Merge pull request #1103 from MicrosoftDocs/FromPrivateRepo

From private repo

windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md

@@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 04/24/2018
+ms.date: 06/13/2018
 ---
 
 # Query data using Advanced hunting in Windows Defender ATP
@@ -54,6 +54,8 @@ We then add a filter on the _FileName_  to contain only instances of _powershell
 Afterwards, we add a filter on the _ProcessCommandLine_
 Finally, we  project only the columns we're interested in exploring and limit the results to 100 and click **Run query**.
 
+You have the option of expanding the screen view so you can focus on your hunting query and related results.
+
 ### Use operators
 The query language is very powerful and has a lot of available operators, some of them are - 
 

windows/security/threat-protection/windows-defender-atp/manage-automation-allowed-blocked-list-windows-defender-advanced-threat-protection.md

@@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 04/24/2018
+ms.date: 06/14/2018
 ---
 
 # Manage automation allowed/blocked lists
@@ -38,30 +38,29 @@ You can define the conditions for when entities are identified as malicious or s
 ## Create an allowed or blocked list
 1. In the navigation pane, select **Settings** > **Automation allowed/blocked list**.  
 
-2. Select the type of entity you'd like to create an exclusion for. You can choose any of the following entities: 
+2. Select the tab of the type of entity you'd like to create an exclusion for. You can choose any of the following entities: 
    - File hash
    - Certificate
+   - IP address
+   - DNS
 
 3. Click **Add system exclusion**.
 
-4. For each attribute specify the exclusion type, details, and the following required values:
+4. For each attribute specify the exclusion type, details, and their corresponding required values.
-
-    - **Files** -  Hash value
-    - **Certificate** - PEM certificate file
     
-5. Click **Update rule**.
+5. Click **Add rule**.
 
 ## Edit a list
 1. In the navigation pane, select **Settings** > **Automation allowed/blocked list**.  
 
-2. Select the type of entity you'd like to edit the list from.  
+2. Select the tab of the entity type you'd like to edit the list from.  
 
 3. Update the details of the rule and click **Update rule**.
 
 ## Delete a list 
 1. In the navigation pane, select **Settings** > **Automation allowed/blocked list**.  
 
-2. Select the type of entity you'd like to delete the list from.
+2. Select the tab of the entity type you'd like to delete the list from.
 
 3. Select the list type by clicking the check-box beside the list type.
 

windows/security/threat-protection/windows-defender-atp/minimum-requirements-windows-defender-advanced-threat-protection.md

@@ -10,7 +10,7 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: high
-ms.date: 06/04/2018
+ms.date: 06/15/2018
 ---
 
 # Minimum requirements for Windows Defender ATP
@@ -42,6 +42,9 @@ Windows Defender Advanced Threat Protection requires one of the following Micros
 
 For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2).
 
+### Browser requirements
+Internet Explorer and Microsoft Edge are supported. Any HTML5 compliant browsers are also supported. 
+
 ### Network and data storage and configuration requirements
 When you run the onboarding wizard for the first time, you must choose where your Windows Defender Advanced Threat Protection-related information is stored: in the European Union, the United Kingdom, or the United States datacenter.
 

windows/security/threat-protection/windows-defender-exploit-guard/customize-attack-surface-reduction.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 05/30/2018
+ms.date: 06/15/2018
 ---
 
 # Customize Attack surface reduction
@@ -54,7 +54,7 @@ This could potentially allow unsafe files to run and infect your devices.
 
 You can specify individual files or folders (using folder paths or fully qualified resource names) but you cannot specify if the exclusions should only be applied to individual rules: the exclusions will apply to all rules that are enabled (or placed in audit mode) and that allow exclusions.
 
-Windows 10, version 1803 supports environment variables and wildcards. For information about using wildcards in Windows Defender Exploit Guard, see [Use wildcards in the file name and folder path or extension exclusion lists](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10). 
+Windows 10, version 1803 supports environment variables and wildcards. For information about using wildcards in Windows Defender Exploit Guard, see [Use wildcards in the file name and folder path or extension exclusion lists](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists). 
 
 Exclusions will only be applied to certain rules. Some rules will not honor the exclusion list. This means that even if you have added a file to the exclusion list, some rules will still evaluate and potentially block that file if the rule determines the file to be unsafe.