diff --git a/.acrolinx-config.edn b/.acrolinx-config.edn
index 82c001e81f..a3a07ef4f2 100644
--- a/.acrolinx-config.edn
+++ b/.acrolinx-config.edn
@@ -35,7 +35,7 @@
  "
 ## Acrolinx Scorecards
  
-**The minimum Acrolinx topic score of 65 is required for all MARVEL content merged to the default branch.**
+**The minimum Acrolinx topic score of 80 is required for all MARVEL content merged to the default branch.**
 
 If you need a scoring exception for content in this PR, add the *Sign off* and the *Acrolinx exception* labels to the PR. The PubOps Team will review the exception request and may take one or more of the following actions:
 
diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index 76f303dc00..d9d9223bc1 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -1699,6 +1699,11 @@
       "source_path": "windows/security/threat-protection/windows-defender-atp/manage-edr.md",
       "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/manage-edr",
       "redirect_document_id": true
+    },
+	{
+      "source_path": "windows/security/threat-protection/microsoft-defender-atp/manage-edrmanage-edr.md",
+      "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response",
+      "redirect_document_id": false
     },
     {
       "source_path": "windows/security/threat-protection/windows-defender-atp/management-apis.md",
@@ -13987,12 +13992,12 @@
     },
     {
       "source_path": "windows/manage/sign-up-windows-store-for-business.md",
-      "redirect_url": "https://docs.microsoft.com/microsoft-store/sign-up-windows-store-for-business",
+      "redirect_url": "https://docs.microsoft.com/microsoft-store/index.md",
       "redirect_document_id": true
     },
     {
       "source_path": "store-for-business/sign-up-windows-store-for-business.md",
-      "redirect_url": "https://docs.microsoft.com/microsoft-store/sign-up-microsoft-store-for-business",
+      "redirect_url": "https://docs.microsoft.com/microsoft-store/index.md",
       "redirect_document_id": false
     },
     {
@@ -16536,9 +16541,15 @@
       "redirect_document_id": true
     },
     {
-      "source_path": "windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-asr.md",
-      "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr",
+      "source_path": "windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md",
+      "redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventory-table",
+      "redirect_document_id": true
+    },
+    {
+      "source_path": "windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-enterprise.md",
+      "redirect_url": "https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference",
       "redirect_document_id": false
-    }
-  ]
+    },
+	  
+	    ]
 }
diff --git a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
index 7c44ef1c3b..9e05affa36 100644
--- a/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
+++ b/browsers/edge/microsoft-edge-kiosk-mode-deploy.md
@@ -162,12 +162,12 @@ With this method, you can use Microsoft Intune or other MDM services to configur
 
    |   |   |
    |---|---|
-   | **[ConfigureKioskMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurekioskmode)**<p>![](images/icon-thin-line-computer.png) | Configure the display mode for Microsoft Edge Legacy as a kiosk app.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureKioskMode<p>**Data type:**  Integer<p>**Allowed values:**<ul><li>**Single-app kiosk experience**<ul><li>**0** - Digital signage and interactive display</li><li>**1** - InPrivate Public browsing</li></ul></li><li>**Multi-app kiosk experience**<ul><li>**0** - Normal Microsoft Edge Legacy running in assigned access</li><li>**1** - InPrivate public browsing with other apps</li></ul></li></ul> |
-   | **[ConfigureKioskResetAfterIdleTimeout](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurekioskresetafteridletimeout)**<p>![](images/icon-thin-line-computer.png) | Change the time in minutes from the last user activity before Microsoft Edge Legacy kiosk mode resets the user's session.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureKioskResetAfterIdleTimeout<p>**Data type:** Integer<p>**Allowed values:**<ul><li>**0** - No idle timer</li><li>**1-1440 (5 minutes is the default)** - Set reset on idle timer</li></ul>  |
-   | **[HomePages](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-homepages)**<p>![](images/icon-thin-line-computer.png)  | Set one or more start pages, URLs, to load when Microsoft Edge Legacy launches.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/HomePages<p>**Data type:** String<p>**Allowed values:**<p>Enter one or more URLs, for example,<br>&nbsp;&nbsp;&nbsp;\<https://www.msn.com\>\<https:/www.bing.com\>  |
-   | **[ConfigureHomeButton](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurehomebutton)**<p>![](images/icon-thin-line-computer.png)  | Configure how the Home Button behaves.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureHomeButton<p>**Data type:** Integer<p> **Allowed values:**<ul><li>**0 (default)** - Not configured. Show home button, and load the default Start page.</li><li>**1** - Enabled. Show home button and load New Tab page</li><li>**2** - Enabled. Show home button & set a specific page.</li><li>**3** - Enabled. Hide the home button.</li></ul>   |
-   | **[SetHomeButtonURL](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-sethomebuttonurl)**<p>![](images/icon-thin-line-computer.png)   | If you set ConfigureHomeButton to 2, configure the home button URL.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/SetHomeButtonURL <p>**Data type:** String<p>**Allowed values:** Enter a URL, for example, https://www.bing.com   |
-   | **[SetNewTabPageURL](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-setnewtabpageurl)**<p>![](images/icon-thin-line-computer.png)   | Set a custom URL for the New Tab page.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/SetNewTabPageURL <p>**Data type:** String<p>**Allowed values:** Enter a URL, for example, https://www.msn.com    |
+   | **[ConfigureKioskMode](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurekioskmode)**<p>![Icon Mode](images/icon-thin-line-computer.png) | Configure the display mode for Microsoft Edge Legacy as a kiosk app.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureKioskMode<p>**Data type:**  Integer<p>**Allowed values:**<ul><li>**Single-app kiosk experience**<ul><li>**0** - Digital signage and interactive display</li><li>**1** - InPrivate Public browsing</li></ul></li><li>**Multi-app kiosk experience**<ul><li>**0** - Normal Microsoft Edge Legacy running in assigned access</li><li>**1** - InPrivate public browsing with other apps</li></ul></li></ul> |
+   | **[ConfigureKioskResetAfterIdleTimeout](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurekioskresetafteridletimeout)**<p>![Icon Timeout](images/icon-thin-line-computer.png) | Change the time in minutes from the last user activity before Microsoft Edge Legacy kiosk mode resets the user's session.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureKioskResetAfterIdleTimeout<p>**Data type:** Integer<p>**Allowed values:**<ul><li>**0** - No idle timer</li><li>**1-1440 (5 minutes is the default)** - Set reset on idle timer</li></ul>  |
+   | **[HomePages](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-homepages)**<p>![Icon HomePage](images/icon-thin-line-computer.png)  | Set one or more start pages, URLs, to load when Microsoft Edge Legacy launches.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/HomePages<p>**Data type:** String<p>**Allowed values:**<p>Enter one or more URLs, for example,<br>&nbsp;&nbsp;&nbsp;\<https://www.msn.com\>\<https:/www.bing.com\>  |
+   | **[ConfigureHomeButton](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-configurehomebutton)**<p>![Icon Configure](images/icon-thin-line-computer.png)  | Configure how the Home Button behaves.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/ConfigureHomeButton<p>**Data type:** Integer<p> **Allowed values:**<ul><li>**0 (default)** - Not configured. Show home button, and load the default Start page.</li><li>**1** - Enabled. Show home button and load New Tab page</li><li>**2** - Enabled. Show home button & set a specific page.</li><li>**3** - Enabled. Hide the home button.</li></ul>   |
+   | **[SetHomeButtonURL](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-sethomebuttonurl)**<p>![Icon Set Home](images/icon-thin-line-computer.png)   | If you set ConfigureHomeButton to 2, configure the home button URL.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/SetHomeButtonURL <p>**Data type:** String<p>**Allowed values:** Enter a URL, for example, https://www.bing.com   |
+   | **[SetNewTabPageURL](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-browser#browser-setnewtabpageurl)**<p>![Icon New Tab](images/icon-thin-line-computer.png)   | Set a custom URL for the New Tab page.<p><p>**URI full path:** ./Vendor/MSFT/Policy/Config/Browser/SetNewTabPageURL <p>**Data type:** String<p>**Allowed values:** Enter a URL, for example, https://www.msn.com    |
 
 
 **_Congratulations!_** <p>You’ve just finished setting up a kiosk or digital signage with policies for Microsoft Edge Legacy kiosk mode using Microsoft Intune or other MDM service.
diff --git a/store-for-business/TOC.md b/store-for-business/TOC.md
index bdfb8ea979..797c283b19 100644
--- a/store-for-business/TOC.md
+++ b/store-for-business/TOC.md
@@ -3,7 +3,6 @@
 ## [Sign up and get started](sign-up-microsoft-store-for-business-overview.md)
 ### [Microsoft Store for Business and Microsoft Store for Education overview](microsoft-store-for-business-overview.md)
 ### [Prerequisites for Microsoft Store for Business and Education](prerequisites-microsoft-store-for-business.md)
-### [Sign up for Microsoft Store for Business or Microsoft Store for Education](sign-up-microsoft-store-for-business.md)
 ### [Roles and permissions in the Microsoft Store for Business and Education](roles-and-permissions-microsoft-store-for-business.md)
 ### [Settings reference: Microsoft Store for Business and Education](settings-reference-microsoft-store-for-business.md)
 ## [Find and acquire apps](find-and-acquire-apps-overview.md)
diff --git a/store-for-business/acquire-apps-microsoft-store-for-business.md b/store-for-business/acquire-apps-microsoft-store-for-business.md
index 3989e6d860..3cec119295 100644
--- a/store-for-business/acquire-apps-microsoft-store-for-business.md
+++ b/store-for-business/acquire-apps-microsoft-store-for-business.md
@@ -5,16 +5,20 @@ ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: store
-author: TrudyHa
-ms.author: TrudyHa
-ms.date: 10/23/2018
+ms.author: cmcatee
+author: cmcatee-MSFT
+manager: scotv
 ms.reviewer: 
-manager: dansimp
 ms.topic: conceptual
 ms.localizationpriority: medium
+ms.date: 03/10/2021
 ---
 
 # Acquire apps in Microsoft Store for Business and Education
+
+> [!IMPORTANT]
+> Starting on April 14th, 2021, only free apps will be available in Microsoft Store for Business and Education. For more information, see [Microsoft Store for Business and Education](index.md).
+
 As an admin, you can acquire apps from the Microsoft Store for Business and Education for your employees. Some apps are free, and some have a price. For info on app types that are supported, see [Apps in the Microsoft Store for Business](apps-in-microsoft-store-for-business.md). The following sections explain some of the settings for shopping. 
 
 ## App licensing model
diff --git a/store-for-business/add-unsigned-app-to-code-integrity-policy.md b/store-for-business/add-unsigned-app-to-code-integrity-policy.md
index c57643bd16..fca2e9d796 100644
--- a/store-for-business/add-unsigned-app-to-code-integrity-policy.md
+++ b/store-for-business/add-unsigned-app-to-code-integrity-policy.md
@@ -3,16 +3,16 @@ title: Add unsigned app to code integrity policy (Windows 10)
 description: When you want to add an unsigned app to a code integrity policy, you need to start with a code integrity policy created from a reference device.
 ms.assetid: 580E18B1-2FFD-4EE4-8CC5-6F375BE224EA
 ms.reviewer: 
-manager: dansimp
 ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: store, security
-author: TrudyHa
-ms.author: TrudyHa
+ms.author: cmcatee
+author: cmcatee-MSFT
+manager: scotv
 ms.topic: conceptual
 ms.localizationpriority: medium
-ms.date: 10/17/2017
+ms.date: 03/10/2021
 ---
 
 # Add unsigned app to code integrity policy
@@ -99,7 +99,7 @@ After you're done, the files are saved to your desktop. You still need to sign t
 
 ## <a href="" id="catalog-signing-device-guard-portal"></a>Catalog signing with Device Guard signing portal
 
-To sign catalog files with the Device Guard signing portal, you need to be signed up with the Microsoft Store for Business. For more information, see [Sign up for the Microsoft Store for Business](sign-up-microsoft-store-for-business.md).
+To sign catalog files with the Device Guard signing portal, you need to be signed up with the Microsoft Store for Business.
 
 Catalog signing is a vital step to adding your unsigned apps to your code integrity policy.
 
diff --git a/store-for-business/index.md b/store-for-business/index.md
index 9ec42cc879..ff6016354d 100644
--- a/store-for-business/index.md
+++ b/store-for-business/index.md
@@ -2,21 +2,20 @@
 title: Microsoft Store for Business and Education (Windows 10)
 description: Welcome to the Microsoft Store for Business and Education. You can use Microsoft Store, to find, acquire, distribute, and manage apps for your organization or school.
 ms.assetid: 527E611E-4D47-44F0-9422-DCC2D1ACBAB8
-manager: dansimp
 ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: store
-author: TrudyHa
-ms.author: TrudyHa
+ms.author: cmcatee
+author: cmcatee-MSFT
+manager: scotv
 ms.topic: conceptual
 ms.localizationpriority: high
-ms.date: 05/14/2020
+ms.date: 03/10/2021
 ---
 
 # Microsoft Store for Business and Education
 
-
 **Applies to**
 
 -   Windows 10
@@ -24,6 +23,11 @@ ms.date: 05/14/2020
 
 Welcome to the Microsoft Store for Business and Education! You can use Microsoft Store to find, acquire, distribute, and manage apps for your organization or school.
 
+> [!IMPORTANT]
+> Starting April 14, 2021, all apps that charge a base price above free will no longer be available to buy in the Microsoft Store for Business and Education. If you’ve already bought a paid app, you can still use it, but no new purchases will be possible from businessstore.microsoft.com or educationstore.microsoft.com. Also, you won’t be able to buy additional licenses for apps you already bought. You can still assign and reassign licenses for apps that you already own and use the private store. Apps with a base price of “free” will still be available. This change doesn’t impact apps in the Microsoft Store on Windows 10.
+>
+> Also starting April 14, 2021, you must sign in with your Azure Active Directory (Azure AD) account before you browse Microsoft Store for Business and Education.
+
 ## In this section
 
 | Topic | Description |
diff --git a/store-for-business/microsoft-store-for-business-overview.md b/store-for-business/microsoft-store-for-business-overview.md
index 59be6fdc1c..69f8d80a62 100644
--- a/store-for-business/microsoft-store-for-business-overview.md
+++ b/store-for-business/microsoft-store-for-business-overview.md
@@ -3,16 +3,16 @@ title: Microsoft Store for Business and Microsoft Store for Education overview (
 description: With Microsoft Store for Business and Microsoft Store for Education, organizations and schools can make volume purchases of Windows apps.
 ms.assetid: 9DA71F6B-654D-4121-9A40-D473CC654A1C
 ms.reviewer: 
-manager: dansimp
 ms.prod: w10
 ms.pagetype: store, mobile
 ms.mktglfcycl: manage
 ms.sitesec: library
-author: TrudyHa
-ms.author: TrudyHa
+ms.author: cmcatee
+author: cmcatee-MSFT
+manager: scotv
 ms.topic: conceptual
 ms.localizationpriority: medium
-ms.date: 
+ms.date: 03/10/2021
 ---
 
 # Microsoft Store for Business and Microsoft Store for Education overview
@@ -22,6 +22,9 @@ ms.date:
 -   Windows 10
 -   Windows 10 Mobile
 
+> [!IMPORTANT]
+> Starting on April 14th, 2021, only free apps will be available in Microsoft Store for Business and Education. For more information, see [Microsoft Store for Business and Education](index.md).
+
 Designed for organizations, Microsoft Store for Business and Microsoft Store for Education give IT decision makers and administrators in businesses or schools a flexible way to find, acquire, manage, and distribute free and paid apps in select markets to Windows 10 devices in volume. IT administrators can manage Microsoft Store apps and private line-of-business apps in one inventory, plus assign and re-use licenses as needed. You can choose the best distribution method for your organization: directly assign apps to individuals and teams, publish apps to private pages in Microsoft Store, or connect with management solutions for more options.
 
 > [!IMPORTANT]
@@ -80,8 +83,6 @@ While not required, you can use a management tool to distribute and manage apps.
 
 The first step for getting your organization started with Store for Business and Education is signing up. Sign up using an existing account (the same one you use for Office 365, Dynamics 365, Intune, Azure, etc.) or we’ll quickly create an account for you. You must be a Global Administrator for your organization.
 
-For more information, see [Sign up for Store for Business and Education](sign-up-microsoft-store-for-business.md).
-
 ## Set up
 
 After your admin signs up for the Store for Business and Education, they can assign roles to other employees in your company or school. The admin needs Azure AD User Admin permissions to assign Microsoft Store for Business and Education roles. These are the roles and their permissions.
diff --git a/store-for-business/prerequisites-microsoft-store-for-business.md b/store-for-business/prerequisites-microsoft-store-for-business.md
index 0dc7ab9ece..46b104c6f6 100644
--- a/store-for-business/prerequisites-microsoft-store-for-business.md
+++ b/store-for-business/prerequisites-microsoft-store-for-business.md
@@ -3,16 +3,16 @@ title: Prerequisites for Microsoft Store for Business and Education (Windows 10)
 description: There are a few prerequisites for using Microsoft Store for Business or Microsoft Store for Education.
 ms.assetid: CEBC6870-FFDD-48AD-8650-8B0DC6B2651D
 ms.reviewer: 
-manager: dansimp
 ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: store
-author: TrudyHa
-ms.author: TrudyHa
+ms.author: cmcatee
+author: cmcatee-MSFT
+manager: scotv
 ms.topic: conceptual
 ms.localizationpriority: medium
-ms.date: 
+ms.date: 03/10/2021
 ---
 
 # Prerequisites for Microsoft Store for Business and Education
@@ -22,6 +22,9 @@ ms.date:
 -   Windows 10
 -   Windows 10 Mobile
 
+> [!IMPORTANT]
+> Starting on April 14th, 2021, only free apps will be available in Microsoft Store for Business and Education. For more information, see [Microsoft Store for Business and Education](index.md).
+
 > [!IMPORTANT]
 > Customers who are in the Office 365 GCC environment or are eligible to buy with government pricing cannot use Microsoft Store for Business.
 
diff --git a/store-for-business/roles-and-permissions-microsoft-store-for-business.md b/store-for-business/roles-and-permissions-microsoft-store-for-business.md
index 2163e6379a..0368064b89 100644
--- a/store-for-business/roles-and-permissions-microsoft-store-for-business.md
+++ b/store-for-business/roles-and-permissions-microsoft-store-for-business.md
@@ -4,19 +4,23 @@ description: The first person to sign in to Microsoft Store for Business or Micr
 keywords: roles, permissions
 ms.assetid: CB6281E1-37B1-4B8B-991D-BC5ED361F1EE
 ms.reviewer: 
-manager: dansimp
 ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: store
-author: TrudyHa
-ms.author: TrudyHa
+ms.author: cmcatee
+author: cmcatee-MSFT
+manager: scotv
 ms.topic: conceptual
 ms.localizationpriority: medium
-ms.date: 03/01/2019
+ms.date: 03/10/2021
 ---
 
 # Roles and permissions in Microsoft Store for Business and Education
+
+> [!IMPORTANT]
+> Starting on April 14th, 2021, only free apps will be available in Microsoft Store for Business and Education. For more information, see [Microsoft Store for Business and Education](index.md).
+
 The first person to sign in to Microsoft Store for Business or Microsoft Store for Education must be a Global Admin of the Azure Active Directory (AD) tenant. Once the Global Admin has signed in, they can give permissions to others employees.
 
 Microsoft Store for Business and Education has a set of roles that help admins and employees manage access to apps and tasks for Microsoft Store. Employees with these roles will need to use their Azure AD account to access the Store. Global Administrators and global user accounts that are used with other Microsoft services, such as Azure, or Office 365 can sign in to Microsoft Store. Global user accounts have some permissions in Microsoft Store, and Microsoft Store has a set of roles that help IT admins and employees manage access to apps and tasks for Microsoft Store.
diff --git a/store-for-business/sign-up-microsoft-store-for-business-overview.md b/store-for-business/sign-up-microsoft-store-for-business-overview.md
index 68548aeb8b..1ee40ab070 100644
--- a/store-for-business/sign-up-microsoft-store-for-business-overview.md
+++ b/store-for-business/sign-up-microsoft-store-for-business-overview.md
@@ -3,16 +3,16 @@ title: Sign up and get started (Windows 10)
 description: IT admins can sign up for the Microsoft Store for Business or Microsoft Store for Education and get started working with apps.
 ms.assetid: 87C6FA60-3AB9-4152-A85C-6A1588A20C7B
 ms.reviewer: 
-manager: dansimp
 ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: store
-author: TrudyHa
-ms.author: TrudyHa
+ms.author: cmcatee
+author: cmcatee-MSFT
+manager: scotv
 ms.topic: conceptual
 ms.localizationpriority: medium
-ms.date: 10/03/2019
+ms.date: 03/10/2021
 ---
 
 # Sign up and get started
@@ -24,13 +24,15 @@ ms.date: 10/03/2019
 
 IT admins can sign up for Microsoft Store for Business and Education, and get started working with apps.
 
+> [!IMPORTANT]
+> Starting on April 14th, 2021, only free apps will be available in Microsoft Store for Business and Education. For more information, see [Microsoft Store for Business and Education](index.md).
+
 ## In this section
 
 | Topic | Description |
 | ----- | ----------- |
 | [Microsoft Store for Business and Education overview](windows-store-for-business-overview.md) | Learn about Microsoft Store for Business. |
 | [Prerequisites for Microsoft Store for Business and Education](https://docs.microsoft.com/microsoft-store/prerequisites-microsoft-store-for-business) | There are a few prerequisites for using Microsoft Store for Business and Education.](https://docs.microsoft.com/microsoft-store/prerequisites-microsoft-store-for-business) |
-| [Sign up for Microsoft Store for Business or Microsoft Store for Education](https://docs.microsoft.com/microsoft-store/sign-up-microsoft-store-for-business) | Before you sign up for Store for Business and Education, at a minimum, you'll need an Azure Active Directory (AD) or Office 365 account for your organization, and you'll need to be the global administrator for your organization. If your organization is already using Azure AD, you can go ahead and sign up for Store for Business. If not, we'll help you create an Azure AD or Office 365 account and directory as part of the sign up process. |
 | [Roles and permissions in Microsoft Store for Business and Education](https://docs.microsoft.com/microsoft-store/roles-and-permissions-microsoft-store-for-business)| The first person to sign in to Microsoft Store for Business and Education must be a Global Admin of the Azure Active Directory (AD) tenant. Once the Global Admin has signed in, they can give permissions to others employees. |
 | [Settings reference: Microsoft Store for Business and Education](https://docs.microsoft.com/microsoft-store/settings-reference-microsoft-store-for-business) | Microsoft Store for Business and Education has a group of settings that admins use to manage the store. |
 
diff --git a/store-for-business/sign-up-microsoft-store-for-business.md b/store-for-business/sign-up-microsoft-store-for-business.md
deleted file mode 100644
index 42f4df57b1..0000000000
--- a/store-for-business/sign-up-microsoft-store-for-business.md
+++ /dev/null
@@ -1,105 +0,0 @@
----
-title: Sign up for Microsoft Store for Business or Microsoft Store for Education (Windows 10)
-description: Before you sign up for Microsoft Store for Business or Microsoft Store for Education, at a minimum, you'll need an Azure Active Directory (AD) account for your organization, and you'll need to be the global administrator for your organization.
-ms.assetid: 296AAC02-5C79-4999-B221-4F5F8CEA1F12
-ms.reviewer: 
-manager: dansimp
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.pagetype: store
-author: TrudyHa
-ms.author: TrudyHa
-ms.topic: conceptual
-ms.localizationpriority: medium
-ms.date: 10/17/2017
----
-
-# Sign up for Microsoft Store for Business or Microsoft Store for Education
-
-
-**Applies to**
-
--   Windows 10
--   Windows 10 Mobile
-
-Before you sign up for Microsoft Store for Business or Microsoft Store for Education, you'll need an Azure Active Directory (AD) or Office 365 account for your organization, and you'll need to be the global administrator for your organization. If your organization is already using Azure AD, you can go ahead and sign up for Microsoft Store for Business or Microsoft Store for Education. If not, we'll help you create an Azure AD or Office 365 account and directory as part of the sign up process.
-
-## Sign up for Microsoft Store
-
-
-Before signing up for Microsoft Store, make sure you're the global administrator for your organization.
-
-**To sign up for Microsoft Store**
-
-1.  Go to [https://www.microsoft.com/business-store](https://www.microsoft.com/business-store), or [https://www.microsoft.com/education-store](https://www.microsoft.com/education-store) and click **Sign up**.
-
-    -   If you start Microsoft Store sign-up process, and don't have an Azure AD directory for your organization, we'll help you create one. For more info, see [Sign up for Azure AD accounts](#o365-welcome).
-
-    <!-- -->
-
-    -   If you already have an Azure AD directory, you'll [sign in to Store for Business](#sign-in), and then accept Store for Business terms.
-
-    ![Image showing Microsoft Store for Business page with invitation to sign up, or sign in.](images/wsfb-landing.png)
-
-    **To sign up for Azure AD accounts through Office 365 for Business**
-
-    -   <a href="" id="o365-welcome"></a>Signing up for Microsoft Store will create an Azure AD directory and global administrator account for you. There are just a few steps.
-
-        Step 1: About you.
-
-        Type the required info and click **Next.**
-
-        ![Image showing Welcome page for sign up process.](images/wsfb-onboard-1.png)
-
-    -   Step 2: Create an ID.
-
-        We'll use info you provided on the previous page to build your user ID. Check the info and click **Next**.
-
-        ![Image showing Create your user ID page for sign up process.](images/wsfb-onboard-2.png)
-
-    -   Step 3: You're in.
-
-        Let us know how you'd like to receive a verification code, and click either **Text me**, or **Call me**. We'll send you a verification code
-
-        ![Image showing confirmation page as part of sign up process.](images/wsfb-onboard-3.png)
-
-    -   Verification.
-
-        Type your verification code and click **Create my account**.
-
-        ![Image showing verification code step.](images/wsfb-onboard-4.png)
-
-    -   Save this info.
-
-        Be sure to save the portal sign-in page and your user ID info. Click **You're ready to go**.
-
-        ![Image showing sign-in page and user ID for Microsoft Store for Business.](images/wsfb-onboard-5.png)
-
-    -   At this point, you'll have an Azure AD directory created with one user account. That user account is the global administrator. You can use that account to sign in to Store for Business.
-
-2.  <a href="" id="sign-in"></a>Sign in with your Azure AD account.
-
-    ![Image showing sign-in page for Microsoft Store for Business.](images/wsfb-onboard-7.png)
-
-3.  <a href="" id="accept-terms"></a>Read through and accept Microsoft Store for Business and Education terms.
-
-4.  Welcome to the Store for Business. Click **Next** to continue.
-
-    ![Image showing welcome message for Microsoft Store for business.](images/wsfb-firstrun.png)
-
-## Next steps
-
-After signing up for Microsoft Store for Business or Microsoft Store for Education, you can:
-
-- **Add users to your Azure AD directory**. If you created your Azure AD directory during sign up, additional user accounts are required for employees to install apps you assign to them, or to browse the private store in Store app. For more information, see [Manage user accounts in Microsoft Store for Business and Education](manage-users-and-groups-microsoft-store-for-business.md).
-- **Assign roles to employees**. For more information, see [Roles and permissions in Microsoft Store for Business and Education](roles-and-permissions-microsoft-store-for-business.md).
-
- 
-
- 
-
-
-
-
-
diff --git a/windows/client-management/advanced-troubleshooting-wireless-network-connectivity.md b/windows/client-management/advanced-troubleshooting-wireless-network-connectivity.md
index ce50bd2b54..ff1064cbbf 100644
--- a/windows/client-management/advanced-troubleshooting-wireless-network-connectivity.md
+++ b/windows/client-management/advanced-troubleshooting-wireless-network-connectivity.md
@@ -86,14 +86,14 @@ See the [example ETW capture](#example-etw-capture) at the bottom of this articl
 The following is a high-level view of the main wifi components in Windows.
 
 <table>
-<tr><td><img src="images/wcm.png"></td><td>The <b>Windows Connection Manager</b> (Wcmsvc) is closely associated with the UI controls (taskbar icon) to connect to various networks, including wireless networks. It accepts and processes input from the user and feeds it to the core wireless service. </td></tr>
-<tr><td><img src="images/wlan.png"></td><td>The <b>WLAN Autoconfig Service</b> (WlanSvc) handles the following core functions of wireless networks in windows:
+<tr><td><img src="images/wcm.png" alt="Windows Connection Manager"></td><td>The <b>Windows Connection Manager</b> (Wcmsvc) is closely associated with the UI controls (taskbar icon) to connect to various networks, including wireless networks. It accepts and processes input from the user and feeds it to the core wireless service. </td></tr>
+<tr><td><img src="images/wlan.png" alt="WLAN Autoconfig Service"></td><td>The <b>WLAN Autoconfig Service</b> (WlanSvc) handles the following core functions of wireless networks in windows:
 
 - Scanning for wireless networks in range
 - Managing connectivity of wireless networks</td></tr>
-<tr><td><img src="images/msm.png"></td><td>The <b>Media Specific Module</b> (MSM) handles security aspects of connection being established.</td></tr>
-<tr><td><img src="images/wifi-stack.png"></td><td>The <b>Native WiFi stack</b> consists of drivers and wireless APIs to interact with wireless miniports and the supporting user-mode Wlansvc.</td></tr>
-<tr><td><img src="images/miniport.png"></td><td>Third-party <b>wireless miniport</b> drivers interface with the upper wireless stack to provide notifications to and receive commands from Windows.</td></tr>
+<tr><td><img src="images/msm.png" alt="Media Specific Module"></td><td>The <b>Media Specific Module</b> (MSM) handles security aspects of connection being established.</td></tr>
+<tr><td><img src="images/wifi-stack.png" alt="Native WiFi stack"></td><td>The <b>Native WiFi stack</b> consists of drivers and wireless APIs to interact with wireless miniports and the supporting user-mode Wlansvc.</td></tr>
+<tr><td><img src="images/miniport.png" alt="Wireless miniport"></td><td>Third-party <b>wireless miniport</b> drivers interface with the upper wireless stack to provide notifications to and receive commands from Windows.</td></tr>
 </table>
 
 
diff --git a/windows/client-management/mandatory-user-profile.md b/windows/client-management/mandatory-user-profile.md
index 211519bdec..68d135449d 100644
--- a/windows/client-management/mandatory-user-profile.md
+++ b/windows/client-management/mandatory-user-profile.md
@@ -16,7 +16,6 @@ ms.topic: article
 # Create mandatory user profiles
 
 **Applies to**
-
 - Windows 10
 
 A mandatory user profile is a roaming user profile that has been pre-configured by an administrator to specify settings for users. Settings commonly defined in a mandatory profile include (but are not limited to): icons that appear on the desktop, desktop backgrounds, user preferences in Control Panel, printer selections, and more. Configuration changes made during a user's session that are normally saved to a roaming user profile are not saved when a mandatory user profile is assigned.
@@ -76,7 +75,7 @@ First, you create a default user profile with the customizations that you want,
    > [!TIP]
    > If you receive an error message that says "Sysprep was not able to validate your Windows installation", open %WINDIR%\\System32\\Sysprep\\Panther\\setupact.log and look for an entry like the following:
    >
-   > ![Microsoft Bing Translator package](images/sysprep-error.png)
+   > ![Microsoft Bing Translator package error](images/sysprep-error.png)
    >
    > Use the [Remove-AppxProvisionedPackage](https://docs.microsoft.com/powershell/module/dism/remove-appxprovisionedpackage?view=win10-ps) and [Remove-AppxPackage -AllUsers](https://docs.microsoft.com/powershell/module/appx/remove-appxpackage?view=win10-ps) cmdlet in Windows PowerShell to uninstall the app that is listed in the log.
 
@@ -86,20 +85,24 @@ First, you create a default user profile with the customizations that you want,
 
 1. In **User Profiles**, click **Default Profile**, and then click **Copy To**.
 
-   ![Example of UI](images/copy-to.png)
+
+   ![Example of User Profiles UI](images/copy-to.png)
 
 1. In **Copy To**, under **Permitted to use**, click **Change**.
 
-   ![Example of UI](images/copy-to-change.png)
+   ![Example of Copy To UI](images/copy-to-change.png)
 
 1. In **Select User or Group**, in the **Enter the object name to select** field, type `everyone`, click **Check Names**, and then click **OK**.
 
 1. In **Copy To**, in the **Copy profile to** field, enter the path and folder name where you want to store the mandatory profile. The folder name must use the correct [extension](#profile-extension-for-each-windows-version) for the operating system version. For example, the folder name must end with ".v6" to identify it as a user profile folder for Windows 10, version 1607.
 
    - If the device is joined to the domain and you are signed in with an account that has permissions to write to a shared folder on the network, you can enter the shared folder path.
+
+   ![Example of Copy profile to](images/copy-to-path.png)
+
    - If the device is not joined to the domain, you can save the profile locally and then copy it to the shared folder location.
 
-   ![Example of UI](images/copy-to-path.png)
+   ![Example of Copy To UI with UNC path](images/copy-to-path.png)
 
 1. Click **OK** to copy the default user profile.
 
diff --git a/windows/client-management/mdm/TOC.md b/windows/client-management/mdm/TOC.md
index 0b6429d817..9466d902dc 100644
--- a/windows/client-management/mdm/TOC.md
+++ b/windows/client-management/mdm/TOC.md
@@ -165,7 +165,6 @@
 #### [Policies in Policy CSP supported by HoloLens 2](policy-csps-supported-by-hololens2.md)
 #### [Policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite](policy-csps-supported-by-hololens-1st-gen-commercial-suite.md)
 #### [Policies in Policy CSP supported by HoloLens (1st gen) Development Edition](policy-csps-supported-by-hololens-1st-gen-development-edition.md)
-#### [Policies in Policy CSP supported by Windows 10 IoT Enterprise](policy-csps-supported-by-iot-enterprise.md)
 #### [Policies in Policy CSP supported by Windows 10 IoT Core](policy-csps-supported-by-iot-core.md)
 #### [Policies in Policy CSP supported by Microsoft Surface Hub](policy-csps-supported-by-surface-hub.md)
 #### [Policy CSPs that can be set using Exchange Active Sync (EAS)](policy-csps-that-can-be-set-using-eas.md)
diff --git a/windows/client-management/mdm/accounts-csp.md b/windows/client-management/mdm/accounts-csp.md
index 455f749b5b..498abd7018 100644
--- a/windows/client-management/mdm/accounts-csp.md
+++ b/windows/client-management/mdm/accounts-csp.md
@@ -11,15 +11,24 @@ ms.reviewer:
 manager: dansimp
 ---
 
-# Accounts CSP 
+# Accounts Configuration Service Provider 
 
 
 The Accounts configuration service provider (CSP) is used by the enterprise (1) to rename a device, (2) to create a new local Windows account and join it to a local user group. This CSP was added in Windows 10, version 1803.
 
 
-The following diagram shows the Accounts configuration service provider in tree format.
+The following shows the Accounts configuration service provider in tree format.
 
-![Accounts CSP diagram](images/provisioning-csp-accounts.png) 
+```
+./Device/Vendor/MSFT
+Accounts
+----Domain
+--------ComputerName
+----Users
+--------UserName
+------------Password
+------------LocalUserGroup
+```
 
 <a href="" id="accounts"></a>**./Device/Vendor/MSFT/Accounts**  
 Root node.
diff --git a/windows/client-management/mdm/activesync-csp.md b/windows/client-management/mdm/activesync-csp.md
index 37f6157570..927e9b9e0a 100644
--- a/windows/client-management/mdm/activesync-csp.md
+++ b/windows/client-management/mdm/activesync-csp.md
@@ -19,8 +19,8 @@ The ActiveSync configuration service provider is used to set up and change setti
 
 Configuring Windows Live ActiveSync accounts through this configuration service provider is not supported.
 
-> **Note**  
-The target user must be logged in for the CSP to succeed. The correct way to configure an account is to use the ./User/Vendor/MSFT/ActiveSync path.
+> [!NOTE]
+> The target user must be logged in for the CSP to succeed. The correct way to configure an account is to use the ./User/Vendor/MSFT/ActiveSync path.
 
 On the desktop, only per user configuration (./User/Vendor/MSFT/ActiveSync) is supported. However, the ./Vendor/MSFT/ActiveSync path will work if the user is logged in. The CSP fails when no user is logged in.
 
@@ -28,15 +28,45 @@ The ./Vendor/MSFT/ActiveSync path is deprecated, but will continue to work in th
 
  
 
-The following diagram shows the ActiveSync configuration service provider management objects in tree format as used by Open Mobile Alliance Device Management (OMA DM), OMA Client Provisioning, and Enterprise DM.
+The following shows the ActiveSync configuration service provider management objects in tree format as used by Open Mobile Alliance Device Management (OMA DM), OMA Client Provisioning, and Enterprise DM.
 
-![activesync csp (cp)](images/provisioning-csp-activesync-cp.png)
+```
+./Vendor/MSFT
+ActiveSync
+----Accounts
+--------Account GUID
+------------EmailAddress
+------------Domain
+------------AccountIcon
+------------AccountType
+------------AccountName
+------------Password
+------------ServerName
+------------UserName
+------------Options
+----------------CalendarAgeFilter
+----------------Logging
+----------------MailBodyType
+----------------MailHTMLTruncation
+----------------MailPlainTextTruncation
+----------------Schedule
+----------------UseSSL
+----------------MailAgeFilter
+----------------ContentTypes
+--------------------Content Type GUID
+------------------------Enabled
+------------------------Name
+------------Policies
+----------------MailBodyType
+----------------MaxMailAgeFilter
+
+```
 
 <a href="" id="--user-vendor-msft-activesync"></a>**./User/Vendor/MSFT/ActiveSync**  
 The root node for the ActiveSync configuration service provider.
 
-> **Note**  
-The target user must be logged in for the CSP to succeed. The correct way to configure an account is to use the ./User/Vendor/MSFT/ActiveSync path.
+> [!NOTE]
+> The target user must be logged in for the CSP to succeed. The correct way to configure an account is to use the ./User/Vendor/MSFT/ActiveSync path.
 
 On the desktop, only per user configuration (./User/Vendor/MSFT/ActiveSync) is supported. However, the ./Vendor/MSFT/ActiveSync will work if the user is logged in. The CSP fails when no user is logged in.
 
@@ -231,10 +261,10 @@ Valid values are one of the following:
 <a href="" id="options-contenttypes-content-type-guid-name"></a>**Options/ContentTypes/*Content Type GUID*/Name**  
 Required. A character string that specifies the name of the content type.
 
-> **Note**  In Windows 10, this node is currently not working.
+> [!NOTE]
+> In Windows 10, this node is currently not working.
 
  
-
 Supported operations are Get, Replace, and Add (cannot Add after the account is created).
 
 When you use Add or Replace inside an atomic block in the SyncML, the CSP returns an error and provisioning fails. When you use Add or Replace outside of the atomic block, the error is ignored and the account is provisioned as expected.
diff --git a/windows/client-management/mdm/alljoynmanagement-csp.md b/windows/client-management/mdm/alljoynmanagement-csp.md
index e4d45bd4fd..3dfd62f711 100644
--- a/windows/client-management/mdm/alljoynmanagement-csp.md
+++ b/windows/client-management/mdm/alljoynmanagement-csp.md
@@ -17,8 +17,8 @@ ms.date: 06/26/2017
 
 The AllJoynManagement configuration service provider (CSP) allows an IT administrator to enumerate the AllJoyn devices that are connected to the AllJoyn bus. The devices must support the Microsoft AllJoyn configuration interface (com.microsoft.alljoynmanagement.config). You can also push configuration files to the same devices. To populate the various nodes when setting new configuration, we recommend that you do a query first, to get the actual values for all the nodes in all the attached devices. You can then use the information from the query to set the node values when pushing the new configuration.
 
-> **Note**  
-The AllJoynManagement configuration service provider (CSP) is only supported in Windows 10 IoT Core (IoT Core).
+> [!NOTE]
+> The AllJoynManagement configuration service provider (CSP) is only supported in Windows 10 IoT Core (IoT Core).
 
 This CSP was added in Windows 10, version 1511.
 
@@ -26,9 +26,37 @@ This CSP was added in Windows 10, version 1511.
 
 For the firewall settings, note that PublicProfile and PrivateProfile are mutually exclusive. The Private Profile must be set on the directly on the device itself, and the only supported operation is Get. For PublicProfile, both Add and Get are supported. This CSP is intended to be used in conjunction with the AllJoyn Device System Bridge, and an understanding of the bridge will help when determining when and how to use this CSP. For more information, see [Device System Bridge (DSB) Project](https://go.microsoft.com/fwlink/p/?LinkId=615876) and [AllJoyn Device System Bridge](https://go.microsoft.com/fwlink/p/?LinkId=615877).
 
-The following diagram shows the AllJoynManagement configuration service provider in tree format
+The following shows the AllJoynManagement configuration service provider in tree format
 
-![alljoynmanagement csp diagram](images/provisioning-csp-alljoynmanagement.png)
+```
+./Vendor/MSFT
+AllJoynManagement
+----Configurations
+--------ServiceID
+------------Port
+----------------PortNum
+--------------------ConfigurableObjects
+------------------------CfgObjectPath
+----Credentials
+--------ServiceID
+------------Key
+----Firewall
+--------PublicProfile
+--------PrivateProfile
+----Services
+--------ServiceID
+------------AppId
+------------DeviceId
+------------AppName
+------------Manufacturer
+------------ModelNumber
+------------Description
+------------SoftwareVersion
+------------AJSoftwareVersion
+------------HardwareVersion
+----Options
+--------QueryIdleTime
+```
 
 The following list describes the characteristics and parameters.
 
diff --git a/windows/client-management/mdm/applicationcontrol-csp.md b/windows/client-management/mdm/applicationcontrol-csp.md
index 2c64c89cd9..5bfdda98df 100644
--- a/windows/client-management/mdm/applicationcontrol-csp.md
+++ b/windows/client-management/mdm/applicationcontrol-csp.md
@@ -1,6 +1,6 @@
 ---
 title: ApplicationControl CSP
-description: The ApplicationControl CSP allows you to manage multiple Windows Defender Application Control (WDAC) policies from a MDM server.
+description: The ApplicationControl CSP allows you to manage multiple Windows Defender Application Control (WDAC) policies from an MDM server.
 keywords: security, malware
 ms.author: dansimp
 ms.topic: article
@@ -16,10 +16,33 @@ ms.date: 09/10/2020
 Windows Defender Application Control (WDAC) policies can be managed from an MDM server or locally using PowerShell via the WMI Bridge through the ApplicationControl configuration service provider (CSP). The ApplicationControl CSP was added in Windows 10, version 1903. This CSP provides expanded diagnostic capabilities and support for [multiple policies](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies) (introduced in Windows 10, version 1903). It also provides support for rebootless policy deployment (introduced in Windows 10, version 1709). Unlike the [AppLocker CSP](applocker-csp.md), the ApplicationControl CSP correctly detects the presence of no-reboot option and consequently does not schedule a reboot.
 Existing WDAC policies deployed using the AppLocker CSP's CodeIntegrity node can now be deployed using the ApplicationControl CSP URI. Although WDAC policy deployment via the AppLocker CSP will continue to be supported, all new feature work will be done in the ApplicationControl CSP only.
 
-The following diagram shows the ApplicationControl CSP in tree format.
-
-![tree diagram for applicationcontrol csp](images/provisioning-csp-applicationcontrol.png)
+The following shows the ApplicationControl CSP in tree format.
 
+```
+./Vendor/MSFT
+ApplicationControl
+----Policies
+--------Policy GUID
+------------Policy
+------------PolicyInfo
+----------------Version
+----------------IsEffective
+----------------IsDeployed
+----------------IsAuthorized
+----------------Status
+----------------FriendlyName
+------------Token
+----------------TokenID
+----Tokens
+--------ID
+------------Token
+------------TokenInfo
+----------------Status
+------------PolicyIDs
+----------------Policy GUID
+----TenantID
+----DeviceID
+```
 <a href="" id="vendor-msft-applicationcontrol"></a>**./Vendor/MSFT/ApplicationControl**  
 Defines the root node for the ApplicationControl CSP.
 
@@ -99,7 +122,7 @@ The following table provides the result of this policy based on different values
 |False|False|True|Not Reachable.|
 |False|False|False|*Not Reachable.|
 
-`*` denotes a valid intermediary state; however, if an MDM transaction results in this state configuration, the END_COMMAND_PROCESSING will result in a fail.
+\* denotes a valid intermediary state; however, if an MDM transaction results in this state configuration, the END_COMMAND_PROCESSING will result in a fail.
 
 <a href="" id="applicationcontrol-policies-policyguid-policyinfo-status"></a>**ApplicationControl/Policies/_Policy GUID_/PolicyInfo/Status**  
 This node specifies whether the deployment of the policy indicated by the GUID was successful.
@@ -117,7 +140,7 @@ Value type is char.
 
 ## Microsoft Endpoint Manager (MEM) Intune Usage Guidance  
 
-For customers using Intune standalone or hybrid management with Configuration Manager (MEMCM) to deploy custom policies via the ApplicationControl CSP, refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune)
+For customers using Intune standalone or hybrid management with Configuration Manager (MEMCM) to deploy custom policies via the ApplicationControl CSP, refer to [Deploy Windows Defender Application Control policies by using Microsoft Intune](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune).
 
 ## Generic MDM Server Usage Guidance
 
@@ -125,11 +148,11 @@ In order to leverage the ApplicationControl CSP without using Intune, you must:
 
 1. Know a generated policy's GUID, which can be found in the policy xml as `<PolicyID>` or `<PolicyTypeID>` for pre-1903 systems.
 2. Convert the policies to binary format using the ConvertFrom-CIPolicy cmdlet in order to be deployed. The binary policy may be signed or unsigned.
-3. Create a policy node (a Base64-encoded blob of the binary policy representation) using the certutil -encode command line tool.
+3. Create a policy node (a Base64-encoded blob of the binary policy representation) using the certutil -encode command-line tool.
 
 Below is a sample certutil invocation:
 
-```cmd
+```console
 certutil  -encode WinSiPolicy.p7b WinSiPolicy.cer
 ```
 
@@ -141,7 +164,7 @@ An alternative to using certutil would be to use the following PowerShell invoca
 
 ### Deploy Policies
 
-To deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the the Format section in the Example 1 below.
+To deploy a new base policy using the CSP, perform an ADD on **./Vendor/MSFT/ApplicationControl/Policies/_Policy GUID_/Policy** using the Base64-encoded policy node as {Data}. Refer to the Format section in the Example 1 below.
 
 To deploy base policy and supplemental policies:
 
@@ -285,7 +308,7 @@ The ApplicationControl CSP can also be managed locally from PowerShell or via Mi
 Run the following command. PolicyID is a GUID which can be found in the policy xml, and should be used here without braces.
 
 ```powershell
-    New-CimInstance -Namespace $namespace -ClassName $policyClassName -Property @{ParentID="./Vendor/MSFT/ApplicationControl/Policies";InstanceID="<PolicyID>";Policy=$policyBase64}
+New-CimInstance -Namespace $namespace -ClassName $policyClassName -Property @{ParentID="./Vendor/MSFT/ApplicationControl/Policies";InstanceID="<PolicyID>";Policy=$policyBase64}
 ```
 
 ### Querying all policies via WMI Bridge
diff --git a/windows/client-management/mdm/applocker-csp.md b/windows/client-management/mdm/applocker-csp.md
index 362aae37c3..bfc182df79 100644
--- a/windows/client-management/mdm/applocker-csp.md
+++ b/windows/client-management/mdm/applocker-csp.md
@@ -17,10 +17,54 @@ ms.date: 11/19/2019
 
 The AppLocker configuration service provider is used to specify which applications are allowed or disallowed. There is no user interface shown for apps that are blocked.
 
-The following diagram shows the AppLocker configuration service provider in tree format.
-
-![applocker csp](images/provisioning-csp-applocker.png)
-
+The following shows the AppLocker configuration service provider in tree format.
+```
+./Vendor/MSFT
+AppLocker
+----ApplicationLaunchRestrictions
+--------Grouping
+------------EXE
+----------------Policy
+----------------EnforcementMode
+----------------NonInteractiveProcessEnforcement
+------------MSI
+----------------Policy
+----------------EnforcementMode
+------------Script
+----------------Policy
+----------------EnforcementMode
+------------StoreApps
+----------------Policy
+----------------EnforcementMode
+------------DLL
+----------------Policy
+----------------EnforcementMode
+----------------NonInteractiveProcessEnforcement
+------------CodeIntegrity
+----------------Policy
+----EnterpriseDataProtection
+--------Grouping
+------------EXE
+----------------Policy
+------------StoreApps
+----------------Policy
+----LaunchControl
+--------Grouping
+------------EXE
+----------------Policy
+----------------EnforcementMode
+------------StoreApps
+----------------Policy
+----------------EnforcementMode
+----FamilySafety
+--------Grouping
+------------EXE
+----------------Policy
+----------------EnforcementMode
+------------StoreApps
+----------------Policy
+----------------EnforcementMode
+```
 <a href="" id="--vendor-msft-applocker"></a>**./Vendor/MSFT/AppLocker**  
 Defines the root node for the AppLocker configuration service provider.
 
@@ -288,7 +332,7 @@ The following table show the mapping of information to the AppLocker publisher r
 
 Here is an example AppLocker publisher rule:
 
-``` syntax
+```xml
 <FilePublisherCondition PublisherName="CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US" ProductName="Microsoft.Reader" BinaryName="*">
   <BinaryVersionRange LowSection="*" HighSection="*" />
 </FilePublisherCondition>
@@ -299,7 +343,9 @@ You can get the publisher name and product name of apps using a web API.
 **To find publisher and product name for Microsoft apps in Microsoft Store for Business**
 
 1.  Go to the Microsoft Store for Business website, and find your app. For example, Microsoft OneNote.
+
 2.  Copy the ID value from the app URL. For example, Microsoft OneNote's ID URL is https://www.microsoft.com/store/apps/onenote/9wzdncrfhvjl, and you'd copy the ID value, **9wzdncrfhvjl**.
+
 3.  In your browser, run the Store for Business portal web API, to return a JavaScript Object Notation (JSON) file that includes the publisher and product name values.
 
     <table>
@@ -322,13 +368,13 @@ Here is the example for Microsoft OneNote:
 
 Request
 
-``` syntax
+```http
 https://bspmts.mp.microsoft.com/v1/public/catalog/Retail/Products/9wzdncrfhvjl/applockerdata
 ```
 
 Result
 
-``` syntax
+```json
 {
   "packageFamilyName": "Microsoft.Office.OneNote_8wekyb3d8bbwe",
   "packageIdentityName": "Microsoft.Office.OneNote",
diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md
index 3a48ac399e..1ab4588011 100644
--- a/windows/client-management/mdm/assignedaccess-csp.md
+++ b/windows/client-management/mdm/assignedaccess-csp.md
@@ -29,10 +29,17 @@ For a step-by-step guide for setting up devices to run in kiosk mode, see [Set u
 > [!Note]
 > The AssignedAccess CSP is supported in Windows 10 Enterprise and Windows 10 Education. Starting from Windows 10, version 1709 it is also supported in Windows 10 Pro and Windows 10 S. Starting in Windows 10, version 1803, it is also supported in Windows Holographic for Business edition.
 
-The following diagram shows the AssignedAccess configuration service provider in tree format
-
-![assignedaccess csp diagram](images/provisioning-csp-assignedaccess.png)
+The following shows the AssignedAccess configuration service provider in tree format
 
+```
+./Vendor/MSFT
+AssignedAccess
+----KioskModeApp
+----Configuration (Added in Windows 10, version 1709) 
+----Status (Added in Windows 10, version 1803)
+----ShellLauncher (Added in Windows 10, version 1803)
+----StatusConfiguration (Added in Windows 10, version 1803)
+```
 <a href="" id="--vendor-msft-assignedaccess"></a>**./Device/Vendor/MSFT/AssignedAccess**
 Root node for the CSP.
 
@@ -53,7 +60,7 @@ Starting in Windows 10, version 1607, you can use a provisioned app to configur
 
 Here's an example:
 
-``` syntax
+```json
 {"Account":"contoso\\kioskuser","AUMID":"Microsoft.Windows.Contoso_cw5n1h2txyewy!Microsoft.ContosoApp.ContosoApp"}
 ```
 
@@ -97,7 +104,8 @@ In Windows 10, version 1803, Assigned Access runtime status only supports monito
 | KioskModeAppNotFound | This occurs when the kiosk app is not deployed to the machine. |
 | KioskModeAppActivationFailure | This happens when the assigned access controller detects the process terminated unexpectedly after exceeding the max retry. |
 
-Note that status codes available in the Status payload correspond to a specific KioskModeAppRuntimeStatus.
+> [!NOTE]
+> Status codes available in the Status payload correspond to a specific KioskModeAppRuntimeStatus.
 
 |Status code  | KioskModeAppRuntimeStatus |
 |---------|---------|
@@ -116,7 +124,8 @@ In Windows 10, version 1809, Assigned Access runtime status supports monitoring
 |ActivationFailed|The AssignedAccess account (kiosk or multi-app) failed to sign in.|
 |AppNoResponse|The kiosk app launched successfully but is now unresponsive.|
 
-Note that status codes available in the Status payload correspond to a specific AssignedAccessRuntimeStatus.
+> [!NOTE]
+> Status codes available in the Status payload correspond to a specific AssignedAccessRuntimeStatus.
 
 |Status code|AssignedAccessRuntimeStatus|
 |---|---|
@@ -573,7 +582,7 @@ Escape and CDATA are mechanisms when handling xml in xml. Consider it’s a tran
 
 This example shows escaped XML of the Data node.
 
-```
+```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>
     <SyncBody>
         <Add>
@@ -642,8 +651,10 @@ This example shows escaped XML of the Data node.
     </SyncBody>
 </SyncML>
 ```
+
 This example shows escaped XML of the Data node.
-```
+
+```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>
     <SyncBody>
         <Replace>
@@ -714,7 +725,8 @@ This example shows escaped XML of the Data node.
 ```
 
 This example uses CData for the XML.
-```
+
+```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>
     <SyncBody>
         <Add>
@@ -785,7 +797,8 @@ This example uses CData for the XML.
 ```
 
 Example of Get command that returns the configuration in the device.
-```
+
+```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>
    <SyncBody>
        <Get>
@@ -802,7 +815,8 @@ Example of Get command that returns the configuration in the device.
 ```
 
 Example of the Delete command.
-```
+
+```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>
    <SyncBody>
        <Delete>
@@ -1122,6 +1136,7 @@ Shell Launcher V2 uses a separate XSD and namespace for backward compatibility.
     </xs:element>
 </xs:schema>
 ```
+
 ### Shell Launcher V2 XSD
 
 ```xml
@@ -1151,7 +1166,8 @@ Shell Launcher V2 uses a separate XSD and namespace for backward compatibility.
 ## ShellLauncherConfiguration examples
 
 ShellLauncherConfiguration Add
-```
+
+```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>
   <SyncBody>
     <Add>
@@ -1220,7 +1236,8 @@ ShellLauncherConfiguration Add
 ```
 
 ShellLauncherConfiguration Add AutoLogon
-```
+
+```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>
   <SyncBody>
     <Add>
@@ -1268,7 +1285,8 @@ ShellLauncherConfiguration Add AutoLogon
 ```
 
 ShellLauncher V2 Add
-```
+
+```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>
   <SyncBody>
     <Add>
@@ -1323,7 +1341,8 @@ xmlns:V2="http://schemas.microsoft.com/ShellLauncher/2019/Configuration">
 ```
 
 ShellLauncherConfiguration Get
-```
+
+```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>
   <SyncBody>
     <Get>
diff --git a/windows/client-management/mdm/bitlocker-csp.md b/windows/client-management/mdm/bitlocker-csp.md
index 03a48da95f..3db06e4963 100644
--- a/windows/client-management/mdm/bitlocker-csp.md
+++ b/windows/client-management/mdm/bitlocker-csp.md
@@ -16,7 +16,8 @@ manager: dansimp
 The BitLocker configuration service provider (CSP) is used by the enterprise to manage encryption of PCs and devices. This CSP was added in Windows 10, version 1703. Starting in Windows 10, version 1809, it is also supported in Windows 10 Pro.
 
 > [!NOTE]
-> Settings are enforced only at the time encryption is started. Encryption is not restarted with settings changes.  
+> Settings are enforced only at the time encryption is started. Encryption is not restarted with settings changes.
+> 
 > You must send all the settings together in a single SyncML to be effective.
 
 A Get operation on any of the settings, except for RequireDeviceEncryption and RequireStorageCardEncryption, returns
@@ -24,11 +25,29 @@ the setting configured by the admin.
 
 For RequireDeviceEncryption and RequireStorageCardEncryption, the Get operation returns the actual status of enforcement to the admin, such as if Trusted Platform Module (TPM) protection is required and if encryption is required. And if the device has BitLocker enabled but with password protector, the status reported is 0. A Get operation on RequireDeviceEncryption does not verify that the a minimum PIN length is enforced (SystemDrivesMinimumPINLength).
 
-The following diagram shows the BitLocker configuration service provider in tree format.
-
-![BitLocker csp](images/provisioning-csp-bitlocker.png)
-
-
+The following shows the BitLocker configuration service provider in tree format.
+```
+./Device/Vendor/MSFT
+BitLocker
+----RequireStorageCardEncryption
+----RequireDeviceEncryption
+----EncryptionMethodByDriveType
+----SystemDrivesRequireStartupAuthentication
+----SystemDrivesMinimumPINLength
+----SystemDrivesRecoveryMessage
+----SystemDrivesRecoveryOptions
+----FixedDrivesRecoveryOptions
+----FixedDrivesRequireEncryption
+----RemovableDrivesRequireEncryption
+----AllowWarningForOtherDiskEncryption
+----AllowStandardUserEncryption
+----ConfigureRecoveryPasswordRotation
+----RotateRecoveryPasswords
+----Status
+--------DeviceEncryptionStatus
+--------RotateRecoveryPasswordsStatus
+--------RotateRecoveryPasswordsRequestID
+```
 <a href="" id="--device-vendor-msft-bitlocker"></a>**./Device/Vendor/MSFT/BitLocker**  
 Defines the root node for the BitLocker configuration service provider.
 <!--Policy-->
@@ -225,18 +244,18 @@ EncryptionMethodWithXtsRdvDropDown_Name = Select the encryption method for remov
   If you want to disable this policy use the following SyncML: 
 
 ```xml
-                          <Replace>
-                         <CmdID>$CmdID$</CmdID>
-                           <Item>
-                             <Target>
-                                 <LocURI>./Device/Vendor/MSFT/BitLocker/EncryptionMethodByDriveType</LocURI>
-                             </Target>
-                             <Meta>
-                                 <Format xmlns="syncml:metinf">chr</Format>
-                             </Meta>
-                             <Data><disabled/></Data>
-                           </Item>
-                         </Replace>
+<Replace>
+  <CmdID>$CmdID$</CmdID>
+    <Item>
+      <Target>
+          <LocURI>./Device/Vendor/MSFT/BitLocker/EncryptionMethodByDriveType</LocURI>
+      </Target>
+      <Meta>
+          <Format xmlns="syncml:metinf">chr</Format>
+      </Meta>
+      <Data><disabled/></Data>
+    </Item>
+</Replace>
 ```
 
 Data type is string. Supported operations are Add, Get, Replace, and Delete.
diff --git a/windows/client-management/mdm/certificatestore-csp.md b/windows/client-management/mdm/certificatestore-csp.md
index f709de39d0..b75d0c3393 100644
--- a/windows/client-management/mdm/certificatestore-csp.md
+++ b/windows/client-management/mdm/certificatestore-csp.md
@@ -25,16 +25,94 @@ The CertificateStore configuration service provider is used to add secure socket
 
 For the CertificateStore CSP, you cannot use the Replace command unless the node already exists.
 
-The following diagram shows the CertificateStore configuration service provider management object in tree format as used by both Open Mobile Alliance Device Management (OMA DM) and OMA Client Provisioning.
-
-![provisioning\-csp\-certificatestore](images/provisioning-csp-certificatestore.png)
+The following shows the CertificateStore configuration service provider management object in tree format as used by both Open Mobile Alliance Device Management (OMA DM) and OMA Client Provisioning.
 
+```
+./Vendor/MSFT
+CertificateStore
+----ROOT
+--------*
+------------EncodedCertificate
+------------IssuedBy
+------------IssuedTo
+------------ValidFrom
+------------ValidTo
+------------TemplateName
+--------System
+------------*
+----------------EncodedCertificate
+----------------IssuedBy
+----------------IssuedTo
+----------------ValidFrom
+----------------ValidTo
+----------------TemplateName
+----MY
+--------User
+------------*
+----------------EncodedCertificate
+----------------IssuedBy
+----------------IssuedTo
+----------------ValidFrom
+----------------ValidTo
+----------------TemplateName
+--------SCEP
+------------*
+----------------Install
+--------------------ServerURL
+--------------------Challenge
+--------------------EKUMapping
+--------------------KeyUsage
+--------------------SubjectName
+--------------------KeyProtection
+--------------------RetryDelay
+--------------------RetryCount
+--------------------TemplateName
+--------------------KeyLength
+--------------------HashAlgrithm
+--------------------CAThumbPrint
+--------------------SubjectAlternativeNames
+--------------------ValidPeriod
+--------------------ValidPeriodUnit
+--------------------Enroll
+----------------CertThumbPrint
+----------------Status
+----------------ErrorCode
+--------WSTEP
+------------CertThumprint
+------------Renew
+----------------RenewPeriod
+----------------ServerURL
+----------------RetryInterval
+----------------ROBOSupport
+----------------Status
+----------------ErrorCode
+----------------LastRenewalAttemptTime (Added in Windows 10, version 1607)
+----------------RenewNow (Added in Windows 10, version 1607)
+----------------RetryAfterExpiryInterval (Added in Windows 10, version 1703)
+----CA
+--------*
+------------EncodedCertificate
+------------IssuedBy
+------------IssuedTo
+------------ValidFrom
+------------ValidTo
+------------TemplateName
+--------System
+------------*
+----------------EncodedCertificate
+----------------IssuedBy
+----------------IssuedTo
+----------------ValidFrom
+----------------ValidTo
+----------------TemplateName
+```
 <a href="" id="root-system"></a>**Root/System**  
 Defines the certificate store that contains root, or self-signed, certificates.
 
 Supported operation is Get.
 
-> **Note**  Root/System is case sensitive. Please use the RootCATrustedCertificates CSP moving forward for installing root certificates.
+> [!NOTE]
+> Root/System is case sensitive. Please use the RootCATrustedCertificates CSP moving forward for installing root certificates.
 
  
 
@@ -43,7 +121,8 @@ Defines the certificate store that contains cryptographic information, including
 
 Supported operation is Get.
 
-> **Note**  CA/System is case sensitive. Please use the RootCATrustedCertificates CSP moving forward for installing CA certificates.
+> [!NOTE]
+> CA/System is case sensitive. Please use the RootCATrustedCertificates CSP moving forward for installing CA certificates.
 
  
 
@@ -52,7 +131,8 @@ Defines the certificate store that contains public keys for client certificates.
 
 Supported operation is Get.
 
-> **Note**  My/User is case sensitive.
+> [!NOTE]
+> My/User is case sensitive.
 
  
 
@@ -61,7 +141,8 @@ Defines the certificate store that contains public key for client certificate. T
 
 Supported operation is Get.
 
-> **Note**  My/System is case sensitive.
+> [!NOTE]
+> My/System is case sensitive.
 
  
 
@@ -105,7 +186,8 @@ Required for Simple Certificate Enrollment Protocol (SCEP) certificate enrollmen
 
 Supported operation is Get.
 
-> **Note**  Please use the ClientCertificateInstall CSP to install SCEP certificates moving forward. All enhancements to SCEP will happen in that CSP.
+> [!NOTE]
+> Please use the ClientCertificateInstall CSP to install SCEP certificates moving forward. All enhancements to SCEP will happen in that CSP.
 
  
 
@@ -119,7 +201,8 @@ Required for SCEP certificate enrollment. Parent node to group SCEP certificate
 
 Supported operations are Add, Replace, and Delete.
 
-> **Note**   Though the children nodes under Install support Replace commands, after the Exec command is sent to the device, the device takes the values that are set when the Exec command is accepted. You should not expect the node value change that occurs after the Exec command is accepted to impact the current undergoing enrollment. You should check the Status node value and make sure that the device is not at an unknown stage before changing the children node values.
+> [!NOTE]
+> Though the children nodes under Install support Replace commands, after the Exec command is sent to the device, the device takes the values that are set when the Exec command is accepted. You should not expect the node value change that occurs after the Exec command is accepted to impact the current undergoing enrollment. You should check the Status node value and make sure that the device is not at an unknown stage before changing the children node values.
 
  
 
@@ -219,7 +302,8 @@ Valid values are one of the following:
 -   Months
 -   Years
 
-> **Note**   The device only sends the MDM server expected certificate validation period (ValidPeriodUnits + ValidPeriod) of the SCEP server as part of certificate enrollment request. How this valid period is used to create the certificate depends on the MDM server.
+> [!NOTE]
+> The device only sends the MDM server expected certificate validation period (ValidPeriodUnits + ValidPeriod) of the SCEP server as part of certificate enrollment request. How this valid period is used to create the certificate depends on the MDM server.
 
  
 
@@ -228,7 +312,8 @@ Optional. Specifies desired number of units used in validity period and subject
 
 Supported operations are Get, Add, Delete, and Replace.
 
-> **Note**   The device only sends the MDM server expected certificate validation period (ValidPeriodUnits + ValidPeriod) of the SCEP server as part of certificate enrollment request. How this valid period is used to create the certificate depends on the MDM server.
+> [!NOTE]
+> The device only sends the MDM server expected certificate validation period (ValidPeriodUnits + ValidPeriod) of the SCEP server as part of certificate enrollment request. How this valid period is used to create the certificate depends on the MDM server.
 
  
 
@@ -285,7 +370,8 @@ Supported operation is Get.
 <a href="" id="my-wstep-renew-serverurl"></a>**My/WSTEP/Renew/ServerURL**  
 Optional. Specifies the URL of certificate renewal server. If this node does not exist, the client uses the initial certificate enrollment URL.
 
-> **Note**  The renewal process follows the same steps as device enrollment, which means that it starts with Discovery service, followed by Enrollment policy service, and then Enrollment web service.
+> [!NOTE]
+> The renewal process follows the same steps as device enrollment, which means that it starts with Discovery service, followed by Enrollment policy service, and then Enrollment web service.
 
  
 
@@ -298,7 +384,8 @@ The default value is 42 and the valid values are 1 – 1000. Value type is an in
 
 Supported operations are Add, Get, Delete, and Replace.
 
-> **Note**   When you set the renewal schedule over SyncML DM commands to ROBOSupport, RenewalPeriod, and RetryInterval, you must wrap them in Atomic commands.
+> [!NOTE]
+> When you set the renewal schedule over SyncML DM commands to ROBOSupport, RenewalPeriod, and RetryInterval, you must wrap them in Atomic commands.
 
  
 
@@ -313,7 +400,8 @@ The default value is 7 and the valid values are 1 – 1000 AND =< RenewalPeriod,
 
 Supported operations are Add, Get, Delete, and Replace.
 
-> **Note**   When you set the renewal schedule over SyncML DM commands to ROBOSupport, RenewalPeriod, and RetryInterval, you must wrap them in Atomic commands.
+> [!NOTE]
+> When you set the renewal schedule over SyncML DM commands to ROBOSupport, RenewalPeriod, and RetryInterval, you must wrap them in Atomic commands.
 
  
 
@@ -324,7 +412,8 @@ ROBO is the only supported renewal method for Windows 10. This value is ignored
 
 Supported operations are Add, Get, Delete, and Replace.
 
-> **Note**   When you set the renewal schedule over SyncML DM commands to ROBOSupport, RenewalPeriod, and RetryInterval, you must wrap them in Atomic commands.
+> [!NOTE]
+> When you set the renewal schedule over SyncML DM commands to ROBOSupport, RenewalPeriod, and RetryInterval, you must wrap them in Atomic commands.
 
  
 
diff --git a/windows/client-management/mdm/cleanpc-csp.md b/windows/client-management/mdm/cleanpc-csp.md
index c70da05dae..a4433c6dcf 100644
--- a/windows/client-management/mdm/cleanpc-csp.md
+++ b/windows/client-management/mdm/cleanpc-csp.md
@@ -15,10 +15,13 @@ manager: dansimp
 
 The CleanPC configuration service provider (CSP) allows removal of user-installed and pre-installed applications, with the option to persist user data. This CSP was added in Windows 10, version 1703.
 
-The following diagram shows the CleanPC configuration service provider in tree format.
-
-![CleanPC csp diagram](images/provisioning-csp-cleanpc.png)
-
+The following shows the CleanPC configuration service provider in tree format.
+```
+./Device/Vendor/MSFT
+CleanPC
+----CleanPCWithoutRetainingUserData
+----CleanPCRetainingUserData
+```
 <a href="" id="--device-vendor-msft-cleanpc"></a>**./Device/Vendor/MSFT/CleanPC**  
 <p style="margin-left: 20px">The root node for the CleanPC configuration service provider.</p>
 
diff --git a/windows/client-management/mdm/clientcertificateinstall-csp.md b/windows/client-management/mdm/clientcertificateinstall-csp.md
index 0337dad577..7f3e3f9aea 100644
--- a/windows/client-management/mdm/clientcertificateinstall-csp.md
+++ b/windows/client-management/mdm/clientcertificateinstall-csp.md
@@ -23,10 +23,48 @@ For PFX certificate installation and SCEP installation, the SyncML commands must
 
 You can only set PFXKeyExportable to true if KeyLocation=3. For any other KeyLocation value, the CSP will fail.
 
-The following image shows the ClientCertificateInstall configuration service provider in tree format.
-
-![clientcertificateinstall csp](images/provisioning-csp-clientcertificateinstall.png)
-
+The following shows the ClientCertificateInstall configuration service provider in tree format.
+```
+./Vendor/MSFT
+ClientCertificateInstall
+----PFXCertInstall
+--------UniqueID
+------------KeyLocation
+------------ContainerName
+------------PFXCertBlob
+------------PFXCertPassword
+------------PFXCertPasswordEncryptionType
+------------PFXKeyExportable
+------------Thumbprint
+------------Status
+------------PFXCertPasswordEncryptionStore (Added in Windows 10, version 1511)
+----SCEP
+--------UniqueID
+------------Install
+----------------ServerURL
+----------------Challenge
+----------------EKUMapping
+----------------KeyUsage
+----------------SubjectName
+----------------KeyProtection
+----------------RetryDelay
+----------------RetryCount
+----------------TemplateName
+----------------KeyLength
+----------------HashAlgorithm
+----------------CAThumbprint
+----------------SubjectAlternativeNames
+----------------ValidPeriod
+----------------ValidPeriodUnits
+----------------ContainerName
+----------------CustomTextToShowInPrompt
+----------------Enroll
+----------------AADKeyIdentifierList (Added in Windows 10, version 1703)
+------------CertThumbprint
+------------Status
+------------ErrorCode
+------------RespondentServerUrl
+```
 <a href="" id="device-or-user"></a>**Device or User**  
 For device certificates, use <strong>./Device/Vendor/MSFT</strong> path and for user certificates use <strong>./User/Vendor/MSFT</strong> path.
 
@@ -287,7 +325,8 @@ Valid values are:
 -   Months
 -   Years
 
-> **Note**  The device only sends the MDM server expected certificate validation period (ValidPeriodUnits + ValidPeriod) to the SCEP server as part of certificate enrollment request. Depending on the server configuration, the server defines how to use this valid period to create the certificate.
+> [!NOTE]
+> The device only sends the MDM server expected certificate validation period (ValidPeriodUnits + ValidPeriod) to the SCEP server as part of certificate enrollment request. Depending on the server configuration, the server defines how to use this valid period to create the certificate.
 
 Supported operations are Add, Get, Delete, and Replace.
 
diff --git a/windows/client-management/mdm/cm-proxyentries-csp.md b/windows/client-management/mdm/cm-proxyentries-csp.md
index 816b5c188b..5680e25242 100644
--- a/windows/client-management/mdm/cm-proxyentries-csp.md
+++ b/windows/client-management/mdm/cm-proxyentries-csp.md
@@ -17,18 +17,49 @@ ms.date: 06/26/2017
 
 The CM\_ProxyEntries configuration service provider is used to configure proxy connections on the mobile device.
 
-> **Note**  CM\_ProxyEntries CSP is only supported in Windows 10 Mobile.
-> 
-> 
-> 
-> **Note**   This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_NETWORKING\_ADMIN capabilities to be accessed from a network configuration application.
+> [!NOTE]
+> CM\_ProxyEntries CSP is only supported in Windows 10 Mobile.
+
+> [!IMPORTANT]
+> This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_NETWORKING\_ADMIN capabilities to be accessed from a network configuration application.
 
  
 
-The following diagram shows the CM\_ProxyEntries configuration service provider management object in tree format as used by Open Mobile Alliance Client Provisioning (OMA CP) and OMA Device Management(OMA DM). Support for OMA DM was added in Windows 10, version 1607.
+The following shows the CM\_ProxyEntries configuration service provider management object in tree format as used by Open Mobile Alliance Client Provisioning (OMA CP) and OMA Device Management(OMA DM). Support for OMA DM was added in Windows 10, version 1607.
 
-![cm\-proxyentries csp (cp)](images/provisioning-csp-cm-proxyentries-cp.png)
+```
+./Vendor/MSFT
+CM_ProxyEntries
+----Entry
+--------ConnectionName
+--------BypassLocal
+--------Enable
+--------Exception
+--------Password
+--------Port
+--------Server
+--------Type
+--------Username
 
+
+./Device/Vendor/MSFT
+Root
+
+
+./Vendor/MSFT
+./Device/Vendor/MSFT
+CM_ProxyEntries
+----Entry
+--------ConnectionName
+--------BypassLocal
+--------Enable
+--------Exception
+--------Password
+--------Port
+--------Server
+--------Type
+--------Username
+```
 <a href="" id="entryname"></a>**entryname**  
 Defines the name of the connection proxy.
 
diff --git a/windows/client-management/mdm/cmpolicy-csp.md b/windows/client-management/mdm/cmpolicy-csp.md
index 67872d03da..1cac56d2f6 100644
--- a/windows/client-management/mdm/cmpolicy-csp.md
+++ b/windows/client-management/mdm/cmpolicy-csp.md
@@ -17,10 +17,9 @@ ms.date: 06/26/2017
 
 The CMPolicy configuration service provider defines rules that the Connection Manager uses to identify the correct connection for a connection request.
 
-> **Note**  
-This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_NETWORKING\_ADMIN capabilities to be accessed from a network configuration application.
+> [!NOTE]
+> This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_NETWORKING\_ADMIN capabilities to be accessed from a network configuration application.
 
- 
 
 Each policy entry identifies one or more applications in combination with a host pattern. The policy entry is assigned a list of connection details that Connection Manager uses to satisfy connection requests matching the application and host patterns. CMPolicy configuration service provider can have multiple policies
 
@@ -28,10 +27,21 @@ Each policy entry identifies one or more applications in combination with a host
 
 **Default Policies**: Policies are applied in order of their scope with the most specific policies considered before the more general policies. The phone’s default behavior applies to all applications and all domains and is only used when no other, more specific policy is available. The default policy is to use any available Wi-Fi network first and then any available APN.
 
-The following diagram shows the CMPolicy configuration service provider management object in tree format as used by both Open Mobile Alliance (OMA) Client Provisioning and OMA Device Management.
-
-![cmpolicy csp (dm,cp)](images/provisioning-csp-cmpolicy.png)
+The following shows the CMPolicy configuration service provider management object in tree format as used by both Open Mobile Alliance (OMA) Client Provisioning and OMA Device Management.
 
+```
+./Vendor/MSFT
+CMPolicy
+----PolicyName
+--------SID
+--------ClientType
+--------Host
+--------OrderedConnections
+--------Connections
+------------ConnXXX
+----------------ConnectionID
+----------------Type
+```
 <a href="" id="policyname"></a>***policyName***  
 Defines the name of the policy.
 
@@ -64,7 +74,7 @@ Specifies whether the list of connections is in preference order.
 A value of "0" specifies that the connections are not listed in order of preference. A value of "1" indicates that the listed connections are in order of preference.
 
 <a href="" id="connxxx"></a>**Conn**<strong>*XXX*</strong>  
-Enumerates the connections associated with the policy. Element names begin with "Conn" followed by three digits which increment starting from "000". For example, a policy which applied to five connections would have element entries named "Conn000", "Conn001", "Conn002", "Conn003", and "Conn004".
+Enumerates the connections associated with the policy. Element names begin with "Conn" followed by three digits, which increment starting from "000". For example, a policy, which applied to five connections would have element entries named "Conn000", "Conn001", "Conn002", "Conn003", and "Conn004".
 
 <a href="" id="connectionid"></a>**ConnectionID**  
 Specifies a unique identifier for a connection within a group of connections. The exact value is based on the Type parameter.
@@ -173,11 +183,11 @@ For `CMST_CONNECTION_NETWORK_TYPE`, specify the GUID for the desired network typ
 <td><p>{7CFA04A5-0F3F-445C-88A4-C86ED2AD94EA}</p></td>
 </tr>
 <tr class="even">
-<td><p>Ethernet 10Mbps</p></td>
+<td><p>Ethernet 10 Mbps</p></td>
 <td><p>{97D3D1B3-854A-4C32-BD1C-C13069078370}</p></td>
 </tr>
 <tr class="odd">
-<td><p>Ethernet 100Mbps</p></td>
+<td><p>Ethernet 100 Mbps</p></td>
 <td><p>{A8F4FE66-8D04-43F5-9DD2-2A85BD21029B}</p></td>
 </tr>
 <tr class="even">
@@ -486,14 +496,14 @@ Adding a host-based mapping policy:
 <td><p>Yes</p></td>
 </tr>
 <tr class="even">
-<td><p>nocharacteristic</p></td>
+<td><p>uncharacteristic</p></td>
 <td><p>Yes</p></td>
 </tr>
 <tr class="odd">
 <td><p>characteristic-query</p></td>
 <td><p>Yes</p>
 <p>Recursive query: Yes</p>
-<p>Top level query: Yes</p></td>
+<p>Top-level query: Yes</p></td>
 </tr>
 </tbody>
 </table>
diff --git a/windows/client-management/mdm/cmpolicyenterprise-csp.md b/windows/client-management/mdm/cmpolicyenterprise-csp.md
index df773dcb43..3a5cc913a6 100644
--- a/windows/client-management/mdm/cmpolicyenterprise-csp.md
+++ b/windows/client-management/mdm/cmpolicyenterprise-csp.md
@@ -17,8 +17,8 @@ ms.date: 06/26/2017
 
 The CMPolicyEnterprise configuration service provider is used by the enterprise to define rules that the Connection Manager uses to identify the correct connection for a connection request.
 
-> **Note**  
-This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_NETWORKING\_ADMIN capabilities to be accessed from a network configuration application.
+> [!NOTE]
+> This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_NETWORKING\_ADMIN capabilities to be accessed from a network configuration application.
 
  
 
@@ -28,10 +28,20 @@ Each policy entry identifies one or more applications in combination with a host
 
 **Default Policies**: Policies are applied in order of their scope with the most specific policies considered before the more general policies. The phone’s default behavior applies to all applications and all domains and is only used when no other, more specific policy is available. The default policy is to use any available Wi-Fi network first and then any available APN.
 
-The following diagram shows the CMPolicyEnterprise configuration service provider management object in tree format as used by both Open Mobile Alliance (OMA) Client Provisioning and OMA Device Management.
-
-![cmpolicy csp (dm,cp)](images/provisioning-csp-cmpolicyenterprise.png)
-
+The following shows the CMPolicyEnterprise configuration service provider management object in tree format as used by both Open Mobile Alliance (OMA) Client Provisioning and OMA Device Management.
+```
+./Vendor/MSFT
+CMPolicy
+----PolicyName
+--------SID
+--------ClientType
+--------Host
+--------OrderedConnections
+--------Connections
+------------ConnXXX
+----------------ConnectionID
+----------------Type
+```
 <a href="" id="policyname"></a>***policyName***  
 Defines the name of the policy.
 
diff --git a/windows/client-management/mdm/customdeviceui-csp.md b/windows/client-management/mdm/customdeviceui-csp.md
index 17b165ed51..2645a75e3f 100644
--- a/windows/client-management/mdm/customdeviceui-csp.md
+++ b/windows/client-management/mdm/customdeviceui-csp.md
@@ -15,11 +15,18 @@ ms.date: 06/26/2017
 # CustomDeviceUI CSP
 
 The CustomDeviceUI configuration service provider allows OEMs to implement their custom foreground application, as well as the background tasks to run on an IoT device running IoT Core. Only one foreground application is supported per device. Multiple background tasks are supported.
-The following diagram shows the CustomDeviceUI configuration service provider in tree format as used by both the Open Mobile Alliance (OMA) Device Management (DM) and OMA Client Provisioning.
+The following shows the CustomDeviceUI configuration service provider in tree format as used by both the Open Mobile Alliance (OMA) Device Management (DM) and OMA Client Provisioning.
 
-> **Note**  This configuration service provider only applies to Windows 10 IoT Core (IoT Core).
+> [!NOTE]
+> This configuration service provider only applies to Windows 10 IoT Core (IoT Core).
 
-![customdeviceui csp](images/provisioning-csp-customdeviceui.png)
+```
+./Vendor/MSFT
+CustomDeviceUI
+----StartupAppID
+----BackgroundTasksToLaunch
+--------BackgroundTaskPackageName
+```
 
 <a href="" id="./Vendor/MSFT/CustomDeviceUI"></a>**./Vendor/MSFT/CustomDeviceUI**  
 The root node for the CustomDeviceUI configuration service provider. The supported operation is Get.
diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md
index 040bf33710..8a3242f3d3 100644
--- a/windows/client-management/mdm/defender-csp.md
+++ b/windows/client-management/mdm/defender-csp.md
@@ -20,10 +20,49 @@ ms.date: 08/11/2020
 
 The Windows Defender configuration service provider is used to configure various Windows Defender actions across the enterprise.
 
-The following image shows the Windows Defender configuration service provider in tree format.
-
-![defender csp diagram](images/provisioning-csp-defender.png)
-
+The following shows the Windows Defender configuration service provider in tree format.
+```
+./Vendor/MSFT
+Defender
+----Detections
+--------ThreatId
+------------Name
+------------URL
+------------Severity
+------------Category
+------------CurrentStatus
+------------ExecutionStatus
+------------InitialDetectionTime
+------------LastThreatStatusChangeTime
+------------NumberOfDetections
+----Health
+--------ProductStatus (Added in Windows 10 version 1809)
+--------ComputerState
+--------DefenderEnabled
+--------RtpEnabled
+--------NisEnabled
+--------QuickScanOverdue
+--------FullScanOverdue
+--------SignatureOutOfDate
+--------RebootRequired
+--------FullScanRequired
+--------EngineVersion
+--------SignatureVersion
+--------DefenderVersion
+--------QuickScanTime
+--------FullScanTime
+--------QuickScanSigVersion
+--------FullScanSigVersion
+--------TamperProtectionEnabled (Added in Windows 10, version 1903)
+--------IsVirtualMachine (Added in Windows 10, version 1903)
+----Configuration (Added in Windows 10, version 1903)
+--------TamperProetection (Added in Windows 10, version 1903)
+--------EnableFileHashcomputation (Added in Windows 10, version 1903)
+--------SupportLogLocation (Added in the next major release of Windows 10)
+----Scan
+----UpdateSignature
+----OfflineScan (Added in Windows 10 version 1803)
+```
 <a href="" id="detections"></a>**Detections**  
 An interior node to group all threats detected by Windows Defender.
 
diff --git a/windows/client-management/mdm/devdetail-csp.md b/windows/client-management/mdm/devdetail-csp.md
index 11ab51bf9e..5337bb0cfd 100644
--- a/windows/client-management/mdm/devdetail-csp.md
+++ b/windows/client-management/mdm/devdetail-csp.md
@@ -21,10 +21,43 @@ The DevDetail configuration service provider handles the management object which
 
 For the DevDetail CSP, you cannot use the Replace command unless the node already exists.
 
-The following diagram shows the DevDetail configuration service provider management object in tree format as used by OMA Device Management. The OMA Client Provisioning protocol is not supported for this configuration service provider.
-
-![devdetail csp (dm)](images/provisioning-csp-devdetail-dm.png)
-
+The following shows the DevDetail configuration service provider management object in tree format as used by OMA Device Management. The OMA Client Provisioning protocol is not supported for this configuration service provider.
+```
+.
+DevDetail
+----URI
+--------MaxDepth
+--------MaxTotLen
+--------MaxSegLen
+----DevTyp
+----OEM
+----FwV
+----SwV
+----HwV
+----LrgObj
+----Ext
+--------Microsoft
+------------MobileID
+------------RadioSwV
+------------Resolution
+------------CommercializationOperator
+------------ProcessorArchitecture
+------------ProcessorType
+------------OSPlatform
+------------LocalTime
+------------DeviceName
+------------DNSComputerName (Added in Windows 10, version 2004)
+------------TotalStorage
+------------TotalRAM
+------------SMBIOSSerialNumber (Added in Windows 10, version 1809)
+--------WLANMACAddress
+--------VoLTEServiceSetting
+--------WlanIPv4Address
+--------WlanIPv6Address
+--------WlanDnsSuffix
+--------WlanSubnetMask
+--------DeviceHardwareData (Added in Windows 10, version 1703)
+```
 <a href="" id="devtyp"></a>**DevTyp**  
 Required. Returns the device model name /SystemProductName as a string.
 
@@ -143,8 +176,10 @@ The following are the available naming macros:
 
 Value type is string. Supported operations are Get and Replace.
 
-> [!Note]  
-> On desktop PCs, this setting specifies the DNS hostname of the computer (Computer Name) up to 63 characters. Use `%RAND:x%` to generate x number of random digits in the name, where x must be a number less than 63. For domain joined computers, the unique name must use `%RAND:x%`. Use `%SERIAL%` to generate the name with the `computer&quot;s` serial number embedded. If the serial number exceeds the character limit, it will be truncated from the beginning of the sequence. The character restriction limit does not count the length of the macros, `%RAND:x%` and `%SERIAL%`. This setting is supported only in Windows 10, version 1803 and later. To change this setting in Windows 10, version 1709 and earlier releases, use the **ComputerName** setting under **Accounts** > **ComputerAccount**.
+> [!NOTE]  
+> We recommend using `%SERIAL%` or `%RAND:x%` with a high character limit to reduce the chance of name collision when generating a random name. This feature doesn't check if a particular name is already present in the environment.
+
+On desktop PCs, this setting specifies the DNS hostname of the computer (Computer Name) up to 63 characters. Use `%RAND:x%` to generate x number of random digits in the name, where x must be a number less than 63. For domain-joined computers, the unique name must use `%RAND:x%`. Use `%SERIAL%` to generate the name with the `computer's` serial number embedded. If the serial number exceeds the character limit, it will be truncated from the beginning of the sequence. The character restriction limit does not count the length of the macros, `%RAND:x%` and `%SERIAL%`. This setting is supported only in Windows 10, version 1803 and later. To change this setting in Windows 10, version 1709 and earlier releases, use the **ComputerName** setting under **Accounts** > **ComputerAccount**.
 
 <a href="" id="ext-microsoft-totalstorage"></a>**Ext/Microsoft/TotalStorage**  
 Added in Windows 10, version 1511. Integer that specifies the total available storage in MB from first internal drive on the device (may be less than total physical storage).
@@ -215,6 +250,3 @@ Supported operation is Get.
 
 
 
-
-
-
diff --git a/windows/client-management/mdm/developersetup-csp.md b/windows/client-management/mdm/developersetup-csp.md
index 40e1d4d82e..382d2d379a 100644
--- a/windows/client-management/mdm/developersetup-csp.md
+++ b/windows/client-management/mdm/developersetup-csp.md
@@ -19,10 +19,21 @@ The DeveloperSetup configuration service provider (CSP) is used to configure Dev
 > [!NOTE]
 > The DeveloperSetup configuration service provider (CSP) is only supported in Windows 10 Holographic Enterprise edition and with runtime provisioning via provisioning packages. It is not supported in MDM.
 
-The following diagram shows the DeveloperSetup configuration service provider in tree format.
-
-![developersetup csp diagram](images/provisioning-csp-developersetup.png)
-
+The following shows the DeveloperSetup configuration service provider in tree format.
+```
+./Device/Vendor/MSFT
+DeveloperSetup
+----EnableDeveloperMode
+----DevicePortal
+--------Authentication
+------------Mode
+------------BasicAuth
+----------------Username
+----------------Password
+--------Connection
+------------HttpPort
+------------HttpsPort
+```
 <a href="" id="developersetup"></a>**DeveloperSetup**  
 <p style="margin-left: 20px">The root node for the DeveloperSetup configuration service provider.
 
diff --git a/windows/client-management/mdm/devicemanageability-csp.md b/windows/client-management/mdm/devicemanageability-csp.md
index 3bf0368ffd..99d2930eff 100644
--- a/windows/client-management/mdm/devicemanageability-csp.md
+++ b/windows/client-management/mdm/devicemanageability-csp.md
@@ -1,6 +1,6 @@
 ---
 title: DeviceManageability CSP
-description: The DeviceManageability configuration service provider (CSP) is used retrieve general information about MDM configuration capabilities on the device. 
+description: The DeviceManageability configuration service provider (CSP) is used to retrieve general information about MDM configuration capabilities on the device. 
 ms.assetid: FE563221-D5B5-4EFD-9B60-44FE4066B0D2
 ms.reviewer: 
 manager: dansimp
@@ -15,14 +15,21 @@ ms.date: 11/01/2017
 # DeviceManageability CSP
 
 
-The DeviceManageability configuration service provider (CSP) is used retrieve the general information about MDM configuration capabilities on the device. This CSP was added in Windows 10, version 1607.
+The DeviceManageability configuration service provider (CSP) is used to retrieve the general information about MDM configuration capabilities on the device. This CSP was added in Windows 10, version 1607.
 
-For performance reasons DeviceManageability CSP directly reads the CSP version from the registry. Specifically, the value csp\_version is used to determine each of the CSP versions. The csp\_version is a value under each of the CSP registration keys. To have consistency on the CSP version, the CSP GetProperty implementation for CFGMGR\_PROPERTY\_SEMANTICTYPE has to be updated to read from the registry as well, so that the both paths return the same information. 
-
-The following diagram shows the DeviceManageability configuration service provider in a tree format.
-
-![devicemanageability csp diagram](images/provisioning-csp-devicemanageability.png)
+For performance reasons, DeviceManageability CSP directly reads the CSP version from the registry. Specifically, the value csp\_version is used to determine each of the CSP versions. The csp\_version is a value under each of the CSP registration keys. To have consistency on the CSP version, the CSP GetProperty implementation for CFGMGR\_PROPERTY\_SEMANTICTYPE has to be updated to read from the registry as well, so that the both paths return the same information. 
 
+The following shows the DeviceManageability configuration service provider in a tree format.
+```
+./Device/Vendor/MSFT
+DeviceManageability
+----Capabilities
+--------CSPVersions
+----Provider (Added in Windows 10, version 1709)
+--------ProviderID (Added in Windows 10, version 1709)
+------------ConfigInfo (Added in Windows 10, version 1709)
+------------EnrollmentInfo (Added in Windows 10, version 1709)
+```
 <a href="" id="--device-vendor-msft-devicemanageability"></a>**./Device/Vendor/MSFT/DeviceManageability**  
 Root node to group information about runtime MDM configuration capability on the target device.
 
diff --git a/windows/client-management/mdm/devicestatus-csp.md b/windows/client-management/mdm/devicestatus-csp.md
index 6ab35ba018..826af867cb 100644
--- a/windows/client-management/mdm/devicestatus-csp.md
+++ b/windows/client-management/mdm/devicestatus-csp.md
@@ -17,10 +17,52 @@ ms.date: 04/30/2019
 
 The DeviceStatus configuration service provider is used by the enterprise to keep track of device inventory and query the state of compliance of these devices with their enterprise policies.
 
-The following image shows the DeviceStatus configuration service provider in tree format.
-
-![devicestatus csp](images/provisioning-csp-devicestatus.png)
-
+The following shows the DeviceStatus configuration service provider in tree format.
+```
+./Vendor/MSFT
+DeviceStatus
+----SecureBootState
+----CellularIdentities
+--------IMEI
+------------IMSI
+------------ICCID
+------------PhoneNumber
+------------CommercializationOperator
+------------RoamingStatus
+------------RoamingCompliance
+----NetworkIdentifiers
+--------MacAddress
+------------IPAddressV4
+------------IPAddressV6
+------------IsConnected
+------------Type
+----Compliance
+--------EncryptionCompliance
+----TPM
+--------SpecificationVersion
+----OS
+--------Edition
+--------Mode
+----Antivirus
+--------SignatureStatus
+--------Status
+----Antispyware
+--------SignatureStatus
+--------Status
+----Firewall
+--------Status
+----UAC
+--------Status
+----Battery
+--------Status
+--------EstimatedChargeRemaining
+--------EstimatedRuntime
+----DomainName
+----DeviceGuard
+--------VirtualizationBasedSecurityHwReq
+--------VirtualizationBasedSecurityStatus
+--------LsaCfgCredGuardStatus
+```
 <a href="" id="devicestatus"></a>**DeviceStatus**  
 The root node for the DeviceStatus configuration service provider.
 
diff --git a/windows/client-management/mdm/devinfo-csp.md b/windows/client-management/mdm/devinfo-csp.md
index ba02947ada..e9c0979c67 100644
--- a/windows/client-management/mdm/devinfo-csp.md
+++ b/windows/client-management/mdm/devinfo-csp.md
@@ -17,16 +17,23 @@ ms.date: 06/26/2017
 
 The DevInfo configuration service provider handles the managed object which provides device information to the OMA DM server. This device information is automatically sent to the OMA DM server at the beginning of each OMA DM session.
 
-> **Note**  This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_DEVICE\_MANAGEMENT\_ADMIN capabilities to be accessed from a network configuration application.
+> [!NOTE]
+> This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_DEVICE\_MANAGEMENT\_ADMIN capabilities to be accessed from a network configuration application.
 
  
 
 For the DevInfo CSP, you cannot use the Replace command unless the node already exists.
 
-The following diagram shows the DevInfo configuration service provider management object in tree format as used by OMA Device Management. The OMA Client provisioning protocol is not supported by this configuration service provider.
-
-![devinfo csp (dm)](images/provisioning-csp-devinfo-dm.png)
-
+The following shows the DevInfo configuration service provider management object in tree format as used by OMA Device Management. The OMA Client provisioning protocol is not supported by this configuration service provider.
+```
+.
+DevInfo
+----DevId
+----Man
+----Mod
+----DmV
+----Lang
+```
 <a href="" id="devid"></a>**DevId**  
 Required. Returns an application-specific global unique device identifier by default.
 
diff --git a/windows/client-management/mdm/diagnose-mdm-failures-in-windows-10.md b/windows/client-management/mdm/diagnose-mdm-failures-in-windows-10.md
index db52ac149a..9732019e98 100644
--- a/windows/client-management/mdm/diagnose-mdm-failures-in-windows-10.md
+++ b/windows/client-management/mdm/diagnose-mdm-failures-in-windows-10.md
@@ -23,10 +23,10 @@ To help diagnose enrollment or device management issues in Windows 10 devices m
    ![Access work or school page in Settings](images/diagnose-mdm-failures15.png)
 
 1. At the bottom of the **Settings** page, click **Create report**.  
-   ![Access work or school page in Settings](images/diagnose-mdm-failures16.png)
+   ![Access work or school page and then Create report](images/diagnose-mdm-failures16.png)
 1. A window opens that shows the path to the log files. Click **Export**.
 
-   ![Access work or school page in Settings](images/diagnose-mdm-failures17.png)
+   ![Access work or school log files](images/diagnose-mdm-failures17.png)
 
 1. In File Explorer, navigate to c:\Users\Public\Documents\MDMDiagnostics to see the report.
 
@@ -121,28 +121,28 @@ Since there is no Event Viewer in Windows 10 Mobile, you can use the [Field Medi
 1.  Download and install the [Field Medic]( https://go.microsoft.com/fwlink/p/?LinkId=718232) app from the store.
 2.  Open the Field Medic app and then click on **Advanced**.
 
-    ![field medic screenshot](images/diagnose-mdm-failures2.png)
+    ![field medic screenshot 2](images/diagnose-mdm-failures2.png)
 
 3.  Click on **Choose with ETW provider to use**.
 
-    ![field medic screenshot](images/diagnose-mdm-failures3.png)
+    ![field medic screenshot 3](images/diagnose-mdm-failures3.png)
 
 4.  Check **Enterprise** and un-check the rest.
 
-    ![field medic screenshot](images/diagnose-mdm-failures4.png)
+    ![field medic screenshot 4](images/diagnose-mdm-failures4.png)
 
 5.  In the app, click on **Start Logging** and then perform the operation that you want to troubleshoot.
 
-    ![field medic screenshot](images/diagnose-mdm-failures2.png)
+    ![field medic screenshot 5](images/diagnose-mdm-failures2.png)
 
 6.  When the operation is done, click on **Stop Logging**.
 
-    ![field medic screenshot](images/diagnose-mdm-failures5.png)
+    ![field medic screenshot 6](images/diagnose-mdm-failures5.png)
 
 7.  Save the logs. They will be stored in the Field Medic log location on the device.
 8.  You can send the logs via email by attaching the files from **Documents > Field Medic > Reports > ...** folder.
 
-    ![device documents folder](images/diagnose-mdm-failures6.png)![device folder screenshot](images/diagnose-mdm-failures7.png)![device folder screenshot](images/diagnose-mdm-failures8.png)
+    ![device documents folder](images/diagnose-mdm-failures6.png)![device folder screenshot 7](images/diagnose-mdm-failures7.png)![device folder screenshot 8](images/diagnose-mdm-failures8.png)
 
 The following table contains a list of common providers and their corresponding GUIDs.
 
@@ -294,21 +294,21 @@ For best results, ensure that the PC or VM on which you are viewing logs matches
 3.  Navigate to the etl file that you got from the device and then open the file.
 4.  Click **Yes** when prompted to save it to the new log format.
 
-    ![prompt](images/diagnose-mdm-failures10.png)
+    ![event viewer prompt](images/diagnose-mdm-failures10.png)
 
     ![diagnose mdm failures](images/diagnose-mdm-failures11.png)
 
 5.  The new view contains traces from the channel. Click on **Filter Current Log** from the **Actions** menu.
 
-    ![event viewer](images/diagnose-mdm-failures12.png)
+    ![event viewer actions](images/diagnose-mdm-failures12.png)
 
 6.  Add a filter to Event sources by selecting **DeviceManagement-EnterpriseDiagnostics-Provider** and click **OK**.
 
-    ![event filter](images/diagnose-mdm-failures13.png)
+    ![event filter for Device Management](images/diagnose-mdm-failures13.png)
 
 7.  Now you are ready to start reviewing the logs.
 
-    ![event viewer](images/diagnose-mdm-failures14.png)
+    ![event viewer review logs](images/diagnose-mdm-failures14.png)
 
 ## Collect device state data
 
@@ -336,9 +336,3 @@ Here's an example of how to collect current MDM device state data using the [Dia
 ```
 
  
-
-
-
-
-
-
diff --git a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
index 406699a136..9eca3a7724 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@@ -1382,7 +1382,7 @@ ms.date: 10/08/2020
 - [Autoplay/SetDefaultAutoRunBehavior](./policy-csp-autoplay.md#autoplay-setdefaultautorunbehavior)
 - [Autoplay/TurnOffAutoPlay](./policy-csp-autoplay.md#autoplay-turnoffautoplay)
 - [Cellular/ShowAppCellularAccessUI](./policy-csp-cellular.md#cellular-showappcellularaccessui)
-- [Connectivity/DiablePrintingOverHTTP](./policy-csp-connectivity.md#connectivity-diableprintingoverhttp)
+- [Connectivity/DiablePrintingOverHTTP](./policy-csp-connectivity.md#connectivity-disableprintingoverhttp)
 - [Connectivity/DisableDownloadingOfPrintDriversOverHTTP](./policy-csp-connectivity.md#connectivity-disabledownloadingofprintdriversoverhttp)
 - [Connectivity/DisableInternetDownloadForWebPublishingAndOnlineOrderingWizards](./policy-csp-connectivity.md#connectivity-disableinternetdownloadforwebpublishingandonlineorderingwizards)
 - [Connectivity/HardenedUNCPaths](./policy-csp-connectivity.md#connectivity-hardeneduncpaths)
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
index e633560ef3..14a994d0a3 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
@@ -137,7 +137,7 @@ ms.date: 07/18/2019
 - [Cellular/ShowAppCellularAccessUI](./policy-csp-cellular.md#cellular-showappcellularaccessui)
 - [Connectivity/AllowCellularDataRoaming](./policy-csp-connectivity.md#connectivity-allowcellulardataroaming)
 - [Connectivity/AllowPhonePCLinking](./policy-csp-connectivity.md#connectivity-allowphonepclinking)
-- [Connectivity/DiablePrintingOverHTTP](./policy-csp-connectivity.md#connectivity-diableprintingoverhttp)
+- [Connectivity/DiablePrintingOverHTTP](./policy-csp-connectivity.md#connectivity-disableprintingoverhttp)
 - [Connectivity/DisableDownloadingOfPrintDriversOverHTTP](./policy-csp-connectivity.md#connectivity-disabledownloadingofprintdriversoverhttp)
 - [Connectivity/DisableInternetDownloadForWebPublishingAndOnlineOrderingWizards](./policy-csp-connectivity.md#connectivity-disableinternetdownloadforwebpublishingandonlineorderingwizards)
 - [Connectivity/DisallowNetworkConnectivityActiveTests](./policy-csp-connectivity.md#connectivity-disallownetworkconnectivityactivetests)
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md
index f3143ed222..e19d3350a5 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md
@@ -16,7 +16,6 @@ ms.date: 09/16/2019
 
 > [!div class="op_single_selector"]
 >
-> - [IoT Enterprise](policy-csps-supported-by-iot-enterprise.md)
 > - [IoT Core](policy-csps-supported-by-iot-core.md)
 >
 
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-enterprise.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-enterprise.md
deleted file mode 100644
index afb79c5bfe..0000000000
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-enterprise.md
+++ /dev/null
@@ -1,73 +0,0 @@
----
-title: Policies in Policy CSP supported by Windows 10 IoT Enterprise
-description: Policies in Policy CSP supported by Windows 10 IoT Enterprise
-ms.reviewer: 
-manager: dansimp
-ms.author: dansimp
-ms.topic: article
-ms.prod: w10
-ms.technology: windows
-author: manikadhiman
-ms.localizationpriority: medium
-ms.date: 07/18/2019
----
-
-# Policies in Policy CSP supported by Windows 10 IoT Enterprise
-
-> [!div class="op_single_selector"]
->
-> - [IoT Enterprise](policy-csps-supported-by-iot-enterprise.md)
-> - [IoT Core](policy-csps-supported-by-iot-core.md)
->
-
-- [InternetExplorer/AllowEnhancedSuggestionsInAddressBar](policy-csp-internetexplorer.md#internetexplorer-allowenhancedsuggestionsinaddressbar)
-- [InternetExplorer/DisableActiveXVersionListAutoDownload](policy-csp-internetexplorer.md#internetexplorer-disableactivexversionlistautodownload)
-- [InternetExplorer/DisableCompatView](policy-csp-internetexplorer.md#internetexplorer-disablecompatview)
-- [InternetExplorer/DisableFeedsBackgroundSync](policy-csp-internetexplorer.md#internetexplorer-disablefeedsbackgroundsync)
-- [InternetExplorer/DisableGeolocation](policy-csp-internetexplorer.md#internetexplorer-disablegeolocation)
-- [InternetExplorer/DisableWebAddressAutoComplete](policy-csp-internetexplorer.md#internetexplorer-disablewebaddressautocomplete)
-- [InternetExplorer/NewTabDefaultPage](policy-csp-internetexplorer.md#internetexplorer-newtabdefaultpage)
-- [DeliveryOptimization/DOAbsoluteMaxCacheSize](policy-csp-deliveryoptimization.md#deliveryoptimization-doabsolutemaxcachesize)
-- [DeliveryOptimization/DOAllowVPNPeerCaching](policy-csp-deliveryoptimization.md#deliveryoptimization-doallowvpnpeercaching)
-- [DeliveryOptimization/DOCacheHost](policy-csp-deliveryoptimization.md#deliveryoptimization-docachehost)
-- [DeliveryOptimization/DOCacheHostSource](policy-csp-deliveryoptimization.md#deliveryoptimization-docachehostsource)
-- [DeliveryOptimization/DODelayBackgroundDownloadFromHttp](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaybackgrounddownloadfromhttp)
-- [DeliveryOptimization/DODelayForegroundDownloadFromHttp](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelayforegrounddownloadfromhttp)
-- [DeliveryOptimization/DODelayCacheServerFallbackBackground](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackbackground)
-- [DeliveryOptimization/DODelayCacheServerFallbackForeground](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackforeground)
-- [DeliveryOptimization/DODownloadMode](policy-csp-deliveryoptimization.md#deliveryoptimization-dodownloadmode)
-- [DeliveryOptimization/DOGroupId](policy-csp-deliveryoptimization.md#deliveryoptimization-dogroupid)
-- [DeliveryOptimization/DOGroupIdSource](policy-csp-deliveryoptimization.md#deliveryoptimization-dogroupidsource)
--  [DeliveryOptimization/DOMaxBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxbackgrounddownloadbandwidth)
-- [DeliveryOptimization/DOMaxCacheAge](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxcacheage)
-- [DeliveryOptimization/DOMaxCacheSize](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxcachesize)
-- [DeliveryOptimization/DOMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxdownloadbandwidth) (deprecated)
-- [DeliveryOptimization/DOMaxForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxforegrounddownloadbandwidth)
-- [DeliveryOptimization/DOMaxUploadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-domaxuploadbandwidth) (deprecated)
-- [DeliveryOptimization/DOMinBackgroundQos](policy-csp-deliveryoptimization.md#deliveryoptimization-dominbackgroundqos)
-- [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](policy-csp-deliveryoptimization.md#deliveryoptimization-dominbatterypercentageallowedtoupload)
-- [DeliveryOptimization/DOMinDiskSizeAllowedToPeer](policy-csp-deliveryoptimization.md#deliveryoptimization-domindisksizeallowedtopeer)
-- [DeliveryOptimization/DOMinFileSizeToCache](policy-csp-deliveryoptimization.md#deliveryoptimization-dominfilesizetocache)
-- [DeliveryOptimization/DOMinRAMAllowedToPeer](policy-csp-deliveryoptimization.md#deliveryoptimization-dominramallowedtopeer)
-- [DeliveryOptimization/DOModifyCacheDrive](policy-csp-deliveryoptimization.md#deliveryoptimization-domodifycachedrive)
-- [DeliveryOptimization/DOMonthlyUploadDataCap](policy-csp-deliveryoptimization.md#deliveryoptimization-domonthlyuploaddatacap)
-- [DeliveryOptimization/DOPercentageMaxBackgroundBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxbackgroundbandwidth)
-- [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxdownloadbandwidth) (deprecated)
-- [DeliveryOptimization/DOPercentageMaxForegroundBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dopercentagemaxforegroundbandwidth)
-- [DeliveryOptimization/DORestrictPeerSelectionBy](policy-csp-deliveryoptimization.md#deliveryoptimization-dorestrictpeerselectionby)
-- [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth)
-- [DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth](policy-csp-deliveryoptimization.md#deliveryoptimization-dosethourstolimitforegrounddownloadbandwidth)
-- [DeviceHealthMonitoring/AllowDeviceHealthMonitoring](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-allowdevicehealthmonitoring)
-- [DeviceHealthMonitoring/ConfigDeviceHealthMonitoringScope](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringscope)
-- [DeviceHealthMonitoring/ConfigDeviceHealthMonitoringUploadDestination](policy-csp-devicehealthmonitoring.md#devicehealthmonitoring-configdevicehealthmonitoringuploaddestination)
-- [Privacy/LetAppsActivateWithVoice](policy-csp-privacy.md#privacy-letappsactivatewithvoice)
-- [Privacy/LetAppsActivateWithVoiceAboveLock](policy-csp-privacy.md#privacy-letappsactivatewithvoiceabovelock)
-- [Update/ConfigureDeadlineForFeatureUpdates](policy-csp-update.md#update-configuredeadlineforfeatureupdates)
-- [Update/ConfigureDeadlineForQualityUpdates](policy-csp-update.md#update-configuredeadlineforqualityupdates)
-- [Update/ConfigureDeadlineGracePeriod](policy-csp-update.md#update-configuredeadlinegraceperiod)
-- [Update/ConfigureDeadlineNoAutoReboot](policy-csp-update.md#update-configuredeadlinenoautoreboot)
-- [Update/SetProxyBehaviorForUpdateDetection](policy-csp-update.md#update-setproxybehaviorforupdatedetection)
-
-## Related topics
-
-[Policy CSP](policy-configuration-service-provider.md)
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index e79253e46b..e45269b6d7 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -5296,7 +5296,7 @@ The following diagram shows the Policy configuration service provider in tree fo
     <a href="./policy-csp-connectivity.md#connectivity-allowvpnroamingovercellular" id="connectivity-allowvpnroamingovercellular">Connectivity/AllowVPNRoamingOverCellular</a>
   </dd>
   <dd>
-    <a href="./policy-csp-connectivity.md#connectivity-diableprintingoverhttp" id="connectivity-diableprintingoverhttp">Connectivity/DiablePrintingOverHTTP</a>
+    <a href="./policy-csp-connectivity.md#connectivity-disableprintingoverhttp" id="connectivity-disableprintingoverhttp">Connectivity/DiablePrintingOverHTTP</a>
   </dd>
   <dd>
     <a href="./policy-csp-connectivity.md#connectivity-disabledownloadingofprintdriversoverhttp" id="connectivity-disabledownloadingofprintdriversoverhttp">Connectivity/DisableDownloadingOfPrintDriversOverHTTP</a>
@@ -8577,7 +8577,6 @@ The following diagram shows the Policy configuration service provider in tree fo
 - [Policies in Policy CSP supported by HoloLens (1st gen) Development Edition](policy-csps-supported-by-hololens-1st-gen-development-edition.md)
 
 ## Policies in Policy CSP supported by Windows 10 IoT
-- [Policies in Policy CSP supported by Windows 10 IoT Enterprise](policy-csps-supported-by-iot-enterprise.md)
 - [Policies in Policy CSP supported by Windows 10 IoT Core](policy-csps-supported-by-iot-core.md)
 
 ## Policies in Policy CSP supported by Microsoft Surface Hub
diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md
index d2c9190e0b..e65609226d 100644
--- a/windows/client-management/mdm/policy-csp-browser.md
+++ b/windows/client-management/mdm/policy-csp-browser.md
@@ -177,6 +177,10 @@ ms.localizationpriority: medium
   <dd>
     <a href="#browser-showmessagewhenopeningsitesininternetexplorer">Browser/ShowMessageWhenOpeningSitesInInternetExplorer</a>
   </dd>
+
+  <dd>
+    <a href="#browser-suppressedgedeprecationnotification">Browser/SuppressEdgeDeprecationNotification</a>
+  </dd>
   <dd>
     <a href="#browser-syncfavoritesbetweenieandmicrosoftedge">Browser/SyncFavoritesBetweenIEAndMicrosoftEdge</a>
   </dd>
@@ -4069,6 +4073,74 @@ Most restricted value: 0
 
 <hr/>
 
+<!--Policy-->
+<a href="" id="browser-suppressedgedeprecationnotification"></a>**Browser/SuppressEdgeDeprecationNotification**  
+
+<!--SupportedSKUs-->
+<table>
+<tr>
+    <th>Windows Edition</th>
+    <th>Supported?</th>
+</tr>
+<tr>
+    <td>Home</td>
+    <td><img src="images/crossmark.png" alt="cross mark" /></td>
+</tr>
+<tr>
+    <td>Pro</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Business</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Enterprise</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+<tr>
+    <td>Education</td>
+    <td><img src="images/checkmark.png" alt="check mark" /></td>
+</tr>
+</table>
+
+<!--/SupportedSKUs-->
+<hr/>
+
+<!--Scope-->
+[Scope](./policy-configuration-service-provider.md#policy-scope):
+
+> [!div class = "checklist"]
+> * User
+> * Device
+
+<hr/>
+
+<!--/Scope-->
+<!--Description-->
+This policy allows Enterprise Admins to turn off the notification for company devices that the Edge Legacy browser is no longer supported after 3/9/2021 to avoid confusion for their enterprise users and reduce help desk calls. 
+By default, a notification will be presented to the user informing them of this upon application startup.
+With this policy, you can either allow (default) or suppress this notification.
+
+> [!NOTE]
+> This policy is only enforced in Windows 10 for desktop and not supported in Windows 10 Mobile.
+
+<!--/Description-->
+<!--ADMXMapped-->
+ADMX Info:  
+-   GP English name: *Suppress Edge Deprecation Notification*
+-   GP name: *SuppressEdgeDeprecationNotification*
+-   GP path: *Windows Components/Microsoft Edge*
+-   GP ADMX file name: *MicrosoftEdge.admx*
+
+<!--/ADMXMapped-->
+<!--SupportedValues-->
+Supported values:
+
+-   0 (default) – Allowed. Notification will be shown at application startup.
+-   1 – Prevented/not allowed.
+
+<hr/>
 <!--Policy-->
 <a href="" id="browser-syncfavoritesbetweenieandmicrosoftedge"></a>**Browser/SyncFavoritesBetweenIEAndMicrosoftEdge**  
 
diff --git a/windows/client-management/mdm/policy-csp-connectivity.md b/windows/client-management/mdm/policy-csp-connectivity.md
index 503ee130bc..9e0b691757 100644
--- a/windows/client-management/mdm/policy-csp-connectivity.md
+++ b/windows/client-management/mdm/policy-csp-connectivity.md
@@ -8,18 +8,16 @@ ms.technology: windows
 author: manikadhiman
 ms.localizationpriority: medium
 ms.date: 09/27/2019
-ms.reviewer: 
+ms.reviewer:
 manager: dansimp
 ---
 
 # Policy CSP - Connectivity
 
-
-
 <hr/>
 
 <!--Policies-->
-## Connectivity policies  
+## Connectivity policies
 
 <dl>
   <dd>
@@ -47,7 +45,7 @@ manager: dansimp
     <a href="#connectivity-allowvpnroamingovercellular">Connectivity/AllowVPNRoamingOverCellular</a>
   </dd>
   <dd>
-    <a href="#connectivity-diableprintingoverhttp">Connectivity/DiablePrintingOverHTTP</a>
+    <a href="#connectivity-disableprintingoverhttp">Connectivity/DisablePrintingOverHTTP</a>
   </dd>
   <dd>
     <a href="#connectivity-disabledownloadingofprintdriversoverhttp">Connectivity/DisableDownloadingOfPrintDriversOverHTTP</a>
@@ -70,7 +68,7 @@ manager: dansimp
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-allowbluetooth"></a>**Connectivity/AllowBluetooth**  
+<a href="" id="connectivity-allowbluetooth"></a>**Connectivity/AllowBluetooth**
 
 <!--SupportedSKUs-->
 <table>
@@ -136,7 +134,7 @@ The following list shows the supported values:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-allowcellulardata"></a>**Connectivity/AllowCellularData**  
+<a href="" id="connectivity-allowcellulardata"></a>**Connectivity/AllowCellularData**
 
 <!--SupportedSKUs-->
 <table>
@@ -195,7 +193,7 @@ The following list shows the supported values:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-allowcellulardataroaming"></a>**Connectivity/AllowCellularDataRoaming**  
+<a href="" id="connectivity-allowcellulardataroaming"></a>**Connectivity/AllowCellularDataRoaming**
 
 <!--SupportedSKUs-->
 <table>
@@ -244,7 +242,7 @@ Most restricted value is 0.
 
 <!--/Description-->
 <!--ADMXMapped-->
-ADMX Info:  
+ADMX Info:
 -   GP English name: *Prohibit connection to roaming Mobile Broadband networks*
 -   GP name: *WCM_DisableRoaming*
 -   GP path: *Network/Windows Connection Manager*
@@ -274,7 +272,7 @@ To validate on mobile devices, do the following:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-allowconnecteddevices"></a>**Connectivity/AllowConnectedDevices**  
+<a href="" id="connectivity-allowconnecteddevices"></a>**Connectivity/AllowConnectedDevices**
 
 <!--SupportedSKUs-->
 <table>
@@ -335,7 +333,7 @@ The following list shows the supported values:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-allowphonepclinking"></a>**Connectivity/AllowPhonePCLinking**  
+<a href="" id="connectivity-allowphonepclinking"></a>**Connectivity/AllowPhonePCLinking**
 
 <!--SupportedSKUs-->
 <table>
@@ -385,20 +383,20 @@ If you do not configure this policy setting, the default behavior depends on the
 
 <!--/Description-->
 <!--ADMXMapped-->
-ADMX Info:  
+ADMX Info:
 -   GP name: *enableMMX*
 -   GP ADMX file name: *grouppolicy.admx*
 
 <!--/ADMXMapped-->
 <!--SupportedValues-->
-This setting supports a range of values between 0 and 1.  
+This setting supports a range of values between 0 and 1.
 
 - 0 - Do not link
 - 1 (default) - Allow phone-PC linking
 
 <!--/SupportedValues-->
 <!--Validation-->
-Validation:  
+Validation:
 
 If the Connectivity/AllowPhonePCLinking policy is configured to value 0, the add a phone button in the Phones section in settings will be grayed out and clicking it will not launch the window for a user to enter their phone number.
 
@@ -410,7 +408,7 @@ Device that has previously opt-in to MMX will also stop showing on the device li
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-allowusbconnection"></a>**Connectivity/AllowUSBConnection**  
+<a href="" id="connectivity-allowusbconnection"></a>**Connectivity/AllowUSBConnection**
 
 <!--SupportedSKUs-->
 <table>
@@ -475,7 +473,7 @@ The following list shows the supported values:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-allowvpnovercellular"></a>**Connectivity/AllowVPNOverCellular**  
+<a href="" id="connectivity-allowvpnovercellular"></a>**Connectivity/AllowVPNOverCellular**
 
 <!--SupportedSKUs-->
 <table>
@@ -535,7 +533,7 @@ The following list shows the supported values:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-allowvpnroamingovercellular"></a>**Connectivity/AllowVPNRoamingOverCellular**  
+<a href="" id="connectivity-allowvpnroamingovercellular"></a>**Connectivity/AllowVPNRoamingOverCellular**
 
 <!--SupportedSKUs-->
 <table>
@@ -595,7 +593,7 @@ The following list shows the supported values:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-diableprintingoverhttp"></a>**Connectivity/DiablePrintingOverHTTP**  
+<a href="" id="connectivity-disableprintingoverhttp"></a>**Connectivity/DisablePrintingOverHTTP**
 
 <!--SupportedSKUs-->
 <table>
@@ -652,14 +650,14 @@ Also, see the "Web-based printing" policy setting in Computer Configuration/Admi
 
 <!--/Description-->
 > [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
-> 
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
 > You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
-> 
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there is a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
 
 <!--ADMXBacked-->
-ADMX Info:  
+ADMX Info:
 -   GP English name: *Turn off printing over HTTP*
 -   GP name: *DisableHTTPPrinting_2*
 -   GP path: *Internet Communication settings*
@@ -671,7 +669,7 @@ ADMX Info:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-disabledownloadingofprintdriversoverhttp"></a>**Connectivity/DisableDownloadingOfPrintDriversOverHTTP**  
+<a href="" id="connectivity-disabledownloadingofprintdriversoverhttp"></a>**Connectivity/DisableDownloadingOfPrintDriversOverHTTP**
 
 <!--SupportedSKUs-->
 <table>
@@ -726,14 +724,14 @@ If you disable or do not configure this policy setting, users can download print
 
 <!--/Description-->
 > [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
-> 
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
 > You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
-> 
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there is a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
 
 <!--ADMXBacked-->
-ADMX Info:  
+ADMX Info:
 -   GP English name: *Turn off downloading of print drivers over HTTP*
 -   GP name: *DisableWebPnPDownload_2*
 -   GP path: *Internet Communication settings*
@@ -745,7 +743,7 @@ ADMX Info:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-disableinternetdownloadforwebpublishingandonlineorderingwizards"></a>**Connectivity/DisableInternetDownloadForWebPublishingAndOnlineOrderingWizards**  
+<a href="" id="connectivity-disableinternetdownloadforwebpublishingandonlineorderingwizards"></a>**Connectivity/DisableInternetDownloadForWebPublishingAndOnlineOrderingWizards**
 
 <!--SupportedSKUs-->
 <table>
@@ -800,14 +798,14 @@ See the documentation for the web publishing and online ordering wizards for mor
 
 <!--/Description-->
 > [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
-> 
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
 > You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
-> 
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there is a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
 
 <!--ADMXBacked-->
-ADMX Info:  
+ADMX Info:
 -   GP English name: *Turn off Internet download for Web publishing and online ordering wizards*
 -   GP name: *ShellPreventWPWDownload_2*
 -   GP path: *Internet Communication settings*
@@ -819,7 +817,7 @@ ADMX Info:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-disallownetworkconnectivityactivetests"></a>**Connectivity/DisallowNetworkConnectivityActiveTests**  
+<a href="" id="connectivity-disallownetworkconnectivityactivetests"></a>**Connectivity/DisallowNetworkConnectivityActiveTests**
 
 <!--SupportedSKUs-->
 <table>
@@ -868,7 +866,7 @@ Value type is integer.
 
 <!--/Description-->
 <!--ADMXMapped-->
-ADMX Info:  
+ADMX Info:
 -   GP English name: *Turn off Windows Network Connectivity Status Indicator active tests*
 -   GP name: *NoActiveProbe*
 -   GP path: *Internet Communication settings*
@@ -880,7 +878,7 @@ ADMX Info:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-hardeneduncpaths"></a>**Connectivity/HardenedUNCPaths**  
+<a href="" id="connectivity-hardeneduncpaths"></a>**Connectivity/HardenedUNCPaths**
 
 <!--SupportedSKUs-->
 <table>
@@ -929,14 +927,14 @@ If you enable this policy, Windows only allows access to the specified UNC paths
 
 <!--/Description-->
 > [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
-> 
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
 > You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
-> 
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there is a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
 
 <!--ADMXBacked-->
-ADMX Info:  
+ADMX Info:
 -   GP English name: *Hardened UNC Paths*
 -   GP name: *Pol_HardenedPaths*
 -   GP path: *Network/Network Provider*
@@ -948,7 +946,7 @@ ADMX Info:
 <hr/>
 
 <!--Policy-->
-<a href="" id="connectivity-prohibitinstallationandconfigurationofnetworkbridge"></a>**Connectivity/ProhibitInstallationAndConfigurationOfNetworkBridge**  
+<a href="" id="connectivity-prohibitinstallationandconfigurationofnetworkbridge"></a>**Connectivity/ProhibitInstallationAndConfigurationOfNetworkBridge**
 
 <!--SupportedSKUs-->
 <table>
@@ -1001,14 +999,14 @@ If you disable this setting or do not configure it, the user will be able to cre
 
 <!--/Description-->
 > [!TIP]
-> This is an ADMX-backed policy and requires a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
-> 
+> This is an ADMX-backed policy and requires a special SyncML format to enable or disable. For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
+>
 > You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
-> 
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+>
+> The payload of the SyncML must be XML-encoded; for this XML encoding, there is a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
 
 <!--ADMXBacked-->
-ADMX Info:  
+ADMX Info:
 -   GP English name: *Prohibit installation and configuration of Network Bridge on your DNS domain network*
 -   GP name: *NC_AllowNetBridge_NLA*
 -   GP path: *Network/Network Connections*
@@ -1016,6 +1014,7 @@ ADMX Info:
 
 <!--/ADMXBacked-->
 <!--/Policy-->
+
 <hr/>
 
 Footnotes:
@@ -1028,6 +1027,6 @@ Footnotes:
 - 6 - Available in Windows 10, version 1903.
 - 7 - Available in Windows 10, version 1909.
 - 8 - Available in Windows 10, version 2004.
+- 9 - Available in Windows 10, version 2009.
 
 <!--/Policies-->
-
diff --git a/windows/configuration/set-up-shared-or-guest-pc.md b/windows/configuration/set-up-shared-or-guest-pc.md
index 00fb65ab30..531a088f9a 100644
--- a/windows/configuration/set-up-shared-or-guest-pc.md
+++ b/windows/configuration/set-up-shared-or-guest-pc.md
@@ -85,21 +85,30 @@ You can configure Windows to be in shared PC mode in a couple different ways:
 
 - Mobile device management (MDM): Shared PC mode is enabled by the [SharedPC configuration service provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/sharedpc-csp). To setup a shared device policy for Windows 10 in Intune, complete the following steps:
 
-  1. Go to the [Microsoft Endpoint Manager portal](https://endpoint.microsoft.com/#home).
-  2. Select **Devices** from the navigation. 
-  3. Under **Policy**, select **Configuration profiles**.
-  4. Select **Create profile**.
-  5. From the **Platform** menu, select **Windows 10 and later**.
-  6. From the **Profile** menu, select **Shared multi-user device**.
+  1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+  
+  2. Select **Devices** > **Windows** > **Configuration profiles** > **Create profile**.
+  
+  3. Enter the following properties:
 
-     ![custom OMA-URI policy in Intune](images/shared_pc_1.jpg) 
+     - **Platform**: Select **Windows 10 and later**.
+     - **Profile**: Select **Templates** > **Shared multi-user device**.
 
-  7. Select **Create**.
-  8. Enter a name for the policy (e.g. My Win10 Shared devices policy). You can optionally add a description should you wish to do so.
-  9. Select **Next**.
-  10. On the **Configuration settings** page, set the ‘Shared PC Mode’ value to **Enabled**.
+  4. Select **Create**.
+  
+  5. In **Basics**, enter the following properties:
 
-     ![Shared PC settings in ICD](images/shared_pc_3.png) 
+     - **Name**: Enter a descriptive name for the new profile.
+     - **Description**: Enter a description for the profile. This setting is optional, but recommended.
+
+  6. Select **Next**.
+  
+  7. In **Configuration settings**, depending on the platform you chose, the settings you can configure are different. Choose your platform for detailed settings:
+
+  8. On the **Configuration settings** page, set the ‘Shared PC Mode’ value to **Enabled**.
+
+     > [!div class="mx-imgBorder"]
+     > ![Shared PC mode in the Configuration settings page](images/shared_pc_3.png) 
 
   11. From this point on, you can configure any additional settings you’d like to be part of this policy, and then follow the rest of the set-up flow to its completion by selecting **Create** after **Step 6**.
 
@@ -108,27 +117,27 @@ You can configure Windows to be in shared PC mode in a couple different ways:
      ![Shared PC settings in ICD](images/icd-adv-shared-pc.png)
 
 - WMI bridge: Environments that use Group Policy can use the [MDM Bridge WMI Provider](https://msdn.microsoft.com/library/windows/desktop/dn905224.aspx) to configure the [MDM_SharedPC class](https://msdn.microsoft.com/library/windows/desktop/mt779129.aspx). For all device settings, the WMI Bridge client must be executed under local system user; for more information, see [Using PowerShell scripting with the WMI Bridge Provider](https://docs.microsoft.com/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider). For example, open PowerShell as an administrator and enter the following:
-
-```
-$sharedPC = Get-CimInstance -Namespace "root\cimv2\mdm\dmmap" -ClassName "MDM_SharedPC"
-$sharedPC.EnableSharedPCMode = $True
-$sharedPC.SetEduPolicies = $True
-$sharedPC.SetPowerPolicies = $True
-$sharedPC.MaintenanceStartTime = 0
-$sharedPC.SignInOnResume = $True
-$sharedPC.SleepTimeout = 0
-$sharedPC.EnableAccountManager = $True
-$sharedPC.AccountModel = 2
-$sharedPC.DeletionPolicy = 1
-$sharedPC.DiskLevelDeletion = 25
-$sharedPC.DiskLevelCaching = 50
-$sharedPC.RestrictLocalStorage = $False
-$sharedPC.KioskModeAUMID = ""
-$sharedPC.KioskModeUserTileDisplayText = ""
-$sharedPC.InactiveThreshold = 0
-Set-CimInstance -CimInstance $sharedPC
-Get-CimInstance -Namespace "root\cimv2\mdm\dmmap" -ClassName MDM_SharedPC
-```
+    
+  ```powershell
+  $sharedPC = Get-CimInstance -Namespace "root\cimv2\mdm\dmmap" -ClassName "MDM_SharedPC"
+  $sharedPC.EnableSharedPCMode = $True
+  $sharedPC.SetEduPolicies = $True
+  $sharedPC.SetPowerPolicies = $True
+  $sharedPC.MaintenanceStartTime = 0
+  $sharedPC.SignInOnResume = $True
+  $sharedPC.SleepTimeout = 0
+  $sharedPC.EnableAccountManager = $True
+  $sharedPC.AccountModel = 2
+  $sharedPC.DeletionPolicy = 1
+  $sharedPC.DiskLevelDeletion = 25
+  $sharedPC.DiskLevelCaching = 50
+  $sharedPC.RestrictLocalStorage = $False
+  $sharedPC.KioskModeAUMID = ""
+  $sharedPC.KioskModeUserTileDisplayText = ""
+  $sharedPC.InactiveThreshold = 0
+  Set-CimInstance -CimInstance $sharedPC
+  Get-CimInstance -Namespace "root\cimv2\mdm\dmmap" -ClassName MDM_SharedPC
+  ```
 
 ### Create a provisioning package for shared use
 
@@ -205,19 +214,24 @@ On a desktop computer, navigate to **Settings** &gt; **Accounts** &gt; **Work ac
 ## Guidance for accounts on shared PCs
 
 * We recommend no local admin accounts on the PC to improve the reliability and security of the PC.
+
 * When a PC is set up in shared PC mode with the default deletion policy, accounts will be cached automatically until disk space is low. Then, accounts will be deleted to reclaim disk space. This account management happens automatically. Both Azure AD and Active Directory domain accounts are managed in this way. Any accounts created through **Guest** and **Kiosk** will be deleted automatically at sign out.
 * On a Windows PC joined to Azure Active Directory:
     * By default, the account that joined the PC to Azure AD will have an admin account on that PC. Global administrators for the Azure AD domain will also have admin accounts on the PC.
     * With Azure AD Premium, you can specify which accounts have admin accounts on a PC using the **Additional administrators on Azure AD Joined devices** setting on the Azure portal.
+
 * Local accounts that already exist on a PC won’t be deleted when turning on shared PC mode. New local accounts that are created using **Settings > Accounts > Other people > Add someone else to this PC** after shared PC mode is turned on won't be deleted. However, any new local accounts created by the **Guest** and **Kiosk** options on the sign-in screen (if enabled) will automatically be deleted at sign-out.
+
 * If admin accounts are necessary on the PC
     * Ensure the PC is joined to a domain that enables accounts to be signed on as admin, or
     * Create admin accounts before setting up shared PC mode, or 
     * Create exempt accounts before signing out when turning shared pc mode on.
+
 * The account management service supports accounts that are exempt from deletion.
-    * An account can be marked exempt from deletion by adding the account SID to the `HKEY_LOCAL_MACHINE\SOFTARE\Microsoft\Windows\CurrentVersion\SharedPC\Exemptions\` registry key.
-    * To add the account SID to the registry key using PowerShell:<br/>
-        ```
+    * An account can be marked exempt from deletion by adding the account SID to the registry key: `HKEY_LOCAL_MACHINE\SOFTARE\Microsoft\Windows\CurrentVersion\SharedPC\Exemptions\`.
+    * To add the account SID to the registry key using PowerShell:
+
+        ```powershell
         $adminName = "LocalAdmin"
         $adminPass = 'Pa$$word123'
         iex "net user /add $adminName $adminPass"
@@ -228,8 +242,6 @@ On a desktop computer, navigate to **Settings** &gt; **Accounts** &gt; **Work ac
         ``` 
 
 
-
-
 ## Policies set by shared PC mode
 Shared PC mode sets local group policies to configure the device. Some of these are configurable using the shared pc mode options.
 
diff --git a/windows/configuration/wcd/wcd-accounts.md b/windows/configuration/wcd/wcd-accounts.md
index d39c37513b..6cc1c8921e 100644
--- a/windows/configuration/wcd/wcd-accounts.md
+++ b/windows/configuration/wcd/wcd-accounts.md
@@ -45,7 +45,7 @@ Specifies the settings you can configure when joining a device to a domain, incl
 | --- | --- | --- |
 | Account | string  | Account to use to join computer to domain  |
 | AccountOU | Enter the full path for the organizational unit. For example: OU=testOU,DC=domain,DC=Domain,DC=com.  | Name of organizational unit for the computer account  |
-| ComputerName | Specify a unique name for the domain-joined computers using %RAND:x%, where x is an integer that includes fewer than 15 digits, or using %SERIAL% characters in the name.</br></br>ComputerName is a string with a maximum length of 15 bytes of content:</br></br>- ComputerName can use ASCII characters (1 byte each) and/or multi-byte characters such as Kanji, so long as you do not exceed 15 bytes of content.</br></br>- ComputerName cannot use spaces or any of the following characters: \{ &#124; \} ~ \[ \\ \] ^ ' : ; < = > ? @ ! " \# $ % ` \( \) + / . , \* &, or contain any spaces.</br></br>- ComputerName cannot use some non-standard characters, such as emoji.</br></br> Computer names that cannot be validated through the DnsValidateName function cannot be used, for example, computer names that only contain numbers (0-9). For more information, see the [DnsValidateName function](https://go.microsoft.com/fwlink/?LinkId=257040). | Specifies the name of the Windows device (computer name on PCs)  |
+| ComputerName | On desktop PCs, this setting specifies the DNS hostname of the computer (Computer Name) up to 63 characters. Use `%RAND:x%` to generate x number of random digits in the name, where x must be a number less than 63. For domain-joined computers, the unique name must use `%RAND:x%`. Use `%SERIAL%` to generate the name with the `computer's` serial number embedded. If the serial number exceeds the character limit, it will be truncated from the beginning of the sequence. The character restriction limit does not count the length of the macros, `%RAND:x%` and `%SERIAL%`. This setting is supported only in Windows 10, version 1803 and later. To change this setting in Windows 10, version 1709 and earlier releases, use the **ComputerName** setting under **Accounts**. | Specifies the name of the Windows device (computer name on PCs)  |
 | DomainName | string (cannot be empty) | Specify the name of the domain that the device will join  |
 | Password | string (cannot be empty) | Corresponds to the password of the user account that's authorized to join the computer account to the domain.  |
 
diff --git a/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md b/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md
index 2779d317f6..5d5ff0215e 100644
--- a/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md
+++ b/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md
@@ -45,8 +45,9 @@ These steps will show you how to configure an Active Directory account with the
 
 On **DC01**:
 
-1. Download the [Set-OUPermissions.ps1 script](https://go.microsoft.com/fwlink/p/?LinkId=619362) and copy it to the **C:\\Setup\\Scripts** directory on DC01.  This script configures permissions to allow the MDT_JD account to manage computer accounts in the contoso > Computers organizational unit.
-2. Create the MDT_JD service account by running the following command from an elevated Windows PowerShell prompt:
+1. Download the [Set-OUPermissions.ps1 script](https://go.microsoft.com/fwlink/p/?LinkId=619362) and copy it to the **C:\\Setup\\Scripts** directory on **DC01**.  This script configures permissions to allow the **MDT_JD** account to manage computer accounts in the contoso > Computers organizational unit.
+
+2. Create the **MDT_JD** service account by running the following command from an elevated **Windows PowerShell prompt**:
 
    ```powershell
    New-ADUser -Name MDT_JD -UserPrincipalName MDT_JD -path "OU=Service Accounts,OU=Accounts,OU=Contoso,DC=CONTOSO,DC=COM" -Description "MDT join domain account" -AccountPassword (ConvertTo-SecureString "pass@word1" -AsPlainText -Force) -ChangePasswordAtLogon $false -PasswordNeverExpires $true -Enabled $true 
@@ -60,19 +61,20 @@ On **DC01**:
    .\Set-OUPermissions.ps1 -Account MDT_JD -TargetOU "OU=Workstations,OU=Computers,OU=Contoso"
    ```
 
-The following is a list of the permissions being granted:
-    a.  Scope: This object and all descendant objects
-    b.  Create Computer objects
-    c.  Delete Computer objects
-    d.  Scope: Descendant Computer objects
-    e.  Read All Properties
-    f.  Write All Properties
-    g.  Read Permissions
-    h.  Modify Permissions
-    i.  Change Password
-    j.  Reset Password
-    k.  Validated write to DNS host name
-    l.  Validated write to service principal name
+   The following is a list of the permissions being granted:
+
+   - Scope: This object and all descendant objects
+   - Create Computer objects
+   - Delete Computer objects
+   - Scope: Descendant Computer objects
+   - Read All Properties
+   - Write All Properties
+   - Read Permissions
+   - Modify Permissions
+   - Change Password
+   - Reset Password
+   - Validated write to DNS host name
+   - Validated write to service principal name
 
 ## Step 2: Set up the MDT production deployment share
 
@@ -87,8 +89,11 @@ The steps for creating the deployment share for production are the same as when
 1. Ensure you are signed on as: contoso\administrator.
 2. In the Deployment Workbench console, right-click **Deployment Shares** and select **New Deployment Share**.
 3. On the **Path** page, in the **Deployment share path** text box, type **D:\\MDTProduction** and click **Next**.
+
 4. On the **Share** page, in the **Share name** text box, type **MDTProduction$** and click **Next**.
+
 5. On the **Descriptive Name** page, in the **Deployment share description** text box, type **MDT Production** and click **Next**.
+
 6. On the **Options** page, accept the default settings and click **Next** twice, and then click **Finish**.
 7. Using File Explorer, verify that you can access the **\\\\MDT01\\MDTProduction$** share.
 
@@ -116,9 +121,13 @@ In these steps, we assume that you have completed the steps in the [Create a Win
 
 1.  Using the Deployment Workbench, expand the **Deployment Shares** node, and then expand **MDT Production**; select the **Operating Systems** node, and create a folder named **Windows 10**.
 2.  Right-click the **Windows 10** folder and select **Import Operating System**.
+
 3.  On the **OS Type** page, select **Custom image file** and click **Next**.
+
 4.  On the **Image** page, in the **Source file** text box, browse to **D:\\MDTBuildLab\\Captures\\REFW10X64-001.wim** and click **Next**.
+
 5.  On the **Setup** page, select the **Copy Windows 7, Windows Server 2008 R2, or later setup files from the specified path** option; in the **Setup source directory** text box, browse to **D:\\MDTBuildLab\\Operating Systems\\W10EX64RTM** and click **Next**.
+
 6.  On the **Destination** page, in the **Destination directory name** text box, type **W10EX64RTM**, click **Next** twice, and then click **Finish**.
 7.  After adding the operating system, double-click the added operating system name in the **Operating Systems / Windows 10** node and change the name to **Windows 10 Enterprise x64 RTM Custom Image**.
 
@@ -140,16 +149,22 @@ On **MDT01**:
 2. Extract the .exe file that you downloaded to an .msi (ex: .\AcroRdrDC1902120058_en_US.exe -sfx_o"d:\setup\adobe\install\" -sfx_ne).
 3. In the Deployment Workbench, expand the **MDT Production** node and navigate to the **Applications** node.
 4. Right-click the **Applications** node, and create a new folder named **Adobe**.
+
 5. In the **Applications** node, right-click the **Adobe** folder and select **New Application**.
+
 6. On the **Application Type** page, select the **Application with source files** option and click **Next**.
+
 7. On the **Details** page, in the **Application Name** text box, type **Install - Adobe Reader** and click *Next**.
+
 8. On the **Source** page, in the **Source Directory** text box, browse to **D:\\setup\\adobe\\install** and click **Next**.
+
 9. On the **Destination** page, in the **Specify the name of the directory that should be created** text box, type **Install - Adobe Reader** and click **Next**.
+
 10. On the **Command Details** page, in the **Command Line** text box, type **msiexec /i AcroRead.msi /q**, click **Next** twice, and then click **Finish**.
 
-![acroread image](../images/acroread.png)
+    ![acroread image](../images/acroread.png)
 
-The Adobe Reader application added to the Deployment Workbench.
+    The Adobe Reader application added to the Deployment Workbench.
 
 ## Step 5: Prepare the drivers repository
 
@@ -211,16 +226,17 @@ When you import drivers to the MDT driver repository, MDT creates a single insta
 
 The preceding folder names should match the actual make and model values that MDT reads from devices during deployment. You can find out the model values for your machines by using the following command in Windows PowerShell:
 
-``` powershell
+```powershell
 Get-WmiObject -Class:Win32_ComputerSystem
 ```
+
 Or, you can use this command in a normal command prompt:
 
-``` 
+```console
 wmic csproduct get name
 ```
 
-If you want a more standardized naming convention, try the ModelAliasExit.vbs script from the Deployment Guys blog post entitled [Using and Extending Model Aliases for Hardware Specific Application Installation](https://go.microsoft.com/fwlink/p/?LinkId=619536).
+If you want a more standardized naming convention, try the **ModelAliasExit.vbs script** from the Deployment Guys blog post, entitled [Using and Extending Model Aliases for Hardware Specific Application Installation](https://go.microsoft.com/fwlink/p/?LinkId=619536).
 
 ![drivers](../images/fig4-oob-drivers.png)
 
@@ -244,9 +260,9 @@ On **MDT01**:
     2.  Folders: Select the WinPE x64 folder in Out-of-Box Drivers.
     3.  Click **Next**, **Next** and **Finish**.
 
-![figure 5](../images/fig5-selectprofile.png)
+    ![figure 5](../images/fig5-selectprofile.png)
 
-Creating the WinPE x64 selection profile.
+    Creating the WinPE x64 selection profile.
 
 ### Extract and import drivers for the x64 boot image
 
@@ -267,7 +283,8 @@ On **MDT01**:
 
 For the ThinkStation P500 model, you use the Lenovo ThinkVantage Update Retriever software to download the drivers. With Update Retriever, you need to specify the correct Lenovo Machine Type for the actual hardware (the first four characters of the model name). As an example, the Lenovo ThinkStation P500 model has the 30A6003TUS model name, meaning the Machine Type is 30A6.
 
-![ThinkStation image](../images/thinkstation.png)
+> [!div class="mx-imgBorder"]
+> ![ThinkStation image](../images/thinkstation.png)
 
 To get the updates, download the drivers from the Lenovo ThinkVantage Update Retriever using its export function. You can also download the drivers by searching PC Support on the [Lenovo website](https://go.microsoft.com/fwlink/p/?LinkId=619543).
 
@@ -276,9 +293,12 @@ In this example, we assume you have downloaded and extracted the drivers using T
 On **MDT01**:
 
 1. In the Deployment Workbench, in the **MDT Production** > **Out-Of-Box Drivers** > **Windows 10 x64** node, expand the **Lenovo** node.
-2.  Right-click the **30A6003TUS** folder and select **Import Drivers** and use the following Driver source directory to import drivers: **D:\\Drivers\\Windows 10 x64\\Lenovo\\ThinkStation P500 (30A6003TUS)**
 
-The folder you select and all sub-folders will be checked for drivers, expanding any .cab files that are present and searching for drivers.
+2.  Right-click the **30A6003TUS** folder and select **Import Drivers** and use the following Driver source directory to import drivers: 
+
+    **D:\\Drivers\\Windows 10 x64\\Lenovo\\ThinkStation P500 (30A6003TUS)**
+
+    The folder you select and all sub-folders will be checked for drivers, expanding any .cab files that are present and searching for drivers.
 
 ### For the Latitude E7450
 
@@ -289,7 +309,10 @@ In these steps, we assume you have downloaded and extracted the CAB file for the
 On **MDT01**:
 
 1. In the **Deployment Workbench**, in the **MDT Production** > **Out-Of-Box Drivers** > **Windows 10 x64** node, expand the **Dell Inc** node.
-2.  Right-click the **Latitude E7450** folder and select **Import Drivers** and use the following Driver source directory to import drivers: **D:\\Drivers\\Windows 10 x64\\Dell Inc\\Latitude E7450**
+
+2.  Right-click the **Latitude E7450** folder and select **Import Drivers** and use the following Driver source directory to import drivers: 
+
+    **D:\\Drivers\\Windows 10 x64\\Dell Inc\\Latitude E7450**
 
 ### For the HP EliteBook 8560w
 
@@ -300,7 +323,10 @@ In these steps, we assume you have downloaded and extracted the drivers for the
 On **MDT01**:
 
 1.  In the **Deployment Workbench**, in the **MDT Production** > **Out-Of-Box Drivers** > **Windows 10 x64** node, expand the **Hewlett-Packard** node.
-2.  Right-click the **HP EliteBook 8560w** folder and select **Import Drivers** and use the following Driver source directory to import drivers: **D:\\Drivers\\Windows 10 x64\\Hewlett-Packard\\HP EliteBook 8560w**
+
+2.  Right-click the **HP EliteBook 8560w** folder and select **Import Drivers** and use the following Driver source directory to import drivers: 
+
+    **D:\\Drivers\\Windows 10 x64\\Hewlett-Packard\\HP EliteBook 8560w**
 
 ### For the Microsoft Surface Laptop
 
@@ -309,7 +335,10 @@ For the Microsoft Surface Laptop model, you find the drivers on the Microsoft we
 On **MDT01**:
 
 1.  In the Deployment Workbench, in the **MDT Production** > **Out-Of-Box Drivers** > **Windows 10 x64** node, expand the **Microsoft** node.
-2.  Right-click the **Surface Laptop** folder and select **Import Drivers**; and use the following Driver source directory to import drivers: **D:\\Drivers\\Windows 10 x64\\Microsoft\\Surface Laptop**
+
+2.  Right-click the **Surface Laptop** folder and select **Import Drivers**; and use the following Driver source directory to import drivers: 
+
+    **D:\\Drivers\\Windows 10 x64\\Microsoft\\Surface Laptop**
 
 ## Step 6: Create the deployment task sequence
 
@@ -320,40 +349,46 @@ This section will show you how to create the task sequence used to deploy your p
 On **MDT01**:
 
 1. In the Deployment Workbench, under the **MDT Production** node, right-click **Task Sequences**, and create a folder named **Windows 10**.
+
 2. Right-click the new **Windows 10** folder and select **New Task Sequence**. Use the following settings for the New Task Sequence Wizard:
-   1. Task sequence ID: W10-X64-001
-   2. Task sequence name: Windows 10 Enterprise x64 RTM Custom Image
-   3. Task sequence comments: Production Image
-   4. Template: Standard Client Task Sequence
-   5. Select OS: Windows 10 Enterprise x64 RTM Custom Image
-   6. Specify Product Key: Do not specify a product key at this time
-   7. Full Name: Contoso
-   8. Organization: Contoso
-   9. Internet Explorer home page: https://www.contoso.com
-   10. Admin Password: Do not specify an Administrator Password at this time
+   - Task sequence ID: W10-X64-001
+   - Task sequence name: Windows 10 Enterprise x64 RTM Custom Image
+   - Task sequence comments: Production Image
+   - Template: Standard Client Task Sequence
+   - Select OS: Windows 10 Enterprise x64 RTM Custom Image
+   - Specify Product Key: Do not specify a product key at this time
+   - Full Name: Contoso
+   - Organization: Contoso
+   - Internet Explorer home page: https://www.contoso.com
+   - Admin Password: Do not specify an Administrator Password at this time
 
 ### Edit the Windows 10 task sequence
 
 1. Continuing from the previous procedure, right-click the **Windows 10 Enterprise x64 RTM Custom Image** task sequence, and select **Properties**.
-2. On the **Task Sequence** tab, configure the **Windows 10 Enterprise x64 RTM Custom Image** task sequence with the following settings:
-   1.  Preinstall: After the **Enable BitLocker (Offline)** action, add a **Set Task Sequence Variable** action with the following settings:
-       1.  Name: Set DriverGroup001
-       2.  Task Sequence Variable: DriverGroup001
-       3.  Value: Windows 10 x64\\%Make%\\%Model%
-   2.  Configure the **Inject Drivers** action with the following settings:
-       1.  Choose a selection profile: Nothing
-       2.  Install all drivers from the selection profile
 
-           >[!NOTE]
-           >The configuration above indicates that MDT should only use drivers from the folder specified by the DriverGroup001 property, which is defined by the "Choose a selection profile: Nothing" setting, and that MDT should not use plug and play to determine which drivers to copy, which is defined by the "Install all drivers from the selection profile" setting.
+2. On the **Task Sequence** tab, configure the **Windows 10 Enterprise x64 RTM Custom Image** task sequence with the following settings:
+
+   1.  Preinstall: After the **Enable BitLocker (Offline)** action, add a **Set Task Sequence Variable** action with the following settings:
+       - Name: Set DriverGroup001
+       - Task Sequence Variable: DriverGroup001
+       - Value: Windows 10 x64\\%Make%\\%Model%
+
+   2.  Configure the **Inject Drivers** action with the following settings:
+       - Choose a selection profile: Nothing
+       - Install all drivers from the selection profile
+
+       > [!NOTE]
+       > The configuration above indicates that MDT should only use drivers from the folder specified by the DriverGroup001 property, which is defined by the "Choose a selection profile: Nothing" setting, and that MDT should not use plug and play to determine which drivers to copy, which is defined by the "Install all drivers from the selection profile" setting.
              
    3.  State Restore. Enable the **Windows Update (Pre-Application Installation)** action.
+
    4.  State Restore. Enable the **Windows Update (Post-Application Installation)** action.
+
 3. Click **OK**.
 
-![drivergroup](../images/fig6-taskseq.png)
+   ![drivergroup](../images/fig6-taskseq.png)
 
-The task sequence for production deployment.
+   The task sequence for production deployment.
 
 ## Step 7: Configure the MDT production deployment share
 
@@ -369,95 +404,104 @@ On **MDT01**:
 1. Right-click the **MDT Production** deployment share and select **Properties**.
 2. Select the **Rules** tab and replace the existing rules with the following information (modify the domain name, WSUS server, and administrative credentials to match your environment):
 
-  ``` 
-  [Settings]
-  Priority=Default
-
-  [Default]
-  _SMSTSORGNAME=Contoso
-  OSInstall=YES
-  UserDataLocation=AUTO
-  TimeZoneName=Pacific Standard Time 
-  AdminPassword=pass@word1
-  JoinDomain=contoso.com
-  DomainAdmin=CONTOSO\MDT_JD
-  DomainAdminPassword=pass@word1
-  MachineObjectOU=OU=Workstations,OU=Computers,OU=Contoso,DC=contoso,DC=com
-  SLShare=\\MDT01\Logs$
-  ScanStateArgs=/ue:*\* /ui:CONTOSO\*
-  USMTMigFiles001=MigApp.xml
-  USMTMigFiles002=MigUser.xml
-  HideShell=YES
-  ApplyGPOPack=NO
-  WSUSServer=mdt01.contoso.com:8530
-  SkipAppsOnUpgrade=NO
-  SkipAdminPassword=YES
-  SkipProductKey=YES
-  SkipComputerName=NO
-  SkipDomainMembership=YES
-  SkipUserData=YES
-  SkipLocaleSelection=YES
-  SkipTaskSequence=NO
-  SkipTimeZone=YES
-  SkipApplications=NO
-  SkipBitLocker=YES
-  SkipSummary=YES
-  SkipCapture=YES
-  SkipFinalSummary=NO
-  ```
+   ``` 
+   [Settings]
+   Priority=Default 
+ 
+   [Default]
+   _SMSTSORGNAME=Contoso
+   OSInstall=YES
+   UserDataLocation=AUTO
+   TimeZoneName=Pacific Standard Time 
+   AdminPassword=pass@word1
+   JoinDomain=contoso.com
+   DomainAdmin=CONTOSO\MDT_JD
+   DomainAdminPassword=pass@word1
+   MachineObjectOU=OU=Workstations,OU=Computers,OU=Contoso,DC=contoso,DC=com
+   SLShare=\\MDT01\Logs$
+   ScanStateArgs=/ue:*\* /ui:CONTOSO\*
+   USMTMigFiles001=MigApp.xml
+   USMTMigFiles002=MigUser.xml
+   HideShell=YES
+   ApplyGPOPack=NO
+   WSUSServer=mdt01.contoso.com:8530
+   SkipAppsOnUpgrade=NO
+   SkipAdminPassword=YES
+   SkipProductKey=YES
+   SkipComputerName=NO
+   SkipDomainMembership=YES
+   SkipUserData=YES
+   SkipLocaleSelection=YES
+   SkipTaskSequence=NO
+   SkipTimeZone=YES
+   SkipApplications=NO
+   SkipBitLocker=YES
+   SkipSummary=YES
+   SkipCapture=YES
+   SkipFinalSummary=NO
+   ```
 
 3. Click **Edit Bootstrap.ini** and modify using the following information:
 
-``` 
-[Settings]
-Priority=Default
+   ``` 
+   [Settings]
+   Priority=Default
 
-[Default]
-DeployRoot=\\MDT01\MDTProduction$
-UserDomain=CONTOSO
-UserID=MDT_BA
-UserPassword=pass@word1
-SkipBDDWelcome=YES
-```
+   [Default]
+   DeployRoot=\\MDT01\MDTProduction$
+   UserDomain=CONTOSO
+   UserID=MDT_BA
+   UserPassword=pass@word1
+   SkipBDDWelcome=YES
+   ```
 
 4. On the **Windows PE** tab, in the **Platform** drop-down list, make sure **x86** is selected.
+
 5. On the **General** sub tab (still under the main Windows PE tab), configure the following settings:
-   - In the **Lite Touch Boot Image Settings** area:
-     1.  Image description: MDT Production x86
-     2.  ISO file name: MDT Production x86.iso
+
+   In the **Lite Touch Boot Image Settings** area:
+
+   - Image description: MDT Production x86
+   - ISO file name: MDT Production x86.iso
         
-     > [!NOTE]
-     > 
-     >Because you are going to use Pre-Boot Execution Environment (PXE) later to deploy the machines, you do not need the ISO file; however, we recommend creating ISO files because they are useful when troubleshooting deployments and for quick tests.
+   > [!NOTE]
+   > 
+   > Because you are going to use Pre-Boot Execution Environment (PXE) later to deploy the machines, you do not need the ISO file; however, we recommend creating ISO files because they are useful when troubleshooting deployments and for quick tests.
          
 6. On the **Drivers and Patches** sub tab, select the **WinPE x86** selection profile and select the **Include all drivers from the selection profile** option.
+
 7. On the **Windows PE** tab, in the **Platform** drop-down list, select **x64**.
+
 8. On the **General** sub tab, configure the following settings:
-   -   In the **Lite Touch Boot Image Settings** area:
-       1.  Image description: MDT Production x64
-       2.  ISO file name: MDT Production x64.iso
+
+   In the **Lite Touch Boot Image Settings** area:
+
+   - Image description: MDT Production x64
+   - ISO file name: MDT Production x64.iso
+
 9. In the **Drivers and Patches** sub tab, select the **WinPE x64** selection profile and select the **Include all drivers from the selection profile** option.
+
 10. In the **Monitoring** tab, select the **Enable monitoring for this deployment share** check box.
+
 11. Click **OK**.
 
->[!NOTE]
->It will take a while for the Deployment Workbench to create the monitoring database and web service.
+    >[!NOTE]
+    >It will take a while for the Deployment Workbench to create the monitoring database and web service.
  
+    ![figure 8](../images/mdt-07-fig08.png)
 
-![figure 8](../images/mdt-07-fig08.png)
-
-The Windows PE tab for the x64 boot image.
+    The Windows PE tab for the x64 boot image.
 
 ### The rules explained
 
 The rules for the MDT Production deployment share are somewhat different from those for the MDT Build Lab deployment share. The biggest differences are that you deploy the machines into a domain instead of a workgroup.
 
->
->You can optionally remove the **UserID** and **UserPassword** entries from Bootstrap.ini so that users performing PXE boot are prompted to provide credentials with permission to connect to the deployment share. Setting **SkipBDDWelcome=NO** enables the welcome screen that displays options to run the deployment wizard, run DaRT tools (if installed), exit to a Windows PE command prompt, set the keyboard layout, or configure a static IP address.  In this example we are skipping the welcome screen and providing credentials.
+You can optionally remove the **UserID** and **UserPassword** entries from Bootstrap.ini so that users performing PXE boot are prompted to provide credentials with permission to connect to the deployment share. Setting **SkipBDDWelcome=NO** enables the welcome screen that displays options to run the deployment wizard, run DaRT tools (if installed), exit to a Windows PE command prompt, set the keyboard layout, or configure a static IP address.  In this example we are skipping the welcome screen and providing credentials.
 
 ### The Bootstrap.ini file
 
 This is the MDT Production Bootstrap.ini:
+
 ``` 
 [Settings]
 Priority=Default
@@ -473,6 +517,7 @@ SkipBDDWelcome=YES
 ### The CustomSettings.ini file
 
 This is the CustomSettings.ini file with the new join domain information:
+
 ``` 
 [Settings]
 Priority=Default
@@ -529,32 +574,44 @@ If your organization has a Microsoft Software Assurance agreement, you also can
 
 If you have licensing for MDOP and DaRT, you can add DaRT to the boot images using the steps in this section. If you do not have DaRT licensing, or don't want to use it, simply skip to the next section, [Update the Deployment Share](#update-the-deployment-share). To enable the remote connection feature in MDT, you need to do the following:
 
->DaRT 10 is part of [MDOP 2015](https://docs.microsoft.com/microsoft-desktop-optimization-pack/#how-to-get-mdop). Note: MDOP might be available as a download from your [Visual Studio subscription](https://my.visualstudio.com/Downloads). When searching, be sure to look for **Desktop Optimization Pack**.
+
+> [!NOTE]
+> DaRT 10 is part of [MDOP 2015](https://docs.microsoft.com/microsoft-desktop-optimization-pack/#how-to-get-mdop).
+>
+> MDOP might be available as a download from your [Visual Studio subscription](https://my.visualstudio.com/Downloads). When searching, be sure to look for **Desktop Optimization Pack**.
 
 On **MDT01**:
 
 1. Download MDOP 2015 and copy the DaRT 10 installer file to the D:\\Setup\\DaRT 10 folder on MDT01 (DaRT\\DaRT 10\\Installers\\\<lang\>\\x64\\MSDaRT100.msi).
+
 2. Install DaRT 10 (MSDaRT10.msi) using the default settings.
 
-  ![DaRT image](../images/dart.png)
+   ![DaRT image](../images/dart.png)
 
 2. Copy the two tools CAB files from **C:\\Program Files\\Microsoft DaRT\\v10** (**Toolsx86.cab** and **Toolsx64.cab**) to the production deployment share at **D:\\MDTProduction\\Tools\\x86** and **D:\\MDTProduction\\Tools\\x64**, respectively.
+
 3. In the Deployment Workbench, right-click the **MDT Production** deployment share and select **Properties**.
+
 4. On the **Windows PE** tab, in the **Platform** drop-down list, make sure **x86** is selected.
+
 5. On the **Features** sub tab, select the **Microsoft Diagnostics and Recovery Toolkit (DaRT)** checkbox.
 
-  ![DaRT selection](../images/mdt-07-fig09.png)
+   ![DaRT selection](../images/mdt-07-fig09.png)
 
-  Selecting the DaRT 10 feature in the deployment share.
+   Selecting the DaRT 10 feature in the deployment share.
 
 8. In the **Windows PE** tab, in the **Platform** drop-down list, select **x64**.
+
 9. In the **Features** sub tab, in addition to the default selected feature pack, select the **Microsoft Diagnostics and Recovery Toolkit (DaRT)** check box.
+
 10. Click **OK**.
 
 ### Update the deployment share
 
 Like the MDT Build Lab deployment share, the MDT Production deployment share needs to be updated after it has been configured. This is the process during which the Windows PE boot images are created.
+
 1.  Right-click the **MDT Production** deployment share and select **Update Deployment Share**.
+
 2.  Use the default options for the Update Deployment Share Wizard.
 
 >[!NOTE]
@@ -571,12 +628,14 @@ You need to add the MDT Production Lite Touch x64 Boot image to WDS in preparati
 On **MDT01**:
 
 1. Open the Windows Deployment Services console, expand the **Servers** node and then expand **MDT01.contoso.com**.
+
 2. Right-click **Boot Images** and select **Add Boot Image**.
+
 3. Browse to the **D:\\MDTProduction\\Boot\\LiteTouchPE\_x64.wim** file and add the image with the default settings.
 
-![figure 9](../images/mdt-07-fig10.png)
+   ![figure 9](../images/mdt-07-fig10.png)
 
-The boot image added to the WDS console.
+   The boot image added to the WDS console.
 
 ### Deploy the Windows 10 client
 
@@ -585,13 +644,15 @@ At this point, you should have a solution ready for deploying the Windows 10 cl
 On **HV01**:
 
 1. Create a virtual machine with the following settings:
-    1. Name: PC0005
-    2. Store the virtual machine in a different location: C:\VM
-    3. Generation: 2
-    4. Memory: 2048 MB
-    5. Network: Must be able to connect to \\MDT01\MDTProduction$
-    6. Hard disk: 60 GB (dynamic disk)
-    7. Installation Options: Install an operating system from a network-based installation server
+
+   - Name: PC0005
+   - Store the virtual machine in a different location: C:\VM
+   - Generation: 2
+   - Memory: 2048 MB
+   - Network: Must be able to connect to \\MDT01\MDTProduction$
+   - Hard disk: 60 GB (dynamic disk)
+   - Installation Options: Install an operating system from a network-based installation server
+
 2.  Start the PC0005 virtual machine, and press **Enter** to start the PXE boot. The VM will now load the Windows PE boot image from the WDS server.
 
     ![figure 10](../images/mdt-07-fig11.png)
@@ -599,15 +660,18 @@ On **HV01**:
     The initial PXE boot process of PC0005.
 
 3.  After Windows PE has booted, complete the Windows Deployment Wizard using the following setting:
-    1.  Select a task sequence to execute on this computer: Windows 10 Enterprise x64 RTM Custom Image
-    2.  Computer Name: **PC0005**
-    3.  Applications: Select the **Install - Adobe Reader** checkbox.
-4.  Setup now begins and does the following:
-    1.  Installs the Windows 10 Enterprise operating system.
-    2.  Installs the added application.
-    3.  Updates the operating system via your local Windows Server Update Services (WSUS) server.
 
-![pc0005 image1](../images/pc0005-vm.png)
+    - Select a task sequence to execute on this computer: Windows 10 Enterprise x64 RTM Custom Image
+    - Computer Name: **PC0005**
+    - Applications: Select the **Install - Adobe Reader** checkbox.
+
+4.  Setup now begins and does the following:
+
+    - Installs the Windows 10 Enterprise operating system.
+    - Installs the added application.
+    - Updates the operating system via your local Windows Server Update Services (WSUS) server.
+
+    ![pc0005 image1](../images/pc0005-vm.png)
 
 ### Application installation
 
@@ -622,12 +686,14 @@ Since you have enabled the monitoring on the MDT Production deployment share, yo
 On **MDT01**:
 
 1.  In the Deployment Workbench, expand the **MDT Production** deployment share folder.
+
 2.  Select the **Monitoring** node, and wait until you see PC0005.
+
 3.  Double-click PC0005, and review the information.
 
-![figure 11](../images/mdt-07-fig13.png)
+    ![figure 11](../images/mdt-07-fig13.png)
 
-The Monitoring node, showing the deployment progress of PC0005.
+    The Monitoring node, showing the deployment progress of PC0005.
 
 ### Use information in the Event Viewer
 
@@ -657,9 +723,9 @@ On **MDT01**:
 3.  Right-click the **MDT Production** deployment share folder and select **Update Deployment Share**.
 4.  After updating the deployment share, use the Windows Deployment Services console to, verify that the multicast namespace was created.
 
-![figure 13](../images/mdt-07-fig15.png)
+    ![figure 13](../images/mdt-07-fig15.png)
 
-The newly created multicast namespace.
+    The newly created multicast namespace.
 
 ## Use offline media to deploy Windows 10
 
@@ -674,15 +740,18 @@ To filter what is being added to the media, you create a selection profile. When
 On **MDT01**:
 
 1.  In the Deployment Workbench, under the **MDT Production / Advanced Configuration** node, right-click **Selection Profiles**, and select **New Selection Profile**.
+
 2.  Use the following settings for the New Selection Profile Wizard:
-    1.  General Settings
-        -   Selection profile name: Windows 10 Offline Media
-    2.  Folders
-        1.  Applications / Adobe
-        2.  Operating Systems / Windows 10
-        3.  Out-Of-Box Drivers / WinPE x64
-        4.  Out-Of-Box Drivers / Windows 10 x64
-        5.  Task Sequences / Windows 10
+
+    - General Settings
+      -   Selection profile name: Windows 10 Offline Media
+
+    - Folders
+      - Applications / Adobe
+      - Operating Systems / Windows 10
+      - Out-Of-Box Drivers / WinPE x64
+      - Out-Of-Box Drivers / Windows 10 x64
+      - Task Sequences / Windows 10
 
       ![offline media](../images/mdt-offline-media.png)
 
@@ -696,10 +765,11 @@ In these steps, you generate offline media from the MDT Production deployment sh
      >When creating offline media, you need to create the target folder first. It is crucial that you do not create a subfolder inside the deployment share folder because it will break the offline media.
      
 2.  In the Deployment Workbench, under the **MDT Production / Advanced Configuration** node, right-click the **Media** node, and select **New Media**.
+
 3.  Use the following settings for the New Media Wizard:
     -   General Settings
-        1.  Media path: **D:\\MDTOfflineMedia**
-        2.  Selection profile: **Windows 10 Offline Media**
+        - Media path: **D:\\MDTOfflineMedia**
+        - Selection profile: **Windows 10 Offline Media**
 
 ### Configure the offline media
 
@@ -708,16 +778,22 @@ Offline media has its own rules, its own Bootstrap.ini and CustomSettings.ini fi
 On **MDT01**:
 
 1.  Copy the CustomSettings.ini file from the **D:\MDTProduction\Control** folder to **D:\\MDTOfflineMedia\\Content\\Deploy\\Control**. Overwrite the existing files.
+
 2.  In the Deployment Workbench, under the **MDT Production / Advanced Configuration / Media** node, right-click the **MEDIA001** media, and select **Properties**.
+
 3.  In the **General** tab, configure the following:
-    1.  Clear the Generate x86 boot image check box.
-    2.  ISO file name: Windows 10 Offline Media.iso
+    - Clear the Generate x86 boot image check box.
+    - ISO file name: Windows 10 Offline Media.iso
+
 4.  On the **Windows PE** tab, in the **Platform** drop-down list, select **x64**.
+
 5.  On the **General** sub tab, configure the following settings:
-    1.  In the **Lite Touch Boot Image Settings** area:
-        -   Image description: MDT Production x64
-    2.  In the **Windows PE Customizations** area, set the Scratch space size to 128.
+    - In the **Lite Touch Boot Image Settings** area:
+      -  Image description: MDT Production x64
+    - In the **Windows PE Customizations** area, set the Scratch space size to 128.
+
 6.  On the **Drivers and Patches** sub tab, select the **WinPE x64** selection profile and select the **Include all drivers from the selection profile** option.
+
 7.  Click **OK**.
 
 ### Generate the offline media
@@ -727,6 +803,7 @@ You have now configured the offline media deployment share, however the share ha
 On **MDT01**:
 
 1.  In the Deployment Workbench, navigate to the **MDT Production / Advanced Configuration / Media** node.
+
 2.  Right-click the **MEDIA001** media, and select **Update Media Content**. The Update Media Content process now generates the offline media in the **D:\\MDTOfflineMedia\\Content** folder. The process might require several minutes.
 
 ### Create a bootable USB stick
@@ -734,15 +811,20 @@ On **MDT01**:
 The ISO that you got when updating the offline media item can be burned to a DVD and used directly (it will be bootable), but it is often more efficient to use USB sticks instead since they are faster and can hold more data. (A dual-layer DVD is limited to 8.5 GB.)
 
 >[!TIP] 
->In this example, the .wim file is 5.5 GB in size. However, bootable USB sticks are formatted with the FAT32 file system which limits file size to 4.0 GB. You can place the image on a different drive (ex: E:\Deploy\Operating Systems\W10EX64RTM\REFW10X64-001.swm) and then modify E:\Deploy\Control\OperatingSystems.xml to point to it. Alternatively to keep using the USB you must split the .wim file, which can be done using DISM: <br>&nbsp;<br>Dism /Split-Image /ImageFile:D:\MDTOfflinemedia\Content\Deploy\Operating Systems\W10EX64RTM\REFW10X64-001.wim /SWMFile:E:\sources\install.swm /FileSize:3800. <br>&nbsp;<br>Windows Setup automatically installs from this file, provided you name it install.swm. The file names for the next files include numbers, for example: install2.swm, install3.swm. <br>&nbsp;<br>To enable split image in MDT, the Settings.xml file in your deployment share (ex: D:\MDTProduction\Control\Settings.xml) must have the **SkipWimSplit** value set to **False**. By default this value is set to True (\<SkipWimSplit\>True\</SkipWimSplit\>), so this must be changed and the offline media content updated.
+>In this example, the .wim file is 5.5 GB in size. However, bootable USB sticks are formatted with the FAT32 file system which limits file size to 4.0 GB. You can place the image on a different drive (ex: E:\Deploy\Operating Systems\W10EX64RTM\REFW10X64-001.swm) and then modify E:\Deploy\Control\OperatingSystems.xml to point to it. Alternatively to keep using the USB you must split the .wim file, which can be done using DISM: <br>&nbsp;<br>Dism /Split-Image /ImageFile:D:\MDTOfflinemedia\Content\Deploy\Operating Systems\W10EX64RTM\REFW10X64-001.wim /SWMFile:E:\sources\install.swm /FileSize:3800. <br>&nbsp;<br>Windows Setup automatically installs from this file, provided you name it install.swm. The file names for the next files include numbers, for example: install2.swm, install3.swm. <br>&nbsp;<br>To enable split image in MDT, the Settings.xml file in your deployment share (ex: D:\MDTProduction\Control\Settings.xml) must have the **SkipWimSplit** value set to **False**. By default this value is set to True (`<SkipWimSplit>True</SkipWimSplit>`), so this must be changed and the offline media content updated.
 
 Follow these steps to create a bootable USB stick from the offline media content:
 
 1.  On a physical machine running Windows 7 or later, insert the USB stick you want to use.
+
 2.  Copy the content of the **MDTOfflineMedia\\Content** folder to the root of the USB stick.
+
 3.  Start an elevated command prompt (run as Administrator), and start the Diskpart utility by typing **Diskpart** and pressing **Enter**.
+
 4.  In the Diskpart utility, you can type **list volume** (or the shorter **list vol**) to list the volumes, but you really only need to remember the drive letter of the USB stick to which you copied the content. In our example, the USB stick had the drive letter F.
+
 5.  In the Diskpart utility, type **select volume F** (replace F with your USB stick drive letter).
+
 6.  In the Diskpart utility, type **active**, and then type **exit**.
 
 ## Unified Extensible Firmware Interface (UEFI)-based deployments
diff --git a/windows/deployment/planning/windows-10-removed-features.md b/windows/deployment/planning/windows-10-removed-features.md
index edeeaeec27..22163f17a9 100644
--- a/windows/deployment/planning/windows-10-removed-features.md
+++ b/windows/deployment/planning/windows-10-removed-features.md
@@ -28,6 +28,7 @@ The following features and functionalities have been removed from the installed
 
 |Feature    |  Details and mitigation  | Removed in version |
 | ----------- | --------------------- | ------ |
+|Microsoft Edge|The legacy version of Microsoft Edge is no longer supported after March 9th, 2021. For more information, see [End of support reminder for Microsoft Edge Legacy](https://docs.microsoft.com/lifecycle/announcements/edge-legacy-eos-details). | 21H1 |
 |MBAE service metadata|The MBAE app experience is replaced by an MO UWP app. Metadata for the MBAE service is removed. | 20H2 |
 | Connect app | The **Connect** app for wireless projection using Miracast is no longer installed by default, but is available as an optional feature. To install the app, click on **Settings** > **Apps** > **Optional features** > **Add a feature** and then install the **Wireless Display** app. | 2004 |
 | Rinna and Japanese Address suggestion | The Rinna and Japanese Address suggestion service for Microsoft Japanese Input Method Editor (IME) ended on August 13th, 2020. For more information, see [Rinna and Japanese Address suggestion will no longer be offered](https://support.microsoft.com/help/4576767/windows-10-rinna-and-japanese-address-suggestion) | 2004 |
diff --git a/windows/deployment/update/media-dynamic-update.md b/windows/deployment/update/media-dynamic-update.md
index ea81420b8b..1f7465c2ff 100644
--- a/windows/deployment/update/media-dynamic-update.md
+++ b/windows/deployment/update/media-dynamic-update.md
@@ -24,7 +24,7 @@ Volume-licensed media is available for each release of Windows 10 in the Volume
 
 ## Dynamic Update
 
-Whenever installation of a feature update starts (whether from media or an environment connected to Windows Update), *Dynamic Update* is one of the first steps. Windows 10 Setup contacts a Microsoft endpoint to fetch Dynamic Update packages, and then applies those updates to your operating system installation media. The update packages includes the following kinds of updates:
+Whenever installation of a feature update starts (whether from media or an environment connected to Windows Update), *Dynamic Update* is one of the first steps. Windows 10 Setup contacts a Microsoft endpoint to fetch Dynamic Update packages, and then applies those updates to your operating system installation media. The update packages include the following kinds of updates:
 
 - Updates to Setup.exe binaries or other files that Setup uses for feature updates
 - Updates for the "safe operating system" (SafeOS) that is used for the Windows recovery environment
@@ -44,9 +44,9 @@ You can obtain Dynamic Update packages from the [Microsoft Update Catalog](https
 
 The various Dynamic Update packages might not all be present in the results from a single search, so you might have to search with different keywords to find all of the updates. And you'll need to check various parts of the results to be sure you've identified the needed files. This table shows in **bold** the key items to search for or look for in the results. For example, to find the relevant "Setup Dynamic Update," you'll have to check the detailed description for the download by selecting the link in the **Title** column of the search results.
 
-|To find this Dynamic Update packages, search for or check the results here-->  |Title  |Product  |Description (select the **Title** link to see **Details**)  |
+|To find this Dynamic Update packages, search for or check the results here  |Title  |Product  |Description (select the **Title** link to see **Details**)  |
 |---------|---------|---------|---------|
-|Safe OS Dynamic Update      | 2019-08 Dynamic Update...        | Windows 10 Dynamic Update,Windows **Safe OS Dynamic Update**         | ComponentUpdate:        |
+|Safe OS Dynamic Update      | 2019-08 Dynamic Update...        | Windows 10 Dynamic Update, Windows **Safe OS Dynamic Update**         | ComponentUpdate:        |
 |Setup Dynamic Update     | 2019-08 Dynamic Update...         | Windows 10 Dynamic Update        | **SetupUpdate**        |
 |Latest cumulative update     | 2019-08 **Cumulative Update for Windows 10**    |  Windows 10       |  Install this update to resolve issues in Windows...       |
 |Servicing stack Dynamic Update     | 2019-09 **Servicing Stack Update for Windows 10**        |  Windows 10...       | Install this update to resolve issues in Windows...        |
@@ -81,6 +81,9 @@ This table shows the correct sequence for applying the various tasks to the file
 |Add .NET and .NET cumulative updates     |         |        | 24        |
 |Export image     | 8        |  17       | 25        |
 
+> [!NOTE]
+> Starting in February 2021, the latest cumulative update and servicing stack update will be combined and distributed in the Microsoft Update Catalog as a new combined cumulative update. For Steps 1, 9, and 18 that require the servicing stack update for updating the installation media, you should use the combined cumulative update. For more information on the combined cumulative update, see [Servicing stack updates](https://docs.microsoft.com/windows/deployment/update/servicing-stack-updates).
+
 ### Multiple Windows editions
 
 The main operating system file (install.wim) contains multiple editions of Windows 10. It’s possible that only an update for a given edition is required to deploy it, based on the index. Or, it might be that all editions need an update. Further, ensure that languages are installed before Features on Demand, and the latest cumulative update is always applied last.
diff --git a/windows/deployment/update/servicing-stack-updates.md b/windows/deployment/update/servicing-stack-updates.md
index e2b6404d14..b22ca9e870 100644
--- a/windows/deployment/update/servicing-stack-updates.md
+++ b/windows/deployment/update/servicing-stack-updates.md
@@ -29,8 +29,6 @@ Servicing stack updates provide fixes to the servicing stack, the component that
   
 Servicing stack updates improve the reliability of the update process to mitigate potential issues while installing the latest quality updates and feature updates. If you don't install the latest servicing stack update, there's a risk that your device can't be updated with the latest Microsoft security fixes.
 
-For information about some changes to servicing stack updates, see [Simplifing Deployment of Servicing Stack Updates](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/simplifying-on-premises-deployment-of-servicing-stack-updates/ba-p/1646039) on the Windows IT Pro blog.
-
 ## When are they released?
 
 Servicing stack update are released depending on new issues or vulnerabilities. In rare occasions a servicing stack update may need to be released on demand to address an issue impacting systems installing the monthly security update. Starting in November 2018 new servicing stack updates will be classified as "Security" with a severity rating of "Critical."
@@ -44,7 +42,6 @@ Both Windows 10 and Windows Server use the cumulative update mechanism, in which
 
 Servicing stack updates must ship separately from the cumulative updates because they modify the component that installs Windows updates. The servicing stack is released separately because the servicing stack itself requires an update. For example, the cumulative update [KB4284880](https://support.microsoft.com/help/4284880/windows-10-update-kb4284880) requires the [May 17, 2018 servicing stack update](https://support.microsoft.com/help/4132216), which includes updates to Windows Update.
 
-
 ## Is there any special guidance?
 
 Microsoft recommends you install the latest servicing stack updates for your operating system before installing the latest cumulative update.
@@ -58,3 +55,7 @@ Typically, the improvements are reliability and performance improvements that do
 * Servicing stack update releases are specific to the operating system version (build number), much like quality updates.
 * Search to install latest available [Servicing stack update for Windows 10](https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001).
 * Once a servicing stack update is installed, it cannot be removed or uninstalled from the machine.
+
+## Simplifying on-premises deployment of servicing stack updates
+
+With the Windows Update experience, servicing stack updates and cumulative updates are deployed together to the device. The update stack automatically orchestrates the installation, so both are applied correctly. Starting in February 2021, the cumulative update will include the latest servicing stack updates, to provide a single cumulative update payload to both Windows Server Update Services (WSUS) and Microsoft Catalog. If you use an endpoint management tool backed by WSUS, such as Configuration Manager, you will only have to select and deploy the monthly cumulative update. The latest servicing stack updates will automatically be applied correctly. Release notes and file information for cumulative updates, including those related to the servicing stack, will be in a single KB article. The combined monthly cumulative update will be available on Windows 10, version 2004 and later starting with the 2021 2C release, KB4601382.
diff --git a/windows/deployment/update/update-compliance-get-started.md b/windows/deployment/update/update-compliance-get-started.md
index 4e77a4d513..32cf41ab89 100644
--- a/windows/deployment/update/update-compliance-get-started.md
+++ b/windows/deployment/update/update-compliance-get-started.md
@@ -64,10 +64,10 @@ To find your CommercialID within Azure:
 
 ## Enroll devices in Update Compliance
 
-Once you've added Update Compliance to a workspace in your Azure subscription, you'll need to configure any devices you want to monitor. There are two ways to configure devices to use Update Compliance.
+Once you've added Update Compliance to a workspace in your Azure subscription, you'll need to configure any devices you want to monitor. There are two ways to configure devices to use Update Compliance. After you configure devices, it can take up to 72 hours before devices are visible in the solution. Until then, Update Compliance will indicate it is still assessing devices.
 
 > [!NOTE]
-> After configuring devices via one of the two methods below, it can take up to 72 hours before devices are visible in the solution. Until then, Update Compliance will indicate it is still assessing devices.
+> If you use or plan to use [Desktop Analytics](https://docs.microsoft.com/mem/configmgr/desktop-analytics/overview), follow the steps in [Enroll devices in Desktop Analytics](https://docs.microsoft.com/mem/configmgr/desktop-analytics/enroll-devices) to also enroll devices in Update Compliance. You should be aware that the Commercial ID and Log Analytics workspace must be the same for both Desktop Analytics and Update Compliance.
 
 ### Configure devices using the Update Compliance Configuration Script
 
diff --git a/windows/deployment/update/windows-as-a-service.md b/windows/deployment/update/windows-as-a-service.md
index e992f49cb7..0851b39651 100644
--- a/windows/deployment/update/windows-as-a-service.md
+++ b/windows/deployment/update/windows-as-a-service.md
@@ -6,6 +6,7 @@ ms.manager: laurawi
 audience: itpro
 itproauthor: jaimeo
 author: jaimeo
+ms.author: jaimeo
 description: Discover the latest news articles, videos, and podcasts about Windows as a service. Find resources for using Windows as a service within your organization. 
 ms.audience: itpro
 ms.reviewer: 
@@ -46,7 +47,7 @@ The latest news:
 ## IT pro champs corner
 Written by IT pros for IT pros, sharing real world examples and scenarios for Windows 10 deployment and servicing.
 
-<img src="images/champs-2.png" alt="" width="640" height="320">
+<img src="images/champs-2.png" alt="Champs" width="640" height="320">
 
 <a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Tactical-considerations-for-creating-Windows-deployment-rings/ba-p/746979">**NEW** Tactical considerations for creating Windows deployment rings</a>
 
@@ -67,7 +68,7 @@ Written by IT pros for IT pros, sharing real world examples and scenarios for Wi
 
 Learn more about Windows as a service and its value to your organization.
 
-<img src="images/discover-land.png">
+<img src="images/discover-land.png" alt="Discover">
 
 <a href="waas-overview.md">Overview of Windows as a service</a>
 
@@ -82,7 +83,7 @@ Learn more about Windows as a service and its value to your organization.
 
 Prepare to implement Windows as a service effectively using the right tools, products, and strategies.
 
-<img src="images/plan-land.png" alt="" />
+<img src="images/plan-land.png" alt="Plan" />
 
 <a href="https://www.microsoft.com/windowsforbusiness/simplified-updates">Simplified updates</a>
 
@@ -98,7 +99,7 @@ Prepare to implement Windows as a service effectively using the right tools, pro
 
 Secure your organization's deployment investment.
 
-<img src="images/deploy-land.png" alt="" />
+<img src="images/deploy-land.png" alt="Deploy" />
 
 <a href="index.md">Update Windows 10 in the enterprise</a>
 
@@ -112,6 +113,6 @@ Secure your organization's deployment investment.
 
 
 ## Microsoft Ignite 2018
-<img src="images/ignite-land.jpg" alt="" width="640" height="320"/>
+<img src="images/ignite-land.jpg" alt="Ignite" width="640" height="320"/>
 
 Looking to learn more? These informative session replays from Microsoft Ignite 2018 (complete with downloadable slide decks) can provide some great insights on Windows as a service. See [MyIgnite - Session catalog](https://myignite.techcommunity.microsoft.com/sessions).
diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md
index ae68206cec..394b329d5d 100644
--- a/windows/deployment/update/windows-update-resources.md
+++ b/windows/deployment/update/windows-update-resources.md
@@ -6,7 +6,6 @@ ms.mktglfcycl:
 audience: itpro
 ms.localizationpriority: medium
 ms.audience: itpro
-ms.date: 09/18/2018
 ms.reviewer:
 manager: laurawi
 ms.topic: article
@@ -16,7 +15,15 @@ author: jaimeo
 
 # Windows Update - additional resources
 
-> Applies to: Windows 10
+**Applies to**:
+
+- Windows 10
+- Windows Server 2016
+- Windows Server 2019
+
+> [!NOTE]
+> Windows Server 2016 supports policies available in Windows 10, version 1607. Windows Server 2019 supports policies available in Windows 10, version 1809.
+
 
 The following resources provide additional information about using Windows Update.
 
diff --git a/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md b/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md
index e9c419383d..79c1279f78 100644
--- a/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md
+++ b/windows/deployment/volume-activation/activate-using-active-directory-based-activation-client.md
@@ -29,6 +29,9 @@ ms.topic: article
 >- Windows Server 2012
 >- Windows Server 2016
 >- Windows Server 2019
+>- Office 2013*
+>- Office 2016*
+>- Office 2019*
 
 **Looking for retail activation?**
 
@@ -46,10 +49,13 @@ The process proceeds as follows:
 1. Perform one of the following tasks:
    - Install the Volume Activation Services server role on a domain controller and add a KMS host key by using the Volume Activation Tools Wizard.
    - Extend the domain to the Windows Server 2012 R2 or higher schema level, and add a KMS host key by using the VAMT.
-1. Microsoft verifies the KMS host key, and an activation object is created.
-1. Client computers are activated by receiving the activation object from a domain controller during startup.
 
-    ![Active Directory-based activation flow](../images/volumeactivationforwindows81-10.jpg)
+2. Microsoft verifies the KMS host key, and an activation object is created.
+
+3. Client computers are activated by receiving the activation object from a domain controller during startup.
+
+    > [!div class="mx-imgBorder"]
+    > ![Active Directory-based activation flow](../images/volumeactivationforwindows81-10.jpg)
 
     **Figure 10**. The Active Directory-based activation flow
 
@@ -69,52 +75,67 @@ When a reactivation event occurs, the client queries AD DS for the activation o
 **To configure Active Directory-based activation on Windows Server 2012 R2 or higher, complete the following steps:**
 
 1. Use an account with Domain Administrator and Enterprise Administrator credentials to sign in to a domain controller.
-1. Launch Server Manager.
-1. Add the Volume Activation Services role, as shown in Figure 11.
+
+2. Launch Server Manager.
+
+3. Add the Volume Activation Services role, as shown in Figure 11.
 
     ![Adding the Volume Activation Services role](../images/volumeactivationforwindows81-11.jpg)
 
     **Figure 11**. Adding the Volume Activation Services role
 
-1. Click the link to launch the Volume Activation Tools (Figure 12).
+4. Click the link to launch the Volume Activation Tools (Figure 12).
 
     ![Launching the Volume Activation Tools](../images/volumeactivationforwindows81-12.jpg)
 
     **Figure 12**. Launching the Volume Activation Tools
 
-1. Select the **Active Directory-Based Activation** option (Figure 13).
+5. Select the **Active Directory-Based Activation** option (Figure 13).
 
     ![Selecting Active Directory-Based Activation](../images/volumeactivationforwindows81-13.jpg)
 
     **Figure 13**. Selecting Active Directory-Based Activation
 
-1. Enter your KMS host key and (optionally) a display name (Figure 14).
+6. Enter your KMS host key and (optionally) a display name (Figure 14).
 
     ![Choosing how to activate your product](../images/volumeactivationforwindows81-15.jpg)
 
     **Figure 14**. Entering your KMS host key
 
-1. Activate your KMS host key by phone or online (Figure 15).
+7. Activate your KMS host key by phone or online (Figure 15).
 
     ![Entering your KMS host key](../images/volumeactivationforwindows81-14.jpg)
-
+    
     **Figure 15**. Choosing how to activate your product
 
-1. After activating the key, click **Commit**, and then click **Close**.
+    > [!NOTE]
+    > To activate a KMS Host Key (CSVLK) for Microsoft Office, you need to install the version-specific Office Volume License Pack on the server where the Volume Activation Server Role is installed.
+    > 
+    > 
+    > - [Office 2013 VL pack](https://www.microsoft.com/download/details.aspx?id=35584)
+    > 
+    > - [Office 2016 VL pack](https://www.microsoft.com/download/details.aspx?id=49164)
+    >
+    > - [Office 2019 VL pack](https://www.microsoft.com/download/details.aspx?id=57342)
+
+8. After activating the key, click **Commit**, and then click **Close**.
 
 ## Verifying the configuration of Active Directory-based activation
 
 To verify your Active Directory-based activation configuration, complete the following steps:
 
 1. After you configure Active Directory-based activation, start a computer that is running an edition of Windows that is configured by volume licensing.
-1. If the computer has been previously configured with a MAK key, replace the MAK key with the GVLK by running the **slmgr.vbs /ipk** command and specifying the GLVK as the new product key.
-1. If the computer is not joined to your domain, join it to the domain.
-1. Sign in to the computer.
-1. Open Windows Explorer, right-click **Computer**, and then click **Properties**.
-1. Scroll down to the **Windows activation** section, and verify that this client has been activated.
+2. If the computer has been previously configured with a MAK key, replace the MAK key with the GVLK by running the **slmgr.vbs /ipk** command and specifying the GLVK as the new product key.
+3. If the computer is not joined to your domain, join it to the domain.
+4. Sign in to the computer.
+5. Open Windows Explorer, right-click **Computer**, and then click **Properties**.
+6. Scroll down to the **Windows activation** section, and verify that this client has been activated.
 
     > [!NOTE]
     > If you are using both KMS and Active Directory-based activation, it may be difficult to see whether a client has been activated by KMS or by Active Directory-based activation. Consider disabling KMS during the test, or make sure that you are using a client computer that has not already been activated by KMS. The **slmgr.vbs /dlv** command also indicates whether KMS has been used.
+    > 
+    > To manage individual activations or apply multiple (mass) activations, please consider using the [VAMT](https://docs.microsoft.com/windows/deployment/volume-activation/volume-activation-management-tool).
+
 
 ## See also
 
diff --git a/windows/deployment/windows-10-subscription-activation.md b/windows/deployment/windows-10-subscription-activation.md
index eb894fafdc..8ea91fd4cc 100644
--- a/windows/deployment/windows-10-subscription-activation.md
+++ b/windows/deployment/windows-10-subscription-activation.md
@@ -21,7 +21,7 @@ ms.topic: article
 
 Starting with Windows 10, version 1703 Windows 10 Pro supports the Subscription Activation feature, enabling users to “step-up” from Windows 10 Pro to **Windows 10 Enterprise** automatically if they are subscribed to Windows 10 Enterprise E3 or E5.
 
-With Windows 10, version 1903 the Subscription Activation feature also supports the ability to step-up from Windows 10 Pro Education to the Enterprise grade edition for educational institutions – **Windows 10 Education**.
+With Windows 10, version 1903 the Subscription Activation feature also supports the ability to step-up from Windows 10 Pro Education to the Enterprise grade edition for educational institutions—**Windows 10 Education**.
 
 The Subscription Activation feature eliminates the need to manually deploy Windows 10 Enterprise or Education images on each target device, then later standing up on-prem key management services such as KMS or MAK based activation, entering GVLKs, and subsequently rebooting client devices.
 
@@ -68,12 +68,19 @@ The following figure illustrates how deploying Windows 10 has evolved with each
 ![Illustration of how Windows 10 deployment has evolved](images/sa-evolution.png)
 
 - **Windows 7** required you to redeploy the operating system using a full wipe-and-load process if you wanted to change from Windows 7 Professional to Windows 10 Enterprise.<br>
+
 - **Windows 8.1** added support for a Windows 8.1 Pro to Windows 8.1 Enterprise in-place upgrade (considered a “repair upgrade” because the OS version was the same before and after).  This was a lot easier than wipe-and-load, but it was still time-consuming.<br>
+
 - **Windows 10, version 1507** added the ability to install a new product key using a provisioning package or using MDM to change the SKU.  This required a reboot, which would install the new OS components, and took several minutes to complete. However, it was a lot quicker than in-place upgrade.<br>
+
 - **Windows 10, version 1607** made a big leap forward. Now you can just change the product key and the SKU instantly changes from Windows 10 Pro to Windows 10 Enterprise.  In addition to provisioning packages and MDM, you can just inject a key using SLMGR.VBS (which injects the key into WMI), so it became trivial to do this using a command line.<br>
+
 - **Windows 10, version 1703** made this “step-up” from Windows 10 Pro to Windows 10 Enterprise automatic for those that subscribed to Windows 10 Enterprise E3 or E5 via the CSP program.<br>
+
 - **Windows 10, version 1709** adds support for Windows 10 Subscription Activation, very similar to the CSP support but for large enterprises, enabling the use of Azure AD for assigning licenses to users. When those users sign in on an AD or Azure AD-joined machine, it automatically steps up from Windows 10 Pro to Windows 10 Enterprise.<br>
+
 - **Windows 10, version 1803** updates Windows 10 Subscription Activation to enable pulling activation keys directly from firmware for devices that support firmware-embedded keys. It is no longer necessary to run a script to perform the activation step on Windows 10 Pro prior to activating Enterprise. For virtual machines and hosts running Windows 10, version 1803 [Inherited Activation](#inherited-activation) is also enabled.<br>
+
 - **Windows 10, version 1903** updates Windows 10 Subscription Activation to enable step up from Windows 10 Pro Education to Windows 10 Education for those with a qualifying Windows 10 or Microsoft 365 subscription.
 
 ## Requirements
@@ -105,21 +112,29 @@ To resolve this issue:
 If the device is running Windows 10, version 1703, 1709, or 1803, the user must either sign in with an Azure AD account, or you must disable MFA for this user during the 30-day polling period and renewal.
 
 If the device is running Windows 10, version 1809 or later:
-1. Windows 10, version 1809 must be updated with [KB4497934](https://support.microsoft.com/help/4497934/windows-10-update-kb4497934). Later versions of Windows 10 automatically include this patch.
-2. When the user signs in on a Hybrid Azure AD joined device with MFA enabled, a notification will indicate that there is a problem. Click the notification and then click **Fix now** to step through the subscription activation process. See the example below:
 
-![Subscription Activation with MFA example 1](images/sa-mfa1.png)<br>
-![Subscription Activation with MFA example 2](images/sa-mfa2.png)<br>
-![Subscription Activation with MFA example 3](images/sa-mfa3.png)
+- Windows 10, version 1809 must be updated with [KB4497934](https://support.microsoft.com/help/4497934/windows-10-update-kb4497934). Later versions of Windows 10 automatically include this patch.
+
+- When the user signs in on a Hybrid Azure AD joined device with MFA enabled, a notification will indicate that there is a problem. Click the notification and then click **Fix now** to step through the subscription activation process. See the example below:
+
+   ![Subscription Activation with MFA example 1](images/sa-mfa1.png)<br>
+
+   ![Subscription Activation with MFA example 2](images/sa-mfa2.png)<br>
+
+   ![Subscription Activation with MFA example 3](images/sa-mfa3.png)
 
 ### Windows 10 Education requirements
 
-1. Windows 10 Pro Education, version 1903 or later installed on the devices to be upgraded.
-2. A device with a Windows 10 Pro Education digital license. You can confirm this information in Settings > Update & Security > Activation.
-3. The Education tenant must have an active subscription to Microsoft 365 with a Windows 10 Enterprise license or a Windows 10 Enterprise or Education subscription.
-4. Devices must be Azure AD-joined or Hybrid Azure AD joined. Workgroup-joined or Azure AD registered devices are not supported.
+- Windows 10 Pro Education, version 1903 or later installed on the devices to be upgraded.
 
-> If Windows 10 Pro is converted to Windows 10 Pro Education [using benefits available in Store for Education](https://docs.microsoft.com/education/windows/change-to-pro-education#change-using-microsoft-store-for-education), then the feature will not work. You will need to re-image the device using a Windows 10 Pro Education edition.
+- A device with a Windows 10 Pro Education digital license. You can confirm this information in **Settings > Update & Security > Activation**.
+
+- The Education tenant must have an active subscription to Microsoft 365 with a Windows 10 Enterprise license or a Windows 10 Enterprise or Education subscription.
+
+- Devices must be Azure AD-joined or Hybrid Azure AD joined. Workgroup-joined or Azure AD registered devices are not supported.
+
+> [!IMPORTANT]
+> If Windows 10 Pro is converted to Windows 10 Pro Education by [using benefits available in Store for Education](https://docs.microsoft.com/education/windows/change-to-pro-education#change-using-microsoft-store-for-education), then the feature will not work. You will need to re-image the device using a Windows 10 Pro Education edition.
 
 
 ## Benefits
@@ -131,15 +146,19 @@ With Windows 10 Enterprise or Windows 10 Education, businesses and institutions
 
 You can benefit by moving to Windows as an online service in the following ways:
 
-1. Licenses for Windows 10 Enterprise and Education are checked based on Azure Active Directory (Azure AD) credentials, so now businesses have a systematic way to assign licenses to end users and groups in their organization.
-2. User logon triggers a silent edition upgrade, with no reboot required
-3. Support for mobile worker/BYOD activation; transition away from on-prem KMS and MAK keys.
-4. Compliance support via seat assignment.
-5. Licenses can be updated to different users dynamically, enabling you to optimize your licensing investment against changing needs.
+- Licenses for Windows 10 Enterprise and Education are checked based on Azure Active Directory (Azure AD) credentials, so now businesses have a systematic way to assign licenses to end users and groups in their organization.
+
+- User logon triggers a silent edition upgrade, with no reboot required.
+
+- Support for mobile worker/BYOD activation; transition away from on-prem KMS and MAK keys.
+
+- Compliance support via seat assignment.
+
+- Licenses can be updated to different users dynamically, enabling you to optimize your licensing investment against changing needs.
 
 ## How it works
 
-The device is AAD joined from Settings > Accounts > Access work or school.
+The device is AAD joined from **Settings > Accounts > Access work or school**.
 
 The IT administrator assigns Windows 10 Enterprise to a user. See the following figure.
 
@@ -157,26 +176,35 @@ Before Windows 10, version 1903:<br>
 After Windows 10, version 1903:<br>
 ![1903](images/after.png)
 
-Note:
-1. A Windows 10 Pro Education device will only step up to Windows 10 Education edition when “Windows 10 Enterprise” license is assigned from M365 Admin center (as of May 2019).
-2. A Windows 10 Pro device will only step up to Windows 10 Enterprise edition when “Windows 10 Enterprise” license is assigned from M365 Admin center (as of May 2019).
+> [!NOTE]
+> 
+> - A Windows 10 Pro Education device will only step up to Windows 10 Education edition when “Windows 10 Enterprise” license is assigned from M365 Admin center (as of May 2019).
+> 
+> - A Windows 10 Pro device will only step up to Windows 10 Enterprise edition when “Windows 10 Enterprise” license is assigned from M365 Admin center (as of May 2019).
 
 ### Scenarios
 
-**Scenario #1**:  You are using Windows 10, version 1803 or above, and just purchased Windows 10 Enterprise E3 or E5 subscriptions (or have had an E3 or E5 subscription for a while but haven’t yet deployed Windows 10 Enterprise).
+#### Scenario #1
+
+You are using Windows 10, version 1803 or above, and just purchased Windows 10 Enterprise E3 or E5 subscriptions (or have had an E3 or E5 subscription for a while but haven’t yet deployed Windows 10 Enterprise).
 
 All of your Windows 10 Pro devices will step-up to Windows 10 Enterprise, and devices that are already running Windows 10 Enterprise will migrate from KMS or MAK activated Enterprise edition to Subscription activated Enterprise edition when a Subscription Activation-enabled user signs in to the device.
 
-**Scenario #2**:  You are using Windows 10, version 1607, 1703, or 1709 with KMS for activation, and just purchased Windows 10 Enterprise E3 or E5 subscriptions (or have had an E3 or E5 subscription for a while but haven’t yet deployed Windows 10 Enterprise).
+#### Scenario #2 
+
+You are using Windows 10, version 1607, 1703, or 1709 with KMS for activation, and just purchased Windows 10 Enterprise E3 or E5 subscriptions (or have had an E3 or E5 subscription for a while but haven’t yet deployed Windows 10 Enterprise).
 
 To change all of your Windows 10 Pro devices to Windows 10 Enterprise, run the following command on each computer:
 
-<pre style="overflow-y: visible">
+```console
 cscript.exe c:\windows\system32\slmgr.vbs /ipk NPPR9-FWDCX-D2C8J-H872K-2YT43</pre>
+```
 
 The command causes the OS to change to Windows 10 Enterprise and then seek out the KMS server to reactivate.  This key comes from [Appendix A: KMS Client Setup Keys](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj612867(v=ws.11)) in the Volume Activation guide.  It is also possible to inject the Windows 10 Pro key from this article if you wish to step back down from Enterprise to Pro.
 
-**Scenario #3**:  Using Azure AD-joined devices or Active Directory-joined devices running Windows 10 1709 or later, and with Azure AD synchronization configured, just follow the steps in [Deploy Windows 10 Enterprise licenses](deploy-enterprise-licenses.md) to acquire a $0 SKU and get a new Windows 10 Enterprise E3 or E5 license in Azure AD. Then, assign that license to all of your Azure AD users. These can be AD-synced accounts.  The device will automatically change from Windows 10 Pro to Windows 10 Enterprise when that user signs in.
+#### Scenario #3
+
+Using Azure AD-joined devices or Active Directory-joined devices running Windows 10 1709 or later, and with Azure AD synchronization configured, just follow the steps in [Deploy Windows 10 Enterprise licenses](deploy-enterprise-licenses.md) to acquire a $0 SKU and get a new Windows 10 Enterprise E3 or E5 license in Azure AD. Then, assign that license to all of your Azure AD users. These can be AD-synced accounts.  The device will automatically change from Windows 10 Pro to Windows 10 Enterprise when that user signs in.
 
 In summary, if you have a Windows 10 Enterprise E3 or E5 subscription, but are still running Windows 10 Pro, it’s really simple (and quick) to move to Windows 10 Enterprise using one of the scenarios above.
 
@@ -204,7 +232,7 @@ If you are using Windows 10, version 1607, 1703, or 1709 and have already deploy
 
 If the computer has never been activated with a Pro key, run the following script. Copy the text below into a .cmd file and run the file from an elevated command prompt:
 
-<pre style="overflow-y: visible">
+```console
 @echo off
 FOR /F "skip=1" %%A IN ('wmic path SoftwareLicensingService get OA3xOriginalProductKey') DO  (
 SET "ProductKey=%%A"
@@ -218,18 +246,24 @@ echo No key present
 echo Installing %ProductKey%
 changepk.exe /ProductKey %ProductKey%
 )
-</pre>
+```
 
 ### Obtaining an Azure AD license
 
 Enterprise Agreement/Software Assurance (EA/SA):
+
 - Organizations with a traditional EA must order a $0 SKU, process e-mails sent to the license administrator for the company, and assign licenses using Azure AD (ideally to groups using the new Azure AD Premium feature for group assignment). For more information, see [Enabling Subscription Activation with an existing EA](https://docs.microsoft.com/windows/deployment/deploy-enterprise-licenses#enabling-subscription-activation-with-an-existing-ea).
+
 - The license administrator can assign seats to Azure AD users with the same process that is used for O365.
+
 - New EA/SA Windows Enterprise customers can acquire both an SA subscription and an associated $0 cloud subscription.
 
 Microsoft Products & Services Agreements (MPSA):
+
 - Organizations with MPSA are automatically emailed the details of the new service. They must take steps to process the instructions.
+
 - Existing MPSA customers will receive service activation emails that allow their customer administrator to assign users to the service.
+
 - New MPSA customers who purchase the Software Subscription Windows Enterprise E3 and E5 will be enabled for both the traditional key-based and new subscriptions activation method.
 
 ### Deploying licenses
diff --git a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
index 4753557b61..8a07ad9b20 100644
--- a/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
+++ b/windows/deployment/windows-autopilot/demonstrate-deployment-on-vm.md
@@ -237,11 +237,11 @@ After the VM restarts, during OOBE, it's fine to select **Set up for personal us
 
    ![Windows setup example 7](images/winsetup7.png)
 
-Once the installation is complete, sign in and verify that you are at the Windows 10 desktop, then create your first Hyper-V checkpoint. Checkpoints are used to restore the VM to a previous state. You will create multiple checkpoints throughout this lab, which can be used later to go through the process again.
+Once the installation is complete, sign in and verify that you are at the Windows 10 desktop, then create your first Hyper-V checkpoint. Checkpoints are used to restore the VM to a previous state.
 
    ![Windows setup example 8](images/winsetup8.png)
 
-To create your first checkpoint, open an elevated Windows PowerShell prompt on the computer running Hyper-V (not on the VM) and run the following:
+To create a checkpoint, open an elevated Windows PowerShell prompt on the computer running Hyper-V (not on the VM) and run the following:
 
 ```powershell
 Checkpoint-VM -Name WindowsAutopilot -SnapshotName "Finished Windows install"
@@ -573,9 +573,9 @@ Soon after reaching the desktop, the device should show up in Intune as an **ena
 Once you select a language and a keyboard layout, your company branded sign-in screen should appear. Provide your Azure Active Directory credentials and you're all done.
 
 > [!TIP]
-> If you recieve a message that "Something went wrong" and it "Looks like we can't connect to the URL for your organization's MDM terms of use" then verify you have correctly [assigned licenses](https://docs.microsoft.com/mem/intune/fundamentals/licenses-assign) to the current user.
+> If you receive a message that "Something went wrong" and it "Looks like we can't connect to the URL for your organization's MDM terms of use", verify that you have correctly [assigned licenses](https://docs.microsoft.com/mem/intune/fundamentals/licenses-assign) to the current user.
 
-Windows Autopilot will now take over to automatically join your device into Azure Active Directory and enroll it to Microsoft Intune. Use the checkpoints you've created to go through this process again with different settings.
+Windows Autopilot will now take over to automatically join your device into Azure Active Directory and enroll it to Microsoft Intune. Use the checkpoint you've created to go through this process again with different settings.
 
 ## Remove devices from Autopilot
 
diff --git a/windows/security/identity-protection/access-control/security-identifiers.md b/windows/security/identity-protection/access-control/security-identifiers.md
index b21bd85fd4..f4d8e44b09 100644
--- a/windows/security/identity-protection/access-control/security-identifiers.md
+++ b/windows/security/identity-protection/access-control/security-identifiers.md
@@ -52,7 +52,7 @@ SIDs always remain unique. Security authorities never issue the same SID twice,
 
 A security identifier is a data structure in binary format that contains a variable number of values. The first values in the structure contain information about the SID structure. The remaining values are arranged in a hierarchy (similar to a telephone number), and they identify the SID-issuing authority (for example, “NT Authority”), the SID-issuing domain, and a particular security principal or group. The following image illustrates the structure of a SID.
 
-![](images/security-identifider-architecture.jpg)
+![Security identifier architecture](images/security-identifider-architecture.jpg)
 
 The individual values of a SID are described in the following table.
 
diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
new file mode 100644
index 0000000000..5d728241b0
--- /dev/null
+++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
@@ -0,0 +1,209 @@
+---
+title: Deploying Certificates to Key Trust Users to Enable RDP
+description: Learn how to deploy certificates to a Key Trust user to enable remote desktop with supplied credentials
+keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, cert-trust, device, registration, unlock, remote desktop, RDP
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security, mobile
+audience: ITPro
+author: mapalko
+ms.author: mapalko
+manager: dansimp
+ms.collection: M365-identity-device-management
+ms.topic: article
+localizationpriority: medium
+ms.date: 02/22/2021
+ms.reviewer: 
+---
+
+# Deploying Certificates to Key Trust Users to Enable RDP
+
+**Applies To**
+
+- Windows 10, version 1703 or later
+- Hybrid deployment
+- Key trust
+
+Windows Hello for Business supports using a certificate as the supplied credential when establishing a remote desktop connection to a server or other device. For certificate trust deployments, creation of this certificate occurs at container creation time.
+
+This document discusses an approach for key trust deployments where authentication certificates can be deployed to an existing key trust user.
+
+Three approaches are documented here:
+
+1. Deploying a certificate to hybrid joined devices using an on-premises Active Directory certificate enrollment policy.
+
+1. Deploying a certificate to hybrid or Azure AD joined devices using Simple Certificate Enrollment Protocol (SCEP) and Intune.
+
+1. Working with non-Microsoft enterprise certificate authorities.
+
+## Deploying a certificate to a hybrid joined device using an on-premises Active Directory Certificate enrollment policy
+
+### Create a Windows Hello for Business certificate template
+
+1. Sign in to your issuing certificate authority (CA).
+
+1. Open the **Certificate Authority** Console (%windir%\system32\certsrv.msc).
+
+1. In the left pane of the MMC, expand **Certification Authority (Local)**, and then expand your CA within the Certification Authority list.
+
+1. Right-click **Certificate Templates** and then click **Manage** to open the **Certificate Templates** console.
+
+1. Right-click the **Smartcard Logon** template and click **Duplicate Template**
+
+    ![Duplicating Smartcard Template](images/rdpcert/duplicatetemplate.png)
+
+1. On the **Compatibility** tab:
+    1. Clear the **Show resulting changes** check box
+    1. Select **Windows Server 2012 or Windows Server 2012 R2** from the Certification Authority list
+    1. Select **Windows Server 2012 or Windows Server 2012 R2** from the Certification Recipient list
+
+1. On the **General** tab:
+    1. Specify a Template display name, such as **WHfB Certificate Authentication**
+    1. Set the validity period to the desired value
+    1. Take note of the Template name for later, which should be the same as the Template display name minus spaces (**WHfBCertificateAuthentication** in this example).
+
+1. On the **Extensions** tab, verify the **Application Policies** extension includes **Smart Card Logon**.
+
+1. On the **Subject Name** tab:
+    1. Select the **Build from this Active Directory** information button if it is not already selected
+    1. Select **Fully distinguished name** from the **Subject name format** list if Fully distinguished name is not already selected
+    1. Select the **User Principal Name (UPN)** check box under **Include this information in alternative subject name**
+1. On the **Request Handling** tab:
+    1. Select the **Renew with same key** check box
+    1. Set the Purpose to **Signature and smartcard logon**
+        1. Click **Yes** when prompted to change the certificate purpose
+    1. Click **Prompt the user during enrollment**
+
+1. On the **Cryptography** tab:
+    1. Set the Provider Category to **Key Storage Provider**
+    1. Set the Algorithm name to **RSA**
+    1. Set the minimum key size to **2048**
+    1. Select **Requests must use one of the following providers**
+    1. Tick **Microsoft Software Key Storage Provider**
+    1. Set the Request hash to **SHA256**
+
+1. On the **Security** tab, add the security group that you want to give **Enroll** access to. For example, if you want to give access to all users, select the **Authenticated** users group, and then select Enroll permissions for them  .
+
+1. Click **OK** to finalize your changes and create the new template. Your new template should now appear in the list of Certificate Templates.
+
+1. Close the Certificate Templates console.
+
+1. Open an elevated command prompt and change to a temporary working directory.
+
+1. Execute the following command:
+
+    certutil -dstemplate \<TemplateName\> \> \<TemplateName\>.txt
+
+    Replace \<TemplateName\> with the Template name you took note of earlier in step 7.
+
+1. Open the text file created by the command above.
+    1. Delete the last line of the output from the file that reads **CertUtil: -dsTemplate command completed successfully.**
+    1. Modify the line that reads **pKIDefaultCSPs = "1,Microsoft Software Key Storage Provider"** to **pKIDefaultCSPs = "1,Microsoft Passport Key Storage Provider"**
+
+1. Save the text file.
+
+1. Update the certificate template by executing the following command:
+
+    certutil - dsaddtemplate \<TemplateName\>.txt
+
+1. In the Certificate Authority console, right-click **Certificate Templates**, select **New**, and select **Certificate Template to Issue**
+
+    ![Selecting Certificate Template to Issue](images/rdpcert/certificatetemplatetoissue.png)
+
+1. From the list of templates, select the template you previously created (**WHFB Certificate Authentication**) and click **OK**. It can take some time for the template to replicate to all servers and become available in this list.
+
+1. After the template replicates, in the MMC, right-click in the Certification Authority list, click **All Tasks** and then click **Stop Service**. Right-click the name of the CA again, click **All Tasks**, and then click **Start Service**.
+
+### Requesting a Certificate
+
+1. Ensure the hybrid Azure AD joined device has network line of sight to Active Directory domain controllers and the issuing certificate authority. 
+
+1. Start the **Certificates – Current User** console (%windir%\system32\certmgr.msc).
+
+1. In the left pane of the MMC, right-click **Personal**, click **All Tasks**, and then click **Request New Certificate…**
+
+    ![Request a new certificate](images/rdpcert/requestnewcertificate.png)
+
+1. On the Certificate Enrollment screen, click **Next**.
+
+1. Under Select Certificate Enrollment Policy, ensure **Active Directory Enrollment Policy** is selected and then click **Next**.
+
+1. Under Request Certificates, click the check-box next to the certificate template you created in the previous section (WHfB Certificate Authentication) and then click **Enroll**.
+
+1. After a successful certificate request, click Finish on the Certificate Installation Results screen
+
+## Deploying a certificate to Hybrid or Azure AD Joined Devices using Simple Certificate Enrollment Protocol (SCEP) via Intune
+
+Deploying a certificate to Azure AD Joined Devices may be achieved with the Simple Certificate Enrollment Protocol (SCEP) via Intune. For guidance deploying the required infrastructure, refer to [Configure infrastructure to support SCEP certificate profiles with Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/certificates-scep-configure).
+
+Next you should deploy the root CA certificate (and any other intermediate certificate authority certificates) to Azure AD Joined Devices using a Trusted root certificate profile with Intune. For guidance, refer to [Create trusted certificate profiles in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/certificates-trusted-root).
+
+Once these requirements have been met, a new device configuration profile may be configured from Intune that provisions a certificate for the user of the device. Proceed as follows:
+
+1. Sign in to the Microsoft [Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
+
+1. Navigate to Devices \> Configuration Profiles \> Create profile.
+
+1. Enter the following properties:
+    1. For Platform, select **Windows 10 and later**.
+    1. For Profile, select **SCEP Certificate**.
+    1. Click **Create**.
+
+1. In **Basics**, enter the following parameters:
+    1. **Name**: Enter a descriptive name for the profile. Name your profiles so you can easily identify them later. For example, a good profile name is SCEP profile for entire company.
+    1. **Description**: Enter a description for the profile. This setting is optional, but recommended.
+    1. Select **Next**.
+
+1. In the **Configuration settings**, complete the following:
+    1. For Certificate Type, choose **User**.
+    1. For Subject name format, set it to **CN={{UserPrincipalName}}**.
+    1. Under Subject alternative name, select **User principal name (UPN)** from the drop-down menu and set the value to **CN={{UserPrincipalName}}**.
+    1. For Certificate validity period, set a value of your choosing.
+    1. For Key storage provider (KSP), choose **Enroll to Windows Hello for Business, otherwise fail (Windows 10 and later)**.
+    1. For Key usage, choose **Digital Signature**.
+    1. For Key size (bits), choose **2048**.
+    1. For Hash algorithm, choose **SHA-2**.
+    1. Under Root Certificate, click **+Root Certificate** and select the trusted certificate profile you created earlier for the Root CA Certificate.
+    1. Under Extended key usage, add the following:
+
+        | Name | Object Identifier | Predefined Values |
+        |------|-------------------|-------------------|
+        | Smart Card Logon | 1.3.6.1.4.1.311.20.2.2 | Smart Card Logon |
+        | Client Authentication | 1.3.6.1.5.5.7.3.2 | Client Authentication |
+
+    1. For Renewal threshold (%), set a value of your choosing.
+    1. For SCEP Server URLs, provide the public endpoint that you configured during the deployment of your SCEP infrastructure.
+    1. Click **Next**
+1. In Assignments, target the devices or users who should receive a certificate and click **Next**
+
+1. In Applicability Rules, provide additional issuance restrictions if required and click **Next**
+
+1. In Review + create, click **Create**
+
+Once the configuration profile has been created, targeted clients will receive the profile from Intune on their next refresh cycle. You should find a new certificate in the user store. To validate the certificate is present, do the following steps:
+
+1. Open the Certificates - Current User console (%windir%\system32\certmgr.msc)
+
+1. In the left pane of the MMC, expand **Personal** and select **Certificates**
+
+1. In the right-hand pane of the MMC, check for the new certificate
+
+> [!NOTE]
+> This infrastructure may also deploy the same certificates to co-managed or modern-managed Hybrid AAD-Joined devices using Intune Policies.
+
+## Using non-Microsoft Enterprise Certificate Authorities
+
+If you are using a Public Key Infrastructure that uses non-Microsoft services, the certificate templates published to the on-premises Active Directory may not be available. For guidance with integration of Intune/SCEP with non-Microsoft PKI deployments, refer to [Use third-party certification authorities (CA) with SCEP in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/certificate-authority-add-scep-overview).
+
+As an alternative to using SCEP or if none of the previously covered solutions will work in your environment, you can manually generate Certificate Signing Requests (CSR) for submission to your PKI. To assist with this approach, you can use the [Generate-CertificateRequest](https://www.powershellgallery.com/packages/Generate-CertificateRequest) PowerShell commandlet.
+
+The Generate-CertificateRequest commandlet will generate an .inf file for a pre-existing Windows Hello for Business key. The .inf can be used to generate a certificate request manually using certreq.exe. The commandlet will also generate a .req file, which can be submitted to your PKI for a certificate.
+
+## RDP Sign-in with Windows Hello for Business Certificate Authentication
+
+After adding the certificate using an approach from any of the previous sections, you should be able to RDP to any Windows device or server in the same Forest as the user’s on-premises Active Directory account, provided the PKI certificate chain for the issuing certificate authority is deployed to that target server.
+
+1. Open the Remote Desktop Client (%windir%\system32\mstsc.exe) on the Hybrid AAD-Joined client where the authentication certificate has been deployed.
+1. Attempt an RDP session to a target server.
+1. Use the certificate credential protected by your Windows Hello for Business gesture.
diff --git a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md
index b7bc415c06..65132bed00 100644
--- a/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md
+++ b/windows/security/identity-protection/hello-for-business/hello-errors-during-pin-creation.md
@@ -29,7 +29,7 @@ When you set up Windows Hello in Windows 10, you may get an error during the **
 
 The following image shows an example of an error during **Create a PIN**.
 
-![](images/pinerror.png)
+![PIN error](images/pinerror.png)
 
 ## Error mitigations
 
@@ -65,7 +65,7 @@ If the error occurs again, check the error code against the following table to s
 | 0x801C03EA | Server failed to authorize user or device.                         | Check if the token is valid and user has permission to register Windows Hello for Business keys. |
 | 0x801C03EB | Server response http status is not valid                           | Sign out and then sign in again. |
 | 0x801C03EC | Unhandled exception from server.                                   | sign out and then sign in again. |
-| 0x801C03ED | Multi-factor authentication is required for a 'ProvisionKey' operation, but was not performed. <br><br> -or- <br><br> Token was not found in the Authorization header. <br><br> -or- <br><br> Failed to read one or more objects. <br><br> -or- <br><br> The request sent to the server was invalid. | Sign out and then sign in again. If that doesn't resolve the issue, unjoin the device from Azure Active Directory (Azure AD) and rejoin.
+| 0x801C03ED | Multi-factor authentication is required for a 'ProvisionKey' operation, but was not performed. <br><br> -or- <br><br> Token was not found in the Authorization header. <br><br> -or- <br><br> Failed to read one or more objects. <br><br> -or- <br><br> The request sent to the server was invalid. <br><br> -or- <br><br> User does not have permissions to join to Azure AD. | Sign out and then sign in again. If that doesn't resolve the issue, unjoin the device from Azure  AD and rejoin. <br> Allow user(s) to join to Azure AD under Azure AD Device settings.
 | 0x801C03EE | Attestation failed.                                                | Sign out and then sign in again. |
 | 0x801C03EF | The AIK certificate is no longer valid.                            | Sign out and then sign in again. |
 | 0x801C03F2 | Windows Hello key registration failed.                             | ERROR\_BAD\_DIRECTORY\_REQUEST. Another object with the same value for property proxyAddresses already exists. To resolve the issue, refer to [Duplicate Attributes Prevent Dirsync](https://docs.microsoft.com/office365/troubleshoot/administration/duplicate-attributes-prevent-dirsync). Also, if no sync conflict exists, please verify that the "Mail/Email address" in AAD and the Primary SMTP address are the same in the proxy address.
diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md b/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
index 2a553e3421..e558366ee8 100644
--- a/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
@@ -44,42 +44,58 @@ Before you can remotely reset PINs, you must on-board the Microsoft PIN reset se
 ### Connect Azure Active Directory with the PIN reset service
 
 1. Go to the [Microsoft PIN Reset Service Production website](https://login.windows.net/common/oauth2/authorize?response_type=code&client_id=b8456c59-1230-44c7-a4a2-99b085333e84&resource=https%3A%2F%2Fgraph.windows.net&redirect_uri=https%3A%2F%2Fcred.microsoft.com&state=e9191523-6c2f-4f1d-a4f9-c36f26f89df0&prompt=admin_consent), and sign in using the Global administrator account you use to manage your Azure Active Directory tenant.
+
 2. After you have logged in, choose **Accept** to give consent for the PIN reset service to access your account.
- ![PIN reset service application in Azure](images/pinreset/pin-reset-service-prompt.png)
+
+   ![PIN reset service application in Azure](images/pinreset/pin-reset-service-prompt.png)
+
 3. Go to the [Microsoft PIN Reset Client Production website](https://login.windows.net/common/oauth2/authorize?response_type=code&client_id=9115dd05-fad5-4f9c-acc7-305d08b1b04e&resource=https%3A%2F%2Fcred.microsoft.com%2F&redirect_uri=ms-appx-web%3A%2F%2FMicrosoft.AAD.BrokerPlugin%2F9115dd05-fad5-4f9c-acc7-305d08b1b04e&state=6765f8c5-f4a7-4029-b667-46a6776ad611&prompt=admin_consent), and sign in using the Global administrator account you use to manage your Azure Active Directory tenant.
+
 4. After you have logged in, choose **Accept** to give consent for the PIN reset client to access your account.
  ![PIN reset client application in Azure](images/pinreset/pin-reset-client-prompt.png)
 > [!NOTE]
 > After you have accepted the PIN reset service and client requests, you will land on a page that states "You do not have permission to view this directory or page." This behavior is expected. Be sure to confirm that the two PIN reset applications are listed for your tenant.
 5. In the [Azure portal](https://portal.azure.com), verify that the Microsoft PIN Reset Service and Microsoft PIN Reset Client are integrated from the **Enterprise applications** blade. Filter to application status "Enabled" and both Microsoft Pin Reset Service Production and Microsoft Pin Reset Client Production will show up in your tenant.
- ![PIN reset service permissions page](images/pinreset/pin-reset-applications.png)
+
+   > [!div class="mx-imgBorder"]
+   > ![PIN reset service permissions page](images/pinreset/pin-reset-applications.png)
 
 ### Configure Windows devices to use PIN reset using Group Policy
 
 You configure Windows 10 to use the Microsoft PIN Reset service using the computer configuration portion of a Group Policy object.
 
 1. Using the Group Policy Management Console (GPMC), scope a domain-based Group Policy to computer accounts in Active Directory.
+
 2. Edit the Group Policy object from Step 1.
+
 3. Enable the **Use PIN Recovery** policy setting located under **Computer Configuration > Administrative Templates > Windows Components > Windows Hello for Business**.
+
 4. Close the Group Policy Management Editor to save the Group Policy object.  Close the GPMC.
 
 #### Create a PIN Reset Device configuration profile using Microsoft Intune
 
 1. Sign-in to [Endpoint Manager admin center](https://endpoint.microsoft.com/) using a Global administrator account.
+
 2. Click **Endpoint Security** > **Account Protection** > **Properties**.
+
 3. Set **Enable PIN recovery** to **Yes**.
 
 > [!NOTE]
 > You can also setup PIN recovery using configuration profiles.
 > 1. Sign in to Endpoint Manager.
+>
 > 2. Click **Devices** > **Configuration Profiles** > Create a new profile or edit an existing profile using the Identity Protection profile type.
+> 
 > 3. Set **Enable PIN recovery** to **Yes**.
 
 #### Assign the PIN Reset Device configuration profile using Microsoft Intune
 
-1. Sign in to the [Azure Portal](https://portal.azure.com) using a Global administrator account. 
+1. Sign in to the [Azure portal](https://portal.azure.com) using a Global administrator account. 
+
 2. Navigate to the Microsoft Intune blade. Choose **Device configuration** > **Profiles**. From the list of device configuration profiles, choose the profile that contains the PIN reset configuration.
+
 3. In the device configuration profile, select **Assignments**.
+
 4. Use the **Include** and/or **Exclude** tabs to target the device configuration profile to select groups.
 
 ## On-premises Deployments
@@ -104,15 +120,15 @@ On-premises deployments provide users with the ability to reset forgotten PINs e
 
 #### Reset PIN above the Lock Screen
 
- 1. On Windows 10, version 1709, click **I forgot my PIN** from the Windows Sign-in
- 2. Enter your password and press enter.
- 3. Follow the instructions provided by the provisioning process
- 4. When finished, unlock your desktop using your newly created PIN.
+1. On Windows 10, version 1709, click **I forgot my PIN** from the Windows Sign-in
+2. Enter your password and press enter.
+3. Follow the instructions provided by the provisioning process
+4. When finished, unlock your desktop using your newly created PIN.
 
 You may find that PIN reset from settings only works post login, and that the "lock screen" PIN reset function will not work if you have any matching limitation of SSPR password reset from the lock screen. For more information, see [Enable Azure Active Directory self-service password reset at the Windows sign-in screen - **General limitations**](https://docs.microsoft.com/azure/active-directory/authentication/howto-sspr-windows#general-limitations).
 
 > [!NOTE]
-> Visit the [Windows Hello for Business Videos](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos.md) page and watch the [Windows Hello for Business forgotten PIN user experience](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos#windows-hello-for-business-forgotten-pin-user-experience) video.
+> Visit the [Windows Hello for Business Videos](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos.md) page and watch [Windows Hello for Business forgotten PIN user experience](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-videos#windows-hello-for-business-forgotten-pin-user-experience).
 
 ## Related topics
 
diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md b/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md
index 0ebcd33ec5..73e443551f 100644
--- a/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md
@@ -1,6 +1,6 @@
 ---
 title: Remote Desktop
-description: Learn how Windows Hello for Business supports using a certificate deployed to a WHFB container to a remote desktop to a server or another device.
+description: Learn how Windows Hello for Business supports using biometrics with remote desktop
 keywords: identity, PIN, biometric, Hello, passport, WHFB, hybrid, cert-trust, device, registration, unlock, remote desktop, RDP
 ms.prod: w10
 ms.mktglfcycl: deploy
@@ -13,7 +13,7 @@ manager: dansimp
 ms.collection: M365-identity-device-management
 ms.topic: article
 localizationpriority: medium
-ms.date: 09/16/2020
+ms.date: 02/24/2021
 ms.reviewer: 
 ---
 
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md
index efeaaacd05..7adb1b0b6d 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md
@@ -20,9 +20,9 @@ ms.reviewer:
 # Configure Hybrid Windows Hello for Business: Directory Synchronization
 
 **Applies to**
--   Windows 10, version 1703 or later
--   Hybrid deployment
--   Key trust
+- Windows 10, version 1703 or later
+- Hybrid deployment
+- Certificate Trust
 
 
 ## Directory Synchronization
diff --git a/windows/security/identity-protection/hello-for-business/images/rdpcert/certificatetemplatetoissue.png b/windows/security/identity-protection/hello-for-business/images/rdpcert/certificatetemplatetoissue.png
new file mode 100644
index 0000000000..174cf0a790
Binary files /dev/null and b/windows/security/identity-protection/hello-for-business/images/rdpcert/certificatetemplatetoissue.png differ
diff --git a/windows/security/identity-protection/hello-for-business/images/rdpcert/duplicatetemplate.png b/windows/security/identity-protection/hello-for-business/images/rdpcert/duplicatetemplate.png
new file mode 100644
index 0000000000..028f06544c
Binary files /dev/null and b/windows/security/identity-protection/hello-for-business/images/rdpcert/duplicatetemplate.png differ
diff --git a/windows/security/identity-protection/hello-for-business/images/rdpcert/requestnewcertificate.png b/windows/security/identity-protection/hello-for-business/images/rdpcert/requestnewcertificate.png
new file mode 100644
index 0000000000..322a4fcbdc
Binary files /dev/null and b/windows/security/identity-protection/hello-for-business/images/rdpcert/requestnewcertificate.png differ
diff --git a/windows/security/identity-protection/hello-for-business/toc.yml b/windows/security/identity-protection/hello-for-business/toc.yml
index 8a29bb7d81..5c90875208 100644
--- a/windows/security/identity-protection/hello-for-business/toc.yml
+++ b/windows/security/identity-protection/hello-for-business/toc.yml
@@ -103,6 +103,8 @@
         href: hello-cert-trust-policy-settings.md
     - name: Managing Windows Hello for Business in your organization
       href: hello-manage-in-organization.md
+    - name: Deploying Certificates to Key Trust Users to Enable RDP
+      href: hello-deployment-rdp-certs.md
   - name: Windows Hello for Business Features
     items:
     - name: Conditional Access 
diff --git a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md
index a856063b96..8f6a80ac58 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-upgrading-faq.md
@@ -32,14 +32,17 @@ Yes.
 
 **Suspend** keeps the data encrypted but encrypts the BitLocker volume master key with a clear key. The clear key is a cryptographic key stored unencrypted and unprotected on the disk drive. By storing this key unencrypted, the **Suspend** option allows for changes or upgrades to the computer without the time and cost of decrypting and re-encrypting the entire drive. After the changes are made and BitLocker is again enabled, BitLocker will reseal the encryption key to the new values of the measured components that changed as a part of the upgrade, the volume master key is changed, the protectors are updated to match and the clear key is erased.
 
-## Do I have to decrypt my BitLocker-protected drive to download and install system updates and upgrades?
+## Do I have to suspend BitLocker protection to download and install system updates and upgrades?
 
 No user action is required for BitLocker in order to apply updates from Microsoft, including [Windows quality updates and feature updates](https://technet.microsoft.com/itpro/windows/manage/waas-quick-start). 
 Users need to suspend BitLocker for Non-Microsoft software updates, such as:   
 
-- Computer manufacturer firmware updates
-- TPM firmware updates
-- Non-Microsoft application updates that modify boot components
+-	Some TPM firmware updates if these updates clear the TPM outside of the Windows API. Not every TPM firmware update will clear the TPM and this happens if a known vulnerability has been discovered in the TPM firmware. Users don’t have to suspend BitLocker if the TPM firmware update uses Windows API to clear the TPM because in this case, BitLocker will be automatically suspended. We recommend users testing their TPM firmware updates if they don’t want to suspend BitLocker protection.
+-	Non-Microsoft application updates that modify the UEFI\BIOS configuration.
+-	Manual or third-party updates to secure boot databases (only if BitLocker uses Secure Boot for integrity validation).
+-	Updates to UEFI\BIOS firmware, installation of additional UEFI drivers, or UEFI applications without using the Windows update mechanism (only if you update and BitLocker does not use Secure Boot for integrity validation).
+ -	You can check if BitLocker uses Secure Boot for integrity validation with manage-bde -protectors -get C: (and see if "Uses Secure Boot for integrity validation" is reported).
+
 
 > [!NOTE]
 > If you have suspended BitLocker, you can resume BitLocker protection after you have installed the upgrade or update. Upon resuming protection, BitLocker will reseal the encryption key to the new values of the measured components that changed as a part of the upgrade or update. If these types of upgrades or updates are applied without suspending BitLocker, your computer will enter recovery mode when restarting and will require a recovery key or password to access the computer.
diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
index 19f213f47f..9cd06e39f6 100644
--- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
+++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-intune-azure.md
@@ -240,27 +240,27 @@ For more info about AppLocker, see the [AppLocker](https://technet.microsoft.com
 
 4.  On the **Before You Begin** page, click **Next**.
 
-    ![Create Packaged app Rules wizard, showing the Before You Begin page](images/wip-applocker-secpol-wizard-1.png)
+    ![Screenshot of the Before You Begin tab](images/wip-applocker-secpol-wizard-1.png)
 
 5.  On the **Permissions** page, make sure the **Action** is set to **Allow** and the **User or group** is set to **Everyone**, and then click **Next**.
 
-    ![Create Packaged app Rules wizard, showing the Before You Begin page](images/wip-applocker-secpol-wizard-2.png)
+    ![Screenshot of the Permissions tab with "Allow" and "Everyone" selected](images/wip-applocker-secpol-wizard-2.png)
 
 6. On the **Publisher** page, click **Select** from the **Use an installed packaged app as a reference** area.
 
-    ![Create Packaged app Rules wizard, showing the Publisher](images/wip-applocker-secpol-wizard-3.png)
+    ![Screenshot of the "Use an installed package app as a reference" radio button selected and the Select button highlighted](images/wip-applocker-secpol-wizard-3.png)
 
 7.  In the **Select applications** box, pick the app that you want to use as the reference for your rule, and then click **OK**. For this example, we’re using Microsoft Dynamics 365.
 
-    ![Create Packaged app Rules wizard, showing the Select applications page](images/wip-applocker-secpol-wizard-4.png)
+    ![Screenshot of the Select applications list](images/wip-applocker-secpol-wizard-4.png)
 
 8.  On the updated **Publisher** page, click **Create**.
 
-    ![Create Packaged app Rules wizard, showing the Microsoft Dynamics 365 on the Publisher page](images/wip-applocker-secpol-wizard-5.png)
+    ![Screenshot of the Publisher tab](images/wip-applocker-secpol-wizard-5.png)
 
 9.  Click **No** in the dialog box that appears, asking if you want to create the default rules. You must not create default rules for your WIP policy.
 
-    ![Create Packaged app Rules wizard, showing the Microsoft Dynamics 365 on the Publisher page](images/wip-applocker-default-rule-warning.png)
+    ![Screenshot of AppLocker warning](images/wip-applocker-default-rule-warning.png)
 
 9.  Review the Local Security Policy snap-in to make sure your rule is correct.
 
@@ -318,11 +318,11 @@ The executable rule helps to create an AppLocker rule to sign any unsigned apps.
 
 6. On the **Conditions** page, click **Path** and then click **Next**.
 
-    ![Create Packaged app Rules wizard, showing the Publisher](images/path-condition.png)
+    ![Screenshot with Path conditions selected in the Create Executable Rules wizard](images/path-condition.png)
 
 7. Click **Browse Folders...** and select the path for the unsigned apps. For this example, we’re using "C:\Program Files".
 
-    ![Create Packaged app Rules wizard, showing the Select applications page](images/select-path.png)
+    ![Screenshot of the Path field of the Create Executable Rules wizard](images/select-path.png)
 
 8. On the **Exceptions** page, add any exceptions and then click **Next**.
 
@@ -458,7 +458,7 @@ contoso.sharepoint.com,contoso.internalproxy1.com|contoso.visualstudio.com,conto
 Value format without proxy:
 
 ```console
-contoso.sharepoint.com,|contoso.visualstudio.com,|contoso.onedrive.com,
+contoso.sharepoint.com|contoso.visualstudio.com|contoso.onedrive.com,
 ```
 
 ### Protected domains
diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 958d86d6b1..dbb57c5791 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -269,6 +269,7 @@
 
 ### [Microsoft Defender for Endpoint for iOS]()
 #### [Overview of Microsoft Defender for Endpoint for iOS](microsoft-defender-atp/microsoft-defender-atp-ios.md)
+#### [What's New](microsoft-defender-atp/ios-whatsnew.md)
 
 #### [Deploy]()
 ##### [Deploy Microsoft Defender for Endpoint for iOS via Intune](microsoft-defender-atp/ios-install.md)
@@ -429,7 +430,8 @@
 ##### [DeviceNetworkEvents](microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md)
 ##### [DeviceProcessEvents](microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md)
 ##### [DeviceRegistryEvents](microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md)
-##### [DeviceTvmSoftwareInventoryVulnerabilities](microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md)
+##### [DeviceTvmSoftwareInventory](microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventory-table.md)
+##### [DeviceTvmSoftwareVulnerabilities](microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilities-table.md)
 ##### [DeviceTvmSoftwareVulnerabilitiesKB](microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md)
 ##### [DeviceTvmSecureConfigurationAssessment](microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md)
 ##### [DeviceTvmSecureConfigurationAssessmentKB](microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md)
diff --git a/windows/security/threat-protection/change-history-for-threat-protection.md b/windows/security/threat-protection/change-history-for-threat-protection.md
index 50746cadf8..26d1251e8d 100644
--- a/windows/security/threat-protection/change-history-for-threat-protection.md
+++ b/windows/security/threat-protection/change-history-for-threat-protection.md
@@ -1,5 +1,5 @@
 ---
-title: "Change history for [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)"
+title: "Change history for [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)"
 ms.reviewer: 
 ms.author: dansimp
 description: This topic lists new and updated topics in the Defender for Endpoint content set.
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index 58b2c201b8..340933cfc7 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -20,13 +20,13 @@ ms.technology: mde
 # Threat Protection
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection) is a unified platform for preventative protection, post-breach detection, automated investigation, and response. Defender for Endpoint protects endpoints from cyber threats, detects advanced attacks and data breaches, automates security incidents, and improves security posture.
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > [!TIP]
 > Enable your users to access cloud services and on-premises applications with ease and enable modern management capabilities for all devices. For more information, see [Secure your remote workforce](https://docs.microsoft.com/enterprise-mobility-security/remote-work/). 
diff --git a/windows/security/threat-protection/mbsa-removal-and-guidance.md b/windows/security/threat-protection/mbsa-removal-and-guidance.md
index 09dc088c59..a9eed379da 100644
--- a/windows/security/threat-protection/mbsa-removal-and-guidance.md
+++ b/windows/security/threat-protection/mbsa-removal-and-guidance.md
@@ -25,14 +25,14 @@ MBSA was largely used in situations where neither Microsoft Update nor a local W
 A script can help you with an alternative to MBSA’s patch-compliance checking:
  
 - [Using WUA to Scan for Updates Offline](https://docs.microsoft.com/windows/desktop/wua_sdk/using-wua-to-scan-for-updates-offline), which includes a sample .vbs script. 
-For a PowerShell alternative, see [Using WUA to Scan for Updates Offline with PowerShell](https://gallery.technet.microsoft.com/Using-WUA-to-Scan-for-f7e5e0be).
+For a PowerShell alternative, see [Using WUA to Scan for Updates Offline with PowerShell](https://www.powershellgallery.com/packages/Scan-UpdatesOffline/1.0).
  
 For example:
  
 [![VBS script](images/vbs-example.png)](https://docs.microsoft.com/windows/desktop/wua_sdk/using-wua-to-scan-for-updates-offline) 
 [![PowerShell script](images/powershell-example.png)](https://gallery.technet.microsoft.com/Using-WUA-to-Scan-for-f7e5e0be) 
   
-The preceding scripts leverage the [WSUS offline scan file](https://support.microsoft.com/help/927745/detailed-information-for-developers-who-use-the-windows-update-offline) (wsusscn2.cab) to perform a scan and get the same information on missing updates as MBSA supplied. MBSA also relied on the wsusscn2.cab to determine which updates were missing from a given system without connecting to any online service or server. The wsusscn2.cab file is still available and there are currently no plans to remove or replace it.
+The preceding scripts use the [WSUS offline scan file](https://support.microsoft.com/help/927745/detailed-information-for-developers-who-use-the-windows-update-offline) (wsusscn2.cab) to perform a scan and get the same information on missing updates as MBSA supplied. MBSA also relied on the wsusscn2.cab to determine which updates were missing from a given system without connecting to any online service or server. The wsusscn2.cab file is still available and there are currently no plans to remove or replace it.
 The wsusscn2.cab file contains the metadata of only security updates, update rollups and service packs available from Microsoft Update; it does not contain any information on non-security updates, tools or drivers.
  
 ## More Information  
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data-update-compliance.md b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data-update-compliance.md
index 53cc0585bb..1d3f01234e 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data-update-compliance.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data-update-compliance.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Microsoft Defender AV Assessment section in the Update Compliance add-in.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
index db2a7a7f8e..6ed065117c 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you might encounter when using the Microsoft Defender AV.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md
index 04a84573cc..77a859a805 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can perform various Microsoft Defender Antivirus functions with the dedicated command-line tool *mpcmdrun.exe*. This utility is useful when you want to automate Microsoft Defender Antivirus use. You can find the utility in `%ProgramFiles%\Windows Defender\MpCmdRun.exe`. You must run it from a command prompt.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md
index 060cddd476..3c463a5169 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can manage and configure Microsoft Defender Antivirus with the following tools:
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-advanced-scan-types-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-advanced-scan-types-microsoft-defender-antivirus.md
index 7782d63b95..bf309eba5d 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-advanced-scan-types-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-advanced-scan-types-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 ## Use Microsoft Intune to configure scanning options
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md
index 801001d7ef..96b78f6e1c 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Block at first sight provides a way to detect and block new malware within seconds. This protection is enabled by default when certain prerequisite settings are enabled. These settings include cloud-delivered protection, a specified sample submission timeout (such as 50 seconds), and a file-blocking level of high. In most enterprise organizations, these settings are enabled by default with Microsoft Defender Antivirus deployments. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-cloud-block-timeout-period-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-cloud-block-timeout-period-microsoft-defender-antivirus.md
index fc9ab62d48..6fc2a16ea3 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-cloud-block-timeout-period-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-cloud-block-timeout-period-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 When Microsoft Defender Antivirus finds a suspicious file, it can prevent the file from running while it queries the [Microsoft Defender Antivirus cloud service](utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md).
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-end-user-interaction-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-end-user-interaction-microsoft-defender-antivirus.md
index 91d207c1bc..a9d1ba4f3b 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-end-user-interaction-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-end-user-interaction-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can configure how users of the endpoints on your network can interact with Microsoft Defender Antivirus.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus.md
index beb6882a8b..1f020f0372 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-exclusions-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can exclude certain files, folders, processes, and process-opened files from Microsoft Defender Antivirus scans. Such exclusions apply to [scheduled scans](scheduled-catch-up-scans-microsoft-defender-antivirus.md), [on-demand scans](run-scan-microsoft-defender-antivirus.md), and [always-on real-time protection and monitoring](configure-real-time-protection-microsoft-defender-antivirus.md). Exclusions for process-opened files only apply to real-time protection.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
index 54c891a786..6e73ced912 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-extension-file-exclusions-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > [!IMPORTANT]
 > Microsoft Defender Antivirus exclusions don't apply to other Microsoft Defender for Endpoint capabilities, including [endpoint detection and response (EDR)](../microsoft-defender-atp/overview-endpoint-detection-response.md), [attack surface reduction (ASR) rules](../microsoft-defender-atp/attack-surface-reduction.md), and [controlled folder access](../microsoft-defender-atp/controlled-folders.md). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections. To exclude files broadly, add them to the Microsoft Defender for Endpoint [custom indicators](../microsoft-defender-atp/manage-indicators.md).
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-local-policy-overrides-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-local-policy-overrides-microsoft-defender-antivirus.md
index 4b69f181b0..c9e9e785d1 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-local-policy-overrides-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-local-policy-overrides-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 By default, Microsoft Defender Antivirus settings that are deployed via a Group Policy Object to the endpoints in your network will prevent users from locally changing the settings. You can change this in some instances.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-microsoft-defender-antivirus-features.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-microsoft-defender-antivirus-features.md
index 6185228b0b..07bd54a1a4 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-microsoft-defender-antivirus-features.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-microsoft-defender-antivirus-features.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can configure Microsoft Defender Antivirus with a number of tools, including:
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md
index f00a35da1f..c4ecf2347a 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 To ensure Microsoft Defender Antivirus cloud-delivered protection works properly, you need to configure your network to allow connections between your endpoints and certain Microsoft servers.
 
@@ -41,16 +41,16 @@ See the blog post [Important changes to Microsoft Active Protection Services end
 
 ## Allow connections to the Microsoft Defender Antivirus cloud service
 
-The Microsoft Defender Antivirus cloud service provides fast, strong protection for your endpoints. Enabling the cloud-delivered protection service is optional, however it is highly recommended because it provides important protection against malware on your endpoints and across your network.
+The Microsoft Defender Antivirus cloud service provides fast, strong protection for your endpoints. Enabling the cloud-delivered protection service is optional, however it's highly recommended because it provides important protection against malware on your endpoints and across your network.
 
 >[!NOTE]
->The Microsoft Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
+>The Microsoft Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it's called a cloud service, it's not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
 
 See [Enable cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md) for details on enabling the service with Intune, Microsoft Endpoint Configuration Manager, Group Policy, PowerShell cmdlets, or on individual clients in the Windows Security app. 
 
 After you've enabled the service, you may need to configure your network or firewall to allow connections between it and your endpoints.
 
-Because your protection is a cloud service, computers must have access to the internet and reach the Microsoft Defender for Office 365 machine learning services. Do not exclude the URL `*.blob.core.windows.net` from any kind of network inspection. 
+Because your protection is a cloud service, computers must have access to the internet and reach the Microsoft Defender for Office 365 machine learning services. Don't exclude the URL `*.blob.core.windows.net` from any kind of network inspection. 
 
 The table below lists the services and their associated URLs. Make sure that there are no firewall or network filtering rules denying access to these URLs, or you may need to create an allow rule specifically for them (excluding the URL `*.blob.core.windows.net`). Below mention URLs are using port 443 for communication.
 
@@ -60,14 +60,14 @@ The table below lists the services and their associated URLs. Make sure that the
 | Microsoft Defender Antivirus cloud-delivered protection service, also referred to as Microsoft Active Protection Service (MAPS)|Used by Microsoft Defender Antivirus to provide cloud-delivered protection|`*.wdcp.microsoft.com` <br/> `*.wdcpalt.microsoft.com` <br/> `*.wd.microsoft.com`|
 | Microsoft Update Service (MU) <br/> Windows Update Service (WU)|	Security intelligence and product updates	|`*.update.microsoft.com` <br/> `*.delivery.mp.microsoft.com`<br/> `*.windowsupdate.com` <br/><br/> For details see [Connection endpoints for Windows Update](https://docs.microsoft.com/windows/privacy/manage-windows-1709-endpoints#windows-update)|
 |Security intelligence updates Alternate Download Location (ADL)|	Alternate location for Microsoft Defender Antivirus Security intelligence updates if the installed Security intelligence is out of date (7 or more days behind)|	`*.download.microsoft.com`  </br> `*.download.windowsupdate.com`</br> `https://fe3cr.delivery.mp.microsoft.com/ClientWebService/client.asmx`|
-| Malware submission storage|Upload location for files submitted to Microsoft via the Submission form or automatic sample submission	| `ussus1eastprod.blob.core.windows.net` <br/>    `ussus1westprod.blob.core.windows.net` <br/>    `usseu1northprod.blob.core.windows.net` <br/>    `usseu1westprod.blob.core.windows.net` <br/>    `ussuk1southprod.blob.core.windows.net` <br/>    `ussuk1westprod.blob.core.windows.net` <br/>    `ussas1eastprod.blob.core.windows.net` <br/>    `ussas1southeastprod.blob.core.windows.net` <br/>    `ussau1eastprod.blob.core.windows.net` <br/>    `ussau1southeastprod.blob.core.windows.net` |
+| Malware submission storage|Upload location for files submitted to Microsoft via the Submission form or automatic sample submission	| `ussus1eastprod.blob.core.windows.net` <br/>    `ussus2eastprod.blob.core.windows.net` <br/>    `ussus3eastprod.blob.core.windows.net` <br/>    `ussus4eastprod.blob.core.windows.net` <br/>    `wsus1eastprod.blob.core.windows.net` <br/>    `wsus2eastprod.blob.core.windows.net` <br/>    `ussus1westprod.blob.core.windows.net` <br/>    `ussus2westprod.blob.core.windows.net` <br/>    `ussus3westprod.blob.core.windows.net` <br/>    `ussus4westprod.blob.core.windows.net` <br/>    `wsus1westprod.blob.core.windows.net` <br/>    `wsus2westprod.blob.core.windows.net` <br/>    `usseu1northprod.blob.core.windows.net` <br/>    `wseu1northprod.blob.core.windows.net` <br/>    `usseu1westprod.blob.core.windows.net` <br/>    `wseu1westprod.blob.core.windows.net` <br/>    `ussuk1southprod.blob.core.windows.net` <br/>    `wsuk1southprod.blob.core.windows.net` <br/>    `ussuk1westprod.blob.core.windows.net` <br/>    `wsuk1westprod.blob.core.windows.net` |
 | Certificate Revocation List (CRL)|Used by Windows when creating the SSL connection to MAPS for updating the CRL	| `http://www.microsoft.com/pkiops/crl/` <br/> `http://www.microsoft.com/pkiops/certs` <br/>   `http://crl.microsoft.com/pki/crl/products` <br/> `http://www.microsoft.com/pki/certs` |
 | Symbol Store|Used by Microsoft Defender Antivirus to restore certain critical files during remediation flows	| `https://msdl.microsoft.com/download/symbols` |
 | Universal Telemetry Client| Used by Windows to send client diagnostic data; Microsoft Defender Antivirus uses telemetry for product quality monitoring purposes	| The update uses SSL (TCP Port 443) to download manifests and upload diagnostic data to Microsoft that uses the following DNS endpoints:   `vortex-win.data.microsoft.com` <br/>   `settings-win.data.microsoft.com`|
 
 ## Validate connections between your network and the cloud
 
-After allowing the URLs listed above, you can test if you are connected to the Microsoft Defender Antivirus cloud service and are correctly reporting and receiving information to ensure you are fully protected.
+After allowing the URLs listed above, you can test if you're connected to the Microsoft Defender Antivirus cloud service and are correctly reporting and receiving information to ensure you're fully protected.
 
 **Use the cmdline tool to validate cloud-delivered protection:**
 
@@ -84,24 +84,24 @@ For more information, see [Manage Microsoft Defender Antivirus with the mpcmdrun
 
 **Attempt to download a fake malware file from Microsoft:**
 
-You can download a sample file that Microsoft Defender Antivirus will detect and block if you are properly connected to the cloud.
+You can download a sample file that Microsoft Defender Antivirus will detect and block if you're properly connected to the cloud.
 
 Download the file by visiting [https://aka.ms/ioavtest](https://aka.ms/ioavtest).
 
 >[!NOTE]
->This file is not an actual piece of malware. It is a fake file that is designed to test if you are properly connected to the cloud.
+>This file is not an actual piece of malware. It's a fake file that is designed to test if you're properly connected to the cloud.
 
-If you are properly connected, you will see a warning Microsoft Defender Antivirus notification.
+If you're properly connected, you'll see a warning Microsoft Defender Antivirus notification.
 
-If you are using Microsoft Edge, you'll also see a notification message:
+If you're using Microsoft Edge, you'll also see a notification message:
 
 ![Microsoft Edge informing the user that malware was found](images/defender/wdav-bafs-edge.png)
 
-A similar message occurs if you are using Internet Explorer:
+A similar message occurs if you're using Internet Explorer:
 
 ![Microsoft Defender Antivirus notification informing the user that malware was found](images/defender/wdav-bafs-ie.png)
 
-You will also see a detection under **Quarantined threats** in the **Scan history** section in the Windows Security app:
+You'll also see a detection under **Quarantined threats** in the **Scan history** section in the Windows Security app:
 
 1. Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-notifications-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-notifications-microsoft-defender-antivirus.md
index 1660b6284e..0b1a46fded 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-notifications-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-notifications-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 In Windows 10, application notifications about malware detection and remediation are more robust, consistent, and concise.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-process-opened-file-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-process-opened-file-exclusions-microsoft-defender-antivirus.md
index 52641f673b..94b265a644 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-process-opened-file-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-process-opened-file-exclusions-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can exclude files that have been opened by specific processes from Microsoft Defender Antivirus scans. See [Recommendations for defining exclusions](configure-exclusions-microsoft-defender-antivirus.md#recommendations-for-defining-exclusions) before defining your exclusion lists.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-protection-features-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-protection-features-microsoft-defender-antivirus.md
index 12fa08755b..f10ed3e4fb 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-protection-features-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-protection-features-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Microsoft Defender Antivirus uses several methods to provide threat protection:
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md
index 63abc5021b..d60c180cfa 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Always-on protection consists of real-time protection, behavior monitoring, and heuristics to identify malware based on known suspicious and malicious activities.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-remediation-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-remediation-microsoft-defender-antivirus.md
index 95cd08db31..a040dd0a08 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-remediation-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-remediation-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 When Microsoft Defender Antivirus runs a scan, it will attempt to remediate or remove threats that it finds. You can configure how Microsoft Defender Antivirus should react to certain threats, whether it should create a restore point before remediating, and when it should remove remediated threats.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-server-exclusions-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-server-exclusions-microsoft-defender-antivirus.md
index c04445eb32..ce00979c0f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-server-exclusions-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-server-exclusions-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.date: 02/10/2021
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Microsoft Defender Antivirus on Windows Server 2016 and Windows Server 2019 automatically enrolls you in certain exclusions, as defined by your specified server role. See the [list of automatic exclusions](#list-of-automatic-exclusions) (in this article). These exclusions do not appear in the standard exclusion lists that are shown in the [Windows Security app](microsoft-defender-security-center-antivirus.md#exclusions).
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-microsoft-defender-antivirus.md
index 10b6622a43..142404566a 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Microsoft Defender Antivirus scans. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
index a2a610032c..0fdf549b5e 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can use Group Policy, PowerShell, and Windows Management Instrumentation (WMI) to configure Microsoft Defender Antivirus scans. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
index 01a88d64d7..c5543f30ef 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-manage-report-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can deploy, manage, and report on Microsoft Defender Antivirus in a number of ways.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-microsoft-defender-antivirus.md
index c27135a1f6..38beb9a21f 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/deploy-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/deploy-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Depending on the management tool you are using, you may need to specifically enable or configure Microsoft Defender Antivirus protection. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
index ef143bfe39..3f58a55cf2 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/deployment-vdi-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 In addition to standard on-premises or hardware configurations, you can also use Microsoft Defender Antivirus in a remote desktop (RDS) or virtual desktop infrastructure (VDI) environment.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md
index eedb6be8ae..32fad78f0b 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus.md
@@ -6,12 +6,12 @@ search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
 ms.mktglfcycl: detect
 ms.sitesec: library
-ms.localizationpriority: medium
+ms.localizationpriority: high
 author: denisebmsft
 ms.author: deniseb
 ms.custom: nextgen
 audience: ITPro
-ms.date: 02/03/2021
+ms.date: 03/10/2021
 ms.reviewer: 
 manager: dansimp
 ms.technology: mde
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/microsoft-edge)
 
 > [!NOTE]
@@ -41,9 +41,7 @@ Here are some examples:
 > [!TIP]
 > For more examples and a discussion of the criteria we use to label applications for special attention from security features, see [How Microsoft identifies malware and potentially unwanted applications](../intelligence/criteria.md).
 
-Potentially unwanted applications can increase the risk of your network being infected with actual malware, make malware infections harder to identify, or waste IT resources in cleaning them up.
-
-PUA protection is supported on Windows 10, Windows Server 2019, and Windows Server 2016.
+Potentially unwanted applications can increase the risk of your network being infected with actual malware, make malware infections harder to identify, or waste IT resources in cleaning them up. PUA protection is supported on Windows 10, Windows Server 2019, and Windows Server 2016.
 
 ## Microsoft Edge
 
@@ -64,9 +62,7 @@ Although potentially unwanted application protection in Microsoft Edge (Chromium
 
 In Chromium-based Edge with PUA protection turned on, Microsoft Defender SmartScreen protects you from PUA-associated URLs.
 
-Admins can [configure](https://docs.microsoft.com/DeployEdge/configure-microsoft-edge) how Microsoft Edge and Microsoft Defender SmartScreen work together to protect groups of users from PUA-associated URLs. There are several [group policy settings](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreen-settings) explicitly for Microsoft
-Defender SmartScreen available, including [one for blocking PUA](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreenpuaenabled). In addition, admins can
-[configure Microsoft Defender SmartScreen](https://docs.microsoft.com/microsoft-edge/deploy/available-policies?source=docs#configure-windows-defender-smartscreen) as a whole, using group policy settings to turn Microsoft Defender SmartScreen on or off.
+Security admins can [configure](https://docs.microsoft.com/DeployEdge/configure-microsoft-edge) how Microsoft Edge and Microsoft Defender SmartScreen work together to protect groups of users from PUA-associated URLs. There are several [group policy settings](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreen-settings) explicitly for Microsoft Defender SmartScreen available, including [one for blocking PUA](https://docs.microsoft.com/DeployEdge/microsoft-edge-policies#smartscreenpuaenabled). In addition, admins can [configure Microsoft Defender SmartScreen](https://docs.microsoft.com/microsoft-edge/deploy/available-policies?source=docs#configure-windows-defender-smartscreen) as a whole, using group policy settings to turn Microsoft Defender SmartScreen on or off.
 
 Although Microsoft Defender for Endpoint has its own block list based upon a data set managed by Microsoft, you can customize this list based on your own threat intelligence. If you [create and manage indicators](../microsoft-defender-atp/manage-indicators.md) in the Microsoft Defender for Endpoint portal, Microsoft Defender SmartScreen respects the new settings.
 
@@ -77,9 +73,7 @@ The potentially unwanted application (PUA) protection feature in Microsoft Defen
 > [!NOTE]
 > This feature is available in Windows 10, Windows Server 2019, and Windows Server 2016.
 
-Microsoft Defender Antivirus blocks detected PUA files and any attempts to download, move, run, or install them. Blocked PUA files are then moved to quarantine.
-
-When a PUA file is detected on an endpoint, Microsoft Defender Antivirus sends a notification to the user ([unless notifications have been disabled](configure-notifications-microsoft-defender-antivirus.md)) in the same format as other threat detections. The notification is prefaced with `PUA:` to indicate its content.
+Microsoft Defender Antivirus blocks detected PUA files and any attempts to download, move, run, or install them. Blocked PUA files are then moved to quarantine. When a PUA file is detected on an endpoint, Microsoft Defender Antivirus sends a notification to the user ([unless notifications have been disabled](configure-notifications-microsoft-defender-antivirus.md)) in the same format as other threat detections. The notification is prefaced with `PUA:` to indicate its content.
 
 The notification appears in the usual [quarantine list within the Windows Security app](microsoft-defender-security-center-antivirus.md#detection-history).
 
@@ -112,13 +106,21 @@ For System Center 2012 Configuration Manager, see [How to Deploy Potentially Unw
 #### Use Group Policy to configure PUA protection
 
 1. Download and install [Administrative Templates (.admx) for Windows 10 October 2020 Update (20H2)](https://www.microsoft.com/download/details.aspx?id=102157)
+
 2. On your Group Policy management computer, open the [Group Policy Management Console](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731212(v=ws.11)).
+
 3. Select the Group Policy Object you want to configure, and then choose **Edit**.
+
 4. In the **Group Policy Management Editor**, go to **Computer configuration** and select **Administrative templates**.
+
 5. Expand the tree to **Windows Components** > **Microsoft Defender Antivirus**.
+
 6. Double-click **Configure detection for potentially unwanted applications**.
+
 7. Select **Enabled** to enable PUA protection.
+
 8. In **Options**, select **Block** to block potentially unwanted applications, or select **Audit Mode** to test how the setting works in your environment. Select **OK**.
+
 9. Deploy your Group Policy object as you usually do.
 
 #### Use PowerShell cmdlets to configure PUA protection
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md
index 483ca94393..50a4a72090 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > [!NOTE]
 > The Microsoft Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud; rather, it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates.
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md
index e56c78b8f3..66772cfa88 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/evaluate-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Use this guide to determine how well Microsoft Defender Antivirus protects you from viruses, malware, and potentially unwanted applications.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md
index 0e6a552e4c..7140c5d055 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/limited-periodic-scanning-microsoft-defender-antivirus.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Limited periodic scanning is a special type of threat detection and remediation that can be enabled when you have installed another antivirus product on a Windows 10 device.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-event-based-updates-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-event-based-updates-microsoft-defender-antivirus.md
index 8dc17adfac..74ef6bcfea 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-event-based-updates-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-event-based-updates-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Microsoft Defender Antivirus allows you to determine if updates should (or should not) occur after certain events, such as at startup or after receiving specific reports from the cloud-delivered protection service.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-outdated-endpoints-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-outdated-endpoints-microsoft-defender-antivirus.md
index 668830b824..39cd346198 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-outdated-endpoints-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-outdated-endpoints-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Microsoft Defender Antivirus lets you define how long an endpoint can avoid an update or how many scans it can miss before it is required to update and scan itself. This is especially useful in environments where devices are not often connected to a corporate or external network, or devices that are not used on a daily basis.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-update-schedule-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-update-schedule-microsoft-defender-antivirus.md
index 494811e6e8..f7570bbf51 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-update-schedule-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-update-schedule-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Microsoft Defender Antivirus lets you determine when it should look for and download updates.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md
index acd96cc68b..fb8bee0025 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-protection-updates-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=22146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=22154037)
 
 <a id="protection-updates"></a>
 <!-- this has been used as anchor in VDI content -->
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md
index e95120c0b6..1b34d236ed 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md
@@ -13,7 +13,7 @@ ms.author: deniseb
 ms.custom: nextgen
 ms.reviewer: pahuijbr
 manager: dansimp
-ms.date: 02/12/2021
+ms.date: 03/10/2021
 ms.technology: mde
 ---
 
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 There are two types of updates related to keeping Microsoft Defender Antivirus up to date:
 
@@ -78,6 +78,23 @@ All our updates contain
 <br/><br/>
 
 <details>
+<summary> February-2021 (Platform: 4.18.2102.3 | Engine: 1.1.17900.7)</summary>
+
+&ensp;Security intelligence update version: **1.333.7.0**  
+&ensp;Released: **March 9, 2021**  
+&ensp;Platform: **4.19.2102.3**  
+&ensp;Engine: **1.1.17900.7**  
+&ensp;Support phase: **Security and Critical Updates**
+    
+### What's new
+
+- Improved service recovery through [tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md)
+- Extend tamper protection scope
+
+### Known Issues
+No known issues  
+<br/>
+</details><details>
 <summary> January-2021 (Platform: 4.18.2101.9 | Engine: 1.1.17800.5)</summary>
 
 &ensp;Security intelligence update version: **1.327.1854.0**  
@@ -114,7 +131,13 @@ No known issues
 ### Known Issues
 No known issues  
 <br/>
-</details><details>
+</details>
+
+### Previous version updates: Technical upgrade support only
+
+After a new package version is released, support for the previous two versions is reduced to technical support only. Versions older than that are listed in this section, and are provided for technical upgrade support only. 
+<br/><br/>
+<details>
 <summary> October-2020 (Platform: 4.18.2010.7 | Engine: 1.1.17600.5)</summary>
 
 &ensp;Security intelligence update version: **1.327.7.0**  
@@ -134,13 +157,7 @@ No known issues
 
 No known issues  
 <br/>
-</details>
-
-### Previous version updates: Technical upgrade support only
-
-After a new package version is released, support for the previous two versions is reduced to technical support only. Versions older than that are listed in this section, and are provided for technical upgrade support only. 
-<br/><br/>
-<details>
+</details><details>
 <summary> September-2020 (Platform: 4.18.2009.7 | Engine: 1.1.17500.4)</summary>
 
 &ensp;Security intelligence update version: **1.325.10.0**  
@@ -334,7 +351,7 @@ Engine: **1.1.16700.2**
 
 - Fixed BSOD on WS2016 with Exchange
 - Support platform updates when TMP is redirected to network path
-- Platform and engine versions are added to [WDSI](https://www.microsoft.com/wdsi/defenderupdates)
+- Platform and engine versions are added to [WDSI](https://www.microsoft.com/en-us/wdsi/defenderupdates) <!-- The preceding URL must include "/en-us" -->
 - extend Emergency signature update to [passive mode](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility)
 - Fix 4.18.1911.3 hang
    
@@ -390,7 +407,7 @@ The below table provides the Microsoft Defender Antivirus platform and engine ve
 
 |Windows 10 release  |Platform version  |Engine version |Support phase |
 |:---|:---|:---|:---|
-|2004  (20H1) |4.18.2004.6 |1.1.17000.2 | Technical upgrade support (only) |
+|2004  (20H1/20H2) |4.18.1909.6 |1.1.17000.2 | Technical upgrade support (only) |
 |1909  (19H2) |4.18.1902.5 |1.1.16700.3 | Technical upgrade support (only) |
 |1903  (19H1) |4.18.1902.5 |1.1.15600.4 | Technical upgrade support (only) |
 |1809  (RS5) |4.18.1807.18075 |1.1.15000.2 | Technical upgrade support (only) |
@@ -408,6 +425,20 @@ We recommend updating your Windows 10 (Enterprise, Pro, and Home editions), Wind
 For more information, see [Microsoft Defender update for Windows operating system installation images](https://support.microsoft.com/help/4568292/defender-update-for-windows-operating-system-installation-images).
 
 <details>
+<summary>1.1.2103.01</summary>
+
+&ensp;Package version: **1.1.2103.01**    
+&ensp;Platform version: **4.18.2101.9**   
+&ensp;Engine version: **1.17800.5**  
+&ensp;Signature version: **1.331.2302.0**    
+    
+### Fixes
+- None
+
+### Additional information
+- None  
+<br/>
+</details><details>
 <summary>1.1.2102.03</summary>
 
 &ensp;Package version: **1.1.2102.03**    
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md
index 8f192cc64b..27e095d876 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Mobile devices and VMs may require more configuration to ensure performance is not impacted by updates.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md
index 3c97136983..a1a3ee0c86 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 ## Overview
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md
index 63a22fd4f7..0c2b8d058a 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 ## Microsoft Defender Antivirus: Your next-generation protection
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md
index 4eb54041c7..3404f99585 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016.md
@@ -22,7 +22,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Microsoft Defender Antivirus is available on the following editions/versions of Windows Server:
 - Windows Server 2019
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md
index b22545f7af..a63d9f70b3 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-offline.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Microsoft Defender Offline is an antimalware scanning tool that lets you boot and run a scan from a trusted environment. The scan runs from outside the normal Windows kernel so it can target malware that attempts to bypass the Windows shell, such as viruses and rootkits that infect or overwrite the master boot record (MBR).
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md
index 81bb63ed13..2fb25214bb 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-security-center-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 In Windows 10, version 1703 and later, the Windows Defender app is part of the Windows Security.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/office-365-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/office-365-microsoft-defender-antivirus.md
index 7f35ddf666..5f2be1828e 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/office-365-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/office-365-microsoft-defender-antivirus.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - Microsoft Defender Antivirus
 - Microsoft 365
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
index daa0a27d8a..aeaea0756d 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
@@ -14,7 +14,7 @@ audience: ITPro
 author: denisebmsft
 ms.author: deniseb
 ms.custom: nextgen
-ms.date: 02/17/2021
+ms.date: 03/11/2021
 ms.technology: mde
 ---
 
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Tamper protection is available for devices that are running one of the following versions of Windows:
 
@@ -61,14 +61,121 @@ Tamper protection doesn't prevent you from viewing your security settings. And,
 
 | To perform this task... | See this section... |
 |:---|:---|
-| Turn tamper protection on (or off) for an individual device | [Manage tamper protection on an individual device](#manage-tamper-protection-on-an-individual-device) |
+| Turn tamper protection on (or off) in the Microsoft Defender Security Center <p>Manage tamper protection across your tenant | [Manage tamper protection for your organization using the Microsoft Defender Security Center](#manage-tamper-protection-for-your-organization-using-the-microsoft-defender-security-center) |
 | Turn tamper protection on (or off) for all or part of your organization using Intune <p>Fine-tune tamper protection settings in your organization | [Manage tamper protection for your organization using Intune](#manage-tamper-protection-for-your-organization-using-intune) |
 | Turn tamper protection on (or off) for your organization with Configuration Manager | [Manage tamper protection for your organization using tenant attach with Configuration Manager, version 2006](#manage-tamper-protection-for-your-organization-with-configuration-manager-version-2006) |
-| Turn tamper protection on (or off) in the Microsoft Defender Security Center <p>Manage tamper protection across your tenant <p>(Currently in preview) | [Manage tamper protection for your organization using the Microsoft Defender Security Center](#manage-tamper-protection-for-your-organization-using-the-microsoft-defender-security-center) |
+| Turn tamper protection on (or off) for an individual device | [Manage tamper protection on an individual device](#manage-tamper-protection-on-an-individual-device) |
 | View details about tampering attempts on devices | [View information about tampering attempts](#view-information-about-tampering-attempts) |
 | Review your security recommendations | [Review security recommendations](#review-your-security-recommendations) |
 | Review the list of frequently asked questions (FAQs) | [Browse the FAQs](#view-information-about-tampering-attempts) |
 
+## Manage tamper protection for your organization using the Microsoft Defender Security Center
+
+Tamper protection can be turned on or off for your tenant using the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)). Here are a few points to keep in mind:
+
+- Currently, the option to manage tamper protection in the Microsoft Defender Security Center is on by default for new deployments. For existing deployments, tamper protection is available on an opt-in basis, with plans to make this the default method in the near future. (To opt in, in the Microsoft Defender Security Center, choose **Settings** > **Advanced features** > **Tamper protection**.) 
+
+- When you use the Microsoft Defender Security Center to manage tamper protection, you do not have to use Intune or the tenant attach method.
+
+- When you manage tamper protection in the Microsoft Defender Security Center, the setting is applied tenant wide, affecting all of your devices that are running Windows 10, Windows Server 2016, or Windows Server 2019. To fine-tune tamper protection (such as having tamper protection on for some devices but off for others), use either [Intune](#manage-tamper-protection-for-your-organization-using-intune) or [Configuration Manager with tenant attach](#manage-tamper-protection-for-your-organization-with-configuration-manager-version-2006).
+
+- If you have a hybrid environment, tamper protection settings configured in Intune take precedence over settings configured in the Microsoft Defender Security Center. 
+
+### Requirements for managing tamper protection in the Microsoft Defender Security Center
+
+- You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations.
+
+- Your Windows devices must be running one of the following versions of Windows:
+   - Windows 10
+   - [Windows Server 2019](/windows-server/get-started-19/whats-new-19)
+   - Windows Server, version [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803) or later
+   - [Windows Server 2016](/windows-server/get-started/whats-new-in-windows-server-2016)
+   - For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information).
+
+- Your devices must be [onboarded to Microsoft Defender for Endpoint](../microsoft-defender-atp/onboarding.md).
+
+- Your devices must be using anti-malware platform version 4.18.2010.7 (or above) and anti-malware engine version 1.1.17600.5 (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).)
+
+- [Cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md) must be turned on.
+
+### Turn tamper protection on (or off) in the Microsoft Defender Security Center 
+
+![Turn tamper protection on in the Microsoft Defender Security Center](images/mde-turn-tamperprotect-on.png)
+
+1. Go to the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and sign in.
+
+2. Choose **Settings**.
+
+3. Go to **General** > **Advanced features**, and then turn tamper protection on.
+
+## Manage tamper protection for your organization using Intune
+
+If you are part of your organization's security team, and your subscription includes [Intune](https://docs.microsoft.com/intune/fundamentals/what-is-intune), you can turn tamper protection on (or off) for your organization in the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) portal. Use Intune when you want to fine-tune tamper protection settings. For example, if you want to enable tamper protection on some devices, but not all, use Intune.
+
+### Requirements for managing tamper protection in Intune
+
+- You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations.
+
+- Your organization uses [Intune to manage devices](https://docs.microsoft.com/intune/fundamentals/what-is-device-management). ([Intune licenses](https://docs.microsoft.com/intune/fundamentals/licenses) are required; Intune is included in Microsoft 365 E5.)
+
+- Your Windows devices must be running Windows 10 OS [1709](https://docs.microsoft.com/windows/release-health/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-health/status-windows-10-1809-and-windows-server-2019) or later. (For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information).)
+
+- You must be using Windows security with [security intelligence](https://www.microsoft.com/wdsi/definitions) updated to version 1.287.60.0 (or above).
+
+- Your devices must be using anti-malware platform version 4.18.1906.3 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).)
+
+### Turn tamper protection on (or off) in Intune
+
+![Turn tamper protection on with Intune](images/turnontamperprotect-MEM.png)
+
+1. Go to the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) and sign in with your work or school account.
+
+2. Select **Devices** > **Configuration Profiles**.
+
+3. Create a profile that includes the following settings:
+    - **Platform: Windows 10 and later**
+    - **Profile type: Endpoint protection**
+    - **Category: Microsoft Defender Security Center**
+    - **Tamper Protection: Enabled**
+
+4. Assign the profile to one or more groups.
+
+### Are you using Windows OS 1709, 1803, or 1809?
+
+If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release-health/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803), or [1809](https://docs.microsoft.com/windows/release-health/status-windows-10-1809-and-windows-server-2019), you won't see **Tamper Protection** in the Windows Security app. Instead, you can use PowerShell to determine whether tamper protection is enabled.
+
+#### Use PowerShell to determine whether tamper protection is turned on
+
+1. Open the Windows PowerShell app.
+
+2. Use the [Get-MpComputerStatus](https://docs.microsoft.com/powershell/module/defender/get-mpcomputerstatus?view=win10-ps&preserve-view=true) PowerShell cmdlet.
+
+3. In the list of results, look for `IsTamperProtected`. (A value of *true* means tamper protection is enabled.)
+
+## Manage tamper protection for your organization with Configuration Manager, version 2006
+
+If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10, Windows Server 2016, and Windows Server 2019 by using a method called *tenant attach*. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver endpoint security configuration policies to on-premises collections & devices.
+
+![Windows security experience in Endpoint Manager](images/win-security- exp-policy-endpt-security.png)
+
+> [!NOTE]
+> The procedure can be used to extend tamper protection to devices running Windows 10 and Windows Server 2019. Make sure to review the prerequisites and other information in the resources mentioned in this procedure.
+
+1. Set up tenant attach. To get help with this, see [Microsoft Endpoint Manager tenant attach: Device sync and device actions](https://docs.microsoft.com/mem/configmgr/tenant-attach/device-sync-actions).
+
+2. In the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Endpoint security** > **Antivirus**, and then choose **+ Create Policy**.<br/> 
+   - In the **Platform** list, select **Windows 10 and Windows Server (ConfigMgr)**.  
+   - In the **Profile** list, select **Windows Security experience (preview)**. <br/>
+
+3. Deploy the policy to your device collection.
+
+### Need help with this method? 
+
+See the following resources:
+
+- [Settings for the Windows Security experience profile in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/antivirus-security-experience-windows-settings)
+- [Tech Community Blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin)
+
 ## Manage tamper protection on an individual device
 
 > [!NOTE]
@@ -85,95 +192,12 @@ Here's what you see in the Windows Security app:
 ![Tamper protection turned on in Windows 10 Home](images/tamperprotectionturnedon.png)
 
 1. Select **Start**, and start typing *Security*. In the search results, select **Windows Security**.
+
 2. Select **Virus & threat protection** > **Virus & threat protection settings**.
+
 3. Set **Tamper Protection** to **On** or **Off**.
 
-## Manage tamper protection for your organization using Intune
 
-If you are part of your organization's security team, and your subscription includes [Intune](https://docs.microsoft.com/intune/fundamentals/what-is-intune), you can turn tamper protection on (or off) for your organization in the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) portal. Use Intune when you want to fine-tune tamper protection settings. For example, if you want to enable tamper protection on some devices, but not all, use Intune.
-
-### Requirements for managing tamper protection in Intune
-
-- You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations.
-- Your organization uses [Intune to manage devices](https://docs.microsoft.com/intune/fundamentals/what-is-device-management). ([Intune licenses](https://docs.microsoft.com/intune/fundamentals/licenses) are required; Intune is included in Microsoft 365 E5.)
-- Your Windows devices must be running Windows 10 OS [1709](https://docs.microsoft.com/windows/release-health/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-health/status-windows-10-1809-and-windows-server-2019) or later. (For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information).)
-- You must be using Windows security with [security intelligence](https://www.microsoft.com/wdsi/definitions) updated to version 1.287.60.0 (or above).
-- Your devices must be using anti-malware platform version 4.18.1906.3 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).)
-
-### Turn tamper protection on (or off) in Intune
-
-![Turn tamper protection on with Intune](images/turnontamperprotect-MEM.png)
-
-1. Go to the [Microsoft Endpoint Manager admin center](https://endpoint.microsoft.com) and sign in with your work or school account.
-2. Select **Devices** > **Configuration Profiles**.
-3. Create a profile that includes the following settings:
-    - **Platform: Windows 10 and later**
-    - **Profile type: Endpoint protection**
-    - **Category: Microsoft Defender Security Center**
-    - **Tamper Protection: Enabled**
-4. Assign the profile to one or more groups.
-
-### Are you using Windows OS 1709, 1803, or 1809?
-
-If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release-health/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803), or [1809](https://docs.microsoft.com/windows/release-health/status-windows-10-1809-and-windows-server-2019), you won't see **Tamper Protection** in the Windows Security app. In this case, you can use PowerShell to determine whether tamper protection is enabled.
-
-#### Use PowerShell to determine whether tamper protection is turned on
-
-1. Open the Windows PowerShell app.
-2. Use the [Get-MpComputerStatus](https://docs.microsoft.com/powershell/module/defender/get-mpcomputerstatus?view=win10-ps&preserve-view=true) PowerShell cmdlet.
-3. In the list of results, look for `IsTamperProtected`. (A value of *true* means tamper protection is enabled.)
-
-## Manage tamper protection for your organization with Configuration Manager, version 2006
-
-> [!IMPORTANT]
-> The procedure can be used to extend tamper protection to devices running Windows 10 and Windows Server 2019. Make sure to review the prerequisites and other information in the resources mentioned in this procedure.
-
-If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10, Windows Server 2016, and Windows Server 2019 by using a method called *tenant attach*. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver endpoint security configuration policies to on-premises collections & devices.
-
-![Windows security experience in Endpoint Manager](images/win-security- exp-policy-endpt-security.png)
-
-1. Set up tenant attach. See [Microsoft Endpoint Manager tenant attach: Device sync and device actions](https://docs.microsoft.com/mem/configmgr/tenant-attach/device-sync-actions).
-2. In the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), go to **Endpoint security** > **Antivirus**, and choose **+ Create Policy**.<br/> 
-   - In the **Platform** list, select **Windows 10 and Windows Server (ConfigMgr)**.  
-   - In the **Profile** list, select **Windows Security experience (preview)**. <br/>
-3. Deploy the policy to your device collection.
-
-### Need help with this? 
-
-See the following resources:
-
-- [Settings for the Windows Security experience profile in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/antivirus-security-experience-windows-settings)
-- [Tech Community Blog: Announcing Tamper Protection for Configuration Manager Tenant Attach clients](https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/announcing-tamper-protection-for-configuration-manager-tenant/ba-p/1700246#.X3QLR5Ziqq8.linkedin)
-
-## Manage tamper protection for your organization using the Microsoft Defender Security Center
-
-Currently in preview, tamper protection can be turned on or off in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)). Here are a few points to keep in mind:
-
-- When you use the Microsoft Defender Security Center to manage tamper protection, you do not have to use Intune or the tenant attach method.
-- When you manage tamper protection in the Microsoft Defender Security Center, the setting is applied tenant wide, affecting all of your devices that are running Windows 10, Windows Server 2016, or Windows Server 2019. To fine-tune tamper protection (such as having tamper protection on for some devices but off for others), use either [Intune](#manage-tamper-protection-for-your-organization-using-intune) or [Configuration Manager with tenant attach](#manage-tamper-protection-for-your-organization-with-configuration-manager-version-2006).
-- If you have a hybrid environment, tamper protection settings configured in Intune take precedence over settings configured in the Microsoft Defender Security Center. 
-- Tamper protection is generally available; however, the ability to manage tamper protection in the Microsoft Defender Security Center is currently in preview.
-
-### Requirements for managing tamper protection in the Microsoft Defender Security Center
-
-- You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations.
-- Your Windows devices must be running one of the following versions of Windows:
-   - Windows 10
-   - [Windows Server 2019](/windows-server/get-started-19/whats-new-19)
-   - Windows Server, version [1803](https://docs.microsoft.com/windows/release-health/status-windows-10-1803) or later
-   - [Windows Server 2016](/windows-server/get-started/whats-new-in-windows-server-2016)
-   - For more information about releases, see [Windows 10 release information](https://docs.microsoft.com/windows/release-health/release-information).
-- Your devices must be [onboarded to Microsoft Defender for Endpoint](../microsoft-defender-atp/onboarding.md).
-- Your devices must be using anti-malware platform version 4.18.2010.7 (or above) and anti-malware engine version 1.1.17600.5 (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).)
-- [Cloud-delivered protection must be turned on](enable-cloud-protection-microsoft-defender-antivirus.md).
-
-### Turn tamper protection on (or off) in the Microsoft Defender Security Center 
-
-![Turn tamper protection on in the Microsoft Defender Security Center](images/mde-turn-tamperprotect-on.png)
-
-1. Go to the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)) and sign in.
-2. Choose **Settings**.
-3. Go to **General** > **Advanced features**, and then turn tamper protection on.
 
 ## View information about tampering attempts
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md
index 93d033b274..9505edb6c6 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/prevent-end-user-interaction-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can use Group Policy to prevent users on endpoints from seeing the Microsoft Defender Antivirus interface. You can also prevent them from pausing scans.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/report-monitor-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/report-monitor-microsoft-defender-antivirus.md
index f6c46b93b9..63b1cef153 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/report-monitor-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/report-monitor-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Microsoft Defender Antivirus is built into Windows 10, Windows Server 2019, and Windows Server 2016. Microsoft Defender Antivirus is of your next-generation protection in Microsoft Defender for Endpoint. Next-generation protection helps protect your devices from software threats like viruses, malware, and spyware across email, apps, the cloud, and the web.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/restore-quarantined-files-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/restore-quarantined-files-microsoft-defender-antivirus.md
index e3f5c1f0fe..3aee622427 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/restore-quarantined-files-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/restore-quarantined-files-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 If Microsoft Defender Antivirus is configured to detect and remediate threats on your device, Microsoft Defender Antivirus quarantines suspicious files. If you are certain a quarantined file is not a threat, you can restore it.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/review-scan-results-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/review-scan-results-microsoft-defender-antivirus.md
index 4168fb1d63..82de267b72 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/review-scan-results-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/review-scan-results-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 After a Microsoft Defender Antivirus scan completes, whether it is an [on-demand](run-scan-microsoft-defender-antivirus.md) or [scheduled scan](scheduled-catch-up-scans-microsoft-defender-antivirus.md), the results are recorded and you can view the results. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/run-scan-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/run-scan-microsoft-defender-antivirus.md
index 5a65b6a165..b9d6853c2a 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/run-scan-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/run-scan-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can run an on-demand scan on individual endpoints. These scans will start immediately, and you can define parameters for the scan, such as the location or type.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/scheduled-catch-up-scans-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/scheduled-catch-up-scans-microsoft-defender-antivirus.md
index ce888c039c..d3af9f6b9d 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/scheduled-catch-up-scans-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/scheduled-catch-up-scans-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 > [!NOTE]
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md
index 1e4c37caba..e65babbf90 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can specify your level of cloud-delivered protection offered by Microsoft Defender Antivirus by using Microsoft Endpoint Manager (recommended) or Group Policy.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
index d0c2933ef9..3a59626b11 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus-when-migrating.md
@@ -22,7 +22,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 You can find help here if you encounter issues while migrating from a third-party security solution to Microsoft Defender Antivirus.
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md
index b65212267f..6d48b38885 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 If you encounter a problem with Microsoft Defender Antivirus, you can search the tables in this topic to find a matching issue and potential solution.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md
index 0b3b787b77..4ec6d05d04 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/troubleshoot-reporting.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > [!IMPORTANT]
 > On March 31, 2020, the Microsoft Defender Antivirus reporting feature of Update Compliance will be removed. You can continue to define and review security compliance policies using [Microsoft Endpoint Manager](https://www.microsoft.com/microsoft-365/microsoft-endpoint-manager), which allows finer control over security features and updates.
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
index b3383fd1a6..decb62a445 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-group-policy-microsoft-defender-antivirus.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can use [Group Policy](https://msdn.microsoft.com/library/ee663280(v=vs.85).aspx) to configure and manage Microsoft Defender Antivirus on your endpoints.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md
index 75f4f1b7cc..dcd08baa99 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 If you were using Microsoft Endpoint Manager or Microsoft Intune to manage the endpoints on your network, you can now use Microsoft Endpoint Manager to manage Microsoft Defender Antivirus scans.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md
index 078fbf7fab..dc441c48cf 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 You can use PowerShell to perform various functions in Windows Defender. Similar to the command prompt or command line, PowerShell is a task-based command-line shell and scripting language designed especially for system administration. You can read more about it at the [PowerShell hub on MSDN](https://docs.microsoft.com/previous-versions/msdn10/mt173057(v=msdn.10)).
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md
index 92f746d03d..bfcce9630c 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-wmi-microsoft-defender-antivirus.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Windows Management Instrumentation (WMI) is a scripting interface that allows you to retrieve, modify, and update settings.
 
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md
index 5bc184057b..88cba327be 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md
@@ -22,7 +22,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Microsoft next-generation technologies in Microsoft Defender Antivirus provide near-instant, automated protection against new and emerging threats. To dynamically identify new threats, these technologies work with large sets of interconnected data in the Microsoft Intelligent Security Graph and powerful artificial intelligence (AI) systems driven by advanced machine learning models.  
 
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
index bbab8b350a..6eddda97d7 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/configure-md-app-guard.md
@@ -18,7 +18,7 @@ ms.technology: mde
 # Configure Microsoft Defender Application Guard policy settings
 
 **Applies to:** 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Microsoft Defender Application Guard (Application Guard) works with Group Policy to help you manage your organization's computer settings. By using Group Policy, you can configure a setting once, and then copy it onto many computers. For example, you can set up multiple security settings in a GPO, which is linked to a domain, and then apply all those settings to every computer in the domain.
 
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
index 919fc5c18b..e63bfdaf57 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
@@ -18,7 +18,7 @@ ms.technology: mde
 # Prepare to install Microsoft Defender Application Guard
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 ## Review system requirements
  
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md
index 0c7e53c3fb..89dc438cda 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/test-scenarios-md-app-guard.md
@@ -19,7 +19,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 We've come up with a list of scenarios that you can use to test hardware-based isolation in your organization.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/access-mssp-portal.md b/windows/security/threat-protection/microsoft-defender-atp/access-mssp-portal.md
index 969ca1a11c..c632baed12 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/access-mssp-portal.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/access-mssp-portal.md
@@ -21,7 +21,7 @@ ms.technology: mde
 # Access the Microsoft Defender Security Center MSSP customer portal
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
@@ -29,7 +29,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/add-or-remove-machine-tags.md b/windows/security/threat-protection/microsoft-defender-atp/add-or-remove-machine-tags.md
index 4b005be826..a1cc377d45 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/add-or-remove-machine-tags.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/add-or-remove-machine-tags.md
@@ -1,6 +1,6 @@
 ---
 title: Add or Remove Machine Tags API
-description: Learn how to use the Add or Remove machine tags API to adds or remove a tag for a machine in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Add or Remove machine tags API to adds or remove a tag for a machine in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, tags, machine tags
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -20,8 +20,8 @@ ms.technology: mde
 # Add or Remove Machine Tags API
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+2154037
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
@@ -90,7 +90,7 @@ If successful, this method returns 200 - Ok response code and the updated Machin
 
 Here is an example of a request that adds machine tag.
 
-```
+```http
 POST https://api.securitycenter.microsoft.com/api/machines/1e5bc9d7e413ddd7902c2932e418702b84d0cc07/tags
 ```
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
index 0239279f5e..13c41c5a68 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-features.md
@@ -21,7 +21,7 @@ ms.technology: mde
 # Configure advanced features in Defender for Endpoint
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-assignedipaddress-function.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-assignedipaddress-function.md
index ec9f2b383d..321ee52593 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-assignedipaddress-function.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-assignedipaddress-function.md
@@ -1,7 +1,7 @@
 ---
-title: AssignedIPAddresses() function in advanced hunting for Microsoft Defender Advanced Threat Protection
+title: AssignedIPAddresses() function in advanced hunting for Microsoft Defender for Endpoint
 description: Learn how to use the AssignedIPAddresses() function to get the latest IP addresses assigned to a device
-keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection, search, query, telemetry, schema reference, kusto, FileProfile, file profile, function, enrichment
+keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, Microsoft Defender ATP, Microsoft Defender for Endpoint, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection, search, query, telemetry, schema reference, kusto, FileProfile, file profile, function, enrichment
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -26,8 +26,9 @@ ms.technology: mde
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedfeats-abovefoldlink)
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
+
 
 Use the `AssignedIPAddresses()` function in your advanced hunting queries to quickly obtain the latest IP addresses that have been assigned to a device. If you specify a timestamp argument, this function obtains the most recent IP addresses at the specified time.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md
index 3d5528fced..3b4db6f1dc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-best-practices.md
@@ -23,8 +23,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-bestpractices-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
index dfd47ce5c3..2a6d8f2f4f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table.md
@@ -24,8 +24,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
 
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceevents-table.md
index 85121c67e1..4929ff1813 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceevents-table.md
@@ -23,8 +23,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md
index 9d8a944f7b..3bf9a21720 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfo-table.md
@@ -24,8 +24,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
 
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table.md
index 1f725b1953..4d3aa4e2cf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefileevents-table.md
@@ -23,8 +23,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
 
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
index 2403e7dca0..7edd695042 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceimageloadevents-table.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceinfo-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceinfo-table.md
index e9bb4da83c..55f13a0d3d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceinfo-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceinfo-table.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md
index 8d7bb09379..3635672598 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicelogonevents-table.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md
index 606738f0a5..916d598e74 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md
index 469cf50647..320ebe9bcc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md
@@ -23,9 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md
index 3f8c20ce5c..d31ac843a3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md
index 91bf57e992..13824028f0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md
index 1a30b1c1d8..0614397181 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md
index 33b5554fd4..b87624f53b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventory-table.md
similarity index 65%
rename from windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md
rename to windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventory-table.md
index 9a7862714a..e3a85cf831 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwareinventory-table.md
@@ -1,6 +1,6 @@
 ---
-title: DeviceTvmSoftwareInventoryVulnerabilities table in the advanced hunting schema
-description: Learn about the inventory of software in your devices and their vulnerabilities in the DeviceTvmSoftwareInventoryVulnerabilities table of the advanced hunting schema.
+title: DeviceTvmSoftwareInventory table in the advanced hunting schema
+description: Learn about the inventory of software in your devices in the DeviceTvmSoftwareInventory table of the advanced hunting schema.
 keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, threat & vulnerability management, TVM, device management, software, inventory, vulnerabilities, CVE ID, OS DeviceTvmSoftwareInventoryVulnerabilities
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -8,8 +8,8 @@ ms.prod: m365-security
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
-ms.author: dolmont
-author: DulceMontemayor
+ms.author: maccruz
+author: schmurky
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
@@ -18,19 +18,21 @@ ms.topic: article
 ms.technology: mde
 ---
 
-# DeviceTvmSoftwareInventoryVulnerabilities
+# DeviceTvmSoftwareInventory
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
-The `DeviceTvmSoftwareInventoryVulnerabilities` table in the advanced hunting schema contains the [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) inventory of software on your devices as well as any known vulnerabilities in these software products. This table also includes operating system information, CVE IDs, and vulnerability severity information. Use this reference to construct queries that return information from the table.
+The `DeviceTvmSoftwareInventory` table in the advanced hunting schema contains the [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) inventory of software currently installed on devices in your network, including end of support information. You can, for instance, hunt for events involving devices that are installed with a currently vulnerable software version. Use this reference to construct queries that return information from the table.
+
+>[!NOTE]
+>The `DeviceTvmSoftwareInventory` and `DeviceTvmSoftwareVulnerabilities` tables have replaced the `DeviceTvmSoftwareInventoryVulnerabilities` table. Together, the first two tables include more columns you can use to help inform your vulnerability management activities.
 
 For information on other tables in the advanced hunting schema, see [the advanced hunting reference](advanced-hunting-reference.md).
 
@@ -44,8 +46,8 @@ For information on other tables in the advanced hunting schema, see [the advance
 | `SoftwareVendor` | string | Name of the software vendor |
 | `SoftwareName` | string | Name of the software product |
 | `SoftwareVersion` | string | Version number of the software product |
-| `CveId` | string | Unique identifier assigned to the security vulnerability under the Common Vulnerabilities and Exposures (CVE) system |
-| `VulnerabilitySeverityLevel` | string | Severity level assigned to the security vulnerability based on the CVSS score and dynamic factors influenced by the threat landscape |
+| `EndOfSupportStatus` | string | Indicates the lifecycle stage of the software product relative to its specified end-of-support (EOS) or end-of-life (EOL) date |
+| `EndOfSupportDate` | string | End-of-support (EOS) or end-of-life (EOL) date of the software product |
 
 
 
@@ -55,3 +57,4 @@ For information on other tables in the advanced hunting schema, see [the advance
 - [Learn the query language](advanced-hunting-query-language.md)
 - [Understand the schema](advanced-hunting-schema-reference.md)
 - [Overview of Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilities-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilities-table.md
new file mode 100644
index 0000000000..5addd121a0
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilities-table.md
@@ -0,0 +1,61 @@
+---
+title: DeviceTvmSoftwareVulnerabilities table in the advanced hunting schema
+description: Learn about software vulnerabilities found on devices and the list of available security updates that address each vulnerability in the DeviceTvmSoftwareVulnerabilities table of the advanced hunting schema.
+keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, microsoft defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, threat & vulnerability management, TVM, device management, software, inventory, vulnerabilities, CVE ID, OS DeviceTvmSoftwareInventoryVulnerabilities
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: m365-security
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: maccruz
+author: schmurky
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: article
+ms.technology: mde
+---
+
+# DeviceTvmSoftwareVulnerabilities
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
+>Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
+
+[!include[Prerelease information](../../includes/prerelease.md)]
+
+The `DeviceTvmSoftwareVulnerabilities` table in the advanced hunting schema contains the [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) list of vulnerabilities in installed software products. This table also includes operating system information, CVE IDs, and vulnerability severity information. You can use this table, for example, to hunt for events involving devices that have severe vulnerabilities in their software. Use this reference to construct queries that return information from the table.
+
+>[!NOTE]
+>The `DeviceTvmSoftwareInventory` and `DeviceTvmSoftwareVulnerabilities` tables have replaced the `DeviceTvmSoftwareInventoryVulnerabilities` table. Together, the first two tables include more columns you can use to help inform your vulnerability management activities.
+
+For information on other tables in the advanced hunting schema, see [the advanced hunting reference](advanced-hunting-reference.md).
+
+| Column name | Data type | Description |
+|-------------|-----------|-------------|
+| `DeviceId` | string | Unique identifier for the device in the service |
+| `DeviceName` | string | Fully qualified domain name (FQDN) of the device |
+| `OSPlatform` | string | Platform of the operating system running on the device. This indicates specific operating systems, including variations within the same family, such as Windows 10 and Windows 7. |
+| `OSVersion` | string | Version of the operating system running on the device |
+| `OSArchitecture` | string | Architecture of the operating system running on the device |
+| `SoftwareVendor` | string | Name of the software vendor |
+| `SoftwareName` | string | Name of the software product |
+| `SoftwareVersion` | string | Version number of the software product |
+| `CveId` | string | Unique identifier assigned to the security vulnerability under the Common Vulnerabilities and Exposures (CVE) system |
+| `VulnerabilitySeverityLevel` | string | Severity level assigned to the security vulnerability based on the CVSS score and dynamic factors influenced by the threat landscape |
+| `RecommendedSecurityUpdate` | string | Name or description of the security update provided by the software vendor to address the vulnerability |
+| `RecommendedSecurityUpdateId` | string | Identifier of the applicable security updates or identifier for the corresponding guidance or knowledge base (KB) articles |
+
+
+
+## Related topics
+
+- [Advanced hunting overview](advanced-hunting-overview.md)
+- [Learn the query language](advanced-hunting-query-language.md)
+- [Understand the schema](advanced-hunting-schema-reference.md)
+- [Overview of Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md
index bbbfb435dc..27f1b068e6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-errors.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-errors.md
index ffff09c519..a99c4489dc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-errors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-errors.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-extend-data.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-extend-data.md
index e1120e33aa..446dc8b08d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-extend-data.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-extend-data.md
@@ -1,7 +1,7 @@
 ---
 title: Extend advanced hunting coverage with the right settings
 description: Check auditing settings on Windows devices and other settings to help ensure that you get the most comprehensive data in advanced hunting
-keywords: advanced hunting, incident, pivot, entity, audit settings, user account management, security group management, threat hunting, cyber threat hunting, search, query, telemetry, mdatp, Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection
+keywords: advanced hunting, incident, pivot, entity, audit settings, user account management, security group management, threat hunting, cyber threat hunting, search, query, telemetry, mdatp, Microsoft Defender ATP, Microsoft Defender for Endpoint, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -24,8 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 [Advanced hunting](advanced-hunting-overview.md) relies on data coming from across your organization. To get the most comprehensive data possible, ensure that you have the correct settings in the corresponding data sources.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-fileprofile-function.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-fileprofile-function.md
index ca6bab10ed..8e44c9d3dc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-fileprofile-function.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-fileprofile-function.md
@@ -1,7 +1,7 @@
 ---
-title: FileProfile() function in advanced hunting for Microsoft Defender Advanced Threat Protection
+title: FileProfile() function in advanced hunting for Microsoft Defender for Endpoint
 description: Learn how to use the FileProfile() to enrich information about files in your advanced hunting query results
-keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection, search, query, telemetry, schema reference, kusto, FileProfile, file profile, function, enrichment
+keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, Microsoft Defender ATP, Microsoft Defender for Endpoint, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection, search, query, telemetry, schema reference, kusto, FileProfile, file profile, function, enrichment
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -22,7 +22,7 @@ ms.technology: mde
 # FileProfile()
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 The `FileProfile()` function is an enrichment function in [advanced hunting](advanced-hunting-overview.md) that adds the following data to files found by the query.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md
index 40e92ba327..acdd0ed361 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md
index 062ccc2962..1540aef40c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-results.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
index 17f6ebfe5d..9ad0ec8f03 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
 
@@ -64,7 +64,8 @@ Table and column names are also listed within the Microsoft Defender Security Ce
 | **[DeviceImageLoadEvents](advanced-hunting-deviceimageloadevents-table.md)** | DLL loading events |
 | **[DeviceEvents](advanced-hunting-deviceevents-table.md)** | Multiple event types, including events triggered by security controls such as Microsoft Defender Antivirus and exploit protection |
 | **[DeviceFileCertificateInfo](advanced-hunting-devicefilecertificateinfo-table.md)** | Certificate information of signed files obtained from certificate verification events on endpoints |
-| **[DeviceTvmSoftwareInventoryVulnerabilities](advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md)** | Inventory of software on devices as well as any known vulnerabilities in these software products |
+| **[DeviceTvmSoftwareInventory](advanced-hunting-devicetvmsoftwareinventory-table.md)** | Inventory of software installed on devices, including their version information and end-of-support status |
+| **[DeviceTvmSoftwareVulnerabilities](advanced-hunting-devicetvmsoftwarevulnerabilities-table.md)** | Software vulnerabilities found on devices and the list of available security updates that address each vulnerability |
 | **[DeviceTvmSoftwareVulnerabilitiesKB ](advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md)** | Knowledge base of publicly disclosed vulnerabilities, including whether exploit code is publicly available |
 | **[DeviceTvmSecureConfigurationAssessment](advanced-hunting-devicetvmsecureconfigurationassessment-table.md)** | Threat & Vulnerability Management assessment events, indicating the status of various security configurations on devices |
 | **[DeviceTvmSecureConfigurationAssessmentKB](advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md)** | Knowledge base of various security configurations used by Threat & Vulnerability Management to assess devices; includes mappings to various standards and benchmarks |
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md
index 36e806bc85..5a3b9cc77f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-shared-queries.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-take-action.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-take-action.md
index f1e57a9b92..60a963033b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-take-action.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-take-action.md
@@ -22,8 +22,8 @@ ms.technology: mde
 # Take action on advanced hunting query results
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
 
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/alerts-queue-endpoint-detection-response.md b/windows/security/threat-protection/microsoft-defender-atp/alerts-queue-endpoint-detection-response.md
index 5fe6c98c25..69d806e699 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/alerts-queue-endpoint-detection-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/alerts-queue-endpoint-detection-response.md
@@ -25,8 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
@@ -38,8 +37,8 @@ Topic | Description
 [View and organize the Alerts queue](alerts-queue.md) | Shows a list of alerts that were flagged in your network.
 [Manage alerts](manage-alerts.md) | Learn about how you can manage alerts such as change its status, assign it to a security operations member, and see the history of an alert.
 [Investigate alerts](investigate-alerts.md)| Investigate alerts that are affecting your network, understand what they mean, and how to resolve them.
-[Investigate files](investigate-files.md)| Investigate the details of a file associated with a specific alert, behaviour, or event. 
-[Investigate devices](investigate-machines.md)| Investigate the details of a device associated with a specific alert, behaviour, or event. 
+[Investigate files](investigate-files.md)| Investigate the details of a file associated with a specific alert, behavior, or event. 
+[Investigate devices](investigate-machines.md)| Investigate the details of a device associated with a specific alert, behavior, or event. 
 [Investigate an IP address](investigate-ip.md) | Examine possible communication between devices in your network and external internet protocol (IP) addresses.
 [Investigate a domain](investigate-domain.md) | Investigate a domain to see if devices and servers in your network have been communicating with a known malicious domain. 
 [Investigate a user account](investigate-user.md) | Identify user accounts with the most active alerts and investigate cases of potential compromised credentials.  
diff --git a/windows/security/threat-protection/microsoft-defender-atp/alerts.md b/windows/security/threat-protection/microsoft-defender-atp/alerts.md
index 16357997f1..ee2a0773f1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/alerts.md
@@ -1,6 +1,6 @@
 ---
 title: Get alerts API
-description: Learn about the methods and properties of the Alert resource type in Microsoft Defender Advanced Threat Protection.
+description: Learn about the methods and properties of the Alert resource type in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, alerts, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/android-configure.md b/windows/security/threat-protection/microsoft-defender-atp/android-configure.md
index dfc9c405e5..57c02a5a40 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/android-configure.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/android-configure.md
@@ -26,9 +26,12 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platform**
+- Android
+
 ## Conditional Access with Defender for Endpoint for Android  
 Microsoft Defender for Endpoint for Android along with Microsoft Intune and Azure Active
 Directory enables enforcing Device compliance and Conditional Access policies
diff --git a/windows/security/threat-protection/microsoft-defender-atp/android-intune.md b/windows/security/threat-protection/microsoft-defender-atp/android-intune.md
index 89f8619d4e..b7e64c5218 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/android-intune.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/android-intune.md
@@ -26,9 +26,12 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platform**
+- Android
+
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/android-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/android-privacy.md
index 10ddc13de9..bc43caa1d8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/android-privacy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/android-privacy.md
@@ -21,9 +21,12 @@ ms.technology: mde
 #  Microsoft Defender for Endpoint for Android - Privacy information
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platform**
+- Android
+
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 
@@ -44,9 +47,9 @@ apps. Here's a list of the types of data being collected:
 
 Information about Android application packages (APKs) on the device including
 
--  Install source
--  Storage location (file path) of the APK
--  Time of install, size of APK and permissions
+- Install source
+- Storage location (file path) of the APK
+- Time of install, size of APK and permissions
 
 ### Web page / Network information
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/android-support-signin.md b/windows/security/threat-protection/microsoft-defender-atp/android-support-signin.md
index f301f7ead9..82e65744f5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/android-support-signin.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/android-support-signin.md
@@ -26,9 +26,11 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platform**
+- Android
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/android-terms.md b/windows/security/threat-protection/microsoft-defender-atp/android-terms.md
index 1ab039d371..14e9b8c63a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/android-terms.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/android-terms.md
@@ -22,15 +22,6 @@ ms.technology: mde
 
 # Microsoft Defender for Endpoint for Android application license terms
 
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
-
-**Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
-
-
 ## MICROSOFT APPLICATION LICENSE TERMS: MICROSOFT DEFENDER FOR ENDPOINT
 
 These license terms ("Terms") are an agreement between Microsoft Corporation (or
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md b/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md
index cadef87218..3a1f6ad4ae 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-explorer.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 The Microsoft Defender for Endpoint API Explorer is a tool that helps you explore various Defender for Endpoint APIs interactively. 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md b/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
index 7793136a50..5bbd4d2792 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
@@ -1,7 +1,7 @@
 ---
-title: Hello World for Microsoft Defender Advanced Threat Protection API
+title: Hello World for Microsoft Defender for Endpoint API
 ms.reviewer: 
-description: Create a practice 'Hello world'-style API call to the Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) API.
+description: Create a practice 'Hello world'-style API call to the Microsoft Defender for Endpoint (Microsoft Defender ATP) API.
 keywords: apis, supported apis, advanced hunting, query
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:** 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md b/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md
index b5b277ed3b..8dead83a4d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md
@@ -23,9 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md b/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md
index 91c6a65e75..0d07bada8e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-apiportalmapping-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md b/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md
index e77e799097..deb13b58ff 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md
@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender ATP APIs connection to Power BI
 ms.reviewer: 
-description: Create a Power Business Intelligence (BI) report on top of Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) APIs.
+description: Create a Power Business Intelligence (BI) report on top of Microsoft Defender for Endpoint APIs.
 keywords: apis, supported apis, Power BI, reports
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -23,9 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-release-notes.md b/windows/security/threat-protection/microsoft-defender-atp/api-release-notes.md
index b46d84553b..c5223bee7e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-release-notes.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-release-notes.md
@@ -19,13 +19,28 @@ ms.technology: mde
 
 # Microsoft Defender for Endpoint API release notes
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
-- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 The following information lists the updates made to the Microsoft Defender for Endpoint APIs and the dates they were made.
 
 
+> [!TIP]
+> RSS feed: Get notified when this page is updated by copying and pasting the following URL into your feed reader: 
+>```
+>https://docs.microsoft.com/api/search/rss?search=%22Release+notes+for+updates+made+to+the+Microsoft+Defender+for+Endpoint+set+of+APIs%22&locale=en-us&facet=&%24filter=scopes%2Fany%28t%3A+t+eq+%27Windows+10%27%29
+>```
+
+
+### 10.02.2021
+<hr>
+
+- Added new API: [Batch update alerts](batch-update-alerts.md). 
+
+<br>
+
 ### 25.01.2021
 <hr>
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/api-terms-of-use.md b/windows/security/threat-protection/microsoft-defender-atp/api-terms-of-use.md
index 362d381ce7..535b993343 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/api-terms-of-use.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/api-terms-of-use.md
@@ -22,11 +22,10 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
 
 ## APIs
-
 Defender for Endpoint APIs are governed by [Microsoft API License and Terms of use](https://docs.microsoft.com/legal/microsoft-apis/terms-of-use).
 
 ### Throttling limits
diff --git a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md
index 1983cf9886..ee166e8c58 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/apis-intro.md
@@ -1,5 +1,5 @@
 ---
-title: Access the Microsoft Defender Advanced Threat Protection APIs
+title: Access the Microsoft Defender for Endpoint APIs
 ms.reviewer: 
 description: Learn how you can use APIs to automate workflows and innovate based on Microsoft Defender ATP capabilities
 keywords: apis, api, wdatp, open api, microsoft defender atp api, public api, supported apis, alerts, device, user, domain, ip, file, advanced hunting, query
@@ -23,12 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
-
-**Applies to:** 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md b/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md
index 5efaab6c51..7f06ffde4f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md
@@ -1,6 +1,6 @@
 ---
 title: Assign user access to Microsoft Defender Security Center
-description: Assign read and write or read only access to the Microsoft Defender Advanced Threat Protection portal.
+description: Assign read and write or read only access to the Microsoft Defender for Endpoint portal.
 keywords: assign user roles, assign read and write access, assign read only access, user, user roles, roles
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -27,7 +27,7 @@ ms.technology: mde
 **Applies to:**
 - Azure Active Directory
 - Office 365
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md b/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md
index 047eae7fed..741afabf61 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md
@@ -1,7 +1,7 @@
 ---
 title: Experience Microsoft Defender ATP through simulated attacks
 description: Run the provided attack scenario simulations to experience how Microsoft Defender ATP can detect, investigate, and respond to breaches.
-keywords: wdatp, test, scenario, attack, simulation, simulated, diy, microsoft defender advanced threat protection
+keywords: wdatp, test, scenario, attack, simulation, simulated, diy, Microsoft Defender for Endpoint
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-faq.md b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-faq.md
index da9a3daa46..522dfd79ee 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-faq.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-faq.md
@@ -1,7 +1,7 @@
 ---
 title: Attack surface reduction frequently asked questions (FAQ)
 description: Find answers to frequently asked questions about Microsoft Defender ATP's attack surface reduction rules.
-keywords: Attack surface reduction rules, asr, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP
+keywords: Attack surface reduction rules, asr, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, microsoft defender for endpoint
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: m365-security
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
index 7e26356956..035b4e773b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md
@@ -1,7 +1,7 @@
 ---
 title: Use attack surface reduction rules to prevent malware infection
 description: Attack surface reduction rules can help prevent exploits from using apps and scripts to infect devices with malware.
-keywords: Attack surface reduction rules, asr, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP
+keywords: Attack surface reduction rules, asr, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, Microsoft Defender for Endpoint, Microsoft Defender ATP
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
 ms.mktglfcycl: manage
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/audit-windows-defender.md b/windows/security/threat-protection/microsoft-defender-atp/audit-windows-defender.md
index e851516dcb..aa2c627401 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/audit-windows-defender.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/audit-windows-defender.md
@@ -21,7 +21,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md b/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md
index f4a000c3eb..5b550db840 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/auto-investigation-action-center.md
@@ -27,7 +27,7 @@ During and after an automated investigation, remediation actions for threat dete
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 ## (NEW!) A unified Action center
diff --git a/windows/security/threat-protection/microsoft-defender-atp/autoir-investigation-results.md b/windows/security/threat-protection/microsoft-defender-atp/autoir-investigation-results.md
index dfde5d03b9..9218b91eff 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/autoir-investigation-results.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/autoir-investigation-results.md
@@ -27,7 +27,7 @@ ms.date: 02/02/2021
 # Details and results of an automated investigation
 
 **Applies to:**
-- Microsoft Defender for Endpoint
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 With Microsoft Defender for Endpoint, when an [automated investigation](automated-investigations.md) runs, details about that investigation are available both during and after the automated investigation process. If you have the necessary permissions, you can view those details in an investigation details view. The investigation details view provides you with up-to-date status and the ability to approve any pending actions. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
index ab8f4e0d15..ad9b71f4fb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/automated-investigations.md
@@ -28,9 +28,7 @@ ms.custom: AIR
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Want to see how it works? Watch the following video: <br/><br/>
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/automation-levels.md b/windows/security/threat-protection/microsoft-defender-atp/automation-levels.md
index d0ace26d8c..5c7d6be2fb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/automation-levels.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/automation-levels.md
@@ -26,8 +26,7 @@ ms.custom: AIR
 # Automation levels in automated investigation and remediation capabilities
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Automated investigation and remediation (AIR) capabilities in Microsoft Defender for Endpoint can be configured to one of several levels of automation. Your automation level affects whether remediation actions following AIR investigations are taken automatically or only upon approval.  
 - *Full automation* (recommended) means remediation actions are taken automatically on artifacts determined to be malicious.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md b/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
index f543ecb8a9..6523dba08c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md
@@ -1,6 +1,6 @@
 ---
 title: Use basic permissions to access Microsoft Defender Security Center
-description: Learn how to use basic permissions to access the Microsoft Defender Advanced Threat Protection portal.
+description: Learn how to use basic permissions to access the Microsoft Defender for Endpoint portal.
 keywords: assign user roles, assign read and write access, assign read only access, user, user roles, roles
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 - Azure Active Directory
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/batch-update-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/batch-update-alerts.md
index 2b93144552..bf9263f1db 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/batch-update-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/batch-update-alerts.md
@@ -22,7 +22,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md b/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md
index f5c2868d55..6c36e19448 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/behavioral-blocking-containment.md
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md b/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md
index 71162e7251..98fdd0b510 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/check-sensor-status.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-checksensor-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md b/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md
index e492aea556..d9a221d00b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/client-behavioral-blocking.md
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md b/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md
index 3e7ccee247..7d0b3a533f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/collect-investigation-package.md
@@ -22,11 +22,9 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
-
-- Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 [!include[Microsoft Defender for Endpoint API URIs for US Government](../../includes/microsoft-defender-api-usgov.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/community.md b/windows/security/threat-protection/microsoft-defender-atp/community.md
index e8debb489b..57fbbe592e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/community.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/community.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md
index 93ea0017f4..7903a49694 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/conditional-access.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-conditionalaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
index 45279a411f..7afdacd4c0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md
index 6734313b4e..db4c676adb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-attack-surface-reduction.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md
index e77d4f82c5..ee0c27a94e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-automated-investigations-remediation.md
@@ -25,7 +25,7 @@ ms.reviewer: ramarom, evaldm, isco, mabraitm, chriggs
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md b/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md
index 2fe50d0988..009e567767 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md
index 904b50ea79..3ca881cddd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md
@@ -1,6 +1,6 @@
 ---
-title: Configure alert notifications in Microsoft Defender ATP
-description: You can use Microsoft Defender Advanced Threat Protection to configure email notification settings for security alerts, based on severity and other criteria.
+title: Configure alert notifications in Microsoft Defender for Endpoint
+description: You can use Microsoft Defender for Endpoint to configure email notification settings for security alerts, based on severity and other criteria.
 keywords: email notifications, configure alert notifications, microsoft defender atp notifications, microsoft defender atp alerts, windows 10 enterprise, windows 10 education
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-emailconfig-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
index 166d6e77a5..7adfb630fe 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md
@@ -1,7 +1,7 @@
 ---
 title: Onboard Windows 10 devices to Microsoft Defender ATP via Group Policy
 description: Use Group Policy to deploy the configuration package on Windows 10 devices so that they are onboarded to the service.
-keywords: configure devices using group policy, device management, configure Windows ATP devices, onboard Microsoft Defender Advanced Threat Protection devices, group policy
+keywords: configure devices using group policy, device management, configure Windows ATP devices, onboard Microsoft Defender for Endpoint devices, group policy
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -26,7 +26,7 @@ ms.technology: mde
 **Applies to:**
 
 - Group Policy
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointsgp-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md
index 603253f4a4..a07e6fe975 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md
@@ -1,7 +1,7 @@
 ---
 title: Onboard Windows 10 devices using Mobile Device Management tools
 description: Use Mobile Device Management tools to deploy the configuration package on devices so that they are onboarded to the service.
-keywords: onboard devices using mdm, device management, onboard Windows ATP devices, onboard Microsoft Defender Advanced Threat Protection devices, mdm
+keywords: onboard devices using mdm, device management, onboard Windows ATP devices, onboard Microsoft Defender for Endpoint devices, mdm
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointsmdm-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md
index 595a2aec82..f7b40435f4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md
@@ -1,7 +1,7 @@
 ---
-title: Onboard non-Windows devices to the Microsoft Defender ATP service
+title: Onboard non-Windows devices to the Microsoft Defender for Endpoint service
 description: Configure non-Windows devices so that they can send sensor data to the Microsoft Defender ATP service.
-keywords: onboard non-Windows devices, macos, linux, device management, configure Windows ATP devices, configure Microsoft Defender Advanced Threat Protection devices
+keywords: onboard non-Windows devices, macos, linux, device management, configure Windows ATP devices, configure Microsoft Defender for Endpoint devices
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -24,11 +24,12 @@ ms.technology: mde
 
 
 **Applies to:**
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
 - macOS
 - Linux
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-nonwindows-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md
index 4d619ca79e..d3fdc50ae9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md
@@ -1,7 +1,7 @@
 ---
 title: Onboard Windows 10 devices using Configuration Manager
 description: Use Configuration Manager to deploy the configuration package on devices so that they are onboarded to the service.
-keywords: onboard devices using sccm, device management, configure Windows ATP devices, configure Microsoft Defender Advanced Threat Protection devices
+keywords: onboard devices using sccm, device management, configure Windows ATP devices, configure Microsoft Defender for Endpoint devices
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -24,8 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 - Microsoft Endpoint Configuration Manager current branch
 - System Center 2012 R2 Configuration Manager
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md
index 6c32573e4c..9524235da5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md
@@ -1,7 +1,7 @@
 ---
 title: Onboard Windows 10 devices using a local script
 description: Use a local script to deploy the configuration package on devices so that they are onboarded to the service.
-keywords: configure devices using a local script, device management, configure Windows ATP devices, configure Microsoft Defender Advanced Threat Protection devices
+keywords: configure devices using a local script, device management, configure Windows ATP devices, configure Microsoft Defender for Endpoint devices
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -22,9 +22,9 @@ ms.technology: mde
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
+**Applies to:**
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configureendpointsscript-abovefoldlink)
 
 You can also manually onboard individual devices to Defender for Endpoint. You might want to do this first when testing the service before you commit to onboarding all devices in your network.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index 1e4a2f4440..319a18a6cf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -1,7 +1,7 @@
 ---
 title: Onboard non-persistent virtual desktop infrastructure (VDI) devices
 description: Deploy the configuration package on virtual desktop infrastructure (VDI) device so that they are onboarded to Microsoft Defender ATP the service.
-keywords: configure virtual desktop infrastructure (VDI) device, vdi, device management, configure Windows ATP endpoints, configure Microsoft Defender Advanced Threat Protection endpoints
+keywords: configure virtual desktop infrastructure (VDI) device, vdi, device management, configure Windows ATP endpoints, configure Microsoft Defender for Endpoint endpoints
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 - Virtual desktop infrastructure (VDI) devices
 - Windows 10, Windows Server 2019, Windows Server 2008R2/2012R2/2016
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
index 85c75d3828..934155012d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 - [Microsoft 365 Endpoint data loss prevention (DLP)](/microsoft-365/compliance/endpoint-dlp-learn-about)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md
index 6b6afc49f2..f58060ef84 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-asr.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md
index 76815e7245..8bc9cb2421 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-onboarding.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md
index f85e803452..432aad688c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines-security-baseline.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md b/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md
index 3bd54ed230..0bc5cee7a1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-machines.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
index 08de267337..753fe73c40 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
@@ -26,8 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
 
@@ -37,14 +36,12 @@ ms.technology: mde
 
 Ensure that you have Defender for Endpoint deployed in your environment with devices enrolled, and not just on a laboratory set-up.
 
-Defender for Endpoint customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.
+If you're a Defender for Endpoint customer, you need to apply for Microsoft Threat Experts - Targeted Attack Notifications to get special insights and analysis to help identify the most critical threats, so you can respond to them quickly. Contact your account team or Microsoft representative to subscribe to Microsoft Threat Experts - Experts on Demand to consult with our threat experts on relevant detections and adversaries.
 
-If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on-Demand subscription. 
+## Apply for Microsoft Threat Experts - Targeted Attack Notifications service 
+If you're already a Defender for Endpoint customer, you can apply through the Microsoft Defender Security Center. 
 
-## Register to Microsoft Threat Experts managed threat hunting service 
-If you're already a Defender for Endpoint customer, you can apply through the Microsoft Defender for Endpoint portal. 
-
-1. From the navigation pane, go to **Settings > General > Advanced features > Microsoft Threat Experts**.
+1. From the navigation pane, go to **Settings > General > Advanced features > Microsoft Threat Experts - Targeted Attack Notifications**.
 
 2. Click **Apply**.
 
@@ -58,11 +55,14 @@ If you're already a Defender for Endpoint customer, you can apply through the Mi
 
     ![Image of Microsoft Threat Experts application confirmation](images/mte-applicationconfirmation.png)
 
-6. From the navigation pane, go to **Settings** > **General** > **Advanced features** to turn the **Threat Experts** toggle on. Click **Save preferences**. 
+When accepted, you will receive a welcome email and you will see the **Apply** button change to a toggle that is “on”. In case you want to take yourself out of the Targeted Attack Notifications service, slide the toggle “off” and click **Save preferences** at the bottom of the page. 
 
-## Receive targeted attack notification from Microsoft Threat Experts 
+## Where you'll see the targeted attack notifications from Microsoft Threat Experts 
 You can receive targeted attack notification from Microsoft Threat Experts through the following medium:  
+- The Defender for Endpoint portal's **Incidents** page 
 - The Defender for Endpoint portal's **Alerts** dashboard  
+- OData alerting [API](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/get-alerts) and [REST API](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api)
+- [DeviceAlertEvents](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicealertevents-table) table in Advanced hunting
 - Your email, if you choose to configure it 
 
 To receive targeted attack notifications through email, create an email notification rule.
@@ -77,13 +77,15 @@ You'll start receiving targeted attack notification from Microsoft Threat Expert
 
 2. From the dashboard, select the same alert topic that you got from the email, to view the details.  
 
+## Subscribe to Microsoft Threat Experts - Experts on Demand
+If you're already a Defender for Endpoint customer, you can contact your Microsoft representative to subscribe to Microsoft Threat Experts - Experts on Demand. 
 
 ## Consult a Microsoft threat expert about suspicious cybersecurity activities in your organization 
 You can partner with Microsoft Threat Experts who can be engaged directly from within the Microsoft Defender Security Center for timely and accurate response. Experts provide insights to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, a potentially compromised device, or a threat intelligence context that you see on your portal dashboard. 
 
 > [!NOTE]
 > - Alert inquiries related to your organization's customized threat intelligence data are currently not supported. Consult your security operations or incident response team for details.
-> - You will need to have the "Manage security settings" permission in the Security Center portal to be able to submit a "Consult a threat expert" inquiry.
+> - You need to have the **Manage security settings** permission in the Security Center portal to be able to submit a "Consult a threat expert" inquiry.
 
 1. Navigate to the portal page with the relevant information that you'd like to investigate, for example, the **Incident** page. Ensure that the page for the relevant alert or device is in view before you send an investigation request. 
 
@@ -106,7 +108,7 @@ You can partner with Microsoft Threat Experts who can be engaged directly from w
 4. Enter the email address that you'd like to use to correspond with Microsoft Threat Experts.
 
 > [!NOTE]
-> Customers with Premier Support subscription mapped to their Office 365 license can track the status of their Experts on Demand cases through Microsoft Services Hub. 
+> If you would like to track the status of your Experts on Demand cases through Microsoft Services Hub, reach out to your Technical Account Manager. 
 
 Watch this video for a quick overview of the Microsoft Services Hub.
 
@@ -114,7 +116,7 @@ Watch this video for a quick overview of the Microsoft Services Hub.
 
 
    
-## Sample investigation topics that you can consult with Microsoft Threat Experts
+## Sample investigation topics that you can consult with Microsoft Threat Experts - Experts on Demand 
 
 **Alert information**
 - We see a new type of alert for a living-off-the-land binary: [AlertID]. Can you tell us something more about this alert and how we can investigate further?
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md
index 6f4f12e78a..ed004ad158 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-notifications.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
index 09106fbd64..d9e591cabe 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
index 07ccd43835..93eac0a3a8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configureendpointsscript-abovefoldlink)
@@ -114,7 +114,7 @@ The following downloadable spreadsheet lists the services and their associated U
 
 |**Spreadsheet of domains list**|**Description**|
 |:-----|:-----|
-|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/>  | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) 
+|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/>  | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx) 
 
 
 If a proxy or firewall has HTTPS scanning (SSL inspection) enabled, exclude the domains listed in the above table from HTTPS scanning.
@@ -157,7 +157,7 @@ Please see the following guidance to eliminate the wildcard (*) requirement for
 
 3.	Run the TestCloudConnection.exe tool from “C:\Program Files\Microsoft Monitoring Agent\Agent” to validate the connectivity and to see the required URLs for your specific workspace.
 
-4.	Check the Microsoft Defender for Endpoint URLs list for the complete list of requirements for your region (please refer to the Service URLs [Spreadsheet](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)).
+4.	Check the Microsoft Defender for Endpoint URLs list for the complete list of requirements for your region (please refer to the Service URLs [Spreadsheet](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx)).
 
 ![Image of administrator in Windows PowerShell](images/admin-powershell.png)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
index d9643ad099..07e759c41a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
@@ -1,7 +1,7 @@
 ---
 title: Onboard Windows servers to the Microsoft Defender for Endpoint service
 description: Onboard Windows servers so that they can send sensor data to the Microsoft Defender for Endpoint sensor.
-keywords: onboard server, server, 2012r2, 2016, 2019, server onboarding, device management, configure Windows ATP servers, onboard Microsoft Defender Advanced Threat Protection servers, onboard Microsoft Defender for Endpoint servers
+keywords: onboard server, server, 2012r2, 2016, 2019, server onboarding, device management, configure Windows ATP servers, onboard Microsoft Defender for Endpoint servers, onboard Microsoft Defender for Endpoint servers
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -24,16 +24,16 @@ ms.technology: mde
 
 
 **Applies to:**
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
 - Windows Server 2008 R2 SP1
 - Windows Server 2012 R2
 - Windows Server 2016
 - Windows Server (SAC) version 1803 and later
 - Windows Server 2019 and later
 - Windows Server 2019 core edition
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configserver-abovefoldlink)
 
@@ -221,7 +221,7 @@ Defender for Endpoint integrates with System Center Endpoint Protection. The int
 The following steps are required to enable this integration:
 - Install the [January 2017 anti-malware platform update for Endpoint Protection clients](https://support.microsoft.com/help/3209361/january-2017-anti-malware-platform-update-for-endpoint-protection-clie).
 
-- Configure the SCEP client Cloud Protection Service membership to the **Advanced** setting.
+- [Configure the SCEP client Cloud Protection Service membership](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus) to the **Advanced** setting.
 
 <br>
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md
index 7597959e7f..b42807a66d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md
@@ -1,5 +1,5 @@
 ---
-title: Pull detections to your SIEM tools from Microsoft Defender Advanced Threat Protection
+title: Pull detections to your SIEM tools from Microsoft Defender for Endpoint
 description: Learn how to use REST API and configure supported security information and events management tools to receive and pull detections.
 keywords: configure siem, security information and events management tools, splunk, arcsight, custom indicators, rest api, alert definitions, indicators of compromise
 search.product: eADQiWindows 10XVcnh
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-vulnerability-email-notifications.md b/windows/security/threat-protection/microsoft-defender-atp/configure-vulnerability-email-notifications.md
index 3a5a17455d..878715c536 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-vulnerability-email-notifications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-vulnerability-email-notifications.md
@@ -22,7 +22,8 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-emailconfig-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md
index 081cd57903..c4c707c47f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/connected-applications.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/contact-support-usgov.md b/windows/security/threat-protection/microsoft-defender-atp/contact-support-usgov.md
index 95f0488aa4..cd399e7520 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/contact-support-usgov.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/contact-support-usgov.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 Defender for Endpoint has recently upgraded the support process to offer a more modern and advanced support experience.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/contact-support.md b/windows/security/threat-protection/microsoft-defender-atp/contact-support.md
index e79c0952b0..4b33e72170 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/contact-support.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/contact-support.md
@@ -1,6 +1,6 @@
 ---
-title: Contact Microsoft Defender ATP support
-description: Learn how to contact Microsoft Defender ATP support
+title: Contact Microsoft Defender for Endpoint support
+description: Learn how to contact Microsoft Defender for Endpoint support
 keywords: support, contact, premier support, solutions, problems, case
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
index f227cf31b8..5512fe322c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md b/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md
index 9ce4f58684..aa6d616595 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md
@@ -1,6 +1,6 @@
 ---
 title: Create alert from event API
-description: Learn how to use the Create alert API to create a new Alert on top of Event in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Create alert API to create a new Alert on top of Event in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, alert, information, id
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
index 65af61d64f..f2e44889fb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md
@@ -25,8 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md
index be445c4a3c..9269fbb2ce 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detections-manage.md
@@ -25,8 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md
index e82169852e..e098f363d6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/customize-attack-surface-reduction.md
@@ -21,7 +21,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md
index 7997959422..ae3f2e4f2f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/customize-controlled-folders.md
@@ -12,7 +12,7 @@ author: denisebmsft
 ms.author: deniseb
 ms.reviewer: jcedola, dbodorin, vladiso, nixanm, anvascon
 manager: dansimp
-ms.date: 01/06/2021
+ms.date: 03/10/2021
 ms.technology: mde
 ---
 
@@ -22,7 +22,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
@@ -130,6 +130,7 @@ An allowed application or service only has write access to a controlled folder a
 ### Use PowerShell to allow specific apps
 
 1. Type **PowerShell** in the Start menu, right-click **Windows PowerShell** and select **Run as administrator**
+
 2. Enter the following cmdlet:
 
     ```PowerShell
@@ -158,7 +159,7 @@ Use the [./Vendor/MSFT/Policy/Config/Defender/GuardedFoldersAllowedApplications]
 Microsoft Defender for Endpoint certificate and file indicators can allow signed executable files to access protected folders. For implementation details, see [Create indicators based on certificates](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates).
 
 > [!Note]
-> This does no apply to scripting engines, including Powershell
+> This does not apply to scripting engines, including PowerShell.
 
 ## Customize the notification
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md
index 80c3c22418..6285039fc7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/customize-exploit-protection.md
@@ -21,7 +21,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md
index 5266ed304e..1c8bbd8daf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md
@@ -1,6 +1,6 @@
 ---
 title: Verify data storage location and update data retention settings
-description: Verify data storage location and update data retention settings for Microsoft Defender Advanced Threat Protection
+description: Verify data storage location and update data retention settings for Microsoft Defender for Endpoint
 keywords: data, storage, settings, retention, update
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -23,9 +23,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-gensettings-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md
index 6af0ae78d7..4738046949 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy.md
@@ -23,8 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md
index e4d3704b11..2cb0f13b8c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/defender-compatibility.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md
index 82e098b761..d2997b4737 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md
@@ -1,6 +1,6 @@
 ---
-title: Delete Indicator API.
-description: Learn how to use the Delete Indicator API to delete an Indicator entity by ID in Microsoft Defender Advanced Threat Protection.
+title: Delete Indicator API
+description: Learn how to use the Delete Indicator API to delete an Indicator entity by ID in Microsoft Defender for Endpoint.
 keywords: apis, public api, supported apis, delete, ti indicator, entity, id
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)  
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
index 21715873c5..4418f8bce8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-phases.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md
index 099e614f4d..6d29d4645f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-rings.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md b/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
index 5965d178c8..c23bdd5ea6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/deployment-strategy.md
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-secopsdashboard-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md b/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md
index f4adc4a723..7c3056edaf 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/device-timeline-event-flag.md
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx b/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx
index b5683ec66f..d620b1a270 100644
Binary files a/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx and b/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md b/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md
index 87d5219bad..3a5b32b88f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/edr-in-block-mode.md
@@ -27,7 +27,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
@@ -128,6 +128,9 @@ To learn more, see [Get-MpComputerStatus](https://docs.microsoft.com/powershell/
 
 3. In the list of results, in the **STATE** row, confirm that the service is running.
 
+### How much time does it take for EDR in block mode to be disabled?
+If you chose to disable EDR in block mode it can take up to 30 minutes for the system to disable this capability.
+
 ## See also
 
 - [Tech Community blog: Introducing EDR in block mode: Stopping attacks in their tracks](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/introducing-edr-in-block-mode-stopping-attacks-in-their-tracks/ba-p/1596617)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
index 30d1bceeed..ae6ac815b2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md
@@ -21,7 +21,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
index 82ad65a1b2..d74eec6cf4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-controlled-folders.md
@@ -21,7 +21,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
index 046a880398..fb8f884edd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection.md
@@ -20,7 +20,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
index 08db900053..ec322632d7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-network-protection.md
@@ -20,7 +20,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-assignaccess-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md b/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
index fe94731159..058650cb78 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md
index 66707cf26c..08cbf22511 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-atp.md
@@ -24,12 +24,11 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
 
-[Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037) is a unified platform for preventative protection, post-breach detection, automated investigation, and response.
+[Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037) is a unified platform for preventative protection, post-breach detection, automated investigation, and response.
 
 You can evaluate Microsoft Defender for Endpoint in your organization by [starting your free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp).
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-attack-surface-reduction.md
index 24fda19f6c..05a3b7c6e7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-attack-surface-reduction.md
@@ -21,7 +21,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md
index 6ae477dd83..fce918a95c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-controlled-folder-access.md
@@ -20,12 +20,11 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
 
-
 [Controlled folder access](controlled-folders.md) is a feature that helps protect your documents and files from modification by suspicious or malicious apps. Controlled folder access is supported on Windows Server 2019 and Windows 10 clients.
 
 It is especially useful in helping protect against [ransomware](https://www.microsoft.com/wdsi/threats/ransomware) that attempts to encrypt your files and hold them hostage.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-exploit-protection.md
index 158be3a882..185e733e48 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-exploit-protection.md
@@ -1,6 +1,6 @@
 ---
 title: See how Exploit protection works in a demo
-description: See how exploit protection can prevent suspicious behaviors from occurring on specific apps.
+description: See how Exploit Protection can prevent suspicious behaviors from occurring on specific apps.
 keywords: Exploit protection, exploits, kernel, events, evaluate, demo, try, mitigation
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
@@ -30,14 +30,14 @@ ms.technology: mde
 
 [Exploit protection](exploit-protection.md) helps protect devices from malware that uses exploits to spread and infect other devices. Mitigation can be applied to either the operating system or to an individual app. Many of the features that were part of the Enhanced Mitigation Experience Toolkit (EMET) are included in exploit protection. (The EMET has reached its end of support.)
 
-Use exploit protection in audit mode to review related events in Event Viewer. By enabling audit mode, you'll see how mitigation works for certain apps in a test environment. Audit mode shows what *would* have happened if you enabled exploit protection in your production environment. This way, you can verify that exploit protection doesn't adversely affect your line-of-business apps, and see which suspicious or malicious events occur.
+In audit, you can see how mitigation works for certain apps in a test environment. This shows what *would* have happened if you enabled exploit protection in your production environment. This way, you can verify that exploit protection doesn't adversely affect your line-of-business apps, and see which suspicious or malicious events occur.
 
 > [!TIP]
 > You can also visit the Microsoft Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to see how exploit protection works.
 
-## Enable exploit protection in audit mode
+## Enable exploit protection for testing
 
-You can set mitigations in audit mode for specific programs by using the Windows Security app or Windows PowerShell.
+You can set mitigations in a testing mode for specific programs by using the Windows Security app or Windows PowerShell.
 
 ### Windows Security app
 
@@ -99,12 +99,12 @@ To review which apps would have been blocked, open Event Viewer and filter for t
 
 | Feature | Provider/source | Event ID | Description |
 |---|---|--|---|
- | Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 1 | ACG audit |
- | Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 3 | Do not allow child processes audit |
- | Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 5 | Block low integrity images audit |
- | Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 7 | Block remote images audit |
- | Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 9 | Disable win32k system calls audit |
- | Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 11 | Code integrity guard audit |
+| Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 1 | ACG audit |
+| Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 3 | Do not allow child processes audit |
+| Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 5 | Block low integrity images audit |
+| Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 7 | Block remote images audit |
+| Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 9 | Disable win32k system calls audit |
+| Exploit protection | Security-Mitigations (Kernel Mode/User Mode) | 11 | Code integrity guard audit |
 
 ## See also
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluate-network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/evaluate-network-protection.md
index 8be04a87c7..77d41cea29 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluate-network-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluate-network-protection.md
@@ -20,7 +20,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 [Network protection](network-protection.md) helps prevent employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
index 608e465720..d22560fa18 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md b/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
index 6fbb30d6e3..573314eac7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/event-error-codes.md
@@ -27,7 +27,7 @@ ms.technology: mde
 
 **Applies to:**
 - Event Viewer
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/event-views.md b/windows/security/threat-protection/microsoft-defender-atp/event-views.md
index e8b667e82c..913dc4b2dd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/event-views.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/event-views.md
@@ -20,7 +20,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection-reference.md b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection-reference.md
index 79a6fd80df..8b29ab6b3d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection-reference.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection-reference.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md
index 60c5bce436..9d3123817d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md
@@ -7,11 +7,11 @@ ms.prod: m365-security
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
-ms.localizationpriority: medium
+ms.localizationpriority: high
 audience: ITPro
 author: denisebmsft
 ms.author: deniseb
-ms.date: 10/21/2020
+ms.date: 03/10/2021
 ms.reviewer: 
 manager: dansimp
 ms.custom: asr
@@ -24,23 +24,19 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
->Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
+Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-enablesiem-abovefoldlink)
 
 Exploit protection automatically applies a number of exploit mitigation techniques to operating system processes and apps. Exploit protection is supported beginning with Windows 10, version 1709 and Windows Server, version 1803.
 
 > [!TIP]
 > You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
-Exploit protection works best with [Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) - which gives you detailed reporting into exploit protection events and blocks as part of the usual [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md).
+Exploit protection works best with [Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) - which gives you detailed reporting into exploit protection events and blocks as part of the usual [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md). You can [enable exploit protection](enable-exploit-protection.md) on an individual device, and then use [Group Policy](import-export-exploit-protection-emet-xml.md) to distribute the XML file to multiple devices at once.
 
-You can [enable exploit protection](enable-exploit-protection.md) on an individual device, and then use [Group Policy](import-export-exploit-protection-emet-xml.md) to distribute the XML file to multiple devices at once.
-
-When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors.
-
-You can also use [audit mode](evaluate-exploit-protection.md) to evaluate how exploit protection would impact your organization if it were enabled.
+When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors. You can also use [audit mode](evaluate-exploit-protection.md) to evaluate how exploit protection would impact your organization if it were enabled.
 
 Many of the features in the [Enhanced Mitigation Experience Toolkit (EMET)](https://technet.microsoft.com/security/jj653751) are included in exploit protection. In fact, you can convert and import existing your EMET configuration profiles into exploit protection. To learn more, see [Import, export, and deploy exploit protection configurations](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml).
 
@@ -52,9 +48,7 @@ Many of the features in the [Enhanced Mitigation Experience Toolkit (EMET)](http
 
 ## Review exploit protection events in the Microsoft Security Center
 
-Defender for Endpoint provides detailed reporting into events and blocks as part of its alert investigation scenarios.
-
-You can query Defender for Endpoint data by using [Advanced hunting](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview). If you're using [audit mode](audit-windows-defender.md), you can use advanced hunting to see how exploit protection settings could affect your environment.
+Defender for Endpoint provides detailed reporting into events and blocks as part of its alert investigation scenarios. You can query Defender for Endpoint data by using [Advanced hunting](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview). If you're using [audit mode](audit-windows-defender.md), you can use advanced hunting to see how exploit protection settings could affect your environment.
 
 Here is an example query:
 
@@ -100,7 +94,7 @@ You can review the Windows event log to see events that are created when exploit
 
 The mitigations available in EMET are included natively in Windows 10 (starting with version 1709) and Windows Server (starting with version 1803), under [Exploit protection](exploit-protection.md).
 
-The table in this section indicates the availability and support of native mitigations between EMET and exploit protection.
+The following table indicates the availability and support of native mitigations between EMET and exploit protection.
 
 |Mitigation | Available under exploit protection | Available in EMET |
 |:---|:---|:---|
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
index ca1f1ea37e..054ff7b35b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-nativeapp.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md
index 664f1c63be..509ac1e964 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-partners.md
@@ -22,8 +22,8 @@ ms.technology: mde
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md
index dc6a1df497..357f8f3af9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md
@@ -23,7 +23,9 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-full-sample-powershell.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-full-sample-powershell.md
index e2ceff454e..b07bb430be 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-full-sample-powershell.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-full-sample-powershell.md
@@ -23,7 +23,8 @@ ms.technology: mde
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
index 4bca78843c..5a165e77ff 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-list.md
@@ -23,7 +23,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md
index 1f9f6cb3b5..8c19965c36 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-odata-samples.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/feedback-loop-blocking.md b/windows/security/threat-protection/microsoft-defender-atp/feedback-loop-blocking.md
index 49256a6cd9..b414cf0799 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/feedback-loop-blocking.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/feedback-loop-blocking.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 ## Overview
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/fetch-alerts-mssp.md b/windows/security/threat-protection/microsoft-defender-atp/fetch-alerts-mssp.md
index 97b76caa30..7b33c41b18 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fetch-alerts-mssp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fetch-alerts-mssp.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mssp-support-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/files.md b/windows/security/threat-protection/microsoft-defender-atp/files.md
index eb0cf41168..af08109636 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/files.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/files.md
@@ -22,7 +22,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-ip.md b/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-ip.md
index 091e9c45de..fb67090a7b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-ip.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-ip.md
@@ -22,7 +22,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-tag.md b/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-tag.md
index a16e71db5b..71eabbd343 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-tag.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/find-machines-by-tag.md
@@ -21,7 +21,8 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
index 301115a087..5b6c706b9a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/fix-unhealthy-sensors.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-fixsensor-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
index 097719cb86..46aafe20cc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-info-by-id.md
@@ -22,7 +22,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
index d533b2e0e7..dcb2fe02c8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md
@@ -1,6 +1,6 @@
 ---
 title: Get alert related domains information
-description: Retrieve all domains related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve all domains related to a specific alert using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get alert information, alert information, related domain
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -20,7 +20,7 @@ ms.technology: mde
 # Get alert related domain information API
 
 **Applies to:** 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
index aa0fc830ea..554c6811bb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md
@@ -1,6 +1,6 @@
 ---
 title: Get alert related files information
-description: Retrieve all files related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender for Endpoint).
+description: Retrieve all files related to a specific alert using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get alert information, alert information, related files
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
  
 > Want to experience Microsoft Defender for Endpoint? [Sign up for free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
index 25ea5e8fcf..f70015d288 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md
@@ -1,6 +1,6 @@
 ---
 title: Get alert related IPs information
-description: Retrieve all IPs related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender for Endpoint).
+description: Retrieve all IPs related to a specific alert using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get alert information, alert information, related ip
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
index 38461117ef..ef2c58345d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md
@@ -1,6 +1,6 @@
 ---
 title: Get alert related machine information
-description: Retrieve all devices related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender for Endpoint).
+description: Retrieve all devices related to a specific alert using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get alert information, alert information, related device
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -23,9 +23,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
index fb06d75de7..3c9fdcc2ad 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md
@@ -1,6 +1,6 @@
 ---
 title: Get alert related user information
-description: Learn how to use the Get alert related user information API to retrieve the user related to a specific alert in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get alert related user information API to retrieve the user related to a specific alert in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, alert, information, related, user
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,9 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
index 20bd761327..36887a8462 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-alerts.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
index 21b2e1ebd9..0fb9f00800 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
@@ -22,9 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
index 0bb2f8a653..dcf6509263 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities-by-machines.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
index 1acf21401e..a82619f7a9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
index 2fe3ae2a8b..9099978bde 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-cvekbmap-collection.md
@@ -24,8 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
index fc18d97935..92fcf97ac0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
@@ -22,10 +22,10 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
index 54078f8925..9364076f9b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-discovered-vulnerabilities.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
index 3721566568..8b237ff15e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-alerts.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
index 14b95f8007..bd4c6a6070 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-related-machines.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
index a8aa5990dd..772772e6c1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-domain-statistics.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
index 2d3c69d629..8bf6505cb6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
index ee1527e69b..74e7c21298 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-information.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
index 0c29cd245d..9f60c7c40d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-alerts.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
index f69053927b..62c7371723 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-related-machines.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
index cc1e435b61..e99abc3904 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-file-statistics.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
index 45f23bcd3e..368d22ec9f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-installed-software.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
index 108d89871f..7d0bcec2b5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-collection.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
index 561c68ac0b..3e636739b0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-investigation-object.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md
index 8c6690d917..ac80ccb76c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md
@@ -1,6 +1,6 @@
 ---
 title: Get IP related alerts API
-description: Retrieve a collection of alerts related to a given IP address using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve a collection of alerts related to a given IP address using Microsoft Defender for Endpoint
 keywords: apis, graph api, supported apis, get, ip, related, alerts
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md b/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md
index c3c0b129df..b4aa122f9f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md
@@ -1,6 +1,6 @@
 ---
 title: Get IP statistics API
-description: Get the latest stats for your IP using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Get the latest stats for your IP using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, ip, statistics, prevalence
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md
index a2bdfc279e..b45eb0a8f5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md
@@ -1,6 +1,6 @@
 ---
 title: Get KB collection API
-description: Retrieve a collection of knowledge bases (KB's) and KB details with Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve a collection of knowledge bases (KB's) and KB details with Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, kb
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -24,8 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md
index 2ecf612da3..4ebc4d2fda 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md
@@ -1,6 +1,6 @@
 ---
 title: Get machine by ID API
-description: Learn how to use the Get machine by ID API to retrieve a machine by its device ID or computer name in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get machine by ID API to retrieve a machine by its device ID or computer name in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, devices, entity, id
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
index cc2ba67cc2..baee987b84 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
@@ -21,8 +21,7 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md
index 6c8c2a7aa0..9a6202a447 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md
@@ -1,6 +1,6 @@
 ---
 title: Get machine logon users API
-description: Learn how to use the Get machine logon users API to retrieve a collection of logged on users on a device in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get machine logon users API to retrieve a collection of logged on users on a device in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, device, log on, users
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -21,7 +21,8 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md
index 08e0a0643f..bd2ea23017 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md
@@ -1,6 +1,6 @@
 ---
 title: Get machine related alerts API
-description: Learn how to use the Get machine related alerts API to retrieve all alerts related to a specific device in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get machine related alerts API to retrieve all alerts related to a specific device in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, devices, related, alerts
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md b/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md
index d836586aa9..87e981c4cd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md
@@ -1,6 +1,6 @@
 ---
 title: Get MachineAction object API
-description: Learn how to use the Get MachineAction API to retrieve a specific Machine Action by its ID in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get MachineAction API to retrieve a specific Machine Action by its ID in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, machineaction object
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md
index 33538ea489..c9bf10af9e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md
@@ -1,6 +1,6 @@
 ---
 title: List machineActions API
-description: Learn how to use the List MachineActions API to retrieve a collection of Machine Actions in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the List MachineActions API to retrieve a collection of Machine Actions in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, machineaction collection
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -21,7 +21,8 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
index 863252fd1f..d72c03fd04 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
index 99a384d3b8..d38f67120e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines.md
index f2dd4772c8..1a77becba9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md
index e681c4545a..9ad65f6d79 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md
@@ -1,6 +1,6 @@
 ---
 title: Get machines security states collection API
-description: Retrieve a collection of device security states using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve a collection of device security states using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, device, security, state
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -22,7 +22,8 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-machine.md b/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-machine.md
index 87a51d2dc8..fef956f2a5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-machine.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-software.md
index 0b757eed84..4e0f67a9d3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-missing-kbs-software.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-package-sas-uri.md b/windows/security/threat-protection/microsoft-defender-atp/get-package-sas-uri.md
index aabc11d20d..0e7bbbc23b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-package-sas-uri.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-package-sas-uri.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
index 8a6f9bd314..6e5aa77b56 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
index a4088c53db..2f0a193eb3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
index 08e690c094..0cb8bcbadd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
index 5db01dafa2..62ca0c06e8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
index ba78b38a52..d3d4199ce3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-security-recommendations.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
index f7b1637a35..4f569d8044 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-by-id.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
index f2eb40ffa3..aed4653c93 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
index 301708d92d..8335f9da8d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-started-partner-integration.md b/windows/security/threat-protection/microsoft-defender-atp/get-started-partner-integration.md
index 3582717501..5ef32b3918 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-started-partner-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-started-partner-integration.md
@@ -23,7 +23,7 @@ ms.topic: conceptual
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md b/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md
index c58fc04d84..c7ac60dd92 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md
@@ -1,6 +1,6 @@
 ---
 title: List Indicators API
-description: Learn how to use the List Indicators API to retrieve a collection of all active Indicators in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the List Indicators API to retrieve a collection of all active Indicators in Microsoft Defender for Endpoint.
 keywords: apis, public api, supported apis, Indicators collection
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md
index 7d9e81fca1..95f593128a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-information.md
@@ -1,6 +1,6 @@
 ---
 title: Get user information API
-description: Learn how to use the Get user information API to retrieve a User entity by key, or user name, in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get user information API to retrieve a User entity by key, or user name, in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, user, user information
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -20,7 +20,8 @@ ms.topic: article
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md
index 782f1f620c..ab7c4410d2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md
@@ -1,6 +1,6 @@
 ---
 title: Get user-related alerts API
-description: Retrieve a collection of alerts related to a given user ID using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve a collection of alerts related to a given user ID using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, user, related, alerts
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md
index e726dab081..07bbe5df04 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md
@@ -1,6 +1,6 @@
 ---
 title: Get user-related machines API
-description: Learn how to use the Get user-related machines API to retrieve a collection of devices related to a user ID in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get user-related machines API to retrieve a collection of devices related to a user ID in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, user, user related alerts
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
index a8bf3252ea..ffe84f80f5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
@@ -22,8 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
index 5b09a4bb67..030c13dc0d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
@@ -22,9 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/gov.md b/windows/security/threat-protection/microsoft-defender-atp/gov.md
index 555ab3ee79..e40a3ed5d3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/gov.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/gov.md
@@ -21,11 +21,11 @@ ms.technology: mde
 # Microsoft Defender for Endpoint for US Government customers
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
-> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+Microsoft Defender for Endpoint for US Government customers, built in the Azure US Government environment, uses the same underlying technologies as Defender for Endpoint in Azure Commercial.
 
+This offering is available to GCC, GCC High, and DoD customers and is based on the same prevention, detection, investigation, and remediation as the commercial version. However, there are some differences in the availability of capabilities for this offering.
 
 > [!NOTE]
 > If you are a GCC customer using Defender for Endpoint in Commercial, please refer to the public documentation pages.
@@ -37,8 +37,8 @@ Microsoft Defender for Endpoint for US Government customers requires one of the
 GCC | GCC High | DoD
 :---|:---|:---
 Windows 10 Enterprise E5 GCC | Windows 10 Enterprise E5 for GCC High | Windows 10 Enterprise E5 for DOD
-| | Microsoft 365 E5 for GCC High | 
-| | Microsoft 365 G5 Security for GCC High | 
+| | Microsoft 365 E5 for GCC High | Microsoft 365 G5 for DOD
+| | Microsoft 365 G5 Security for GCC High | Microsoft 365 G5 Security for DOD
 Microsoft Defender for Endpoint - GCC | Microsoft Defender for Endpoint for GCC High | Microsoft Defender for Endpoint for DOD
 
 ### Server licensing
@@ -86,8 +86,8 @@ Windows 8.1 Enterprise | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/
 Windows 8 Pro | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Windows 7 SP1 Enterprise | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Windows 7 SP1 Pro | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
-Linux | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development
-macOS | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development
+Linux | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out
+macOS | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out
 Android | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
 iOS | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
 
@@ -102,21 +102,41 @@ The following OS versions are supported when using [Azure Defender for Servers](
 
 OS version | GCC | GCC High | DoD (PREVIEW)
 :---|:---|:---|:---
-Windows Server 2016 | ![No](../images/svg/check-no.svg) Rolling out | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
-Windows Server 2012 R2 | ![No](../images/svg/check-no.svg) Rolling out | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
-Windows Server 2008 R2 SP1 | ![No](../images/svg/check-no.svg) Rolling out | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
+Windows Server 2016 | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
+Windows Server 2012 R2 | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
+Windows Server 2008 R2 SP1 | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 
 <br>
 
 ## Required connectivity settings
-You'll need to ensure that traffic from the following are allowed:
+If a proxy or firewall is blocking all traffic by default and allowing only specific domains through, add the domains listed in the downloadable sheet to the allowed domains list.
 
-Service location | DNS record
-:---|:---
-Common URLs for all locations (Global location) | `crl.microsoft.com`<br>`ctldl.windowsupdate.com`<br>`notify.windows.com`<br>`settings-win.data.microsoft.com` <br><br> Note: `settings-win.data.microsoft.com` is only needed on Windows 10 devices running version 1803 or earlier.
-Common URLs for all US Gov customers | `us4-v20.events.data.microsoft.com` <br>`*.blob.core.usgovcloudapi.net` 
-Defender for Endpoint GCC specific | `winatp-gw-usmt.microsoft.com`<br>`winatp-gw-usmv.microsoft.com`
-Defender for Endpoint GCC High & DoD (PREVIEW) specific | `winatp-gw-usgt.microsoft.com`<br>`winatp-gw-usgv.microsoft.com`
+The following downloadable spreadsheet lists the services and their associated URLs your network must be able to connect to. Verify there are no firewall or network filtering rules that would deny access to these URLs, or create an *allow* rule specifically for them.
+
+Spreadsheet of domains list | Description
+:-----|:-----
+![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/> | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx) 
+
+For more information, see [Configure device proxy and Internet connectivity settings](configure-proxy-internet.md).
+
+> [!NOTE]
+> The spreadsheet contains commercial URLs as well, make sure you check the "US Gov" tabs.
+>
+> When filtering, look for the records labeled as "US Gov" and your specific cloud under the geography column.
+
+### Service backend IP ranges
+
+If your network devices don't support DNS-based rules, use IP ranges instead.
+
+Defender for Endpoint for US Government customers is built in the Azure US Government environment, deployed in the following regions:
+
+- AzureCloud.usgovtexas
+- AzureCloud.usgovvirginia
+
+You can find the Azure IP ranges in [Azure IP Ranges and Service Tags – US Government Cloud](https://www.microsoft.com/download/details.aspx?id=57063).
+
+> [!NOTE]
+> As a cloud-based solution, the IP address ranges can change. It's recommended you move to DNS-based rules.
 
 <br>
 
@@ -132,18 +152,18 @@ SIEM | `https://wdatp-alertexporter-us.gcc.securitycenter.windows.us` | `https:/
 <br>
 
 ## Feature parity with commercial
-Defender for Endpoint doesn't have complete parity with the commercial offering. While our goal is to deliver all commercial features and functionality to our US Government customers, there are some capabilities not yet available we want to highlight.
+Defender for Endpoint for US Government customers doesn't have complete parity with the commercial offering. While our goal is to deliver all commercial features and functionality to our US Government customers, there are some capabilities not yet available we want to highlight.
 
-These are the known gaps as of February 2021:
+These are the known gaps as of March 2021:
 
 Feature name | GCC | GCC High | DoD (PREVIEW)
 :---|:---|:---|:---
 Automated investigation and remediation: Live response | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Automated investigation and remediation: Response to Office 365 alerts | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
-Email notifications | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out
+Email notifications | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Evaluation lab | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Management and APIs: Device health and compliance report | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
-Management and APIs: Integration with third-party products | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development
+Management and APIs: Integration with third-party products | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out | ![No](../images/svg/check-no.svg) Rolling out
 Management and APIs: Streaming API | ![Yes](../images/svg/check-yes.svg) | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development
 Management and APIs: Threat protection report | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
 Threat & vulnerability management | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/check-yes.svg)
@@ -151,7 +171,7 @@ Threat analytics | ![Yes](../images/svg/check-yes.svg) | ![Yes](../images/svg/ch
 Web content filtering | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development
 Integrations: Azure Sentinel | ![Yes](../images/svg/check-yes.svg) | ![No](../images/svg/check-no.svg) In development | ![No](../images/svg/check-no.svg) In development
 Integrations: Microsoft Cloud App Security | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
-Integrations: Microsoft Compliance Center | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
+Integrations: Microsoft Compliance Manager | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
 Integrations: Microsoft Defender for Identity | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
 Integrations: Microsoft Defender for Office 365 | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
 Integrations: Microsoft Endpoint DLP | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog | ![No](../images/svg/check-no.svg) On engineering backlog
diff --git a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md
index 5a2af69aab..d0f076113c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/grant-mssp-access.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md b/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md
index e2f8bfd7a6..1e1cd63909 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md
@@ -1,6 +1,6 @@
 ---
-title: Helpful Microsoft Defender Advanced Threat Protection resources
-description: Access helpful resources such as links to blogs and other resources related to  Microsoft Defender Advanced Threat Protection
+title: Helpful Microsoft Defender for Endpoint resources
+description: Access helpful resources such as links to blogs and other resources related to  Microsoft Defender for Endpoint
 keywords: Microsoft Defender Security Center, product brief, brief, capabilities, licensing
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/alert-landing-view-upd.png b/windows/security/threat-protection/microsoft-defender-atp/images/alert-landing-view-upd.png
new file mode 100644
index 0000000000..1f42e280fe
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/alert-landing-view-upd.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-detected-upd.png b/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-detected-upd.png
new file mode 100644
index 0000000000..ab92777602
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-detected-upd.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-detected.png b/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-detected.png
new file mode 100644
index 0000000000..a629704d07
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-detected.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-prevented-mac-upd.png b/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-prevented-mac-upd.png
new file mode 100644
index 0000000000..8b6427d7f8
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-prevented-mac-upd.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-prevented-mac.png b/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-prevented-mac.png
new file mode 100644
index 0000000000..785afce704
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/detection-status-prevented-mac.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/detstat-blocked.png b/windows/security/threat-protection/microsoft-defender-atp/images/detstat-blocked.png
new file mode 100644
index 0000000000..82fbc297a1
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/detstat-blocked.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/detstat-detected.png b/windows/security/threat-protection/microsoft-defender-atp/images/detstat-detected.png
new file mode 100644
index 0000000000..15d95de0e8
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/detstat-detected.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/detstat-prevented.png b/windows/security/threat-protection/microsoft-defender-atp/images/detstat-prevented.png
new file mode 100644
index 0000000000..91686e3ec6
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/detstat-prevented.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/device-page-details.png b/windows/security/threat-protection/microsoft-defender-atp/images/device-page-details.png
new file mode 100644
index 0000000000..ee5931d336
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/device-page-details.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/device-timeline-2.png b/windows/security/threat-protection/microsoft-defender-atp/images/device-timeline-2.png
new file mode 100644
index 0000000000..25fb776f62
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/device-timeline-2.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/esentire-logo.png b/windows/security/threat-protection/microsoft-defender-atp/images/esentire-logo.png
new file mode 100644
index 0000000000..0e0c4f181e
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/esentire-logo.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/mte-collaboratewithmte.png b/windows/security/threat-protection/microsoft-defender-atp/images/mte-collaboratewithmte.png
index 9a1123e6ee..d4109f3cff 100644
Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/mte-collaboratewithmte.png and b/windows/security/threat-protection/microsoft-defender-atp/images/mte-collaboratewithmte.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/mte-eod-fullsubscription.png b/windows/security/threat-protection/microsoft-defender-atp/images/mte-eod-fullsubscription.png
index a74c98f09c..288272483b 100644
Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/mte-eod-fullsubscription.png and b/windows/security/threat-protection/microsoft-defender-atp/images/mte-eod-fullsubscription.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/mte-eod.png b/windows/security/threat-protection/microsoft-defender-atp/images/mte-eod.png
index 7a50de412d..25ac5a1108 100644
Binary files a/windows/security/threat-protection/microsoft-defender-atp/images/mte-eod.png and b/windows/security/threat-protection/microsoft-defender-atp/images/mte-eod.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/onevinn-logo.png b/windows/security/threat-protection/microsoft-defender-atp/images/onevinn-logo.png
new file mode 100644
index 0000000000..4740d09144
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/onevinn-logo.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/quorum-logo.png b/windows/security/threat-protection/microsoft-defender-atp/images/quorum-logo.png
new file mode 100644
index 0000000000..39596ac21d
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/quorum-logo.png differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/user-page-details.PNG b/windows/security/threat-protection/microsoft-defender-atp/images/user-page-details.PNG
new file mode 100644
index 0000000000..3fa411e426
Binary files /dev/null and b/windows/security/threat-protection/microsoft-defender-atp/images/user-page-details.PNG differ
diff --git a/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md b/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md
index e14a1a1440..5be27ed843 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md
@@ -22,7 +22,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/import-ti-indicators.md b/windows/security/threat-protection/microsoft-defender-atp/import-ti-indicators.md
index 65dcff272b..57d5271cb8 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/import-ti-indicators.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/import-ti-indicators.md
@@ -1,6 +1,6 @@
 ---
 title: Import Indicators API
-description: Learn how to use the Import batch of Indicator API in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Import batch of Indicator API in Microsoft Defender for Endpoint.
 keywords: apis, supported apis, submit, ti, indicator, update
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -21,7 +21,8 @@ ms.topic: article
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md
index 9cb3e7fef1..75364d15d3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-certificates.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md
index ed32a99990..8bb9d29001 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-file.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
index 6bd26e04a7..330ed5159c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-ip-domain.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md b/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md
index 946eeb3008..5ab320b0d4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/indicator-manage.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md
index baef9c8ecb..5baa7d4de3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md
index e3d8274f25..cdb4ce99d1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/information-protection-investigation.md
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md
index f36d4f2fd7..0313f72ffd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/initiate-autoir-investigation.md
@@ -21,7 +21,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
index e1191dde6c..f077b93b17 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md
@@ -1,5 +1,5 @@
 ---
-title: Investigate Microsoft Defender Advanced Threat Protection alerts
+title: Investigate Microsoft Defender for Endpoint alerts
 description: Use the investigation options to get details on alerts are affecting your network, what they mean, and how to resolve them.
 keywords: investigate, investigation, devices, device, alerts queue, dashboard, IP address, file, submit, submissions, deep analysis, timeline, search, domain, URL, IP
 search.product: eADQiWindows 10XVcnh
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatealerts-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md
index 40b569b13d..b82c842c40 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-behind-proxy.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md
index 72a0bfbd88..43cfbb5d76 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md
@@ -1,5 +1,5 @@
 ---
-title: Investigate Microsoft Defender Advanced Threat Protection domains
+title: Investigate Microsoft Defender for Endpoint domains
 description: Use the investigation options to see if devices and servers have been communicating with malicious domains.
 keywords: investigate domain, domain, malicious domain, microsoft defender atp, alert, URL
 search.product: eADQiWindows 10XVcnh
@@ -26,7 +26,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatedomain-abovefoldlink) 
@@ -77,7 +77,7 @@ You can view events from different periods of time by entering the dates into th
 5. Clicking any of the device names will take you to that device's view, where you can continue investigate reported alerts, behaviors, and events.
 
 ## Related topics
-- [View and organize the Microsoft Defender Advanced Threat Protection Alerts queue](alerts-queue.md)
+- [View and organize the Microsoft Defender for Endpoint Alerts queue](alerts-queue.md)
 - [Manage Microsoft Defender for Endpoint alerts](manage-alerts.md)
 - [Investigate Microsoft Defender for Endpoint alerts](investigate-alerts.md)
 - [Investigate a file associated with a Microsoft Defender for Endpoint alert](investigate-files.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md
index de2db9a059..bbec992744 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-files.md
@@ -1,5 +1,5 @@
 ---
-title: Investigate Microsoft Defender Advanced Threat Protection files
+title: Investigate Microsoft Defender for Endpoint files
 description: Use the investigation options to get details on files associated with alerts, behaviors, or events.
 keywords: investigate, investigation, file, malicious activity, attack motivation, deep analysis, deep analysis report
 search.product: eADQiWindows 10XVcnh
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
@@ -65,7 +65,12 @@ For more information on these actions, see [Take response action on a file](resp
 
 The file details, incident, malware detection, and file prevalence cards display various attributes about the file.
 
-You'll see details such as the file’s MD5, the Virus Total detection ratio, and Microsoft Defender AV detection if available, and the file’s prevalence, both worldwide and within your organizations.
+You'll see details such as the file’s MD5, the Virus Total detection ratio, and Microsoft Defender AV detection if available, and the file’s prevalence.
+
+The file prevalence card shows where the file was seen in devices in the organization and worldwide. 
+
+> [!NOTE] 
+> Different users may see dissimilar values in the *devices in organization* section of the file prevalence card. This is because the card displays information based on the RBAC scope that a user has. Meaning, if a user has been granted visibility on a specific set of devices, they will only see the file organizational prevalence on those devices.
 
 ![Image of file information](images/atp-file-information.png)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md
index 04c380c532..6e8ffe303f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-incidents.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md
index 408450f834..fe7d86c394 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-ip.md
@@ -27,7 +27,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
index dbe3c86cce..f12edaa907 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-machines.md
@@ -26,7 +26,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigatemachines-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md
index d1db196189..266769ab1f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigate-user.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/investigation.md b/windows/security/threat-protection/microsoft-defender-atp/investigation.md
index 5db24608de..c2ef414f1d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/investigation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/investigation.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md b/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md
index 0aa8395536..e8d69bbb20 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ios-configure-features.md
@@ -26,8 +26,11 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/p/?linkid=2118804)
+
+**Platforms**
+- iOS
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
@@ -99,3 +102,10 @@ Defender for Endpoint for iOS enables admins to configure custom indicators on i
 ## Report unsafe site
 
 Phishing websites impersonate trustworthy websites for the purpose of obtaining your personal or financial information. Visit the [Provide feedback about network protection](https://www.microsoft.com/wdsi/filesubmission/exploitguard/networkprotection) page if you want to report a website that could be a phishing site.
+
+## Battery Consumption issues on iOS when Microsoft Defender for Endpoint is installed
+
+The battery usage by an app is computed by Apple based on a multitude of factors including CPU and Network usage. Microsoft Defender for Endpoint uses a local/loop-back VPN in the background to check web traffic for any malicious websites or connections. Network packets from any app go through this check and that causes the battery usage of Microsoft Defender for Endpoint to be computed inaccurately. This gives a false impression to the user. The actual battery consumption of Microsoft Defender for Endpoint is lesser than what is shown on the Battery Settings page on the device. This is based on conducted tests done on the Microsoft Defender for Endpoint app to understand battery consumption.
+
+Also the VPN used is a local VPN and unlike traditional VPNs, network traffic is not sent outside the device.
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md
index d3614e3095..214affec0e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ios-install.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ios-install.md
@@ -26,9 +26,12 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
+- iOS
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 This topic describes deploying Defender for Endpoint for iOS on Intune Company Portal enrolled devices. For more information about Intune device enrollment, see [Enroll iOS/iPadOS devices in Intune](https://docs.microsoft.com/mem/intune/enrollment/ios-enroll).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md
index 489a76edb4..7d39d25fb3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ios-privacy.md
@@ -24,9 +24,12 @@ ms.technology: mde
 # Privacy information - Microsoft Defender for Endpoint for iOS
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
+- iOS
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 > [!NOTE]
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md
index ddb445f85a..e977b143b4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ios-terms.md
@@ -24,9 +24,6 @@ ms.technology: mde
 
 # Microsoft Defender for Endpoint for iOS application license terms
 
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
-
-
 ## MICROSOFT APPLICATION LICENSE TERMS: MICROSOFT DEFENDER FOR ENDPOINT
 
 These license terms ("Terms") are an agreement between Microsoft Corporation (or
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ios-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/ios-whatsnew.md
new file mode 100644
index 0000000000..b8d75b40e7
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/ios-whatsnew.md
@@ -0,0 +1,36 @@
+---
+title: What's new in Microsoft Defender for Endpoint for iOS
+description: Learn about the major changes for previous versions of Microsoft Defender for Endpoint for iOS.
+keywords: microsoft, defender, atp, mac, installation, macos, whatsnew
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: m365-security
+ms.mktglfcycl: security
+ms.sitesec: library
+ms.pagetype: security
+ms.author: sunasing
+author: sunasing
+ms.localizationpriority: medium
+manager: sunasing
+audience: ITPro
+ms.collection: 
+  - m365-security-compliance
+  - m365initiative-defender-endpoint
+ms.topic: conceptual
+ms.technology: mde
+---
+
+# What's new in Microsoft Defender for Endpoint for iOS
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+
+Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
+
+## 1.1.15010101
+
+- With this version, we are announcing support for iPadOS/iPad devices.
+- Bug fixes.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md
index a8a4b7a434..37130284b0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md
@@ -1,6 +1,6 @@
 ---
 title: Isolate machine API
-description: Learn how to use the Isolate machine API to isolate a device from accessing external network in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Isolate machine API to isolate a device from accessing external network in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, isolate device
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -23,9 +23,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
index a2fcd856c4..7e57f3d813 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
@@ -26,9 +26,12 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
+- Linux
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 This article provides information on how to define exclusions that apply to on-demand scans, and real-time protection and monitoring.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
index e017a9cca2..37d64ec702 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually.md
@@ -27,9 +27,12 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
+- Linux
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 This article describes how to deploy Microsoft Defender for Endpoint for Linux manually. A successful deployment requires the completion of all of the following tasks:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md
index 111a241a5c..6638528929 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-ansible.md
@@ -27,9 +27,13 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
+- Linux
+
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 This article describes how to deploy Defender for Endpoint for Linux using Ansible. A successful deployment requires the completion of all of the following tasks:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md
index f3363b34dd..49e9133e71 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-install-with-puppet.md
@@ -27,9 +27,12 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
+- Linux
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 This article describes how to deploy Defender for Endpoint for Linux using Puppet. A successful deployment requires the completion of all of the following tasks:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md
index 7da256d6f9..997e47a213 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-preferences.md
@@ -27,9 +27,12 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
+- Linux
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 >[!IMPORTANT]
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md
index e8f59927aa..18b52f1d98 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-privacy.md
@@ -23,9 +23,12 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
+- Linux
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 Microsoft is committed to providing you with the information and controls you need to make choices about how your data is collected and used when you’re using Defender for Endpoint for Linux.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md b/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md
index cd239ed756..b3405316e9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-pua.md
@@ -26,9 +26,12 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
+- Linux
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 The potentially unwanted application (PUA) protection feature in Defender for Endpoint for Linux can detect and block PUA files on endpoints in your network.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md b/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md
index 0fcf1d929e..12887fa1fc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-resources.md
@@ -25,11 +25,13 @@ ms.technology: mde
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
+- Linux
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 ## Collect diagnostic information
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-schedule-scan-atp.md b/windows/security/threat-protection/microsoft-defender-atp/linux-schedule-scan-atp.md
index f8853d02af..9eca01d7ae 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-schedule-scan-atp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-schedule-scan-atp.md
@@ -20,6 +20,15 @@ ms.technology: mde
 
 # Schedule scans with Microsoft Defender for Endpoint (Linux)
 
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+
+**Platforms**
+- Linux
+
 To run a scan for Linux, see [Supported Commands](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/linux-resources#supported-commands).
 
 Linux (and Unix) have a tool called **crontab** (similar to Task Scheduler) to be able to run scheduled tasks.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md b/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md
index 9f54cc52f1..8a889f3212 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-static-proxy-configuration.md
@@ -27,8 +27,11 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+ 
+**Platforms**
+- Linux
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md
index 87430c9333..396d61aac7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-connectivity.md
@@ -26,8 +26,12 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+ 
+**Platforms**
+- Linux
+
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-events.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-events.md
index 3d8a64c5c6..043bdc0f0e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-events.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-events.md
@@ -25,13 +25,17 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+ 
+**Platforms**
+- Linux
 
-- [Microsoft Defender for Endpoint for Linux](microsoft-defender-atp-linux.md)
 
 This article provides some general steps to mitigate missing events or alerts in the [security center](https://securitycenter.windows.com/) portal.
 
-Once Microsoft Defender for Endpoint has been installed properly on a device, a device page will be generated in the portal and _File_, _Process_, _Network_ and other events should appear in the timeline and advanced hunting pages.
-In case events are not appearing or some types of events are missing, that could indicate some problem.
+Once **Microsoft Defender for Endpoint** has been installed properly on a device, a _device page_ will be generated in the portal. You can review all recorded events in the timeline tab in the device page, or in advanced hunting page. This section troubleshoots the case of some or all expected events are missing.
+For instance, if all _CreatedFile_ events are missing.
 
 ## Missing network and login events
 
@@ -62,21 +66,21 @@ Microsoft Defender for Endpoint utilized `audit` framework from linux to track n
             └─16671 /opt/microsoft/mdatp/sbin/mdatp_audisp_plugin -d
     ```
 
-2. If auditd is stopped, please start it.
+2. If `auditd` is marked as stopped, start it.
 
     ```bash
     service auditd start
     ```
 
-**On SLES15** systems, SYSCALL auditing in `auditd` is disabled by default and can explain missing events.
+**On SLES** systems, SYSCALL auditing in `auditd` might be disabled by default and can be accounted for missing events.
 
-1. To validate that SYSCALL auditing is not disabeld, list the current audit rules:
+1. To validate that SYSCALL auditing is not disabled, list the current audit rules:
 
     ```bash
     sudo auditctl -l
     ```
 
-    if the following line is present, please remove it or edit it to enable Microsoft Defender for Endpoint to track specific SYSCALLs.
+    if the following line is present, remove it or edit it to enable Microsoft Defender for Endpoint to track specific SYSCALLs.
 
     ```output
     -a task, never
@@ -86,7 +90,7 @@ Microsoft Defender for Endpoint utilized `audit` framework from linux to track n
 
 ## Missing file events
 
-File events are collected with `fanotify` framework. In case some or all file events are missing please make sure fanotify is enabled on the device and that the file system is [supported](microsoft-defender-atp-linux.md#system-requirements).
+File events are collected with `fanotify` framework. In case some or all file events are missing, make sure `fanotify` is enabled on the device and that the file system is [supported](microsoft-defender-atp-linux.md#system-requirements).
 
 List the filesystems on the machine with:
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md
index 1ed0260fb6..b31d5df5a1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-install.md
@@ -26,8 +26,11 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+ 
+**Platforms**
+- Linux
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md b/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md
index 9c286456bd..6c14ee8b43 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-support-perf.md
@@ -25,8 +25,12 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+ 
+**Platforms**
+- Linux
+
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 This article provides some general steps that can be used to narrow down performance issues related to Defender for Endpoint for Linux.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-update-MDE-Linux.md b/windows/security/threat-protection/microsoft-defender-atp/linux-update-MDE-Linux.md
index 24da7b0066..bb87b252d3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-update-MDE-Linux.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-update-MDE-Linux.md
@@ -20,6 +20,13 @@ ms.technology: mde
 
 # Schedule an update of the Microsoft Defender for Endpoint (Linux)
 
+**Applies to:**
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+ 
+**Platforms**
+- Linux
+
 To run an update on Microsoft Defender for Endpoint for Linux, see [Deploy updates for Microsoft Defender for Endpoint for Linux](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/linux-updates).
 
 Linux (and Unix) have a tool called **crontab** (similar to Task Scheduler) to be able to run scheduled tasks.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md b/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md
index f2f2749165..968cc87ecc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-updates.md
@@ -25,11 +25,13 @@ ms.technology: mde
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
+ 
+**Platforms**
+- Linux
+- 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
 
 Microsoft regularly publishes software updates to improve performance, security, and to deliver new features.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md
index fecdb626d7..ee12c298b9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md
@@ -1,5 +1,5 @@
 ---
-title: What's new in Microsoft Defender Advanced Threat Protection for Linux
+title: What's new in Microsoft Defender for Endpoint for Linux
 description: List of major changes for Microsoft Defender ATP for Linux.
 keywords: microsoft, defender, atp, linux, whatsnew, release
 search.product: eADQiWindows 10XVcnh
@@ -22,8 +22,21 @@ ms.technology: mde
 
 # What's new in Microsoft Defender for Endpoint for Linux
 
+**Applies to:**
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+ 
+**Platforms**
+- Linux
+
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
+## 101.23.64 (30.121021.12364.0)
+
+- Performance improvement for the situation where an entire mount point is added to the antivirus exclusion list. Prior to this version, file activity originating from the mount point was still processed by the product. Starting with this version, file activity for excluded mount points is suppressed, leading to better product performance
+- Added a new option to the command-line tool to view information about the last on-demand scan. To view information about the last on-demand scan, run `mdatp health --details antivirus`
+- Other performance improvements & bug fixes
+
 ## 101.18.53
 
 - EDR for Linux is now [generally available](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/edr-for-linux-is-now-is-generally-available/ba-p/2048539)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md
index 92ac9ef16f..5512e5de90 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md
@@ -1,6 +1,6 @@
 ---
 title: Live response command examples
-description: Learn to run basic or advanced live response commands for Microsoft Defender Advanced Threat Protection (ATP) and see examples on how it's used.
+description: Learn to run basic or advanced live response commands for Microsoft Defender for Endpoint and see examples on how it's used.
 keywords: example, command, cli, remote, shell, connection, live, response, real-time, command, script, remediate, hunt, export, log, drop, download, file
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response.md b/windows/security/threat-protection/microsoft-defender-atp/live-response.md
index cf0e1e7fd8..69a3f5b8cd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/live-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/live-response.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
index 1e866f42d9..8f5055b2dc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
@@ -26,7 +26,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md
index 8989813e71..eb606f9b95 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-jamfpro-login.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md
index 515ed636df..1fb0eb409b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md
index e0cb7de973..e2ad0838d0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md
@@ -155,9 +155,9 @@ To approve the system extensions:
 
 2. Choose a name for the profile. Change **Platform=macOS** to **Profile type=Extensions**. Select **Create**.
 
-3. In the `Basics` tab, give a name to this new profile.
+3. In the **Basics** tab, give a name to this new profile.
 
-4. In the `Configuration settings` tab, add the following entries in the `Allowed system extensions` section:
+4. In the **Configuration settings** tab, add the following entries in the **Allowed system extensions** section:
 
     Bundle identifier         | Team identifier
     --------------------------|----------------
@@ -165,9 +165,9 @@ To approve the system extensions:
     com.microsoft.wdav.netext | UBF8T346G9
 
     > [!div class="mx-imgBorder"]
-    > ![System configuration profiles screenshot](images/mac-system-extension-intune2.png)
+    > ![System extension settings in Configuration settings on the Basics tab](images/mac-system-extension-intune2.png)
 
-5. In the `Assignments` tab, assign this profile to **All Users & All devices**.
+5. In the **Assignments** tab, assign this profile to **All Users & All devices**.
 
 6. Review and create this configuration profile.
 
@@ -181,7 +181,7 @@ To approve the system extensions:
 
 4. Select **OK**.
 
-    ![System configuration profiles screenshot](../microsoft-defender-antivirus/images/MDATP-6-SystemConfigurationProfiles.png)
+    ![Import a configuration from a file for Custom Configuration Profile](../microsoft-defender-antivirus/images/MDATP-6-SystemConfigurationProfiles.png)
 
 5. Select **Manage** > **Assignments**. In the **Include** tab, select **Assign to All Users & All devices**.
 
@@ -205,7 +205,7 @@ To approve the system extensions:
 Once the Intune changes are propagated to the enrolled devices, you can see them listed under **Monitor** > **Device status**:
 
 > [!div class="mx-imgBorder"]
-> ![System configuration profiles screenshot](../microsoft-defender-antivirus/images/MDATP-7-DeviceStatusBlade.png)
+> ![View of Device Status in Monitor](../microsoft-defender-antivirus/images/MDATP-7-DeviceStatusBlade.png)
 
 ## Publish application
 
@@ -217,7 +217,7 @@ Once the Intune changes are propagated to the enrolled devices, you can see them
 
 4. Select **Configure** and add the required information.
 
-5. Use **macOS High Sierra 10.13** as the minimum OS.
+5. Use **macOS High Sierra 10.14** as the minimum OS.
 
 6. Set *Ignore app version* to **Yes**. Other settings can be any arbitrary value.
 
@@ -227,12 +227,12 @@ Once the Intune changes are propagated to the enrolled devices, you can see them
     > If the version uploaded by Intune is lower than the version on the device, then the lower version will be installed, effectively downgrading Microsoft Defender for Endpoint. This could result in a non-functioning application. See [Deploy updates for Microsoft Defender for Endpoint for Mac](mac-updates.md) for additional information about how the product is updated. If you deployed Microsoft Defender for Endpoint with *Ignore app version* set to **No**, please change it to **Yes**. If Microsoft Defender for Endpoint still cannot be installed on a client device, then uninstall Microsoft Defender for Endpoint and push the updated policy.
      
     > [!div class="mx-imgBorder"]
-    > ![Device status blade screenshot](../microsoft-defender-antivirus/images/MDATP-8-IntuneAppInfo.png)
+    > ![Display of App information in App add](../microsoft-defender-antivirus/images/MDATP-8-IntuneAppInfo.png)
 
 7. Select **OK** and **Add**.
 
     > [!div class="mx-imgBorder"]
-    > ![Device status blade screenshot](../microsoft-defender-antivirus/images/MDATP-9-IntunePkgInfo.png)
+    > ![Device status shown in Notifications window](../microsoft-defender-antivirus/images/MDATP-9-IntunePkgInfo.png)
 
 8. It may take a few moments to upload the package. After it's done, select the package from the list and go to **Assignments** and **Add group**.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md
index 9ca979d54b..69a40e23a2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md
@@ -26,7 +26,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md
index 1138236d4b..8084b7182f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md
@@ -26,7 +26,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
@@ -96,12 +96,12 @@ Grant Full Disk Access to the following components:
 - Microsoft Defender for Endpoint
     - Identifier: `com.microsoft.wdav`
     - Identifier Type: Bundle ID
-    - Code Requirement: identifier "com.microsoft.wdav" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /\* exists \*/ and certificate leaf[field.1.2.840.113635.100.6.1.13] /\* exists \*/ and certificate leaf[subject.OU] = UBF8T346G9
+    - Code Requirement: `identifier "com.microsoft.wdav" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9`
 
 - Microsoft Defender for Endpoint Security Extension
     - Identifier: `com.microsoft.wdav.epsext`
     - Identifier Type: Bundle ID
-    - Code Requirement: identifier "com.microsoft.wdav.epsext" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9
+    - Code Requirement: `identifier "com.microsoft.wdav.epsext" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9`
 
 ### Network extension policy
 
@@ -110,7 +110,7 @@ As part of the Endpoint Detection and Response capabilities, Microsoft Defender
 - Filter type: Plugin
 - Plugin bundle identifier: `com.microsoft.wdav`
 - Filter data provider bundle identifier: `com.microsoft.wdav.netext`
-- Filter data provider designated requirement: identifier "com.microsoft.wdav.netext" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9
+- Filter data provider designated requirement: `identifier "com.microsoft.wdav.tunnelext" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9`
 - Filter sockets: `true`
 
 ## Check installation status
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md
index d6c2b96c1a..585448c30f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-device-groups.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md
index 584cf1782d..bf3dcae2d1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-enroll-devices.md
@@ -26,7 +26,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-investigateip-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md
index 780f0d40dd..7fdbbda41d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-jamfpro-policies.md
@@ -512,7 +512,7 @@ These steps are applicable of macOS 10.15 (Catalina) or newer.
 
     - Identifier: `com.microsoft.wdav`
     - Identifier Type: Bundle ID
-    - Code Requirement: identifier "com.microsoft.wdav" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /\* exists \*/ and certificate leaf[field.1.2.840.113635.100.6.1.13] /\* exists \*/ and certificate leaf[subject.OU] = UBF8T346G9
+    - Code Requirement: `identifier "com.microsoft.wdav" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9`
 
 
     ![Image of configuration setting](images/22cb439de958101c0a12f3038f905b27.png)
@@ -537,7 +537,7 @@ These steps are applicable of macOS 10.15 (Catalina) or newer.
 
     - Identifier: `com.microsoft.wdav.epsext`
     - Identifier Type: Bundle ID
-    - Code Requirement: identifier "com.microsoft.wdav.epsext" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9
+    - Code Requirement: `identifier "com.microsoft.wdav.epsext" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9`
 
 10. Select **+ Add**.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md b/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md
index 2c0d778f02..7927312e0c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md b/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md
index 2dcf7cdb1d..5bdeca7c6e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-pua.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md
index fe3f27eb84..85bde27c12 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md b/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md
index a053822f50..3fe47c0778 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -97,6 +97,6 @@ You can create a scanning schedule using the *launchd* daemon on a macOS device.
 
 ## Schedule a scan with Intune
 
-You can also schedule scans with Microsoft Intune. The [runMDATPQuickScan.sh](https://github.com/microsoft/shell-intune-samples/tree/master/Misc/MDATP#runmdatpquickscansh) shell script available at [Scripts for Microsoft Defender Advanced Threat Protection](https://github.com/microsoft/shell-intune-samples/tree/master/Misc/MDATP) will persist when the device resumes from sleep mode. 
+You can also schedule scans with Microsoft Intune. The [runMDATPQuickScan.sh](https://github.com/microsoft/shell-intune-samples/tree/master/Misc/MDATP#runmdatpquickscansh) shell script available at [Scripts for Microsoft Defender for Endpoint](https://github.com/microsoft/shell-intune-samples/tree/master/Misc/MDATP) will persist when the device resumes from sleep mode. 
 
 See [Use shell scripts on macOS devices in Intune](https://docs.microsoft.com/mem/intune/apps/macos-shell-scripts) for more detailed instructions on how to use this script in your enterprise.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md
index 794b22f614..ac569853c6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-install.md
@@ -28,7 +28,7 @@ ms.technology: mde
 **Applies to:**
 
 - [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md)
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md
index dac89cd0e0..855d11a5d4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md
@@ -28,7 +28,7 @@ ms.technology: mde
 **Applies to:**
 
 - [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md)
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md
index f5fffd8908..37625ec1cd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-license.md
@@ -28,7 +28,7 @@ ms.technology: mde
 **Applies to:**
 
 - [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md)
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md b/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md
index f7fc2a6d90..f8dd7f0bd7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md
@@ -28,7 +28,7 @@ ms.technology: mde
 **Applies to:**
 
 - [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md)
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md
index 87e9d428dc..35326644e1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-policies.md
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md
index d77b0c8e35..57c75b7e1f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-sysext-preview.md
@@ -25,7 +25,7 @@ ms.technology: mde
 # Microsoft Defender for Endpoint for Mac - system extensions public preview)
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md b/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md
index f5f21dd264..518755e4a6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-updates.md
@@ -28,7 +28,7 @@ ms.technology: mde
 **Applies to:**
 
 - [Microsoft Defender for Endpoint for Mac](microsoft-defender-atp-mac.md)
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
index 093e303240..a7440b08d2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
@@ -1,6 +1,6 @@
 ---
-title: What's new in Microsoft Defender Advanced Threat Protection for Mac
-description: Learn about the major changes for previous versions of Microsoft Defender Advanced Threat Protection for Mac.
+title: What's new in Microsoft Defender for Endpoint for Mac
+description: Learn about the major changes for previous versions of Microsoft Defender for Endpoint for Mac.
 keywords: microsoft, defender, atp, mac, installation, macos, whatsnew
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -34,7 +34,11 @@ ms.technology: mde
 > On macOS 11 (Big Sur), Microsoft Defender for Endpoint requires additional configuration profiles. If you are an existing customer upgrading from earlier versions of macOS, make sure to deploy the additional configuration profiles listed on [this page](mac-sysext-policies.md).
 
 > [!IMPORTANT]
-> Support for macOS 10.13 (High Sierra) will be discontinued on February 15th, 2021.
+> Support for macOS 10.13 (High Sierra) has been discontinued on February 15th, 2021.
+
+## 101.22.79 (20.121012.12279.0)
+
+- Performance improvements & bug fixes
 
 ## 101.19.88 (20.121011.11988.0)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md
index 415f9626d7..1370c628f9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine-groups.md
@@ -24,11 +24,8 @@ ms.technology: mde
 
 
 **Applies to:**
-
 - Azure Active Directory
 - Office 365
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
@@ -93,4 +90,4 @@ Devices that are not matched to any groups are added to Ungrouped devices (defau
 
 - [Manage portal access using role-based based access control](rbac.md)
 - [Create and manage device tags](machine-tags.md)
-- [Get list of tenant device groups using Graph API](get-machinegroups-collection.md)
+- [Get list of tenant device groups using Graph API](https://docs.microsoft.com/graph/api/device-list-memberof)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md
index 50499f53c7..081b760682 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md
index 33158122e0..34e1781825 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine-tags.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine.md b/windows/security/threat-protection/microsoft-defender-atp/machine.md
index 93a132cb3a..6a4f0c7315 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machine.md
@@ -1,6 +1,6 @@
 ---
 title: Machine resource type
-description: Learn about the methods and properties of the Machine resource type in Microsoft Defender Advanced Threat Protection.
+description: Learn about the methods and properties of the Machine resource type in Microsoft Defender for Endpoint.
 keywords: apis, supported apis, get, machines
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machineaction.md b/windows/security/threat-protection/microsoft-defender-atp/machineaction.md
index 53f094852d..0017af7fc6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machineaction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machineaction.md
@@ -1,6 +1,6 @@
 ---
 title: machineAction resource type
-description: Learn about the methods and properties of the MachineAction resource type in Microsoft Defender Advanced Threat Protection.
+description: Learn about the methods and properties of the MachineAction resource type in Microsoft Defender for Endpoint.
 keywords: apis, supported apis, get, machineaction, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md
index 97acdb209c..0fa8b8e889 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/machines-view-overview.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-machinesview-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md
index 41774a9023..145eb8b0aa 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md
@@ -1,5 +1,5 @@
 ---
-title: Manage Microsoft Defender Advanced Threat Protection alerts
+title: Manage Microsoft Defender for Endpoint alerts
 description: Change the status of alerts, create suppression rules to hide alerts, submit comments, and review change history for individual alerts with the Manage Alert menu.
 keywords: manage alerts, manage, alerts, status, new, in progress, resolved, resolve alerts, suppress, supression, rules, context, history, comments, changes
 search.product: eADQiWindows 10XVcnh
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md
index c1a3662efb..cecede1e33 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-configuration-manager.md
@@ -27,7 +27,7 @@ ms.reviewer: chventou
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md
index c200ef678f..bfd925cb47 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-group-policy-objects.md
@@ -27,7 +27,7 @@ ms.reviewer: chventou
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md
index 093f7f6712..593c1bec26 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-intune.md
@@ -27,7 +27,7 @@ ms.reviewer: chventou
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md
index e37ba456ce..7cd9f58346 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration-other-tools.md
@@ -27,7 +27,7 @@ ms.reviewer: chventou
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md
index 99daf91009..7db3e6839f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-atp-post-migration.md
@@ -27,7 +27,7 @@ ms.reviewer: chventou
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md
index 48a1efeb78..1082c91ed5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-file-uploads.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automationefileuploads-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md
index 11d49454fd..0f249eea6c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-automation-folder-exclusions.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-automationexclusionfolder-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md b/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md
deleted file mode 100644
index d053e3cc3d..0000000000
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-edr.md
+++ /dev/null
@@ -1,43 +0,0 @@
----
-title: Manage endpoint detection and response capabilities
-description: Manage endpoint detection and response capabilities
-ms.reviewer: 
-keywords: 
-search.product: eADQiWindows 10XVcnh
-search.appverid: met150
-ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.author: macapara
-author: mjcaparas
-ms.localizationpriority: medium
-manager: dansimp
-audience: ITPro
-ms.collection: 
-  - m365-security-compliance
-  - m365initiative-defender-endpoint
-ms.topic: conceptual
-ms.technology: mde
----
-
-# Manage endpoint detection and response capabilities
-
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
-
-**Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-
-Manage the alerts queue, investigate devices in the devices list, take response actions, and hunt for possible threats in your organization using advanced hunting.
-
-
-## In this section
-Topic | Description 
-:---|:---
-[Alerts queue](alerts-queue-endpoint-detection-response.md)| View the alerts surfaced in Microsoft Defender Security Center.
-[Devices list](machines-view-overview.md) | Learn how you can view and manage the devices list, manage device groups, and investigate device related alerts. 
-[Take response actions](response-actions.md)| Take response actions on devices and files to quickly respond to detected attacks and contain threats.
-[Query data using advanced hunting](advanced-hunting-query-language.md)| Proactively hunt for possible threats across your organization using a powerful search and query tool.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md b/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md
index bb8890d383..b7ac795984 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-incidents.md
@@ -26,7 +26,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
index 8f63f16b11..2458860aa3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-indicators.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md b/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md
index a1e9db40c0..340f07544f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md
@@ -1,5 +1,5 @@
 ---
-title: Manage Microsoft Defender Advanced Threat Protection suppression rules
+title: Manage Microsoft Defender for Endpoint suppression rules
 description: You might need to prevent alerts from appearing in the portal by using suppression rules. Learn how to manage your suppression rules in Microsoft Defender ATP.
 keywords: manage suppression, rules, rule name, scope, action, alerts, turn on, turn off
 search.product: eADQiWindows 10XVcnh
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
index 9f7564dcb1..c27b680ea9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/management-apis.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-mgt-apis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md
index 73a8f1bbb0..5afe092c66 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-migration.md
@@ -20,18 +20,16 @@ ms.collection:
   - m365solution-overview
 ms.topic: conceptual
 ms.custom: migrationguides
-ms.date: 02/11/2021
+ms.date: 03/03/2021
 ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
 ---
 
 # Migrate from McAfee to Microsoft Defender for Endpoint
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-
 If you are planning to switch from McAfee Endpoint Security (McAfee) to [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection) (Microsoft Defender for Endpoint), you're in the right place. Use this article as a guide.
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md
index 4406338cb7..052610c0e1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-onboard.md
@@ -20,22 +20,18 @@ ms.collection:
   - m365solution-scenario
 ms.custom: migrationguides
 ms.topic: article
-ms.date: 02/11/2021
+ms.date: 03/03/2021
 ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
 ---
 
 # Migrate from McAfee - Phase 3: Onboard to Microsoft Defender for Endpoint
 
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
-
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
 |[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](mcafee-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |[![Phase 2: Set up](images/phase-diagrams/setup.png)](mcafee-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |![Phase 3: Onboard](images/phase-diagrams/onboard.png)<br/>Phase 3: Onboard |
-
 |--|--|--|
 || |*You are here!* |
 
@@ -94,6 +90,9 @@ To do this, visit the Microsoft Defender for Endpoint demo scenarios site ([http
 - Potentially Unwanted Applications (PUA)
 - Network Protection (NP)
 
+> [!IMPORTANT]
+> If you are using Windows Server 2016, you might have to start Microsoft Defender Antivirus manually. You can do this by using the PowerShell cmdlet `mpcmdrun.exe -wdenable` on the device.
+
 ## Next steps
 
 **Congratulations**! You have completed your [migration from McAfee to Microsoft Defender for Endpoint](mcafee-to-microsoft-defender-migration.md#the-migration-process)! 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md
index bf10e65074..573be1a46f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-prepare.md
@@ -20,21 +20,16 @@ ms.collection:
   - m365solution-scenario
 ms.topic: article
 ms.custom: migrationguides
-ms.date: 02/11/2021
+ms.date: 03/03/2021
 ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
 ---
 
 # Migrate from McAfee - Phase 1: Prepare for your migration
 
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
-
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-
-
 |![Phase 1: Prepare](images/phase-diagrams/prepare.png)<br/>Phase 1: Prepare |[![Phase 2: Set up](images/phase-diagrams/setup.png)](mcafee-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](mcafee-to-microsoft-defender-setup.md) |[![Phase 3: Onboard](images/phase-diagrams/onboard.png)](mcafee-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](mcafee-to-microsoft-defender-onboard.md) |
 |--|--|--|
 |*You are here!*| | |
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md
index 92e59213ed..510766d248 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mcafee-to-microsoft-defender-setup.md
@@ -20,26 +20,20 @@ ms.collection:
   - m365solution-scenario
 ms.topic: article
 ms.custom: migrationguides
-ms.date: 02/18/2021
+ms.date: 03/03/2021
 ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
 ---
 
 # Migrate from McAfee - Phase 2: Set up Microsoft Defender for Endpoint
 
-
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
-
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-
 |[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](mcafee-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](mcafee-to-microsoft-defender-prepare.md) |![Phase 2: Set up](images/phase-diagrams/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard](images/phase-diagrams/onboard.png)](mcafee-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](mcafee-to-microsoft-defender-onboard.md) |
 |--|--|--|
 ||*You are here!* | |
 
-
 **Welcome to the Setup phase of [migrating from McAfee Endpoint Security (McAfee) to Microsoft Defender for Endpoint](mcafee-to-microsoft-defender-migration.md#the-migration-process)**. This phase includes the following steps:
 1. [Enable Microsoft Defender Antivirus and confirm it's in passive mode](#enable-microsoft-defender-antivirus-and-confirm-its-in-passive-mode).
 2. [Get updates for Microsoft Defender Antivirus](#get-updates-for-microsoft-defender-antivirus).
@@ -107,8 +101,14 @@ The [DisableAntiSpyware](https://docs.microsoft.com/windows-hardware/customize/d
    
    `Get-Service -Name windefend`
 
+#### Are you using Windows Server 2016?
+
+If you're using Windows Server 2016 and are having trouble enabling Microsoft Defender Antivirus, use the following PowerShell cmdlet:
+
+`mpcmdrun -wdenable`
+
 > [!TIP]
-> Need help? See [Microsoft Defender Antivirus on Windows Server 2016 and 2019](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016).
+> Still need help? See [Microsoft Defender Antivirus on Windows Server 2016 and 2019](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016).
 
 ### Set Microsoft Defender Antivirus to passive mode on Windows Server
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md
index c12ba0d4e0..f0f9c14dc7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-config.md
@@ -1,7 +1,7 @@
 ---
 title: Configure Microsoft Cloud App Security integration
 ms.reviewer: 
-description: Learn how to turn on the settings to enable the Microsoft Defender ATP integration with Microsoft Cloud App Security.
+description: Learn how to turn on the settings to enable the Microsoft Defender for Endpoint integration with Microsoft Cloud App Security.
 keywords: cloud, app, security, settings, integration, discovery, report
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -35,7 +35,7 @@ To benefit from Microsoft Defender for Endpoint cloud app discovery signals, tur
 >[!NOTE]
 >This feature will be available with an E5 license for [Enterprise Mobility + Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) on devices running Windows 10, version 1709 (OS Build 16299.1085 with [KB4493441](https://support.microsoft.com/help/4493441)), Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/help/4493464)), Windows 10, version 1809 (OS Build 17763.379 with [KB4489899](https://support.microsoft.com/help/4489899)) or later Windows 10 versions.
 
-> See [Microsoft Defender for Endpoint integration with Microsoft Cloud App Security](https://docs.microsoft.com/cloud-app-security/wdatp-integration) for detailed integration of Microsoft Defender for Endpoint with Microsoft Cloud App Security. 
+> See [Microsoft Defender for Endpoint integration with Microsoft Cloud App Security](https://docs.microsoft.com/cloud-app-security/mde-integration) for detailed integration of Microsoft Defender for Endpoint with Microsoft Cloud App Security. 
 
 ## Enable Microsoft Cloud App Security in Microsoft Defender for Endpoint
 
@@ -52,7 +52,7 @@ To view and access Microsoft Defender for Endpoint data in Microsoft Cloud Apps
 
 For more information about cloud discovery, see [Working with discovered apps](https://docs.microsoft.com/cloud-app-security/discovered-apps).
 
-If you are interested in trying Microsoft Cloud App Security, see [Microsoft Cloud App Security Trial](https://signup.microsoft.com/Signup?OfferId=757c4c34-d589-46e4-9579-120bba5c92ed&ali=1).
+If you're interested in trying Microsoft Cloud App Security, see [Microsoft Cloud App Security Trial](https://signup.microsoft.com/Signup?OfferId=757c4c34-d589-46e4-9579-120bba5c92ed&ali=1).
 
 ## Related topic
 - [Microsoft Cloud App Security integration](microsoft-cloud-app-security-integration.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md
index 0bcd942eab..8d7c70971d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md
@@ -1,7 +1,7 @@
 ---
 title: Microsoft Cloud App Security integration overview
 ms.reviewer: 
-description: Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) integrates with Cloud App Security by forwarding all cloud app networking activities.
+description: Microsoft Defender for Endpoint integrates with Cloud App Security by forwarding all cloud app networking activities.
 keywords: cloud, app, networking, visibility, usage
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -27,7 +27,7 @@ ms.technology: mde
 [!include[Prerelease information](../../includes/prerelease.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index a949ca592e..f4251947bb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -123,7 +123,7 @@ Microsoft Defender for Endpoint's new managed threat hunting service provides pr
 <a name="apis"></a>
 
 **[Centralized configuration and administration, APIs](management-apis.md)**<br>
-Integrate Microsoft Defender Advanced Threat Protection into your existing workflows.
+Integrate Microsoft Defender for Endpoint into your existing workflows.
 
 <a name="mtp"></a>
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md
index 5787716e3b..595aea5003 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-android.md
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md
index 93f29b113b..067002c611 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-ios.md
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -60,7 +60,7 @@ iOS devices along with other platforms.
 
 **System Requirements**
 
-- iOS devices running iOS 11.0 and above.
+- iOS devices running iOS 11.0 and above. iPad devices are officially supported from version 1.1.15010101 onward.
 
 - Device is enrolled with the [Intune Company Portal app](https://apps.apple.com/us/app/intune-company-portal/id719171358).
 
@@ -74,7 +74,7 @@ For more information, see [Deploy Microsoft Defender for Endpoint for iOS](ios-i
 
 ## Resources
 
-- Stay informed about upcoming releases by visiting our [blog](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/bg-p/MicrosoftDefenderATPBlog/label-name/iOS).
+- Stay informed about upcoming releases by visiting [What's new in Microsoft Defender for Endpoint for iOS](ios-whatsnew.md) or our [blog](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/bg-p/MicrosoftDefenderATPBlog/label-name/iOS).
 
 - Provide feedback through in-app feedback system or through [SecOps portal](https://securitycenter.microsoft.com)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
index b9232a219a..e3ffc3614b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -109,7 +109,7 @@ The following downloadable spreadsheet lists the services and their associated U
 
 |**Spreadsheet of domains list**|**Description**|
 |:-----|:-----|
-|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/>  | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)
+|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/>  | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx)
 
 > [!NOTE]
 > For a more specific URL list, see [Configure proxy and internet connectivity settings](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet#enable-access-to-microsoft-defender-atp-service-urls-in-the-proxy-server).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
index c9e657dcaf..df5d442626 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
@@ -1,8 +1,8 @@
 ---
 title: Microsoft Defender ATP for Mac
 ms.reviewer: 
-description: Learn how to install, configure, update, and use Microsoft Defender Advanced Threat Protection for Mac.
-keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
+description: Learn how to install, configure, update, and use Microsoft Defender for Endpoint for Mac.
+keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, big sur, catalina, mojave
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -75,9 +75,9 @@ The three most recent major releases of macOS are supported.
 > On macOS 11 (Big Sur), Microsoft Defender for Endpoint requires additional configuration profiles. If you are an existing customer upgrading from earlier versions of macOS, make sure to deploy the additional configuration profiles listed on [New configuration profiles for macOS Catalina and newer versions of macOS](mac-sysext-policies.md).
 
 > [!IMPORTANT]
-> Support for macOS 10.13 (High Sierra) will be discontinued on February 15th, 2021.
+> Support for macOS 10.13 (High Sierra) has been discontinued on February 15th, 2021.
 
-- 11 (Big Sur), 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
+- 11 (Big Sur), 10.15 (Catalina), 10.14 (Mojave)
 - Disk space: 1GB
 
 Beta versions of macOS are not supported.
@@ -104,7 +104,7 @@ The following downloadable spreadsheet lists the services and their associated U
 
 |**Spreadsheet of domains list**|**Description**|
 |:-----|:-----|
-|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/>  | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>Download the spreadsheet here: [mdatp-urls.xlsx](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx).
+|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/>  | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>Download the spreadsheet here: [mdatp-urls.xlsx](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx).
 
 Microsoft Defender for Endpoint can discover a proxy server by using the following discovery methods:
 - Proxy autoconfig (PAC)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md
index 610f3f8fb7..caa5ac5509 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md
@@ -1,6 +1,6 @@
 ---
 title: Microsoft Defender Security Center
-description: Microsoft Defender Security Center is the portal where you can access Microsoft Defender Advanced Threat Protection.
+description: Microsoft Defender Security Center is the portal where you can access Microsoft Defender for Endpoint.
 keywords: windows, defender, security, center, defender, advanced, threat, protection
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
index c6ea829a98..460b94e65a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
@@ -1,8 +1,8 @@
 ---
 title: Microsoft Threat Experts
 ms.reviewer: 
-description: Microsoft Threat Experts provides an additional layer of expertise to Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
-keywords: managed threat hunting service, managed threat hunting, managed detection and response (MDR) service, MTE, Microsoft Threat Experts
+description: Microsoft Threat Experts provides an additional layer of expertise to Microsoft Defender for Endpoint.
+keywords: managed threat hunting service, managed threat hunting, managed detection and response (MDR) service, MTE, Microsoft Threat Experts, MTE-TAN, targeted attack notification, Targeted Attack Notification
 search.product: Windows 10
 search.appverid: met150
 ms.prod: m365-security
@@ -26,31 +26,28 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
 
-Microsoft Threat Experts is a managed threat hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed.
+Microsoft Threat Experts is a managed threat hunting service that provides your Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in your unique environments don’t get missed.
   
-This new capability provides expert-driven insights and data through targeted attack notification and access to experts on demand.
-
-Watch this video for a quick overview of Microsoft Threat Experts.
-
->[!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4qZ0B]
-
+This managed threat hunting service provides expert-driven insights and data through these two capabilities: targeted attack notification and access to experts on demand.
 
 ## Before you begin 
 > [!NOTE]
 > Discuss the eligibility requirements with your Microsoft Technical Service provider and account team before you apply to the managed threat hunting service.
 
-Microsoft Defender for Endpoint customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.
+If you're a Microsoft Defender for Endpoint customer, you need to apply for Microsoft Threat Experts - Targeted Attack Notifications to get special insights and analysis that help identify the most critical threats so you can respond to them quickly. Contact your account team or Microsoft representative to subscribe to Microsoft Threat Experts - Experts on Demand to consult with our threat experts on relevant detections and adversaries.
 
-If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on-Demand subscription. See [Configure Microsoft Threat Experts capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#before-you-begin) for details. 
+To enroll to Microsoft Threat Experts - Targeted Attack Notifications benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts - Targeted Attack Notifications** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications.
+
+See [Configure Microsoft Threat Experts capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#before-you-begin) for details. 
 
 ## Targeted attack notification 
-Microsoft Threat Experts provides proactive hunting for the most important threats to your network, including human adversary intrusions, hands-on-keyboard attacks, or advanced attacks like cyberespionage. The managed hunting service includes:  
+Microsoft Threat Experts provides proactive hunting for the most important threats to your network, including human adversary intrusions, hands-on-keyboard attacks, or advanced attacks like cyberespionage. These notifications shows up as a new alert. The managed hunting service includes:  
 - Threat monitoring and analysis, reducing dwell time and risk to the business 
 - Hunter-trained artificial intelligence to discover and prioritize both known and unknown attacks  
 - Identifying the most important risks, helping SOCs maximize time and energy 
@@ -58,11 +55,9 @@ Microsoft Threat Experts provides proactive hunting for the most important threa
  
 ## Collaborate with experts, on demand 
 Customers can engage our security experts directly from within Microsoft Defender Security Center for timely and accurate response. Experts provide insights needed to better understand the complex threats affecting your organization, from alert inquiries, potentially compromised devices, root cause of a suspicious network connection, to additional threat intelligence regarding ongoing advanced persistent threat campaigns. With this capability, you can:
-
 - Get additional clarification on alerts including root cause or scope of the incident 
 - Gain clarity into suspicious device behavior and next steps if faced with an advanced attacker  
 - Determine risk and protection regarding threat actors, campaigns, or emerging attacker techniques 
-- Seamlessly transition to Microsoft Incident Response (IR) or other third-party Incident Response services when necessary 
 
 The option to **Consult a threat expert** is available in several places in the portal so you can engage with experts in the context of your investigation:
 
@@ -79,7 +74,7 @@ The option to **Consult a threat expert** is available in several places in the
 ![Screenshot of MTE-EOD file page action menu option](images/mte-eod-file.png)
 
 > [!NOTE]
-> Customers with Premier Support subscription mapped to their Office 365 license can track the status of their Experts on Demand cases through Microsoft Services Hub. 
+> If you would like to track the status of your Experts on Demand cases through Microsoft Services Hub, reach out to your Technical Account Manager. 
 
 Watch this video for a quick overview of the Microsoft Services Hub.
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md b/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md
index bda2c4c2d0..e88f62cdb5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/migration-guides.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
index 13cbda189c..bebf547a9e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -85,8 +85,8 @@ Access to Defender for Endpoint is done through a browser, supporting the follow
 ## Hardware and software requirements
 
 ### Supported Windows versions
-- Windows 7 SP1 Enterprise
-- Windows 7 SP1 Pro
+- Windows 7 SP1 Enterprise ([Requires ESU for support](https://docs.microsoft.com/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faq).)
+- Windows 7 SP1 Pro ([Requires ESU for support](https://docs.microsoft.com/troubleshoot/windows-client/windows-7-eos-faq/windows-7-extended-security-updates-faq).)
 - Windows 8.1 Enterprise
 - Windows 8.1 Pro
 - Windows 10 Enterprise
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md
index f7961db47d..9eeb7ce1d4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-list.md
@@ -21,7 +21,7 @@ ms.technology: mde
 # Supported managed security service providers
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -38,7 +38,10 @@ Logo |Partner name   | Description
 ![Image of CSIS Managed Detection & Response logo](images/csis-logo.png)| [CSIS Managed Detection & Response](https://go.microsoft.com/fwlink/?linkid=2091005) | 24/7 monitoring and analysis of security alerts giving companies actionable insights into what, when and how security incidents have taken place
 ![Image of Dell Technologies Advanced Threat Protection logo](images/dell-logo.png)| [Dell Technologies Advanced Threat Protection](https://go.microsoft.com/fwlink/?linkid=2091004) | Professional monitoring service for malicious behavior and anomalies with 24/7 capability
 ![Image of DXC-Managed Endpoint Threat Detection and Response logo](images/dxc-logo.png)| [DXC-Managed Endpoint Threat Detection and Response](https://go.microsoft.com/fwlink/?linkid=2090395) | Identify endpoint threats that evade traditional security defenses and contain them in hours or minutes, not days
+![Image of eSentire log](images/esentire-logo.png) | [eSentire Managed Detection and Response](https://go.microsoft.com/fwlink/?linkid=2154970) | 24x7 threat investigations and response via Microsoft Defender for Endpoint.
 ![Image of NTT Security logo](images/ntt-logo.png)| [NTT Security](https://go.microsoft.com/fwlink/?linkid=2095320) | NTT's EDR Service provides 24/7 security monitoring & response across your endpoint and network
+![Image of OneVinn logo](images/onevinn-logo.png) | [Onevinn MDR](https://go.microsoft.com/fwlink/?linkid=2155203)| 24/7 Managed Detection and Response built on Microsoft Defender and Azure Sentinel, enriched with Onevinn's threat intelligence.
+![Image of Quorum Cyber logo](images/quorum-logo.png) | [Quorum Cyber](https://go.microsoft.com/fwlink/?linkid=2155202)| A cutting-edge Threat Hunting & Security Engineering service.
 ![Image of Red Canary logo](images/redcanary-logo.png)| [Red Canary](https://go.microsoft.com/fwlink/?linkid=2103852) | Red Canary is a security operations partner for modern teams, MDR deployed in minutes
 ![Image of SecureWorks Managed Detection and Response Powered by Red Cloak logo](images/secureworks-logo.png)| [SecureWorks Managed Detection and Response Powered by Red Cloak](https://go.microsoft.com/fwlink/?linkid=2133634) | Secureworks combines threat intelligence and 20+ years of experience into SaaS and managed security solutions
 ![Image of sepagoSOC logo](images/sepago-logo.png)| [sepagoSOC](https://go.microsoft.com/fwlink/?linkid=2090491) | Ensure holistic security through sophisticated automated workflows in your zero trust environment
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md b/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md
index 5b69830dc9..af2aaccbc0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mssp-support.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md
index 065da4f483..7ff00a13e3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/network-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/network-protection.md
@@ -15,6 +15,7 @@ ms.reviewer:
 manager: dansimp
 ms.custom: asr
 ms.technology: mde
+ms.date: 03/08/2021
 ---
 
 # Protect your network
@@ -22,38 +23,38 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
+Network protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that might host phishing scams, exploits, and other malicious content on the Internet. Network protection expands the scope of [Microsoft Defender SmartScreen](../microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) to block all outbound HTTP(s) traffic that attempts to connect to low-reputation sources (based on the domain or hostname).
 
-Network protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet.
-
-Network protection expands the scope of [Microsoft Defender SmartScreen](../microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md) to block all outbound HTTP(s) traffic that attempts to connect to low-reputation sources (based on the domain or hostname).
-
-Network protection is supported beginning with Windows 10, version 1709. 
+Network protection is supported on Windows, beginning with Windows 10, version 1709. 
 
 For more information about how to enable network protection, see [Enable network protection](enable-network-protection.md). Use Group Policy, PowerShell, or MDM CSPs to enable and manage network protection in your network.
 
 > [!TIP]
-> You can visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
+> See the Microsoft Defender ATP testground site at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to see how network protection works.
 
-Network protection works best with [Microsoft Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into Windows Defender EG events and blocks as part of the usual [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md).
+Network protection works best with [Microsoft Defender for Endpoint](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), which gives you detailed reporting into exploit protection events and blocks as part of [alert investigation scenarios](../microsoft-defender-atp/investigate-alerts.md).
 
-When network protection blocks a connection, a notification will be displayed from the Action Center. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors.
+When network protection blocks a connection, a notification is displayed from the Action Center. Your security operations team can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your organization's details and contact information. In addition, individual attack surface reduction rules can be enabled and customized to suit certain techniques to monitor.
 
-You can also use [audit mode](audit-windows-defender.md) to evaluate how Network protection would impact your organization if it were enabled.
+You can also use [audit mode](audit-windows-defender.md) to evaluate how network protection would impact your organization if it were enabled.
+
+> [!NOTE]
+> If network protection is enabled and platform updates are managed, it could cause some systems to lose network connectivity if their systems aren't updated. As a result, some devices might lose network connectivity. In a managed environment, make sure that Configuration Manager auto deployment rule is updating the platform. Make sure this is fully deployed to all clients before turning on network protection.
 
 ## Requirements
 
 Network protection requires Windows 10 Pro or Enterprise, and Microsoft Defender Antivirus real-time protection.
 
-| Windows 10 version | Microsoft Defender Antivirus |
+| Windows version | Microsoft Defender Antivirus |
 |:---|:---|
-| Windows 10 version 1709 or later | [Microsoft Defender AV real-time protection](../microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md) and [cloud-delivered protection](../microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md) must be enabled |
+| Windows 10 version 1709 or later <p>Windows Server 1803 or later | [Microsoft Defender Antivirus real-time protection](../microsoft-defender-antivirus/configure-real-time-protection-microsoft-defender-antivirus.md) and [cloud-delivered protection](../microsoft-defender-antivirus/enable-cloud-protection-microsoft-defender-antivirus.md) must be enabled |
 
-After you have enabled the services, you might need to configure your network or firewall to allow the connections between the services and your endpoints.  
+After you have enabled the services, you might need to configure your network or firewall to allow the connections between the services and your devices (also referred to as endpoints).  
 
 - .smartscreen.microsoft.com
 - .smartscreen-prod.microsoft.com
@@ -79,13 +80,13 @@ You can review the Windows event log to see events that are created when network
 
 2. Select **OK**.
 
-3. This will create a custom view that filters to only show the following events related to network protection:
+This procedure creates a custom view that filters to only show the following events related to network protection:
 
-   | Event ID | Description |
-   |:---|:---|
-   | 5007 | Event when settings are changed |
-   | 1125 | Event when network protection fires in audit mode |
-   | 1126 | Event when network protection fires in block mode |
+| Event ID | Description |
+|:---|:---|
+| 5007 | Event when settings are changed |
+| 1125 | Event when network protection fires in audit mode |
+| 1126 | Event when network protection fires in block mode |
 
 ## Related articles
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
index 1a62b95bac..8f700be3fc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/non-windows.md b/windows/security/threat-protection/microsoft-defender-atp/non-windows.md
index 517c697b71..3dbe1d53a5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/non-windows.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/non-windows.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md
index a994c90a5b..70caff12de 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machine-api.md
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
index aba249ebca..9350bcaf03 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md
@@ -1,7 +1,7 @@
 ---
 title: Offboard devices from the Microsoft Defender ATP service
 description: Onboard Windows 10 devices, servers, non-Windows devices from the Microsoft Defender ATP service
-keywords: offboarding, microsoft defender advanced threat protection offboarding, windows atp offboarding
+keywords: offboarding, microsoft defender for endpoint offboarding, windows atp offboarding
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -24,14 +24,14 @@ ms.technology: mde
 
 
 **Applies to:**
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
+
+**Platforms**
 - macOS
 - Linux
 - Windows Server 2012 R2
 - Windows Server 2016
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
-
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-offboarddevices-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
index 707d4681f7..344e118e8d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
@@ -1,7 +1,7 @@
 ---
 title: Onboard devices to the Microsoft Defender ATP service
 description: Onboard Windows 10 devices, servers, non-Windows devices and learn how to run a detection test.
-keywords: onboarding, microsoft defender advanced threat protection onboarding, windows atp onboarding, sccm, group policy, mdm, local script, detection test
+keywords: onboarding, microsoft defender for endpoint onboarding, windows atp onboarding, sccm, group policy, mdm, local script, detection test
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
@@ -60,14 +60,10 @@ Topic | Description
 :---|:---
 [Onboard previous versions of Windows](onboard-downlevel.md)| Onboard Windows 7 and Windows 8.1 devices to Defender for Endpoint. 
 [Onboard Windows 10 devices](configure-endpoints.md) | You'll need to onboard devices for it to report to the Defender for Endpoint service. Learn about the tools and methods you can use to configure devices in your enterprise.
-[Onboard servers](configure-server-endpoints.md) |  Onboard Windows Server 2012 R2 and Windows Server 2016 to Defender for Endpoint 
+[Onboard servers](configure-server-endpoints.md) |  Onboard Windows Server 2008 R2 SP1, Windows Server 2012 R2, Windows Server 2016, Windows Server (SAC) version 1803 and later, Windows Server 2019 and later, and Windows Server 2019 core edition to Defender for Endpoint.
 [Onboard non-Windows devices](configure-endpoints-non-windows.md) | Defender for Endpoint provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Microsoft Defender Security Center and better protect your organization's network. This experience leverages on a third-party security products' sensor data. 
 [Run a detection test on a newly onboarded device](run-detection-test.md) | Run a script on a newly onboarded device to verify that it is properly reporting to the Defender for Endpoint service.
 [Configure proxy and Internet settings](configure-proxy-internet.md)| Enable communication with the Defender for Endpoint cloud service by configuring the proxy and Internet connectivity settings.
 [Troubleshoot onboarding issues](troubleshoot-onboarding.md) | Learn about resolving issues that might arise during onboarding.
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)
-
-
-
-
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md
index 015e66faac..6760f395a0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-downlevel.md
@@ -24,13 +24,14 @@ ms.technology: mde
 
 
 **Applies to:**
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
+**Platforms**
 - Windows 7 SP1 Enterprise
 - Windows 7 SP1 Pro
 - Windows 8.1 Pro
 - Windows 8.1 Enterprise
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-downlevel-abovefoldlink).
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md
index f8f4833fc7..94196812e5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-offline-machines.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-windows-10-multi-session-device.md
similarity index 91%
rename from windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md
rename to windows/security/threat-protection/microsoft-defender-atp/onboard-windows-10-multi-session-device.md
index 6cfe7fc064..f88cf154c1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/Onboard-Windows-10-multi-session-device.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-windows-10-multi-session-device.md
@@ -23,8 +23,6 @@ ms.technology: mde
 
 Applies to: 
 - Windows 10 multi-session running on Windows Virtual Desktop (WVD) 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
@@ -33,7 +31,7 @@ Applies to:
 
 Microsoft Defender for Endpoint supports monitoring both VDI as well as Windows Virtual Desktop sessions. Depending on your organization's needs, you might need to implement VDI or Windows Virtual Desktop sessions to help your employees access corporate data and apps from an unmanaged device, remote location, or similar scenario. With Microsoft Defender for Endpoint, you can monitor these virtual machines for anomalous activity.
 
- ## Before you begin
+## Before you begin
 
 See [considerations for non-persistent VDI](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi#onboard-non-persistent-virtual-desktop-infrastructure-vdi-devices-1). Although [Windows Virtual Desktop](https://docs.microsoft.com/azure/virtual-desktop/overview) does not provide non-persistence options, it does provide ways to use a Windows image that can be used to provision new hosts and redeploy machines. This increases volatility in the environment, and thus impacts what entries are created and maintained in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)), potentially reducing visibility for your security analysts.
 
@@ -47,7 +45,7 @@ Microsoft recommends onboarding Windows Virtual Desktop as a single entry per vi
 Microsoft recommends adding the Microsoft Defender for Endpoint onboarding script to the WVD image. This way, you can be sure that this onboarding script runs immediately at first boot. It is executed as a startup script at first boot on all the WVD machines that are provisioned from the WVD golden image. However, if you are using one of the gallery images without modification, place the script in a shared location and call it from either local or domain group policy. 
 
 > [!NOTE]
-> The placement and configuration of the VDI onboarding startup script on the WVD golden image configures it as a startup script that runs when the WVD starts. It is NOT recommended to onboard the actual WVD golden image. Another consideration is the method used to run the script. It should run as early in the startup/provisioning process as possible to reduce the time between the machine being available to receive sessions and the device onboarding to the service. Below scenarios 1 & 2 take this into account.
+> The placement and configuration of the VDI onboarding startup script on the WVD golden image configures it as a startup script that runs when the WVD starts. It is _not_ recommended to onboard the actual WVD golden image. Another consideration is the method used to run the script. It should run as early in the startup/provisioning process as possible to reduce the time between the machine being available to receive sessions and the device onboarding to the service. Below scenarios 1 & 2 take this into account.
 
 ## Scenarios
 There are several ways to onboard a WVD host machine:
@@ -66,24 +64,36 @@ Follow the instructions for a single entry for each device.
 This scenario uses a centrally located script and runs it using a domain-based group policy. You can also place the script in the golden image and run it in the same way.
 
 #### Download the WindowsDefenderATPOnboardingPackage.zip file from the Windows Defender Security Center
-1. Open the VDI configuration package .zip file (WindowsDefenderATPOnboardingPackage.zip)  
-    - In the Microsoft Defender Security Center navigation pane, select **Settings** > **Onboarding**. 
-    - Select Windows 10 as the operating system. 
-    - In the **Deployment method** field, select VDI onboarding scripts for non-persistent endpoints. 
-    - Click **Download package** and save the .zip file. 
+
+1. Open the VDI configuration package .zip file (WindowsDefenderATPOnboardingPackage.zip).
+
+   1. In the Microsoft Defender Security Center navigation pane, select **Settings** > **Onboarding**. 
+   1. Select Windows 10 as the operating system. 
+   1. In the **Deployment method** field, select VDI onboarding scripts for non-persistent endpoints. 
+   1. Click **Download package** and save the .zip file. 
+
 2. Extract the contents of the .zip file to a shared, read-only location that can be accessed by the device. You should have a folder called **OptionalParamsPolicy** and the files **WindowsDefenderATPOnboardingScript.cmd** and **Onboard-NonPersistentMachine.ps1**.
 
 #### Use Group Policy management console to run the script when the virtual machine starts
+
 1. Open the Group Policy Management Console (GPMC), right-click the Group Policy Object (GPO) you want to configure and click **Edit**.
+
 2. In the Group Policy Management Editor, go to **Computer configuration** > **Preferences** > **Control panel settings**. 
+
 3. Right-click **Scheduled tasks**, click **New**, and then select **Immediate Task** (At least Windows 7). 
+
 4. In the Task window that opens, go to the **General** tab. Under **Security options** click **Change User or Group** and type SYSTEM. Click **Check Names** and then click OK. `NT AUTHORITY\SYSTEM` appears as the user account under which the task will run. 
+
 5. Select **Run whether user is logged on or not** and select the **Run with highest privileges** option. 
+
 6. Go to the **Actions** tab and select **New**. Confirm that **Start a program** is selected in the **Action** field.
+
 7. Specify the following: <br/> 
+
    - Action = **Start a program**
    - Program/Script = `C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe` 
    - Add Arguments (optional) = `-ExecutionPolicy Bypass -command "& \\Path\To\Onboard-NonPersistentMachine.ps1"`
+
 8. Select **OK** and close any open GPMC windows.
 
 ### Scenario 3: Onboarding using management tools
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard.md b/windows/security/threat-protection/microsoft-defender-atp/onboard.md
index e38231a50b..ed6a1b3019 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md
index cfac9fcfd7..b8553123ad 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-configuration-manager.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md
index b7d42d9142..dc142a7ba3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-endpoint-manager.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md
index 1cdfe2f6b4..a42909b38d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/onboarding.md
index 641f78a4e3..db5317f020 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboarding.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md
index e2686d0b0d..90910ef229 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md
@@ -2,7 +2,7 @@
 title: Overview of attack surface reduction
 ms.reviewer: 
 description: Learn about the attack surface reduction capabilities of Microsoft Defender ATP.
-keywords: asr, attack surface reduction, microsoft defender atp, microsoft defender advanced threat protection, microsoft defender, antivirus, av, windows defender
+keywords: asr, attack surface reduction, microsoft defender atp, microsoft defender for endpoint, microsoft defender, antivirus, av, windows defender
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md
index bc94c1f8f6..35cfd28f21 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md b/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md
index 73e56c353d..cfafd8f540 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md b/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md
index e9fbf258b4..bc271ee631 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview-hardware-based-isolation.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md
index 998b06013b..886b9dd8be 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/partner-applications.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md b/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md
index 3d1b8e911d..4ffa007d8e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/partner-integration.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
index b7f89066a3..357a1847dd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md
@@ -1,5 +1,5 @@
 ---
-title: Microsoft Defender Advanced Threat Protection portal overview
+title: Microsoft Defender for Endpoint portal overview
 description: Microsoft Defender Security Center can monitor your enterprise network and assist in responding to potential advanced persistent threats (APT) or data breaches.
 keywords: Microsoft Defender Security Center, portal, cybersecurity threat intelligence, dashboard, alerts queue, devices list, settings, device management, advanced attacks
 search.product: eADQiWindows 10XVcnh
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
index 53360643c8..41dc5c18e0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md
@@ -1,6 +1,6 @@
 ---
 title: Submit or Update Indicator API
-description: Learn how to use the Submit or Update Indicator API to submit or update a new Indicator entity in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Submit or Update Indicator API to submit or update a new Indicator entity in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, submit, ti, indicator, update
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md b/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md
index abe5f6b57a..a14e13cf93 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md
index 8dab515d0f..58c5fe70f6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/prepare-deployment.md
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md b/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md
index 626aafb55f..fa023756c3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview-settings.md
@@ -1,6 +1,6 @@
 ---
 title: Turn on the preview experience in Microsoft Defender ATP
-description: Turn on the preview experience in Microsoft Defender Advanced Threat Protection to try upcoming features.
+description: Turn on the preview experience in Microsoft Defender for Endpoint to try upcoming features.
 keywords: advanced features, settings, block file
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md
index 169dd4dda9..845231f559 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md
@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender ATP preview features
-description: Learn how to access Microsoft Defender Advanced Threat Protection preview features.
-keywords: preview, preview experience, Microsoft Defender Advanced Threat Protection, features, updates
+description: Learn how to access Microsoft Defender for Endpoint preview features.
+keywords: preview, preview experience, Microsoft Defender for Endpoint, features, updates
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -28,7 +28,7 @@ ms.technology: mde
 >The preview versions are provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities.
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
index b0fe2b8a22..5a69318c36 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md
@@ -1,6 +1,6 @@
 ---
-title: Set up Microsoft Defender ATP deployment
-description: Learn how to setup the deployment for Microsoft Defender ATP
+title: Set up Microsoft Defender for Endpoint deployment
+description: Learn how to set up the deployment for Microsoft Defender for Endpoint
 keywords: deploy, setup, licensing validation, tenant configuration, network configuration
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -27,7 +27,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
@@ -47,7 +47,7 @@ In this deployment scenario, you'll be guided through the steps on:
 
 
 >[!NOTE]
->For the purpose of guiding you through a typical deployment, this scenario will only cover the use of Microsoft Endpoint Configuration Manager. Defender for Endpoint supports the use of other onboarding tools but will not cover those scenarios in the deployment guide. For more information, see [Onboard devices to Microsoft Defender for Endpoint](onboard-configure.md).
+>For the purpose of guiding you through a typical deployment, this scenario will only cover the use of Microsoft Endpoint Configuration Manager. Defender for Endpoint supports the use of other onboarding tools but won't cover those scenarios in the deployment guide. For more information, see [Onboard devices to Microsoft Defender for Endpoint](onboard-configure.md).
 
 ## Check license state
 
@@ -59,7 +59,7 @@ Checking for the license state and whether it got properly provisioned, can be d
 
 1. Alternately, in the admin center, navigate to **Billing** > **Subscriptions**.
 
-    On the screen, you will see all the provisioned licenses and their current **Status**.
+    On the screen, you'll see all the provisioned licenses and their current **Status**.
 
     ![Image of billing licenses](images/atp-billing-subscriptions.png)
 
@@ -93,7 +93,7 @@ When accessing Microsoft Defender Security Center for the first time, a wizard t
 
 4. Set up preferences.
 
-   **Data storage location** - It's important to set this up correctly. Determine where the customer wants to be primarily hosted: US, EU, or UK. You cannot change the location after this set up and Microsoft will not transfer the data from the specified geolocation. 
+   **Data storage location** - It's important to set this up correctly. Determine where the customer wants to be primarily hosted: US, EU, or UK. You can't change the location after this set up and Microsoft won't transfer the data from the specified geolocation. 
 
     **Data retention** - The default is six months.
 
@@ -109,7 +109,7 @@ When accessing Microsoft Defender Security Center for the first time, a wizard t
 
 
 ## Network configuration
-If the organization does not require the endpoints to use a Proxy to access the
+If the organization doesn't require the endpoints to use a Proxy to access the
 Internet, skip this section.
 
 The Microsoft Defender for Endpoint sensor requires Microsoft Windows HTTP (WinHTTP) to
@@ -127,15 +127,11 @@ the following discovery methods:
 
 -   Web Proxy Autodiscovery Protocol (WPAD)
 
-If a Transparent proxy or WPAD has been implemented in the network topology,
+If a Transparent proxy or WPAD has been implemented in the network topology, 
 there is no need for special configuration settings. For more information on
 Microsoft Defender for Endpoint URL exclusions in the proxy, see the
-Appendix section in this document for the URLs allow list or on
-[Microsoft
-Docs](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-proxy-internet-windows-defender-advanced-threat-protection#enable-access-to-windows-defender-atp-service-urls-in-the-proxy-server).
-
-> [!NOTE]
-> For a detailed list of URLs that need to be allowed, please see [this article](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus).
+[Proxy Service URLs](production-deployment.md#proxy-service-urls) section in this document for the URLs allow list or on
+[Configure device proxy and Internet connectivity settings](configure-proxy-internet.md#enable-access-to-microsoft-defender-for-endpoint-service-urls-in-the-proxy-server).
 
 **Manual static proxy configuration:**
 
@@ -226,27 +222,30 @@ The following downloadable spreadsheet lists the services and their associated U
 
 |**Spreadsheet of domains list**|**Description**|
 |:-----|:-----|
-|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/>  | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) 
+|![Thumb image for Microsoft Defender for Endpoint URLs spreadsheet](images/mdatp-urls.png)<br/>  | Spreadsheet of specific DNS records for service locations, geographic locations, and OS. <br><br>[Download the spreadsheet here.](https://download.microsoft.com/download/8/a/5/8a51eee5-cd02-431c-9d78-a58b7f77c070/mde-urls.xlsx) 
 
 
-###  Microsoft Defender for Endpoint service backend IP range
+###  Microsoft Defender for Endpoint service backend IP ranges
 
-If you network devices don't support the URLs listed in the prior section, you can use the following information.
+If your network devices don't support DNS-based rules, use IP ranges instead.
 
-Defender for Endpoint is built on Azure cloud, deployed in the following regions:
+Defender for Endpoint is built in Azure cloud, deployed in the following regions:
 
-- \+\<Region Name="uswestcentral">
-- \+\<Region Name="useast2">
-- \+\<Region Name="useast">
-- \+\<Region Name="europenorth">
-- \+\<Region Name="europewest">
-- \+\<Region Name="uksouth">
-- \+\<Region Name="ukwest">
+- AzureCloud.eastus
+- AzureCloud.eastus2
+- AzureCloud.westcentralus
+- AzureCloud.northeurope
+- AzureCloud.westeurope
+- AzureCloud.uksouth
+- AzureCloud.ukwest
 
-You can find the Azure IP range on [Microsoft Azure Datacenter IP Ranges](https://www.microsoft.com/en-us/download/details.aspx?id=41653).
+You can find the Azure IP ranges in [Azure IP Ranges and Service Tags – Public Cloud](https://www.microsoft.com/download/details.aspx?id=56519).
 
 > [!NOTE]
-> As a cloud-based solution, the IP address range can change. It's recommended you move to DNS resolving setting.
+> As a cloud-based solution, the IP address ranges can change. It's recommended you move to DNS-based rules.
+
+> [!NOTE]
+> If you are a US Government customer, please see the corresponding section in the [Defender for Endpoint for US Government](gov.md#service-backend-ip-ranges) page.
 
 ## Next step
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md b/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
index bed5597bce..c22b4a504f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md
index 3b4e3677f2..c66d90bd4e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md
@@ -1,5 +1,5 @@
 ---
-title: Stream Microsoft Defender Advanced Threat Protection events to Azure Event Hubs
+title: Stream Microsoft Defender for Endpoint events to Azure Event Hubs
 description: Learn how to configure Microsoft Defender ATP to stream Advanced Hunting events to your Event Hub.
 keywords: raw data export, streaming API, API, Azure Event Hubs, Azure storage, storage account, Advanced Hunting, raw data sharing
 search.product: eADQiWindows 10XVcnh
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md
index 0b8aaf517a..ce6bda70ca 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md
@@ -1,5 +1,5 @@
 ---
-title: Stream Microsoft Defender Advanced Threat Protection events to your Storage account
+title: Stream Microsoft Defender for Endpoint events to your Storage account
 description: Learn how to configure Microsoft Defender ATP to stream Advanced Hunting events to your Storage account.
 keywords: raw data export, streaming API, API, Event Hubs, Azure storage, storage account, Advanced Hunting, raw data sharing
 search.product: eADQiWindows 10XVcnh
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
index 98400242b3..2367dfc93a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md
@@ -1,5 +1,5 @@
 ---
-title: Stream Microsoft Defender Advanced Threat Protection event
+title: Stream Microsoft Defender for Endpoint event
 description: Learn how to configure Microsoft Defender ATP to stream Advanced Hunting events to Event Hubs or Azure storage account
 keywords: raw data export, streaming API, API, Event hubs, Azure storage, storage account, Advanced Hunting, raw data sharing
 search.product: eADQiWindows 10XVcnh
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-configuresiem-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/rbac.md b/windows/security/threat-protection/microsoft-defender-atp/rbac.md
index b5bc0c196d..7ee2fc5593 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/rbac.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/rbac.md
@@ -25,13 +25,9 @@ ms.technology: mde
 **Applies to:**
 - Azure Active Directory
 - Office 365
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
-- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-rbac-abovefoldlink)
 
-
 Using role-based access control (RBAC), you can create roles and groups within your security operations team to grant appropriate access to the  portal. Based on the roles and groups you create, you have fine-grained control over what users with access to the portal can see and do. 
 
 > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4bJ2a]
diff --git a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
index a79f5f4029..a75788222a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/recommendation.md
@@ -22,7 +22,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
index d3a21ba3a1..5c99f08ced 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
index 45004c7b04..2f22080f6f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-respondmachine-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/restrict-code-execution.md b/windows/security/threat-protection/microsoft-defender-atp/restrict-code-execution.md
index fac76273f1..bd6555f905 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/restrict-code-execution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/restrict-code-execution.md
@@ -22,10 +22,11 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md
index 3c45e7a6ad..817881e715 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/review-alerts.md
@@ -1,5 +1,5 @@
 ---
-title: Review alerts in Microsoft Defender Advanced Threat Protection
+title: Review alerts in Microsoft Defender for Endpoint
 description: Review alert information, including a visualized alert story and details for each step of the chain.
 keywords: incident, incidents, machines, devices, users, alerts, alert, investigation, graph, evidence
 ms.prod: m365-security
@@ -25,7 +25,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-managealerts-abovefoldlink)
 
@@ -44,23 +44,37 @@ Selecting an alert's name in Defender for Endpoint will land you on its alert pa
 3. The **alert story** displays all entities related to the alert, interconnected by a tree view. The alert in the title will be the one in focus when you first land on your selected alert's page. Entities in the alert story are expandable and clickable, to provide additional information and expedite response by allowing you to take actions right in the context of the alert page. Use the alert story to start your investigation. Learn how in [Investigate alerts in Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/investigate-alerts).
 4. The **details pane** will show the details of the selected alert at first, with details and actions related to this alert. If you select any of the affected assets or entities in the alert story, the details pane will change to provide contextual information and actions for the selected object.
 
-![An alert page when you first land on it](images/alert-landing-view.png)
+Note the detection status for your alert. 
+- Prevented – The attempted suspicious action was avoided. For example, a file either wasn’t written to disk or executed.
+![An alert page showing threat was prevented](images/detstat-prevented.png)
+- Blocked – Suspicious behavior was executed and then blocked. For example, a process was executed but because it subsequently exhibited suspicious behaviors, the process was terminated.
+![An alert page showing threat was blocked](images/detstat-blocked.png)
+- Detected – An attack was detected and is possibly still active.
+![An alert page showing threat was detected](images/detstat-detected.png)
 
-Note the detection status for your alert. Blocked, or prevented means actions were already taken by Defender for Endpoint.
-Start by reviewing the *automated investigation details* in your alert's details pane, to see which actions were already taken, as well as reading the alert's description for recommended actions.
+
+
+
+You can then also review the *automated investigation details* in your alert's details pane, to see which actions were already taken, as well as reading the alert's description for recommended actions.
 
 ![A snippet of the details pane with the alert description and automatic investigation sections highlighted](images/alert-air-and-alert-description.png)
 
 Other information available in the details pane when the alert opens includes MITRE techniques, source, and additional contextual details.
 
+
+
+
 ## Review affected assets
 
 Selecting a device or a user card in the affected assets sections will switch to the details of the device or user in the details pane.
 
-- **For devices** the details pane will display information about the device itself, like Domain, Operating System, and IP. Active alerts and the logged on users on that device are also available. You can take immediate action by isolating the device, restricting app execution, or running an antivirus scan. Alternatively, you could collect an investigation package, initiate an automated investigation, or go to the device page to investigate from the device's point of view.
-- **For users** the details pane will display detailed user information, such as the user's SAM name and SID, as well as logon types performed by this user and any alerts and incidents related to it. You can select *Open user page* to continue the investigation from that user's point of view.
+- **For devices**, the details pane will display information about the device itself, like Domain, Operating System, and IP. Active alerts and the logged on users on that device are also available. You can take immediate action by isolating the device, restricting app execution, or running an antivirus scan. Alternatively, you could collect an investigation package, initiate an automated investigation, or go to the device page to investigate from the device's point of view.
 
-   ![A snippet of the details pane when a device is selected](images/alert-device-details.png)
+   ![A snippet of the details pane when a device is selected](images/device-page-details.png)
+
+- **For users**, the details pane will display detailed user information, such as the user's SAM name and SID, as well as logon types performed by this user and any alerts and incidents related to it. You can select *Open user page* to continue the investigation from that user's point of view.
+
+   ![A snippet of the details pane when a user is selected](images/user-page-details.png)
 
 
 ## Related topics
diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md
index e50d7962b8..d039c604ad 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md
@@ -1,7 +1,7 @@
 ---
 title: Advanced Hunting API
 ms.reviewer: 
-description: Learn to use the advanced hunting API to run advanced queries on Microsoft Defender Advanced Threat Protection. Find out about limitations and see an example.
+description: Learn to use the advanced hunting API to run advanced queries on Microsoft Defender for Endpoint. Find out about limitations and see an example.
 keywords: apis, supported apis, advanced hunting, query
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -23,7 +23,8 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-powershell.md b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-powershell.md
index 672ca68dd2..36bb91f345 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-powershell.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-powershell.md
@@ -1,7 +1,7 @@
 ---
 title: Advanced Hunting with PowerShell API Basics
 ms.reviewer: 
-description: Learn the basics of querying the Microsoft Defender Advanced Threat Protection API, using PowerShell.
+description: Learn the basics of querying the Microsoft Defender for Endpoint API, using PowerShell.
 keywords: apis, supported apis, advanced hunting, query
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,7 +22,8 @@ ms.technology: mde
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-python.md b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-python.md
index f8160dceca..2f8edd38ca 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-python.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-python.md
@@ -1,7 +1,7 @@
 ---
 title: Advanced Hunting with Python API Guide
 ms.reviewer: 
-description: Learn how to query using the Microsoft Defender Advanced Threat Protection API, by using Python, with examples.
+description: Learn how to query using the Microsoft Defender for Endpoint API, by using Python, with examples.
 keywords: apis, supported apis, advanced hunting, query
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,7 +22,8 @@ ms.technology: mde
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-av-scan.md b/windows/security/threat-protection/microsoft-defender-atp/run-av-scan.md
index 391ed99e1c..40069b0eb1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/run-av-scan.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/run-av-scan.md
@@ -21,7 +21,8 @@ ms.technology: mde
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md b/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md
index e4acca12b4..d62f18fd7b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md
@@ -1,7 +1,7 @@
 ---
 title: Run a detection test on a newly onboarded Microsoft Defender ATP device
 description: Run the detection script on a newly onboarded device to verify that it is properly onboarded to the Microsoft Defender ATP service.
-keywords: detection test, detection, powershell, script, verify, onboarding, microsoft defender advanced threat protection onboarding, clients, servers, test
+keywords: detection test, detection, powershell, script, verify, onboarding, microsoft defender for endpoint onboarding, clients, servers, test
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -31,7 +31,7 @@ ms.technology: mde
 - Windows Server 2016
 - Windows Server, version 1803
 - Windows Server, 2019
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/score.md b/windows/security/threat-protection/microsoft-defender-atp/score.md
index 99c8566590..80e49afc9f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/score.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md
index fae7709749..9c7cd442e1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-secopsdashboard-abovefoldlink) 
 
@@ -68,7 +68,7 @@ This tile shows you a list of devices with the highest number of active alerts.
 
 ![The Devices at risk tile shows a list of devices with the highest number of alerts, and a breakdown of the severity of the alerts](images/devices-at-risk-tile.png)
 
-Click the name of the device to see details about that device. For more information see, [Investigate devices in the Microsoft Defender Advanced Threat Protection Devices list](investigate-machines.md).
+Click the name of the device to see details about that device. For more information see, [Investigate devices in the Microsoft Defender for Endpoint Devices list](investigate-machines.md).
 
 You can also click **Devices list** at the top of the tile to go directly to the **Devices list**, sorted by the number of active alerts. For more information see, [Investigate devices in the Microsoft Defender for Endpoint Devices list](investigate-machines.md).
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/service-status.md b/windows/security/threat-protection/microsoft-defender-atp/service-status.md
index c0c35a7e8e..b5010f0005 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/service-status.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/service-status.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/set-device-value.md b/windows/security/threat-protection/microsoft-defender-atp/set-device-value.md
index 366f94269c..cf8b130e5d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/set-device-value.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/set-device-value.md
@@ -1,6 +1,6 @@
 ---
 title: Set device value API
-description: Learn how to specify the value of a device using a Microsoft Defender Advanced Threat Protection API.
+description: Learn how to specify the value of a device using a Microsoft Defender for Endpoint API.
 keywords: apis, graph api, supported apis, tags, machine tags
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,10 +22,11 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/software.md b/windows/security/threat-protection/microsoft-defender-atp/software.md
index d158ad400f..244d65b7fa 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/software.md
@@ -22,10 +22,11 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/stop-and-quarantine-file.md b/windows/security/threat-protection/microsoft-defender-atp/stop-and-quarantine-file.md
index f39ff29d54..9ff1630d67 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/stop-and-quarantine-file.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/stop-and-quarantine-file.md
@@ -1,6 +1,6 @@
 ---
 title: Stop and quarantine file API
-description: Learn how to stop running a file on a device and delete the file in Microsoft Defender Advanced Threat Protection. See an example.
+description: Learn how to stop running a file on a device and delete the file in Microsoft Defender for Endpoint. See an example.
 keywords: apis, graph api, supported apis, stop and quarantine file
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -21,7 +21,8 @@ ms.technology: mde
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
-**Applies to:** [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+**Applies to:** 
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-onboard.md b/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-onboard.md
index 750fbb2666..3ccef460bb 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-onboard.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-onboard.md
@@ -19,21 +19,17 @@ ms.collection:
   - m365solution-migratetomdatp
 ms.custom: migrationguides
 ms.topic: article
-ms.date: 02/11/2021
+ms.date: 03/03/2021
 ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
 ---
 
 # Switch to Microsoft Defender for Endpoint - Phase 3: Onboard
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-
-|[![Phase 1: Prepare](images/prepare.png)](switch-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare2](switch-to-microsoft-defender-prepare.md) |[![Phase 2: Set up](images/setup.png)](switch-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up2](switch-to-microsoft-defender-setup.md) |![Phase 3: Onboard1](images/onboard.png)<br/>Phase 3: Onboard |
-|[![Phase 1: Prepare3](images/phase-diagrams/prepare.png)](switch-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare4](switch-to-microsoft-defender-prepare.md) |[![Phase 2: Set up2](images/phase-diagrams/setup.png)](switch-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](switch-to-microsoft-defender-setup.md) |![Phase 3: Onboard2](images/phase-diagrams/onboard.png)<br/>Phase 3: Onboard |
-
+| [![Phase 1: Prepare3](images/phase-diagrams/prepare.png)](switch-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](switch-to-microsoft-defender-prepare.md) | [![Phase 2: Set up](images/phase-diagrams/setup.png)](switch-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](switch-to-microsoft-defender-setup.md) | ![Phase 3: Onboard](images/phase-diagrams/onboard.png)<br/>Phase 3: Onboard |
 |--|--|--|
 || |*You are here!* |
 
@@ -71,7 +67,7 @@ To verify that your onboarded devices are properly connected to Microsoft Defend
 |Operating system  |Guidance  |
 |---------|---------|
 |- Windows 10 <br/>- Windows Server 2019 <br/>- Windows Server, version 1803 <br/>- Windows Server 2016 <br/>- Windows Server 2012 R2     |See [Run a detection test](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/run-detection-test). <br/><br/>Visit the Microsoft Defender for Endpoint demo scenarios site ([https://demo.wd.microsoft.com](https://demo.wd.microsoft.com)) and try one or more of the scenarios. For example, try the **Cloud-delivered protection** demo scenario.         |
-|macOS<br/>- 10.15 (Catalina)<br/>- 10.14 (Mojave)<br/>- 10.13 (High Sierra)     |Download and use the DIY app at [https://aka.ms/mdatpmacosdiy](https://aka.ms/mdatpmacosdiy). <br/><br/>For more information, see [Microsoft Defender Advanced Threat Protection for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac).        |
+|macOS<br/>- 10.15 (Catalina)<br/>- 10.14 (Mojave)<br/>- 10.13 (High Sierra)     |Download and use the DIY app at [https://aka.ms/mdatpmacosdiy](https://aka.ms/mdatpmacosdiy). <br/><br/>For more information, see [Microsoft Defender for Endpoint for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac).        |
 |Linux:<br/>- RHEL 7.2+<br/>- CentOS Linux 7.2+<br/>- Ubuntu 16 LTS, or higher LTS<br/>- SLES 12+<br/>- Debian 9+<br/>- Oracle Linux 7.2 |1. Run the following command, and look for a result of **1**: <br/>`mdatp health --field real_time_protection_enabled`. <br/><br/>2. Open a Terminal window, and run the following command: <br/>`curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt`. <br/><br/>3. Run the following command to list any detected threats: <br/>`mdatp threat list`. <br/><br/>For more information, see [Microsoft Defender ATP for Linux](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux). |
 
 ## Uninstall your non-Microsoft solution
@@ -89,6 +85,9 @@ To do this, visit the Microsoft Defender for Endpoint demo scenarios site ([http
 - Potentially Unwanted Applications (PUA)
 - Network Protection (NP)
 
+> [!IMPORTANT]
+> If you are using Windows Server 2016, you might have to start Microsoft Defender Antivirus manually. You can do this by using the PowerShell cmdlet `mpcmdrun.exe -wdenable` on the device.
+
 ## Next steps
 
 **Congratulations**! You have completed your [migration to Microsoft Defender for Endpoint](switch-to-microsoft-defender-migration.md#the-migration-process)! 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-prepare.md b/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-prepare.md
index dcc7c80896..fc69720be1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-prepare.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-prepare.md
@@ -19,25 +19,20 @@ ms.collection:
   - m365solution-migratetomdatp
 ms.topic: article
 ms.custom: migrationguides
-ms.date: 02/11/2021
+ms.date: 03/03/2021
 ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
 ---
 
 # Switch to Microsoft Defender for Endpoint - Phase 1: Prepare
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-
-|![Phase 1: Prepare](images/prepare.png)<br/>Phase 1: Prepare |[![Phase 2: Set up](images/setup.png)](switch-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up2](switch-to-microsoft-defender-setup.md) |[![Phase 3: Onboard](images/onboard.png)](switch-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard2](switch-to-microsoft-defender-onboard.md) |
-|![Phase 1: Prepare2](images/phase-diagrams/prepare.png)<br/>Phase 1: Prepare |[![Phase 2: Set up3](images/phase-diagrams/setup.png)](switch-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up4](switch-to-microsoft-defender-setup.md) |[![Phase 3: Onboard3](images/phase-diagrams/onboard.png)](switch-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard4](switch-to-microsoft-defender-onboard.md) |
-
+| ![Phase 1: Prepare](images/phase-diagrams/prepare.png)<br/>Phase 1: Prepare | [![Phase 2: Set up](images/phase-diagrams/setup.png)](switch-to-microsoft-defender-setup.md)<br/>[Phase 2: Set up](switch-to-microsoft-defender-setup.md) | [![Phase 3: Onboard](images/phase-diagrams/onboard.png)](switch-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](switch-to-microsoft-defender-onboard.md) |
 |--|--|--|
 |*You are here!*| | |
 
-
 **Welcome to the Prepare phase of [switching to Microsoft Defender for Endpoint](switch-to-microsoft-defender-migration.md#the-migration-process)**. 
 
 This migration phase includes the following steps:
diff --git a/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-setup.md b/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-setup.md
index 8fdd6ac986..970af4ece2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-setup.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-setup.md
@@ -19,24 +19,20 @@ ms.collection:
   - m365solution-migratetomdatp
 ms.topic: article
 ms.custom: migrationguides
-ms.date: 02/18/2021
+ms.date: 03/03/2021
 ms.reviewer: jesquive, chventou, jonix, chriggs, owtho
 ---
 
 # Switch to Microsoft Defender for Endpoint - Phase 2: Setup
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-
-|[![Phase 1: Prepare1](images/prepare.png)](switch-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare2](switch-to-microsoft-defender-prepare.md) |![Phase 2: Set up](images/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard1](images/onboard.png)](switch-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard2](switch-to-microsoft-defender-onboard.md) |
-|[![Phase 1: Prepare3](images/phase-diagrams/prepare.png)](switch-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare4](switch-to-microsoft-defender-prepare.md) |![Phase 2: Set up2](images/phase-diagrams/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard3](images/phase-diagrams/onboard.png)](switch-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard4](switch-to-microsoft-defender-onboard.md) |
+|[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](switch-to-microsoft-defender-prepare.md)<br/>[Phase 1: Prepare](switch-to-microsoft-defender-prepare.md) |![Phase 2: Set up](images/phase-diagrams/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard3](images/phase-diagrams/onboard.png)](switch-to-microsoft-defender-onboard.md)<br/>[Phase 3: Onboard](switch-to-microsoft-defender-onboard.md) |
 |--|--|--|
 ||*You are here!* | |
 
-
 **Welcome to the Setup phase of [switching to Microsoft Defender for Endpoint](switch-to-microsoft-defender-migration.md#the-migration-process)**. This phase includes the following steps:
 1. [Enable Microsoft Defender Antivirus and confirm it's in passive mode](#enable-microsoft-defender-antivirus-and-confirm-its-in-passive-mode).
 2. [Get updates for Microsoft Defender Antivirus](#get-updates-for-microsoft-defender-antivirus).
@@ -92,8 +88,14 @@ The [DisableAntiSpyware](https://docs.microsoft.com/windows-hardware/customize/d
 3. To verify Microsoft Defender Antivirus is running, use the following PowerShell cmdlet: <br/>
    `Get-Service -Name windefend`
 
+#### Are you using Windows Server 2016?
+
+If you're using Windows Server 2016 and are having trouble enabling Microsoft Defender Antivirus, use the following PowerShell cmdlet:
+
+`mpcmdrun -wdenable`
+
 > [!TIP]
-> Need help? See [Microsoft Defender Antivirus on Windows Server](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016).
+> Still need help? See [Microsoft Defender Antivirus on Windows Server](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016).
 
 ### Set Microsoft Defender Antivirus to passive mode on Windows Server
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-migration.md b/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-migration.md
index a3decded8f..cb5859a019 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-migration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-migration.md
@@ -19,7 +19,7 @@ ms.collection:
   - m365solution-symantecmigrate
   - m365solution-overview
 ms.topic: conceptual
-ms.date: 02/11/2021
+ms.date: 03/03/2021
 ms.custom: migrationguides
 ms.reviewer: depicker, yongrhee, chriggs
 ---
@@ -28,11 +28,9 @@ ms.reviewer: depicker, yongrhee, chriggs
 If you are planning to switch from Symantec Endpoint Protection (Symantec) to [Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection) (Microsoft Defender for Endpoint), you're in the right place. Use this article as a guide.
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 :::image type="content" source="images/symantec-mde-migration.png" alt-text="Overview of migrating from Symantec to Defender for Endpoint":::
 
 When you make the switch from Symantec to Defender for Endpoint, you begin with your Symantec solution in active mode, configure Defender for Endpoint in passive mode, onboard to Defender for Endpoint, and then set Defender for Endpoint to active mode and remove Symantec.
diff --git a/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-onboard.md b/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-onboard.md
index 0b8c881393..5f3bee240a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-onboard.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-onboard.md
@@ -18,7 +18,7 @@ ms.collection:
   - M365-security-compliance
   - m365solution-symantecmigrate
 ms.topic: article
-ms.date: 02/11/2021
+ms.date: 03/03/2021
 ms.custom: migrationguides
 ms.reviewer: depicker, yongrhee, chriggs
 ---
@@ -26,14 +26,9 @@ ms.reviewer: depicker, yongrhee, chriggs
 # Migrate from Symantec - Phase 3: Onboard to Microsoft Defender for Endpoint
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
-
-
 |[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](symantec-to-microsoft-defender-atp-prepare.md)<br/>[Phase 1: Prepare](symantec-to-microsoft-defender-atp-prepare.md) |[![Phase 2: Set up](images/phase-diagrams/setup.png)](symantec-to-microsoft-defender-atp-setup.md)<br/>[Phase 2: Set up](symantec-to-microsoft-defender-atp-setup.md) |![Phase 3: Onboard](images/phase-diagrams/onboard.png)<br/>Phase 3: Onboard |
 |--|--|--|
 || |*You are here!* |
@@ -72,7 +67,7 @@ To verify that your onboarded devices are properly connected to Microsoft Defend
 |Operating system  |Guidance  |
 |---------|---------|
 |- Windows 10 <br/>- Windows Server 2019 <br/>- Windows Server, version 1803 <br/>- Windows Server 2016 <br/>- Windows Server 2012 R2     |See [Run a detection test](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/run-detection-test). <br/><br/>Visit the Microsoft Defender for Endpoint demo scenarios site ([https://demo.wd.microsoft.com](https://demo.wd.microsoft.com)) and try one or more of the scenarios. For example, try the **Cloud-delivered protection** demo scenario.         |
-|macOS<br/>- 10.15 (Catalina)<br/>- 10.14 (Mojave)<br/>- 10.13 (High Sierra)     |Download and use the DIY app at [https://aka.ms/mdatpmacosdiy](https://aka.ms/mdatpmacosdiy). <br/><br/>For more information, see [Microsoft Defender Advanced Threat Protection for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac).        |
+|macOS<br/>- 10.15 (Catalina)<br/>- 10.14 (Mojave)<br/>- 10.13 (High Sierra)     |Download and use the DIY app at [https://aka.ms/mdatpmacosdiy](https://aka.ms/mdatpmacosdiy). <br/><br/>For more information, see [Microsoft Defender for Endpoint for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac).        |
 |Linux:<br/>- RHEL 7.2+<br/>- CentOS Linux 7.2+<br/>- Ubuntu 16 LTS, or higher LTS<br/>- SLES 12+<br/>- Debian 9+<br/>- Oracle Linux 7.2 |1. Run the following command, and look for a result of **1**: <br/>`mdatp health --field real_time_protection_enabled`. <br/><br/>2. Open a Terminal window, and run the following command: <br/>`curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt`. <br/><br/>3. Run the following command to list any detected threats: <br/>`mdatp threat list`. <br/><br/>For more information, see [Microsoft Defender for Endpoint for Linux](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux). |
 
 ## Uninstall Symantec
@@ -100,6 +95,9 @@ To do this, visit the Microsoft Defender for Endpoint demo scenarios site ([http
 - Potentially Unwanted Applications (PUA)
 - Network Protection (NP)
 
+> [!IMPORTANT]
+> If you are using Windows Server 2016, you might have to start Microsoft Defender Antivirus manually. You can do this by using the PowerShell cmdlet `mpcmdrun.exe -wdenable` on the device.
+
 ## Next steps
 
 **Congratulations**! You have completed your [migration from Symantec to Microsoft Defender for Endpoint](symantec-to-microsoft-defender-atp-migration.md#the-migration-process)! 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-prepare.md b/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-prepare.md
index 4195304f83..3f8cc61874 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-prepare.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-prepare.md
@@ -18,7 +18,7 @@ ms.collection:
   - M365-security-compliance
   - m365solution-symantecmigrate
 ms.topic: article
-ms.date: 02/11/2021
+ms.date: 03/03/2021
 ms.custom: migrationguides
 ms.reviewer: depicker, yongrhee, chriggs
 ---
@@ -26,14 +26,9 @@ ms.reviewer: depicker, yongrhee, chriggs
 # Migrate from Symantec - Phase 1: Prepare for your migration
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
-
-
 |![Phase 1: Prepare](images/phase-diagrams/prepare.png)<br/>Phase 1: Prepare |[![Phase 2: Set up](images/phase-diagrams/setup.png)](symantec-to-microsoft-defender-atp-setup.md)<br/>[Phase 2: Set up](symantec-to-microsoft-defender-atp-setup.md) |[![Phase 3: Onboard](images/phase-diagrams/onboard.png)](symantec-to-microsoft-defender-atp-onboard.md)<br/>[Phase 3: Onboard](symantec-to-microsoft-defender-atp-onboard.md) |
 |--|--|--|
 |*You are here!*| | |
diff --git a/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-setup.md b/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-setup.md
index c9823a17ab..abd322e3ee 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-setup.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-setup.md
@@ -18,7 +18,7 @@ ms.collection:
   - M365-security-compliance
   - m365solution-symantecmigrate
 ms.topic: article
-ms.date: 02/18/2021
+ms.date: 03/03/2021
 ms.custom: migrationguides
 ms.reviewer: depicker, yongrhee, chriggs
 ---
@@ -26,14 +26,9 @@ ms.reviewer: depicker, yongrhee, chriggs
 # Migrate from Symantec - Phase 2: Set up Microsoft Defender for Endpoint
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
-> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
-
-[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
-
-
 |[![Phase 1: Prepare](images/phase-diagrams/prepare.png)](symantec-to-microsoft-defender-atp-prepare.md)<br/>[Phase 1: Prepare](symantec-to-microsoft-defender-atp-prepare.md) |![Phase 2: Set up](images/phase-diagrams/setup.png)<br/>Phase 2: Set up |[![Phase 3: Onboard](images/phase-diagrams/onboard.png)](symantec-to-microsoft-defender-atp-onboard.md)<br/>[Phase 3: Onboard](symantec-to-microsoft-defender-atp-onboard.md) |
 |--|--|--|
 ||*You are here!* | |
@@ -81,8 +76,14 @@ Now that you're moving from Symantec to Microsoft Defender for Endpoint, you'll
 3. To verify Microsoft Defender Antivirus is running, use the following PowerShell cmdlet: <br/>
    `Get-Service -Name windefend`
 
+#### Are you using Windows Server 2016?
+
+If you're using Windows Server 2016 and are having trouble enabling Microsoft Defender Antivirus, use the following PowerShell cmdlet:
+
+`mpcmdrun -wdenable`
+
 > [!TIP]
-> Need help? See [Microsoft Defender Antivirus on Windows Server 2016 and 2019](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016).
+> Still need help? See [Microsoft Defender Antivirus on Windows Server 2016 and 2019](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-on-windows-server-2016).
 
 ### Set Microsoft Defender Antivirus to passive mode on Windows Server
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/techniques-device-timeline.md b/windows/security/threat-protection/microsoft-defender-atp/techniques-device-timeline.md
index b4ba69661f..45a9704289 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/techniques-device-timeline.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/techniques-device-timeline.md
@@ -22,23 +22,21 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
+- [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
 You can gain more insight in an investigation by analyzing the events that happened on a specific device. First, select the device of interest from the [Devices list](machines-view-overview.md). On the device page, you can select the **Timeline** tab to view all the events that occurred on the device.
 
 ## Understand techniques in the timeline
 
->[!IMPORTANT]
->Some information relates to a prereleased product feature in public preview which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
-
-In Microsoft Defender for Endpoint, **Techniques** are an additional data type in the event timeline. Techniques provide more insight on activities associated with [MITRE ATT&CK](https://attack.mitre.org/) techniques or sub-techniques. 
+**Techniques** are an additional data type in the event timeline. Techniques provide more insight on activities associated with [MITRE ATT&CK](https://attack.mitre.org/) techniques or sub-techniques. 
 
 This feature simplifies the investigation experience by helping analysts understand the activities that were observed on a device. Analysts can then decide to investigate further.
 
-For public preview, Techniques are available by default and shown together with events when a device's timeline is viewed. 
+Techniques are available by default and shown together with events when a device's timeline is viewed. 
 
-![Techniques in device timeline screenshot](images/device-timeline-with-techniques.png)
+![Techniques in device timeline screenshot](images/device-timeline-2.png)
 
 Techniques are highlighted in bold text and appear with a blue icon on the left. The corresponding MITRE ATT&CK ID and technique name also appear as tags under Additional information. 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics-analyst-reports.md b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics-analyst-reports.md
index ef1e4801c8..7813bbd865 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics-analyst-reports.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics-analyst-reports.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md
index 1e5cfd7dc1..ce4ce6d1c1 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md
@@ -26,7 +26,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md
index 1e91ad143b..b075dfe8ef 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md
@@ -1,7 +1,7 @@
 ---
 title: Event timeline in threat and vulnerability management
 description: Event timeline is a risk news feed that helps you interpret how risk is introduced into the organization, and which mitigations happened to reduce it.
-keywords: event timeline, mdatp event timeline, mdatp tvm event timeline, threat and vulnerability management, Microsoft Defender Advanced Threat Protection
+keywords: event timeline, mdatp event timeline, mdatp tvm event timeline, threat and vulnerability management, Microsoft Defender for Endpoint
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -25,7 +25,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md b/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md
index b779e7d95a..bfe080ae6f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md
@@ -1,6 +1,6 @@
 ---
-title: Understand threat intelligence concepts in Microsoft Defender ATP
-description: Create custom threat alerts for your organization and learn the concepts around threat intelligence in Microsoft Defender Advanced Threat Protection.
+title: Understand threat intelligence concepts in Microsoft Defender for Endpoint
+description: Create custom threat alerts for your organization and learn the concepts around threat intelligence in Microsoft Defender for Endpoint
 keywords: threat intelligence, alert definitions, indicators of compromise, ioc
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md
index 291206bd32..e917926773 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-integration.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md
index 8fbeab0216..2b30eb668f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
index 2fb809a07f..3a26c041e4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md
@@ -1,6 +1,6 @@
 ---
 title: Indicator resource type
-description: Specify the entity details and define the expiration of the indicator using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Specify the entity details and define the expiration of the indicator using Microsoft Defender for Endpoint.
 keywords: apis, supported apis, get, TiIndicator, Indicator, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/time-settings.md b/windows/security/threat-protection/microsoft-defender-atp/time-settings.md
index 3a6fb8e000..d0391b327a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/time-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/time-settings.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md
index 102416451a..6faeadc3da 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md
@@ -1,7 +1,7 @@
 ---
 title: Troubleshoot problems with attack surface reduction rules
-description: Resources and sample code to troubleshoot issues with attack surface reduction rules in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
-keywords: troubleshoot, error, fix, windows defender eg, asr, rules, hips, troubleshoot, audit, exclusion, false positive, broken, blocking, microsoft defender atp, microsoft defender advanced threat protection
+description: Resources and sample code to troubleshoot issues with attack surface reduction rules in Microsoft Defender for Endpoint.
+keywords: troubleshoot, error, fix, windows defender eg, asr, rules, hips, troubleshoot, audit, exclusion, false positive, broken, blocking, microsoft defender for endpoint, microsoft defender advanced threat protection
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: m365-security
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-collect-support-log.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-collect-support-log.md
index dd9da22a6d..3c133c1065 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-collect-support-log.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-collect-support-log.md
@@ -22,7 +22,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-exploit-protection-mitigations.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-exploit-protection-mitigations.md
index ebdc8c0a2a..1b6b18ee84 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-exploit-protection-mitigations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-exploit-protection-mitigations.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md
index 9655ed861e..fc89a31c61 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-live-response.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md
index 4a5c3f1d71..1f6ae285c2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md
@@ -1,7 +1,7 @@
 ---
-title: Troubleshoot Microsoft Defender Advanced Threat Protection service issues
+title: Troubleshoot Microsoft Defender for Endpoint service issues
 description: Find solutions and work arounds to known issues such as server errors when trying to access the service.
-keywords: troubleshoot Microsoft Defender Advanced Threat Protection, troubleshoot Windows ATP, server error, access denied, invalid credentials, no data, dashboard portal, allow, event viewer
+keywords: troubleshoot microsoft defender for endpoint, troubleshoot Windows ATP, server error, access denied, invalid credentials, no data, dashboard portal, allow, event viewer
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md
index 429e13a849..216975a8ec 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md
@@ -1,7 +1,7 @@
 ---
 title: Troubleshoot problems with Network protection
-description: Resources and sample code to troubleshoot issues with Network protection in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
-keywords: troubleshoot, error, fix, windows defender eg, asr, rules, hips, troubleshoot, audit, exclusion, false positive, broken, blocking, microsoft defender atp, microsoft defender advanced threat protection
+description: Resources and sample code to troubleshoot issues with Network protection in Microsoft Defender for Endpoint.
+keywords: troubleshoot, error, fix, windows defender eg, asr, rules, hips, troubleshoot, audit, exclusion, false positive, broken, blocking, microsoft defender for endpoint, microsoft defender advanced threat protection
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
 ms.mktglfcycl: manage
@@ -23,7 +23,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md
index 1983efe55b..a3d95dab49 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md
@@ -1,7 +1,7 @@
 ---
 title: Troubleshoot onboarding issues and error messages
-description: Troubleshoot onboarding issues and error message while completing setup of Microsoft Defender Advanced Threat Protection.
-keywords: troubleshoot, troubleshooting, Azure Active Directory, onboarding, error message, error messages, microsoft defender atp
+description: Troubleshoot onboarding issues and error message while completing setup of Microsoft Defender for Endpoint.
+keywords: troubleshoot, troubleshooting, Azure Active Directory, onboarding, error message, error messages, microsoft defender for endpoint
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-troublshootonboarding-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
index 4e1d6bcc04..d507c9bad0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - Windows Server 2012 R2
 - Windows Server 2016
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md
index c5b909cf91..39eba2ad55 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/troubleshoot-siem.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md
index 28924cdac8..311b6cbcd6 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-assign-device-value.md
@@ -26,7 +26,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
index 1c89fb12df..9d932e8c8a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md
index f1f2519d03..8a1784a67d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-end-of-support-software.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md
index 17596316a5..c8044f01ba 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-exception.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
index e4895d3691..4ff5414e25 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md
@@ -1,7 +1,7 @@
 ---
 title: Exposure score in threat and vulnerability management
 description: The threat and vulnerability management exposure score reflects how vulnerable your organization is to cybersecurity threats.
-keywords: exposure score, mdatp exposure score, mdatp tvm exposure score, organization exposure score, tvm organization exposure score, threat and vulnerability management, Microsoft Defender Advanced Threat Protection
+keywords: exposure score, mdatp exposure score, mdatp tvm exposure score, organization exposure score, tvm organization exposure score, threat and vulnerability management, Microsoft Defender for Endpoint
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-hunt-exposed-devices.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-hunt-exposed-devices.md
index 3ee21c13f2..10c5eb997e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-hunt-exposed-devices.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-hunt-exposed-devices.md
@@ -26,7 +26,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
@@ -38,11 +38,13 @@ Advanced hunting is a query-based threat-hunting tool that lets you explore up t
 
 ### Schema tables
 
-- [DeviceTvmSoftwareInventoryVulnerabilities](advanced-hunting-devicetvmsoftwareinventoryvulnerabilities-table.md) - Inventory of software on devices as well as any known vulnerabilities in these software products
+- [DeviceTvmSoftwareInventory](advanced-hunting-devicetvmsoftwareinventory-table.md) - Inventory of software installed on devices, including their version information and end-of-support status
+
+- [DeviceTvmSoftwareVulnerabilities](advanced-hunting-devicetvmsoftwarevulnerabilities-table.md) - Software vulnerabilities found on devices and the list of available security updates that address each vulnerability
 
 - [DeviceTvmSoftwareVulnerabilitiesKB](advanced-hunting-devicetvmsoftwarevulnerabilitieskb-table.md) - Knowledge base of publicly disclosed vulnerabilities, including whether exploit code is publicly available
 
-- [DeviceTvmSecureConfigurationAssessment](advanced-hunting-devicetvmsecureconfigurationassessment-table.md) - Threat & Vulnerability Management assessment events, indicating the status of various security configurations on devices
+- [DeviceTvmSecureConfigurationAssessment](advanced-hunting-devicetvmsecureconfigurationassessment-table.md) - Threat and vulnerability management assessment events, indicating the status of various security configurations on devices
 
 - [DeviceTvmSecureConfigurationAssessmentKB](advanced-hunting-devicetvmsecureconfigurationassessmentkb-table.md) - Knowledge base of various security configurations used by Threat & Vulnerability Management to assess devices; includes mappings to various standards and benchmarks
 
@@ -56,7 +58,7 @@ Advanced hunting is a query-based threat-hunting tool that lets you explore up t
 
 ```kusto
 // Search for devices with High active alerts or Critical CVE public exploit
-DeviceTvmSoftwareInventoryVulnerabilities
+DeviceTvmSoftwareVulnerabilities
 | join kind=inner(DeviceTvmSoftwareVulnerabilitiesKB) on CveId
 | where IsExploitAvailable == 1 and CvssScore >= 7
 | summarize NumOfVulnerabilities=dcount(CveId),
@@ -66,7 +68,6 @@ DeviceName=any(DeviceName) by DeviceId
 DeviceName=any(DeviceName) by DeviceId, AlertId
 | project DeviceName, NumOfVulnerabilities, AlertId  
 | order by NumOfVulnerabilities desc
-
 ```
 
 ## Related topics
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-microsoft-secure-score-devices.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-microsoft-secure-score-devices.md
index 1118e64dd3..b23bdc1eb2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-microsoft-secure-score-devices.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-microsoft-secure-score-devices.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
index cc8de342e7..4a6f5fb270 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-prerequisites.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
index 972694233d..4b5de5cb5d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
index 2c151888d9..ffc4fdbe49 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
@@ -105,7 +105,7 @@ From the flyout, you can choose any of the following options:
 - [**Exception options**](tvm-exception.md) - Submit an exception, provide justification, and set exception duration if you can't remediate the issue yet.
 
 >[!NOTE]
->When a software change is made on a device, it typically takes 2 hours for the data to be reflected in the security portal. Configuration changes can take 12 hours. However, it may sometimes take longer.
+>When a software change is made on a device, it typically takes 2 hours for the data to be reflected in the security portal. However, it may sometimes take longer. Configuration changes can take anywhere from 4 to 24 hours.
 
 ### Investigate changes in device exposure or impact
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
index 448a705241..101e9b587e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md
index e56be4f333..99ae66be80 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md
@@ -25,7 +25,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
@@ -46,7 +46,7 @@ Windows Server 2008 R2 | Operating System (OS) vulnerabilities<br/>Software prod
 Windows Server 2012 R2 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities<br/>Operating System (OS) configuration assessment<br/>Security controls configuration assessment<br/>Software product configuration assessment
 Windows Server 2016 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities<br/>Operating System (OS) configuration assessment<br/>Security controls configuration assessment<br/>Software product configuration assessment
 Windows Server 2019 | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities<br/>Operating System (OS) configuration assessment<br/>Security controls configuration assessment<br/>Software product configuration assessment
-macOS 10.13 "High Sierra" and above | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities 
+macOS 10.14 "Mojave" and above | Operating System (OS) vulnerabilities<br/>Software product vulnerabilities 
 Linux | Not supported (planned)
 
 ## Related articles
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-vulnerable-devices-report.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-vulnerable-devices-report.md
index b30303b3e4..28c96991d2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-vulnerable-devices-report.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-vulnerable-devices-report.md
@@ -26,7 +26,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
index a43ed74fe2..238669f895 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md
index f152b702aa..ad817ee872 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md
@@ -26,7 +26,7 @@ ms.technology: mde
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/unisolate-machine.md b/windows/security/threat-protection/microsoft-defender-atp/unisolate-machine.md
index 4024923c26..e6cc404531 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/unisolate-machine.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/unisolate-machine.md
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:** 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 - Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/unrestrict-code-execution.md b/windows/security/threat-protection/microsoft-defender-atp/unrestrict-code-execution.md
index 8c400b2ef4..fe53556fbc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/unrestrict-code-execution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/unrestrict-code-execution.md
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/update-alert.md b/windows/security/threat-protection/microsoft-defender-atp/update-alert.md
index fc757c6f0c..99e22c296d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/update-alert.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/update-alert.md
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/use.md b/windows/security/threat-protection/microsoft-defender-atp/use.md
index 1211463ba1..4e11bd536b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/use.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/use.md
@@ -24,7 +24,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/user-roles.md b/windows/security/threat-protection/microsoft-defender-atp/user-roles.md
index 5533555522..20e4411e21 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/user-roles.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/user-roles.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-roles-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/user.md b/windows/security/threat-protection/microsoft-defender-atp/user.md
index d652b20f95..1d8a657de3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/user.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/user.md
@@ -1,6 +1,6 @@
 ---
 title: User resource type
-description: Retrieve recent Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) alerts related to users.
+description: Retrieve recent Microsoft Defender for Endpoint alerts related to users.
 keywords: apis, graph api, supported apis, get, alerts, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
@@ -22,7 +22,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue.md b/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue.md
index 82af44a227..73a548ae7b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/view-incidents-queue.md
@@ -24,7 +24,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
index 188fa50263..8a7ab28891 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/vulnerability.md
@@ -23,7 +23,7 @@ ms.technology: mde
 
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink) 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
index 1f4b3d7e89..eda7cb84f9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > [!IMPORTANT]
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-protection-monitoring.md b/windows/security/threat-protection/microsoft-defender-atp/web-protection-monitoring.md
index 2f3b363f08..4593faab73 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-protection-monitoring.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-protection-monitoring.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink&rtc=1)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md b/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
index 98c2c0942f..7421fd2904 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-protection-overview.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-protection-response.md b/windows/security/threat-protection/microsoft-defender-atp/web-protection-response.md
index ffe7d80226..d028e88040 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-protection-response.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-protection-response.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink&rtc=1)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md
index d8df81f307..805d4e70f7 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/web-threat-protection.md
@@ -23,7 +23,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 >Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink&rtc=1)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
index dbac12f064..ded06dabfd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
@@ -25,7 +25,7 @@ ms.technology: mde
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 **Applies to:**
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/?linkid=2154037)
+- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037)
 - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804)
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-pullalerts-abovefoldlink)
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
index ace344e032..022c938160 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md
@@ -26,7 +26,7 @@ See [Windows 10 (and later) settings to protect devices using Intune](https://do
 
 
 ## Group Policy settings
-SmartScreen uses registry-based Administrative Template policy settings. For more info about Group Policy, see the [Group Policy TechCenter](https://go.microsoft.com/fwlink/p/?LinkId=214514). This site provides links to the latest technical documentation, videos, and downloads for Group Policy.
+SmartScreen uses registry-based Administrative Template policy settings.
 <table>
 <tr>
 <th align="left">Setting</th>
diff --git a/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md b/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md
index 5022db6039..6858bbce7e 100644
--- a/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md
+++ b/windows/security/threat-protection/security-policy-settings/modify-firmware-environment-values.md
@@ -103,7 +103,7 @@ Ensure that only the local Administrators group is assigned the **Modify firmwar
 
 ### Potential impact
 
-None. Restricting the **Modify firmware environment values** user right to the members of the local Administrators group is the default configuration.
+Removing the local Administrators group from the **Modify firmware environment values** user right could cause inoperability of the BitLocker Drive Encryption feature.
 
 ## Related topics
 
diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md
index a47d50ae43..bd01350eee 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md
+++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-program-or-service-rule.md
@@ -65,7 +65,7 @@ To create an inbound firewall rule for a program or service
 
     To set a SID type on a service, run the following command:
 
-    **sc** **sidtype** *&lt;Type&gt; &lt;ServiceName&gt;*
+    **sc** **sidtype** *&lt;ServiceName&gt; &lt;Type&gt;*
 
     In the preceding command, the value of *&lt;Type&gt;* can be **UNRESTRICTED** or **RESTRICTED**. Although the command also permits the value of **NONE**, that setting means the service cannot be used in a firewall rule as described here. By default, most services in Windows are configured as **UNRESTRICTED**. If you change the SID type to **RESTRICTED**, the service might fail to start. We recommend that you change the SID type only on services that you want to use in firewall rules, and that you change the SID type to **UNRESTRICTED**.
 
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2019.md b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
index e74672c002..a34e99e632 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2019.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
@@ -36,7 +36,7 @@ The Windows 10 Enterprise LTSC 2019 release is an important release for LTSC use
 
 ## Microsoft Intune
 
->Microsoft Intune supports Windows 10 Enterprise LTSC 2019 and later.  This includes support for features such as [Windows Autopilot](#windows-autopilot). However, note that Windows Update for Business (WUfB) does not currently support any LTSC releases, therefore you should use WSUS or Configuration Manager for patching.
+Microsoft Intune supports Windows 10 Enterprise LTSC 2019 and later.  This includes support for features such as [Windows Autopilot](#windows-autopilot). However, note that Windows Update for Business (WUfB) does not currently support any LTSC releases, therefore you should use WSUS or Configuration Manager for patching.
 
 ## Security
 
@@ -100,24 +100,37 @@ Endpoint detection and response is improved. Enterprise customers can now take a
   - Historical detection capability ensures new detection rules apply to up to six months of stored data to detect previous attacks that might not have been noticed.
 
   **Threat response** is improved when an attack is detected, enabling immediate action by security teams to contain a breach:
-- [Take response actions on a machine](/windows/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection) - Quickly respond to detected attacks by isolating machines or collecting an investigation package.
+  - [Take response actions on a machine](/windows/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection) - Quickly respond to detected attacks by isolating machines or collecting an investigation package.
   - [Take response actions on a file](/windows/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection) - Quickly respond to detected attacks by stopping and quarantining files or blocking a file.
 
 Additional capabilities have been added to help you gain a holistic view on **investigations** include:
+
 - [Threat analytics](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/threat-analytics) - Threat Analytics is a set of interactive reports published by the Microsoft Defender for Endpoint research team as soon as emerging threats and outbreaks are identified. The reports help security operations teams assess impact on their environment and provides recommended actions to contain, increase organizational resilience, and prevent specific threats.
+
 - [Query data using Advanced hunting in Microsoft Defender for Endpoint](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection)
+
 - [Use Automated investigations to investigate and remediate threats](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection)
+
 - [Investigate a user account](/windows/threat-protection/windows-defender-atp/investigate-user-windows-defender-advanced-threat-protection) - Identify user accounts with the most active alerts and investigate cases of potential compromised credentials.
+
 - [Alert process tree](/windows/threat-protection/windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection#alert-process-tree) - Aggregates multiple detections and related events into a single view to reduce case resolution time.
+
 - [Pull alerts using REST API](/windows/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection) - Use REST API to pull alerts from Microsoft Defender for Endpoint.
 
 Other enhanced security features include:
+
 - [Check sensor health state](/windows/threat-protection/windows-defender-atp/check-sensor-status-windows-defender-advanced-threat-protection) - Check an endpoint's ability to provide sensor data and communicate with the Microsoft Defender for Endpoint service and fix known issues.
+
 - [Managed security service provider (MSSP) support](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/mssp-support-windows-defender-advanced-threat-protection) - Microsoft Defender for Endpoint adds support for this scenario by providing MSSP integration. The integration will allow MSSPs to take the following actions: Get access to MSSP customer's Windows Defender Security Center portal, fetch email notifications, and fetch alerts through security information and event management (SIEM) tools.
+
 - [Integration with Azure Defender](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#integration-with-azure-security-center) - Microsoft Defender for Endpoint integrates with Azure Defender to provide a comprehensive server protection solution. With this integration Azure Defender can leverage the power of Defender for Endpoint to provide improved threat detection for Windows Servers.
+
 - [Integration with Microsoft Cloud App Security](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/microsoft-cloud-app-security-integration) - Microsoft Cloud App Security leverages Microsoft Defender for Endpoint signals to allow direct visibility into cloud application usage including the use of unsupported cloud services (shadow IT) from all Defender for Endpoint monitored machines.
+
 - [Onboard Windows Server 2019](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#windows-server-version-1803-and-windows-server-2019) - Microsoft Defender for Endpoint now adds support for Windows Server 2019. You'll be able to onboard Windows Server 2019 in the same method available for Windows 10 client machines. 
+
 - [Onboard previous versions of Windows](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/onboard-downlevel-windows-defender-advanced-threat-protection) - Onboard supported versions of Windows machines so that they can send sensor data to the Microsoft Defender for Endpoint sensor.
+
 - [Enable conditional access to better protect users, devices, and data](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection)
 
 We've also added a new assessment for the Windows time service to the **Device performance & health** section. If we detect that your device’s time is not properly synced with our time servers and the time-syncing service is disabled, we’ll provide the option for you to turn it back on.
@@ -172,10 +185,16 @@ For example, you can choose the XTS-AES 256 encryption algorithm, and have it ap
 To achieve this:
 
 1. Configure the [encryption method settings](https://docs.microsoft.com/intune/endpoint-protection-windows-10#windows-encryption) in the Windows 10 Endpoint Protection profile to the desired encryption algorithm. 
+
 2. [Assign the policy](https://docs.microsoft.com/intune/device-profile-assign) to your Autopilot device group. 
-    - **IMPORTANT**: The encryption policy must be assigned to **devices** in the group, not users.
+
+   > [!IMPORTANT]
+   > The encryption policy must be assigned to **devices** in the group, not users.
+
 3. Enable the Autopilot [Enrollment Status Page](https://docs.microsoft.com/windows/deployment/windows-autopilot/enrollment-status) (ESP) for these devices. 
-    - **IMPORTANT**: If the ESP is not enabled, the policy will not apply before encryption starts.
+
+   > [!IMPORTANT]
+   > If the ESP is not enabled, the policy will not apply before encryption starts.
 
 ### Identity protection
 
@@ -186,16 +205,25 @@ Improvements have been added are to Windows Hello for Business and Credential Gu
 New features in Windows Hello enable a better device lock experience, using multifactor unlock with new location and user proximity signals. Using Bluetooth signals, you can configure your Windows 10 device to automatically lock when you walk away from it, or to prevent others from accessing the device when  you are not present.
 
 New features in [Windows Hello for Business](/windows/security/identity-protection/hello-for-business/hello-identity-verification.md) include: 
+
 - You can now reset a forgotten PIN without deleting company managed data or apps on devices managed by [Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune).
+
 - For Windows Phone devices, an administrator is able to initiate a remote PIN reset through the Intune portal.
+
 - For Windows desktops, users are able to reset a forgotten PIN through **Settings > Accounts > Sign-in options**. For more details, check out [What if I forget my PIN?](/windows/security/identity-protection/hello-for-business/hello-features#pin-reset).
 
-[Windows Hello](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-features) now supports FIDO 2.0 authentication for Azure AD Joined Windows 10 devices and has enhanced support for shared devices, as described in the [Kiosk configuration](#kiosk-configuration) section. 
+[Windows Hello](https://docs.microsoft.com/windows/security/identity-protection/hello-for-business/hello-features) now supports FIDO 2.0 authentication for Azure AD Joined Windows 10 devices and has enhanced support for shared devices, as described in [Kiosk configuration](#kiosk-configuration). 
+
 - Windows Hello is now [password-less on S-mode](https://www.windowslatest.com/2018/02/12/microsoft-make-windows-10-password-less-platform/).
+
 - Support for S/MIME with Windows Hello for Business and APIs for non-Microsoft identity lifecycle management solutions.
+
 - Windows Hello is part of the account protection pillar in Windows Defender Security Center. Account Protection will encourage password users to set up Windows Hello Face, Fingerprint or PIN for faster sign in, and will notify Dynamic lock users if Dynamic lock has stopped working because their phone or device Bluetooth is off.
+
 - You can set up Windows Hello from lock screen for MSA accounts. We’ve made it easier for Microsoft account users to set up Windows Hello on their devices for faster and more secure sign-in. Previously, you had to navigate deep into Settings to find Windows Hello. Now, you can set up Windows Hello Face, Fingerprint or PIN straight from your lock screen by clicking the Windows Hello tile under Sign-in options.
+
 - New [public API](https://docs.microsoft.com/uwp/api/windows.security.authentication.web.core.webauthenticationcoremanager.findallaccountsasync#Windows_Security_Authentication_Web_Core_WebAuthenticationCoreManager_FindAllAccountsAsync_Windows_Security_Credentials_WebAccountProvider_) for secondary account SSO for a particular identity provider.
+
 - It is easier to set up Dynamic lock, and WD SC actionable alerts have been added when Dynamic lock stops working (ex: phone Bluetooth is off).
  
 For more information, see: [Windows Hello and FIDO2 Security Keys enable secure and easy authentication for shared devices](https://blogs.windows.com/business/2018/04/17/windows-hello-fido2-security-keys/#OdKBg3pwJQcEKCbJ.97)
@@ -204,7 +232,10 @@ For more information, see: [Windows Hello and FIDO2 Security Keys enable secure
 
 Windows Defender Credential Guard is a security service in Windows 10 built to protect Active Directory (AD) domain credentials so that they can't be stolen or misused by malware on a user's machine. It is designed to protect against well-known threats such as Pass-the-Hash and credential harvesting.
 
-Windows Defender Credential Guard has always been an optional feature, but Windows 10 in S mode turns this functionality on by default when the machine has been Azure Active Directory joined. This provides an added level of security when connecting to domain resources not normally present on devices running Windows 10 in S mode. Please note that Windows Defender Credential Guard is available only to S mode devices or Enterprise and Education Editions. 
+Windows Defender Credential Guard has always been an optional feature, but Windows 10 in S mode turns this functionality on by default when the machine has been Azure Active Directory joined. This provides an added level of security when connecting to domain resources not normally present on devices running Windows 10 in S mode. 
+
+> [!NOTE]
+> Windows Defender Credential Guard is available only to S mode devices or Enterprise and Education Editions. 
 
 For more information, see [Credential Guard Security Considerations](/windows/access-protection/credential-guard/credential-guard-requirements#security-considerations).
 
@@ -232,7 +263,7 @@ The WSC service now requires antivirus products to run as a protected process to
 
 WSC now includes the Fluent Design System elements you know and love. You’ll also notice we’ve adjusted the spacing and padding around the app. It will now dynamically size the categories on the main page if more room is needed for extra info. We also updated the title bar so that it will use your accent color if you have enabled that option in **Color Settings**.
 
-![alt text](../images/defender.png "Windows Security Center")
+![Security at a glance](../images/defender.png "Windows Security Center")
 
 #### Group Policy Security Options
 
@@ -245,7 +276,7 @@ A new security policy setting
 
 We’ve continued to work on the **Current threats** area in  [Virus & threat protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-virus-threat-protection), which now displays all threats that need action. You can quickly take action on threats from this screen: 
 
-![Virus & threat protection settings](../images/virus-and-threat-protection.png "Virus & threat protection settings")
+![S mode settings](../images/virus-and-threat-protection.png "Virus & threat protection settings")
 
 ## Deployment
 
@@ -277,14 +308,17 @@ For details, see [MBR2GPT.EXE](/windows/deployment/mbr-to-gpt).
 
 The following new DISM commands have been added to manage feature updates:
 
-    DISM /Online /Initiate-OSUninstall 
-        – Initiates a OS uninstall to take the computer back to the previous installation of windows.
-    DISM /Online /Remove-OSUninstall 
-        – Removes the OS uninstall capability from the computer. 
-    DISM /Online /Get-OSUninstallWindow 
-        – Displays the number of days after upgrade during which uninstall can be performed.
-    DISM /Online /Set-OSUninstallWindow 
-        – Sets the number of days after upgrade during which uninstall can be performed.
+- **DISM /Online /Initiate-OSUninstall**
+  - Initiates an OS uninstall to take the computer back to the previous installation of windows.
+
+- **DISM /Online /Remove-OSUninstall**
+  - Removes the OS uninstall capability from the computer.
+
+- **DISM /Online /Get-OSUninstallWindow**
+  - Displays the number of days after upgrade during which uninstall can be performed.
+
+- **DISM /Online /Set-OSUninstallWindow**
+  - Sets the number of days after upgrade during which uninstall can be performed.
 
 For more information, see [DISM operating system uninstall command-line options](https://docs.microsoft.com/windows-hardware/manufacture/desktop/dism-uninstallos-command-line-options).
 
@@ -300,20 +334,22 @@ For more information, see [Run custom actions during feature update](https://doc
 
 It is also now possible to run a script if the user rolls back their version of Windows using the PostRollback option.
 
-    /PostRollback<location> [\setuprollback.cmd] [/postrollback {system / admin}]
+`/PostRollback<location> [\setuprollback.cmd] [/postrollback {system / admin}]`
 
-For more information, see [Windows Setup Command-Line Options](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-command-line-options#21)
+For more information, see [Windows Setup Command-Line Options](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-command-line-options#21).
 
 New command-line switches are also available to control BitLocker:
 
-    Setup.exe /BitLocker AlwaysSuspend 
-        – Always suspend bitlocker during upgrade.
-    Setup.exe /BitLocker TryKeepActive 
-        – Enable upgrade without suspending bitlocker but if upgrade, does not work then suspend bitlocker and complete the upgrade.
-    Setup.exe /BitLocker ForceKeepActive 
-        – Enable upgrade without suspending bitlocker, but if upgrade does not work, fail the upgrade.
+- **Setup.exe /BitLocker AlwaysSuspend**
+  - Always suspend BitLocker during upgrade.
 
-For more information, see [Windows Setup Command-Line Options](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-command-line-options#33)
+- **Setup.exe /BitLocker TryKeepActive**
+  - Enable upgrade without suspending BitLocker, but if upgrade does not work, then suspend BitLocker and complete the upgrade.
+
+- **Setup.exe /BitLocker ForceKeepActive**
+  - Enable upgrade without suspending BitLocker, but if upgrade does not work, fail the upgrade.
+
+For more information, see [Windows Setup Command-Line Options](https://docs.microsoft.com/windows-hardware/manufacture/desktop/windows-setup-command-line-options#33).
 
 ### Feature update improvements
 
@@ -332,23 +368,29 @@ SetupDiag works by searching Windows Setup log files. When searching log files,
 If you have shared devices deployed in your work place, **Fast sign-in** enables users to sign in to a [shared Windows 10 PC](https://docs.microsoft.com/windows/configuration/set-up-shared-or-guest-pc) in a flash!
 
 **To enable fast sign-in:**
+
 1. Set up a shared or guest device with Windows 10, version 1809 or Windows 10 Enterprise LTSC 2019.
+
 2. Set the Policy CSP, and the **Authentication** and **EnableFastFirstSignIn** policies to enable fast sign-in.
+
 3. Sign-in to a shared PC with your account. You'll notice the difference!
 
-    ![fast sign-in](../images/fastsignin.png "fast sign-in")
+   ![fast sign-in](../images/fastsignin.png "fast sign-in")
 
 ### Web sign-in to Windows 10
 
 Until now, Windows logon only supported the use of identities federated to ADFS or other providers that support the WS-Fed protocol. We are introducing “web sign-in,” a new way of signing into your Windows PC. Web Sign-in enables Windows logon support for non-ADFS federated providers (e.g.SAML).
 
 **To try out web sign-in:**
+
 1. Azure AD Join your Windows 10 PC. (Web sign-in is only supported on Azure AD Joined PCs).
+
 2. Set the Policy CSP, and the Authentication and EnableWebSignIn polices to enable web sign-in. 
+
 3. On the lock screen, select web sign-in under sign-in options.
 4. Click the “Sign in” button to continue.
 
-![Web sign-in](../images/websignin.png "web sign-in")
+![Sign-in option](../images/websignin.png "web sign-in")
 
 ## Windows Analytics
 
@@ -386,7 +428,7 @@ Maintaining devices is made easier with Device Health, a new, premium analytic t
 
 ### Accessibility
 
-"Out of box" accessibility is enhanced with auto-generated picture descriptions. For more information about accessibility, see [Accessibility information for IT Professionals](https://docs.microsoft.com/windows/configuration/windows-10-accessibility-for-itpros). Also see the accessibility section in the [What’s new in the Windows 10 April 2018 Update](https://blogs.windows.com/windowsexperience/2018/04/30/whats-new-in-the-windows-10-april-2018-update/) blog post.
+"Out of box" accessibility is enhanced with auto-generated picture descriptions. For more information about accessibility, see [Accessibility information for IT Professionals](https://docs.microsoft.com/windows/configuration/windows-10-accessibility-for-itpros). Also see the accessibility section in [What’s new in the Windows 10 April 2018 Update](https://blogs.windows.com/windowsexperience/2018/04/30/whats-new-in-the-windows-10-april-2018-update/), a blog post.
 
 ### Privacy
 
@@ -404,7 +446,7 @@ If you wish to take advantage of [Kiosk capabilities in Edge](https://docs.micro
 
 Intune and Microsoft Endpoint Manager policies have been added to enable hybrid Azure AD-joined authentication. Mobile Device Management (MDM) has added over 150 new policies and settings in this release, including the [MDMWinsOverGP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy, to enable easier transition to cloud-based management.
 
-For more information, see [What's New in MDM enrollment and management](https://docs.microsoft.com/windows/client-management/mdm/new-in-windows-mdm-enrollment-management#whatsnew1803)
+For more information, see [What's New in MDM enrollment and management](https://docs.microsoft.com/windows/client-management/mdm/new-in-windows-mdm-enrollment-management#whatsnew1803).
 
 ### OS uninstall period
 
@@ -433,7 +475,9 @@ Previously, the customized taskbar could only be deployed using Group Policy or
 [Additional MDM policy settings are available for Start and taskbar layout](/windows/configuration/windows-10-start-layout-options-and-policies). New MDM policy settings include:
 
 - Settings for the User tile: [**Start/HideUserTile**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hideusertile), [**Start/HideSwitchAccount**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hideswitchaccount), [**Start/HideSignOut**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidesignout), [**Start/HideLock**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidelock), and [**Start/HideChangeAccountSettings**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidechangeaccountsettings)
+
 - Settings for Power: [**Start/HidePowerButton**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidepowerbutton), [**Start/HideHibernate**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidehibernate), [**Start/HideRestart**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hiderestart), [**Start/HideShutDown**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hideshutdown), and [**Start/HideSleep**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidesleep)
+
 - Additional new settings: [**Start/HideFrequentlyUsedApps**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidefrequentlyusedapps), [**Start/HideRecentlyAddedApps**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hiderecentlyaddedapps), **AllowPinnedFolder**, **ImportEdgeAssets**, [**Start/HideRecentJumplists**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hiderecentjumplists), [**Start/NoPinningToTaskbar**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-nopinningtotaskbar), [**Settings/PageVisibilityList**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#settings-pagevisibilitylist), and [**Start/HideAppsList**](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hideapplist).
 
 ## Windows Update
@@ -481,7 +525,7 @@ Added policies include:
 - [Minimum disk size allowed to use Peer Caching](/windows/deployment/update/waas-delivery-optimization#minimum-disk-size-allowed-to-use-peer-caching)
 - [Minimum Peer Caching Content File Size](/windows/deployment/update/waas-delivery-optimization#minimum-peer-caching-content-file-size)
 
-To check out all the details, see [Configure Delivery Optimization for Windows 10 updates](/windows/deployment/update/waas-delivery-optimization)
+To check out all the details, see [Configure Delivery Optimization for Windows 10 updates](/windows/deployment/update/waas-delivery-optimization).
 
 ### Uninstalled in-box apps no longer automatically reinstall
 
@@ -564,11 +608,11 @@ Several network stack enhancements are available in this release. Some of these
 
 In this version of Windows 10, Microsoft has extended the ability to send a Miracast stream over a local network rather than over a direct wireless link. This functionality is based on the [Miracast over Infrastructure Connection Establishment Protocol (MS-MICE)](https://msdn.microsoft.com/library/mt796768.aspx).
 
-How it works:
+#### How it works
 
 Users attempt to connect to a Miracast receiver as they did previously. When the list of Miracast receivers is populated, Windows 10 will identify that the receiver is capable of supporting a connection over the infrastructure. When the user selects a Miracast receiver, Windows 10 will attempt to resolve the device's hostname via standard DNS, as well as via multicast DNS (mDNS). If the name is not resolvable via either DNS method, Windows 10 will fall back to establishing the Miracast session using the standard Wi-Fi direct connection.
 
-Miracast over Infrastructure offers a number of benefits:
+#### Miracast over Infrastructure offers a number of benefits
 
 - Windows automatically detects when sending the video stream over this path is applicable.
 - Windows will only choose this route if the connection is over Ethernet or a secure Wi-Fi network.
@@ -577,24 +621,28 @@ Miracast over Infrastructure offers a number of benefits:
 - It works well with older wireless hardware that is not optimized for Miracast over Wi-Fi Direct.
 - It leverages an existing connection which both reduces the time to connect and provides a very stable stream.
 
-Enabling Miracast over Infrastructure:
+#### Enabling Miracast over Infrastructure
 
 If you have a device that has been updated to Windows 10 Enterprise LTSC 2019, then you automatically have this new feature. To take advantage of it in your environment, you need to ensure the following is true within your deployment:
 
 - The device (PC, phone, or Surface Hub) needs to be running Windows 10, version 1703, Windows 10 Enterprise LTSC 2019, or a later OS.
+
 - A Windows PC or Surface Hub can act as a Miracast over Infrastructure *receiver*. A Windows PC or phone can act as a Miracast over Infrastructure *source*.
     - As a Miracast receiver, the PC or Surface Hub must be connected to your enterprise network via either Ethernet or a secure Wi-Fi connection (e.g. using either WPA2-PSK or WPA2-Enterprise security). If the Hub is connected to an open Wi-Fi connection, Miracast over Infrastructure will disable itself.
     - As a Miracast source, the  PC or phone must be connected to the same enterprise network via Ethernet or a secure Wi-Fi connection.
+
 - The DNS Hostname (device name) of the device needs to be resolvable via your DNS servers. You can achieve this by either allowing your device to register automatically via Dynamic DNS, or by manually creating an A or AAAA record for the device's hostname.
+
 - Windows 10 PCs must be connected to the same enterprise network via Ethernet or a secure Wi-Fi connection.
 
-It is important to note that Miracast over Infrastructure is not a replacement for standard Miracast. Instead, the functionality is complementary, and provides an advantage to users who are part of the enterprise network. Users who are guests to a particular location and don’t have access to the enterprise network will continue to connect using the Wi-Fi Direct connection method.
+> [!IMPORTANT]
+> Miracast over Infrastructure is not a replacement for standard Miracast. Instead, the functionality is complementary, and provides an advantage to users who are part of the enterprise network. Users who are guests to a particular location and don’t have access to the enterprise network will continue to connect using the Wi-Fi Direct connection method.
 
 ## Registry editor improvements
 
 We added a dropdown that displays as you type to help complete the next part of the path. You can also press **Ctrl + Backspace** to delete the last word, and **Ctrl + Delete** to delete the next word.
 
-![Registry editor dropdown](../images/regeditor.png "Registry editor dropdown")
+![Reg editor](../images/regeditor.png "Registry editor dropdown")
 
 ## Remote Desktop with Biometrics
 
@@ -603,12 +651,13 @@ Azure Active Directory and Active Directory users using Windows Hello for Busine
 To get started, sign into your device using Windows Hello for Business. Bring up **Remote Desktop Connection** (mstsc.exe), type the name of the computer you want to connect to, and click **Connect**.
 
 - Windows remembers that you signed using Windows Hello for Business, and automatically selects Windows Hello for Business to authenticate you to your RDP session. You can also click **More choices** to choose alternate credentials.
+
 - Windows uses facial recognition to authenticate the RDP session to the Windows Server 2016 Hyper-V server. You can continue to use Windows Hello for Business in the remote session, but you must use your PIN.
 
 See the following example:
 
 ![Enter your credentials](../images/RDPwBioTime.png "Windows Hello")
-![Enter your credentials](../images/RDPwBio2.png "Windows Hello personal")
+![Provide credentials](../images/RDPwBio2.png "Windows Hello personal")
 ![Microsoft Hyper-V Server 2016](../images/hyper-v.png "Microsoft Hyper-V Server 2016")
 
 ## See Also