From 27960348b11a645b43022b6cbddf8a2e695e8fb5 Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Mon, 28 Sep 2020 12:20:31 +0300 Subject: [PATCH 1/8] add info about synchronized identities https://github.com/MicrosoftDocs/windows-itpro-docs/issues/6759 --- .../identity-protection/hello-for-business/hello-faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.md b/windows/security/identity-protection/hello-for-business/hello-faq.md index e6d36e6967..ce0c5e3f18 100644 --- a/windows/security/identity-protection/hello-for-business/hello-faq.md +++ b/windows/security/identity-protection/hello-for-business/hello-faq.md @@ -45,7 +45,7 @@ The statement "PIN is stronger than Password" is not directed at the strength of The **Key Admins** and **Enterprise Key Admins** groups are created when you install the first Windows Server 2016 domain controller into a domain. Domain controllers running previous versions of Windows Server cannot translate the security identifier (SID) to a name. To resolve this, transfer the PDC emulator domain role to a domain controller running Windows Server 2016. ## Can I use a convenience PIN with Azure AD? -It is currently possible to set a convenience PIN on Azure Active Directory Joined or Hybrid Active Directory Joined devices. Convenience PIN is not supported for Azure Active Directory user accounts. It is only supported for on-premises Domain Joined users and local account users. +It is currently possible to set a convenience PIN on Azure Active Directory Joined or Hybrid Active Directory Joined devices. Convenience PIN is not supported for Azure Active Directory user accounts (synchronized identities included). It is only supported for on-premises Domain Joined users and local account users. ## Can I use an external camera when my laptop is closed or docked? No. Windows 10 currently only supports one Windows Hello for Business camera and does not fluidly switch to an external camera when the computer is docked with the lid closed. The product group is aware of this and is investigating this topic further. From f143cc3ccda4273753a125ddbaaa3e278965aec0 Mon Sep 17 00:00:00 2001 From: Linda Diefendorf Date: Mon, 26 Oct 2020 19:40:55 -0700 Subject: [PATCH 2/8] Update add-unsigned-app-to-code-integrity-policy.md Updating to reflect service is now live and to add link to NuGet package. --- .../add-unsigned-app-to-code-integrity-policy.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/store-for-business/add-unsigned-app-to-code-integrity-policy.md b/store-for-business/add-unsigned-app-to-code-integrity-policy.md index 24ec842c6c..a7fff81d4b 100644 --- a/store-for-business/add-unsigned-app-to-code-integrity-policy.md +++ b/store-for-business/add-unsigned-app-to-code-integrity-policy.md @@ -18,10 +18,10 @@ ms.date: 10/17/2017 # Add unsigned app to code integrity policy > [!IMPORTANT] -> We are introducing a new version of the Device Guard Signing Service (DGSS) to be more automation friendly. The new version of the service (DGSS v2) will be available for consumption starting mid-September 2020, and you will have until the end of December 2020 to transition to DGSS v2. At the end of December 2020, the existing web-based mechanisms for the current version of the DGSS service will be retired and will no longer be available for use. Please make plans to migrate to the new version of the service between September and December 2020. +> We are introducing a new version of the Device Guard Signing Service (DGSS) to be more automation friendly. The new version of the service (DGSS v2) is now available. As announced earlier, you will have until the end of December 2020 to transition to DGSS v2. At the end of December 2020, the existing web-based mechanisms for the current version of the DGSS service will be retired and will no longer be available for use. Please make plans to migrate to the new version of the service by the end of December 2020. > > Following are the major changes we are making to the service: -> - The method for consuming the service will change to a more automation-friendly method based on PowerShell cmdlets. These cmdlets will be available as a NuGet download. +> - The method for consuming the service will change to a more automation-friendly method based on PowerShell cmdlets. These cmdlets are available as a NuGet download, https://www.nuget.org/packages/Microsoft.Acs.Dgss.Client/. > - In order to achieve desired isolation, you will be required to get a new CI policy from DGSS v2 (and optionally sign it). > - DGSS v2 will not have support for downloading leaf certificates used to sign your files (however, the root certificate will still be available to download). Note that the certificate used to sign a file can be easily extracted from the signed file itself. As a result, after DGSS v1 is retired at the end of December 2020, you will no longer be able to download the leaf certificates used to sign your files. > @@ -32,7 +32,7 @@ ms.date: 10/17/2017 > - Download root cert > - Download history of your signing operations > -> We will share detailed instructions and NuGet location before mid-September 2020. For any questions, please contact us at DGSSMigration@microsoft.com for more information on migration. +> For any questions, please contact us at DGSSMigration@microsoft.com. **Applies to** From 00c986d08a62db4c72e51d68ab7bb539a86fb12b Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 27 Oct 2020 11:59:12 -0700 Subject: [PATCH 3/8] update links --- .../microsoft-defender-atp/configure-proxy-internet.md | 5 +++-- .../microsoft-defender-atp/microsoft-defender-atp-linux.md | 5 ++--- .../microsoft-defender-atp/production-deployment.md | 5 +++-- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md index 45f77d5eea..d0fbea257b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-proxy-internet.md @@ -109,11 +109,12 @@ See [Netsh Command Syntax, Contexts, and Formatting](https://docs.microsoft.com/ If a proxy or firewall is blocking all traffic by default and allowing only specific domains through, add the domains listed in the downloadable sheet to the allowed domains list. +The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them. -|**Item**|**Description**| +|**Spreadsheet of domains list**|**Description**| |:-----|:-----| -|[![Thumb image for Microsoft Defender ATP URLs spreadsheet](images/mdatp-urls.png)](https://github.com/MicrosoftDocs/windows-docs-pr/blob/prereq-urls/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)
[Spreadsheet](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) | The spreadsheet provides specific DNS records for service locations, geographic locations, and OS. +|![Thumb image for Microsoft Defender ATP URLs spreadsheet](images/mdatp-urls.png)
| Spreadsheet of specific DNS records for service locations, geographic locations, and OS.

[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) If a proxy or firewall has HTTPS scanning (SSL inspection) enabled, exclude the domains listed in the above table from HTTPS scanning. diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index ea21452763..b53befb8a7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -97,10 +97,9 @@ After you've enabled the service, you may need to configure your network or fire The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs. If there are, you may need to create an *allow* rule specifically for them. - -|**Item**|**Description**| +|**Spreadsheet of domains list**|**Description**| |:-----|:-----| -|[![Thumb image for Microsoft Defender ATP URLs spreadsheet](images/mdatp-urls.png)](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)
[Spreadsheet](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) | The spreadsheet provides specific DNS records for service locations, geographic locations, and OS. +|![Thumb image for Microsoft Defender ATP URLs spreadsheet](images/mdatp-urls.png)
| Spreadsheet of specific DNS records for service locations, geographic locations, and OS.

[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) diff --git a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md index 3dc038ac75..4a07b109e5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md @@ -238,10 +238,11 @@ needed if the device is on Windows 10, version 1803 or later. If a proxy or firewall is blocking anonymous traffic, as Microsoft Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the listed URLs. +The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them. -|**Item**|**Description**| +|**Spreadsheet of domains list**|**Description**| |:-----|:-----| -|[![Thumb image for Microsoft Defender ATP URLs spreadsheet](images/mdatp-urls.png)](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)
[Spreadsheet](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) | The spreadsheet provides specific DNS records for service locations, geographic locations, and OS. +|![Thumb image for Microsoft Defender ATP URLs spreadsheet](images/mdatp-urls.png)
| Spreadsheet of specific DNS records for service locations, geographic locations, and OS.

[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) ### Microsoft Defender ATP service backend IP range From f4a9378a31f8364d139b858a4372864969acae47 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 27 Oct 2020 12:00:01 -0700 Subject: [PATCH 4/8] link --- .../microsoft-defender-atp/microsoft-defender-atp-mac.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md index 06899fd04e..4f2891c210 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md @@ -90,9 +90,9 @@ The following downloadable spreadsheet lists the services and their associated U -|**Item**|**Description**| +|**Spreadsheet of domains list**|**Description**| |:-----|:-----| -|[![Thumb image for Microsoft Defender ATP URLs spreadsheet](images/mdatp-urls.png)](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx)
[Spreadsheet](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) | The spreadsheet provides specific DNS records for service locations, geographic locations, and OS. +|![Thumb image for Microsoft Defender ATP URLs spreadsheet](images/mdatp-urls.png)
| Spreadsheet of specific DNS records for service locations, geographic locations, and OS.

[Download the spreadsheet here.](https://github.com/MicrosoftDocs/windows-itpro-docs/raw/public/windows/security/threat-protection/microsoft-defender-atp/downloads/mdatp-urls.xlsx) From 08eb4c2fb4d6e1be60b65bb2f50ad660bd51c955 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 27 Oct 2020 12:08:21 -0700 Subject: [PATCH 5/8] acrolinx --- .../production-deployment.md | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md index 4a07b109e5..e8234edf52 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md @@ -54,7 +54,7 @@ Deploying Microsoft Defender ATP is a three-phase process: -You are currently in the set up phase. +You are currently in the set-up phase. In this deployment scenario, you'll be guided through the steps on: - Licensing validation @@ -69,13 +69,13 @@ In this deployment scenario, you'll be guided through the steps on: Checking for the license state and whether it got properly provisioned, can be done through the admin center or through the **Microsoft Azure portal**. -1. To view your licenses go to the **Microsoft Azure portal** and navigate to the [Microsoft Azure portal license section](https://portal.azure.com/#blade/Microsoft_AAD_IAM/LicensesMenuBlade/Products). +1. To view your licenses, go to the **Microsoft Azure portal** and navigate to the [Microsoft Azure portal license section](https://portal.azure.com/#blade/Microsoft_AAD_IAM/LicensesMenuBlade/Products). ![Image of Azure Licensing page](images/atp-licensing-azure-portal.png) 1. Alternately, in the admin center, navigate to **Billing** > **Subscriptions**. - On the screen you will see all the provisioned licenses and their current **Status**. + On the screen, you will see all the provisioned licenses and their current **Status**. ![Image of billing licenses](images/atp-billing-subscriptions.png) @@ -84,9 +84,9 @@ Checking for the license state and whether it got properly provisioned, can be d To gain access into which licenses are provisioned to your company, and to check the state of the licenses, go to the admin center. -1. From the **Partner portal**, click on the **Administer services > Office 365**. +1. From the **Partner portal**, select **Administer services > Office 365**. -2. Clicking on the **Partner portal** link will leverage the **Admin on behalf** option and will give you access to the customer admin center. +2. Clicking on the **Partner portal** link will open the **Admin on behalf** option and will give you access to the customer admin center. ![Image of O365 admin portal](images/atp-O365-admin-portal-customer.png) @@ -94,7 +94,7 @@ To gain access into which licenses are provisioned to your company, and to check ## Tenant Configuration -When accessing [Microsoft Defender Security Center](https://securitycenter.windows.com/) for the first time there will be a set up wizard that will guide you through some initial steps. At the end of the setup wizard there will be a dedicated cloud instance of Microsoft Defender ATP created. The easiest method is to perform these steps from a Windows 10 client device. +When accessing Microsoft Defender Security Center for the first time, a wizard that will guide you through some initial steps. At the end of the setup wizard, there will be a dedicated cloud instance of Microsoft Defender ATP created. The easiest method is to perform these steps from a Windows 10 client device. 1. From a web browser, navigate to . @@ -109,9 +109,9 @@ When accessing [Microsoft Defender Security Center](https://securitycenter.windo 4. Set up preferences. - **Data storage location** - It's important to set this up correctly. Determine where the customer wants to be primarily hosted: US, EU or UK. You cannot change the location after this set up and Microsoft will not transfer the data from the specified geolocation. + **Data storage location** - It's important to set this up correctly. Determine where the customer wants to be primarily hosted: US, EU, or UK. You cannot change the location after this set up and Microsoft will not transfer the data from the specified geolocation. - **Data retention** - The default is 6 months. + **Data retention** - The default is six months. **Enable preview features** - The default is on, can be changed later. @@ -137,11 +137,11 @@ WinHTTP configuration setting is independent of the Windows Internet (WinINet) internet browsing proxy settings and can only discover a proxy server by using the following discovery methods: -**Auto-discovery methods:** +**Autodiscovery methods:** - Transparent proxy -- Web Proxy Auto-discovery Protocol (WPAD) +- Web Proxy Autodiscovery Protocol (WPAD) If a Transparent proxy or WPAD has been implemented in the network topology, there is no need for special configuration settings. For more information on @@ -155,7 +155,7 @@ Docs](https://docs.microsoft.com/windows/security/threat-protection/windows-defe **Manual static proxy configuration:** -- Registry based configuration +- Registry-based configuration - WinHTTP configured using netsh command
Suitable only for desktops in a stable topology (for example: a desktop in a corporate network behind the @@ -205,7 +205,7 @@ Use netsh to configure a system-wide static proxy. > - This will affect all applications including Windows services which use WinHTTP with default proxy.
> - Laptops that are changing topology (for example: from office to home) will malfunction with netsh. Use the registry-based static proxy configuration. -1. Open an elevated command-line: +1. Open an elevated command line: 1. Go to **Start** and type **cmd**. @@ -223,7 +223,7 @@ Use netsh to configure a system-wide static proxy. ### Proxy Configuration for down-level devices Down-Level devices include Windows 7 SP1 and Windows 8.1 workstations as well -as Windows Server 2008 R2, Windows Sever 2012, Windows Server 2012 R2, and +as Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and versions of Windows Server 2016 prior to Windows Server CB 1803. These operating systems will have the proxy configured as part of the Microsoft Management Agent to handle communication from the endpoint to Azure. Refer to the @@ -238,7 +238,7 @@ needed if the device is on Windows 10, version 1803 or later. If a proxy or firewall is blocking anonymous traffic, as Microsoft Defender ATP sensor is connecting from system context, make sure anonymous traffic is permitted in the listed URLs. -The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them. +The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. Ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them. |**Spreadsheet of domains list**|**Description**| |:-----|:-----| From a216cf197dbc440f6e2ad0d27d722e0c6337f30b Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 27 Oct 2020 12:11:47 -0700 Subject: [PATCH 6/8] fixes --- .../microsoft-defender-atp/production-deployment.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md index e8234edf52..a1c3772e14 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md +++ b/windows/security/threat-protection/microsoft-defender-atp/production-deployment.md @@ -1,7 +1,7 @@ --- title: Set up Microsoft Defender ATP deployment -description: -keywords: +description: Learn how to setup the deployment for Microsoft Defender ATP +keywords: deploy, setup, licensing validation, tenant configuration, network configuration search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 @@ -46,7 +46,7 @@ Deploying Microsoft Defender ATP is a three-phase process: - Onboard + Onboard image
Phase 3: Onboard
@@ -175,13 +175,13 @@ under: 1. Open the Group Policy Management Console. 2. Create a policy or edit an existing policy based off the organizational practices. 3. Edit the Group Policy and navigate to **Administrative Templates \> Windows Components \> Data Collection and Preview Builds \> Configure Authenticated Proxy usage for the Connected User Experience and Telemetry Service**. - ![Image of Group Policy setting](images/atp-gpo-proxy1.png) + ![Image of Group Policy configuration](images/atp-gpo-proxy1.png) 4. Select **Enabled**. 5. Select **Disable Authenticated Proxy usage**. 6. Navigate to **Administrative Templates \> Windows Components \> Data Collection and Preview Builds \> Configure connected user experiences and telemetry**. - ![Image of Group Policy setting](images/atp-gpo-proxy2.png) + ![Image of Group Policy configuration setting](images/atp-gpo-proxy2.png) 7. Select **Enabled**. 8. Enter the **Proxy Server Name**. @@ -247,7 +247,7 @@ The following downloadable spreadsheet lists the services and their associated U ### Microsoft Defender ATP service backend IP range -If you network devices don't support the URLs white-listed in the prior section, you can use the following information. +If you network devices don't support the URLs listed in the prior section, you can use the following information. Microsoft Defender ATP is built on Azure cloud, deployed in the following regions: From 145694d133aae4651790c5b00f9176022fb5ed11 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Tue, 27 Oct 2020 12:36:04 -0700 Subject: [PATCH 7/8] add line re rbac and machine groups --- .../microsoft-defender-atp/evaluation-lab.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md index 7ab9824a6d..8354be2047 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md +++ b/windows/security/threat-protection/microsoft-defender-atp/evaluation-lab.md @@ -52,8 +52,13 @@ You must have **Manage security settings** permissions to: - Reset password - Create simulations +If you enabled role-based access control (RBAC) and created at least a one machine group, users must have access to All machine groups. + For more information, see [Create and manage roles](user-roles.md). + + + Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-main-abovefoldlink) From 7411589019cd7190543061db876915b402727c8d Mon Sep 17 00:00:00 2001 From: Louie Mayor Date: Tue, 27 Oct 2020 15:16:14 -0700 Subject: [PATCH 8/8] Update advanced-hunting-devicetvmsecureconfigurationassessment-table.md --- ...-hunting-devicetvmsecureconfigurationassessment-table.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md index 8b7ff40a50..2005e014e9 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicetvmsecureconfigurationassessment-table.md @@ -45,11 +45,13 @@ For information on other tables in the advanced hunting schema, see [the advance | `ConfigurationSubcategory` | string |Subcategory or subgrouping to which the configuration belongs. In many cases, this describes specific capabilities or features. | | `ConfigurationImpact` | string | Rated impact of the configuration to the overall configuration score (1-10) | | `IsCompliant` | boolean | Indicates whether the configuration or policy is properly configured | - +| `IsApplicable` | boolean | Indicates whether the configuration or policy applies to the device | +| `Context` | string | Additional contextual information about the configuration or policy | +| `IsExpectedUserImpactCompliant` | boolean | Indicates whether there will be user impact if the configuration or policy is applied | ## Related topics - [Advanced hunting overview](advanced-hunting-overview.md) - [Learn the query language](advanced-hunting-query-language.md) - [Understand the schema](advanced-hunting-schema-reference.md) -- [Overview of Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) +- [Overview of Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) \ No newline at end of file