7 +20,7 @@ ms.date: 12/08/2017
# MachineAction resource type
**Applies to:**
-- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[Prerelease information](prerelease.md)]
@@ -35,7 +35,7 @@ Method|Return Type |Description
[Restrict app execution](restrict-code-execution-windows-defender-advanced-threat-protection-new.md) | [Machine Action](machineaction-windows-defender-advanced-threat-protection-new.md) | Restrict application execution.
[Remove app restriction](unrestrict-code-execution-windows-defender-advanced-threat-protection-new.md) | [Machine Action](machineaction-windows-defender-advanced-threat-protection-new.md) | Remove application execution restriction.
[Run antivirus scan](run-av-scan-windows-defender-advanced-threat-protection-new.md) | [Machine Action](machineaction-windows-defender-advanced-threat-protection-new.md) | Run an AV scan using Windows Defender (when applicable).
-[Offboard machine](offboard-machine-api-windows-defender-advanced-threat-protection-new.md)|[Machine Action](machineaction-windows-defender-advanced-threat-protection-new.md) | Offboard [machine](machine-windows-defender-advanced-threat-protection-new.md) from WDATP.
+[Offboard machine](offboard-machine-api-windows-defender-advanced-threat-protection-new.md)|[Machine Action](machineaction-windows-defender-advanced-threat-protection-new.md) | Offboard [machine](machine-windows-defender-advanced-threat-protection-new.md) from Windows Defender ATP.
# Properties
Property | Type | Description
diff --git a/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md b/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md
index fcbd68ecec..3f4a20dcbc 100644
--- a/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md
+++ b/windows/security/threat-protection/windows-defender-atp/machineactionsnote.md
@@ -3,4 +3,4 @@ ms.date: 08/28/2017
author: zavidor
---
>[!Note]
-> This page focuses on performing a machine action via API. See [take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information about response actions functionality via WDATP.
+> This page focuses on performing a machine action via API. See [take response actions on a machine](respond-machine-alerts-windows-defender-advanced-threat-protection.md) for more information about response actions functionality via Windows Defender ATP.
diff --git a/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md
index a228a7ad08..50855b0351 100644
--- a/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/offboard-machine-api-windows-defender-advanced-threat-protection-new.md
@@ -14,16 +14,15 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 12/08/2017
---
# Offboard machine API
**Applies to:**
-- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[Prerelease information](prerelease.md)]
-Offboard machine from WDATP.
+Offboard machine from Windows Defender ATP.
[!include[Machine actions note](machineactionsnote.md)]
diff --git a/windows/security/threat-protection/windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md b/windows/security/threat-protection/windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md
index a059372f69..1116788ea1 100644
--- a/windows/security/threat-protection/windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md
+++ b/windows/security/threat-protection/windows-defender-atp/post-ti-indicator-windows-defender-advanced-threat-protection-new.md
@@ -19,7 +19,8 @@ ms.date: 12/08/2017
# Submit or Update Indicator API
-**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
+**Applies to:**
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[PrereleaseĀ information](prerelease.md)]
diff --git a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-powershell.md b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-powershell.md
index 88eb22a167..547b531909 100644
--- a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-powershell.md
+++ b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-powershell.md
@@ -19,7 +19,7 @@ ms.date: 09/24/2018
# Advanced Hunting using PowerShell
**Applies to:**
-- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+- [Windows Defender Advanced Threat Protection (Windows Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
[!include[PrereleaseĀ information](prerelease.md)]
@@ -65,7 +65,7 @@ $aadToken = $response.access_token
where
- $tenantId: ID of the tenant on behalf of which you want to run the query (i.e., the query will be run on the data of this tenant)
-- $appId: ID of your AAD app (the app must have 'Run advanced queries' permission to WDATP)
+- $appId: ID of your AAD app (the app must have 'Run advanced queries' permission to Windows Defender ATP)
- $appSecret: Secret of your AAD app
## Run query
diff --git a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md
index 2b39edf624..e823425018 100644
--- a/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md
+++ b/windows/security/threat-protection/windows-defender-atp/run-advanced-query-sample-python.md
@@ -65,7 +65,7 @@ aadToken = jsonResponse["access_token"]
where
- tenantId: ID of the tenant on behalf of which you want to run the query (i.e., the query will be run on the data of this tenant)
-- appId: ID of your AAD app (the app must have 'Run advanced queries' permission to WDATP)
+- appId: ID of your AAD app (the app must have 'Run advanced queries' permission to Windows Defender ATP)
- appSecret: Secret of your AAD app
## Run query