Merge branch 'master' of https://github.com/MicrosoftDocs/windows-docs-pr into FromPrivateRepo

2025-06-16 02:43:43 +00:00 · 2019-07-03 15:22:38 -07:00
parent dade5cfb48 f18049768a
commit 69d1ce8e24
25 changed files with 200 additions and 78 deletions
--- a/devices/surface-hub/TOC.md
+++ b/devices/surface-hub/TOC.md
@ -20,6 +20,7 @@
 ### [Configure Easy Authentication for Surface Hub 2S](surface-hub-2s-phone-authenticate.md)
 ## Deploy
 ### [First run setup for Surface Hub 2S](surface-hub-2s-setup.md)
 ### [Surface Hub 2S deployment checklist](surface-hub-2s-deploy-checklist.md)
 ### [Create Surface Hub 2S device account](surface-hub-2s-account.md)
 ### [Create provisioning packages for Surface Hub 2S](surface-hub-2s-deploy.md)
--- a/devices/surface-hub/images/sh2-run1.png
+++ b/devices/surface-hub/images/sh2-run1.png
--- a/devices/surface-hub/images/sh2-run10.png
+++ b/devices/surface-hub/images/sh2-run10.png
--- a/devices/surface-hub/images/sh2-run11.png
+++ b/devices/surface-hub/images/sh2-run11.png
--- a/devices/surface-hub/images/sh2-run12.png
+++ b/devices/surface-hub/images/sh2-run12.png
--- a/devices/surface-hub/images/sh2-run13.png
+++ b/devices/surface-hub/images/sh2-run13.png
--- a/devices/surface-hub/images/sh2-run14.png
+++ b/devices/surface-hub/images/sh2-run14.png
--- a/devices/surface-hub/images/sh2-run2.png
+++ b/devices/surface-hub/images/sh2-run2.png
--- a/devices/surface-hub/images/sh2-run3.png
+++ b/devices/surface-hub/images/sh2-run3.png
--- a/devices/surface-hub/images/sh2-run4.png
+++ b/devices/surface-hub/images/sh2-run4.png
--- a/devices/surface-hub/images/sh2-run5.png
+++ b/devices/surface-hub/images/sh2-run5.png
--- a/devices/surface-hub/images/sh2-run6.png
+++ b/devices/surface-hub/images/sh2-run6.png
--- a/devices/surface-hub/images/sh2-run7.png
+++ b/devices/surface-hub/images/sh2-run7.png
--- a/devices/surface-hub/images/sh2-run8.png
+++ b/devices/surface-hub/images/sh2-run8.png
--- a/devices/surface-hub/images/sh2-run9.png
+++ b/devices/surface-hub/images/sh2-run9.png
--- a/devices/surface-hub/surface-hub-2s-pack-components.md
+++ b/devices/surface-hub/surface-hub-2s-pack-components.md
@ -19,15 +19,9 @@ If you replace your Surface Hub 2S, one of its components, or a related accessor
 >[!IMPORTANT]  
 >When packing your device for shipment, make sure that you use the packaging in which your replacement device arrived.  
-This article contains the following procedures:
+## How to pack your Surface Hub 2S 50”
- [How to pack your Surface Hub 2S 55”](#how-to-pack-your-surface-hub-2s-55)  
+Use the following steps to pack your Surface Hub 2S 50" for shipment.
 - [How to replace and pack your Surface Hub 2S Compute Cartridge](#how-to-replace-and-pack-your-surface-hub-2s-compute-cartridge)  
 - [How to replace your Surface Hub 2S Camera](#how-to-replace-your-surface-hub-2s-camera)  
 ## How to pack your Surface Hub 2S 55”
 Use the following steps to pack your Surface Hub 2S 55" for shipment.
 ![The Surface Hub unit and mobile stand.](images/surface-hub-2s-repack-1.png)
--- a/devices/surface-hub/surface-hub-2s-setup.md
+++ b/devices/surface-hub/surface-hub-2s-setup.md
@ -0,0 +1,99 @@
 ---
 title: "First time Setup  for Surface Hub 2S"
 description: "Learn how to complete first time Setup for Surface Hub 2S."
 keywords: separate values with commas
 ms.prod: surface-hub
 ms.sitesec: library
 author: robmazz
 ms.author: robmazz
 audience: Admin
 ms.topic: article
 ms.localizationpriority: Normal
 ---
 # First time Setup for Surface Hub 2S
 When you first start Surface Hub 2S, the device automatically enters first time Setup mode to guide you through account configuration and related settings.
 ## Configuring Surface Hub 2S account
 1. **Configure your locale.** Enter region, language, keyboard layout and time zone information. Select **Next**.
   ![* Configure your locale *](images/sh2-run1.png) <br>
 1. **Connect  to a wireless network.** Choose your preferred wireless network and select **Next.**
 - This option is not shown if connected using an Ethernet cable.
 - You cannot connect to a wireless network in hotspots (captive portals) that redirect sign-in requests to a provider’s website.
 3. **Enter device account info.** Use **domain\user** for on-premises and hybrid environments and **user@example.com** for online environments. Select **Next.**
   ![* Enter device account info *](images/sh2-run2.png) <br>
 1. **Enter additional info.** If requested, provide your Exchange server address and then select **Next.**
    ![* Enter more info; for example, Exchange server name*](images/sh2-run3.png) <br>
 1. **Name this device.** Enter a name for your device or use the suggested one based on your account’s display name and user principle name [UPN]. **Select Next**.
 - The **Friendly name** is visible on the bottom left corner of Surface Hub 2S and is shown when projecting to the device.
 - The **Device name** identifies the device when affiliated with Active Directory or Azure Active Directory, and when enrolling the device with Intune.
  ![* Name this device*](images/sh2-run4.png) <br>
 ## Configuring device admin accounts
 You can only set up device admins during first time Setup. For more information, refer to [Surface Hub 2S device affiliation](https://docs.microsoft.com/en-us/surface-hub/surface-hub-2s-prepare-environment#device-affiliation).
 In the **Setup admins for this device** window, select one of the following options: Active Directory Domain Services, Azure Active Directory, or Local admin.
   ![* Setup admins for this device *](images/sh2-run5.png) <br>
 ### Active Directory Domain Services
 1. Enter the credentials of a user who has permissions to join the device to Active Directory.
    ![* Setup admins using domain join *](images/sh2-run6.png) <br>
 2. Select the Active Directory Security Group containing members allowed to log on to the Settings app on Surface Hub 2S.
    ![* Enter a security group *](images/sh2-run7.png) <br>
 1. Select **Finish**. The device will restart.
 ### Azure Active Directory
 When choosing to affiliate your device with Azure Active Directory, the device will immediately restart and display the following page. Select **Next**.
 ![* If your organization uses Office 365 or other business services from Microsoft, we’ll enrolll this device with your organization*](images/sh2-run8.png) <br>
 1. Enter the email address or UPN of an account **with Intune Plan 1** or greater and then select **Next.**
    ![* Enter work or school account*](images/sh2-run9.png) <br>
 2. If redirected, authenticate using your organization’s sign-in page and provide additional logon information if requested. The device will restart.
 ## Local Administrator account
 - Enter a username and password for your local admin. The device will restart.
     ![* Set up an admin account*](images/sh2-run10.png) <br>
 ## Using provisioning packages
 If you insert a USB thumb drive with a provisioning package into one of the USB ports when you start Surface Hub 2S, the device displays the following page.
 1. Enter the requested settings and select **Set up**.
    ![* Enter regional settings for provisioning package*](images/sh2-run11.png) <br>
    ![* Provision this device from removable media*](images/sh2-run12.png) <br>
 2. Choose the provisioning package you’d like to use.
   ![* Choose provisioning package to use*](images/sh2-run13.png) <br>
 3. If you created a multiple devices CSV file, you will be able to choose a device configuration. For more information, refer to [Create provisioning packages for Surface Hub 2S](https://docs.microsoft.com/en-us/surface-hub/surface-hub-2s-deploy#provisioning-multiple-devices-csv-file).
    ![* Select a device account and friendly name from your configuration file*](images/sh2-run14.png) <br>
 4. Follow the instructions to complete first time Setup.
--- a/devices/surface-hub/surface-hub-2s-startup.md
+++ b/devices/surface-hub/surface-hub-2s-startup.md
@ -1,15 +0,0 @@
 ---
 title: "Out-of-box startup for Surface Hub 2S"
 description: "Learn about starting Surface Hub 2S for the first time."
 keywords: separate values with commas
 ms.prod: surface-hub
 ms.sitesec: library
 author: robmazz
 ms.author: robmazz
 audience: Admin
 ms.topic: article
 ms.localizationpriority: Normal
 ROBOTS: NOINDEX, NOFOLLOW
 ---
 # Out-of-box startup for Surface Hub 2S
--- a/devices/surface/TOC.md
+++ b/devices/surface/TOC.md
@ -48,6 +48,7 @@
 ### [Unenroll Surface devices from SEMM](unenroll-surface-devices-from-semm.md)
 ## Support
 ### [Fix common Surface problems using the Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-for-business-intro.md)
 ### [Surface Diagnostic Toolkit for Business](surface-diagnostic-toolkit-business.md)
 ### [Use Surface Diagnostic Toolkit for Business in desktop mode](surface-diagnostic-toolkit-desktop-mode.md)
 ### [Run Surface Diagnostic Toolkit for Business using commands](surface-diagnostic-toolkit-command-line.md)
--- a/devices/surface/surface-diagnostic-toolkit-business.md
+++ b/devices/surface/surface-diagnostic-toolkit-business.md
@ -33,7 +33,7 @@ To run SDT for Business, download the components listed in the following table.
 Mode |	Primary scenarios | Download | Learn more
 --- | --- | --- | ---
 Desktop mode |	Assist users in running SDT on their Surface devices to troubleshoot issues.<br>Create a custom package to deploy on one or more Surface devices allowing users to select specific logs to collect and analyze. | SDT distributable MSI package:<br>Microsoft Surface Diagnostic Toolkit for Business Installer<br>[Surface Tools for IT](https://www.microsoft.com/download/details.aspx?id=46703) | [Use Surface Diagnostic Toolkit in desktop mode](surface-diagnostic-toolkit-desktop-mode.md)
-Command line |	Directly troubleshoot Surface devices remotely without user interaction, using standard tools such as Configuration Manager. It includes the following commands:<br>`-DataCollector` collects all log files<br>`-bpa` runs health diagnostics using Best Practice Analyzer.<br>`-windowsupdate` checks Windows update for missing firmware or driver updates.<br>`-warranty` checks warranty information. <br><br>| SDT console app:<br>Microsoft Surface Diagnostics App Console<br>[Surface Tools for IT](https://www.microsoft.com/download/details.aspx?id=46703) | [Run Surface Diagnostic Toolkit using commands](surface-diagnostic-toolkit-command-line.md)
+Command line |	Directly troubleshoot Surface devices remotely without user interaction, using standard tools such as Configuration Manager. It includes the following commands:<br>`-DataCollector` collects all log files<br>`-bpa` runs health diagnostics using Best Practice Analyzer.<br>`-windowsupdate` checks Windows Update for missing firmware or driver updates.<br>`-warranty` checks warranty information. <br><br>| SDT console app:<br>Microsoft Surface Diagnostics App Console<br>[Surface Tools for IT](https://www.microsoft.com/download/details.aspx?id=46703) | [Run Surface Diagnostic Toolkit using commands](surface-diagnostic-toolkit-command-line.md)
 ## Supported devices 
@ -126,18 +126,20 @@ Creating a custom package allows you to target the tool to specific known issues
 ### Language and telemetry page
-When you start creating the custom package, you’re asked whether you agree to send data to Microsoft to help improve the application. For more information,see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). Sharing is on by default, so uncheck the box if you wish to decline.
+When you start creating the custom package, you’re asked whether you agree to send data to Microsoft to help improve the application. For more information, see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). This setting is limited to only sharing data generated while running packages. Sharing is on by default; if you wish to decline, clear the check box.
 >[!NOTE]
->This setting is limited to only sharing data generated while running packages. 
+>This setting does not affect the minimal telemetry automatically stored on Microsoft servers when running tests and repairs that require an Internet connection, such as Windows Update and Software repair, or providing feedback using the Smile or Frown buttons in the app toolbar. 
 ![Select language and telemetry settings](images/sdt-4.png)
 *Figure 4. Select language and telemetry settings*
 ### Windows Update page
-Select the option appropriate for your organization. Most organizations with multiple users will typically select to receive updates via Windows Server Update Services (WSUS), as shown in figure 5. If using local Windows update packages or WSUS, enter the path as appropriate. 
+Select the option appropriate for your organization. Most organizations with multiple users will typically select to receive updates via Windows Server Update Services (WSUS), as shown in figure 5. If using local Windows Update packages or WSUS, enter the path as appropriate. 
 ![Select Windows Update option](images/sdt-5.png)
@ -170,8 +172,8 @@ You can select to run a wide range of logs across applications, drivers, hardwar
 *Release date: June 24, 2019*<br>
 This version of Surface Diagnostic Toolkit for Business adds support for the following: 
 - Driver version information included in logs and report.
- Ability to provide feedback about the app <br>
+- Ability to provide feedback about the app.<br>
-Please note that even though you turn off telemtry, windows update and feedback still connect to the internet.
+
 ### Version 2.36.139.0
 *Release date: April 26, 2019*<br>
@ -180,11 +182,3 @@ This version of Surface Diagnostic Toolkit for Business adds support for the fol
 - Accessibility improvements.
 - Surface brightness control settings included in logs.
 - External monitor compatibility support link in report generator.
--- a/education/index.md
+++ b/education/index.md
@ -55,8 +55,8 @@ ms.prod: w10
                                                    </div>
                                                </div>
                                                <div class="cardText">
-                                                    <h3>Deployment Overview</h3>
+                                                    <h3>Deployment Guidance</h3>
-                                                    <p>Learn how to deploy our suite of education offerings. Set up a cloud infrastructure for your school, acquire apps, and configure and manage Windows 10 devices.</p>
+                                                    <p>Dive right into the step-by-step process for the easiest deployment path to M365 EDU. We walk you through setting up cloud infrastructure, configuring and managing devices, and migrating on-premise servers for Sharepoint and Exchange to the cloud.</p>
                                                </div>
                                            </div>
                                        </div>
@ -76,7 +76,7 @@ ms.prod: w10
                                                    </div>
                                                </div>
                                                <div class="cardText">
-                                                    <h3>1. Cloud deployment</h3>
+                                                    <h3>1. M365 EDU deployment</h3>
                                                    <p>Get started by creating your Office 365 tenant, setting up a cloud infrastructure for your school, and creating, managing, and syncing user accounts.</p>
                                                </div>
                                            </div>
@ -104,7 +104,7 @@ ms.prod: w10
                                </a>
                            </li>
                            <li>
-                                <a href="/microsoft-365/education/index?branch=m365-integration#pivot=itpro&amp;panel=itpro-atft" target="_blank">
+                                <a href="/microsoft-365/education/deploy/post-deployment-next-steps" target="_blank">
                                    <div class="cardSize">
                                        <div class="cardPadding">
                                            <div class="card">
@ -114,8 +114,8 @@ ms.prod: w10
                                                    </div>
                                                </div>
                                                <div class="cardText">
-                                                    <h3>3. Tools for Teachers</h3>
+                                                    <h3>3. Post Deployment Next Steps</h3>
-                                                    <p>The latest classroom resources at teachers’ fingertips when you deploy Learning Tools, OneNote Class Notebooks, Teams, and more.</p>
+                                                    <p>Migrate to Sharepoint Server Hybrid or Sharepoint Online, and Exchange Server Hybrid or Exchange Online. Configure settings in your Admin portals.</p>
                                                </div>
                                            </div>
                                        </div>
--- a/windows/release-information/windows-message-center.yml
+++ b/windows/release-information/windows-message-center.yml
@ -51,8 +51,8 @@ sections:
      <table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
      <tr><td><a href = 'https://blogs.windows.com/windowsexperience/2019/07/01/evolving-windows-10-servicing-and-quality-the-next-steps/' target='_blank'><b>Evolving Windows 10 servicing and quality</b></a><br><div>Find out how we plan to further optimize the delivery of the next Windows 10 feature update for devices running Windows 10, version 1903. If you're a commercial customer, please see the <a href='https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Moving-to-the-next-Windows-10-feature-update-for-commercial/ba-p/732968' target='_blank'>Windows IT Pro Blog</a> for more details on how to plan for this new update option in your environment.</div></td><td>July 01, 2019 <br>02:00 PM PT</td></tr>
-      <tr><td><a href = '' target='_blank'><b>Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier</b></a><br><div>We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.</div></td><td>June 18, 2019 <br>02:00 PM PT</td></tr>
+      <tr><td><b>Windows 10, version 1903 starting to roll out to devices running Windows 10, version 1803 and earlier</b><br><div>We are now beginning to build and train the machine learning (ML) based rollout process to update devices running Windows 10, version 1803 (the April 2018 Update) and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates, and improvements.</div></td><td>June 18, 2019 <br>02:00 PM PT</td></tr>
-      <tr><td><a href = '' target='_blank'><b>Windows 10, version 1903 available by selecting “Check for updates”</b></a><br><div>Windows 10, version 1903 is now available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div></td><td>June 06, 2019 <br>06:00 PM PT</td></tr>
+      <tr><td><b>Windows 10, version 1903 available by selecting “Check for updates”</b><br><div>Windows 10, version 1903 is now available for any user who manually selects “Check for updates” via Windows Update. The recommended servicing status is Semi-Annual Channel.</div></td><td>June 06, 2019 <br>06:00 PM PT</td></tr>
      <tr><td><a href = 'https://blogs.windows.com/windowsexperience/2019/05/21/how-to-get-the-windows-10-may-2019-update/#1P75kJB6T5OhySyo.97' target='_blank'><b>Windows 10, version 1903 rollout begins</b></a><br>The Windows 10 May 2019 Update (Windows 10, version 1903) is available today to commercial customers via Windows Server Update Services (WSUS), Windows Update for Business, and the Volume Licensing Service Center (VLSC)—and to end users who manually select “Check for updates.” We are slowly throttling up availability while we carefully monitor data and feedback.</td><td>May 21, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><a href = 'https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-in-Windows-Update-for-Business-in-Windows-10-version/ba-p/622064' target='_blank'><b>What’s new in Windows Update for Business</b></a><br>We are enhancing and expanding the capabilities of Windows Update for Business to make the move to the cloud even easier. From simplified branch readiness options to better control over deadlines and reboots, read about the enhancements to Windows Update for Business as a part of Windows 10, version 1903. </td><td>May 21, 2019 <br>10:00 AM PT</td></tr>
      <tr><td><a href = 'https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-new-for-IT-pros-in-Windows-10-version-1903/ba-p/622024' target='_blank'><b>What’s new for businesses and IT pros in Windows 10</b></a><br>Explore the newest capabilities for businesses and IT in the latest feature update in the areas of intelligent security, simplified updates, flexible management, and enhanced productivity. </td><td>May 21, 2019 <br>10:00 AM PT</td></tr>
--- a/windows/security/threat-protection/microsoft-defender-atp/images/ta_dashboard.png
+++ b/windows/security/threat-protection/microsoft-defender-atp/images/ta_dashboard.png
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-analytics.md
@ -1,7 +1,7 @@
 ---
-title: Microsoft Defender Advanced Threat Protection Threat analytics
+title: Track and respond to emerging threats with Microsoft Defender ATP threat analytics
 ms.reviewer: 
-description: Get a tailored organizational risk evaluation and actionable steps you can take to minimize risks in your organization.
+description: Learn about emerging threats and attack techniques and how to stop them. Assess their impact to your organization and evaluate your organizational resilience.
 keywords: threat analytics, risk evaluation, OS mitigation, microcode mitigation, mitigation status 
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@ -9,8 +9,8 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
-ms.author: mjcaparas
+ms.author: lomayor
-author: mjcaparas
+author: lomayor
 ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
@ -18,47 +18,46 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
-# Threat analytics 
+# Track and respond to emerging threats with threat analytics 
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 Cyberthreats are emerging more frequently and prevalently. It is critical for organizations to quickly assess their security posture, covering the impact of emerging threats and their organizational resilience.  
-Cyberthreats are emerging more frequently and prevalently. It is critical for organizations to be able to quickly assess their security posture, including impact, and organizational resilience in the context of specific emerging threats. 
+Threat analytics is a set of reports published by Microsoft security researchers as soon as emerging threats and outbreaks are identified. The reports help you assess the impact of threats to your environment and identify actions that can contain them.
-Threat Analytics is a set of interactive reports published by the Microsoft Defender ATP research team as soon as emerging threats and outbreaks are identified. The reports help you the assess impact of threats in your environment and provides recommended actions to contain, increase organizational resilience, and prevent specific threats.
+## View the threat analytics dashboard
->[!NOTE]
+The threat analytics dashboard is a great jump off point for getting to the reports that are most relevant to your organization. It provides several overviews about the threats covered in the reports:
 >The number of resolved alerts indicates how quickly your organization responds to alerts associated with a threat. Ideally, the chart should be showing alerts being resolved within a few days.
-Each threat report provides a summary to describe details such as where the threat is coming from, where it's been seen, or techniques and tools that were used by the threat. 
+- **Latest threats** — lists the most recently published threat reports, along with the number of machines with resolved and unresolved alerts.
 - **High-impact threats** — lists the threats that have had the highest impact on the organization in terms of the number of machines that have had related alerts, along with the number of machines with resolved and unresolved alerts.
 - **Threat summary** — shows the number of threats among the threats reported in threat analytics with actual alerts.
-The dashboard shows the impact in your organization through the following tiles:
+![Image of a threat analytics dashboard](images/ta_dashboard.png)
- Machines with alerts - shows the current distinct number of impacted machines in your organization 
+
- Machines with alerts over time - shows the distinct number of impacted over time
+Select a threat on any of the overviews or on the table to view the report for that threat.
- Mitigation status - shows the number of mitigated and unmitigated machines. Machines are considered mitigated if they have all the measurable mitigations in place.
+
- Vulnerability patching status - lists any vulnerabilities associated with the threat, and if they have been patched
+## View a threat analytics report
- Mitigation recommendations - lists the measurable mitigations and the number of machines that do not have each of the mitigations in place 
+
 Each threat report generally provides an overview of the threat and an analysis of the techniques and tools used by the threat. It also provides worldwide impact information, mitigation recommendations, and detection information. It includes several cards that show dynamic data about how your organization is impacted by the threat and how prepared it is to stop the threat. 
 ![Image of a threat analytics report](images/ta.png)
-## Organizational impact
+### Organizational impact
-You can assess the organizational impact of a threat using the **Machines with alerts** and **Machines with alerts over time** tiles.
+Each report includes cards designed to provide information about the organizational impact of a threat:
 - **Machines with alerts** — shows the current number of distinct machines in your organization that have been impacted by the threat. A machine is categorized as **Active** if there is at least 1 alert associated with that threat and **Resolved** if *all* alerts associated with the threat on the machine have been resolved.
 - **Machines with alerts over time** — shows the number of distinct machines with **Active** and **Resolved** alerts over time. The number of resolved alerts indicates how quickly your organization responds to alerts associated with a threat. Ideally, the chart should be showing alerts resolved within a few days.
-A machine is categorized as **Active** if there is at least 1 alert associated with that threat and **Resolved** if *all* alerts associated with the threat on the machine are resolved.
+### Organizational resilience
-
+Each report also includes cards that provide an overview of how resilient your organization can be against a given threat:
-
+- **Mitigation status** — shows the number of machines that have and have not applied mitigations for the threat. Machines are considered mitigated if they have all the measurable mitigations in place.
-The **Machine with alerts over time**, shows the number of distinct machines with **Active** and **Resolved alerts over time**. The number of resolved alerts indicates how quickly your organization responds to alerts associated with a threat. Ideally, the chart should be showing alerts being resolved within a few days.
+- **Vulnerability patching status** — shows the number of machines that have applied security updates or patches that address vulnerabilities exploited by the threat.
-## Organizational resilience
+- **Mitigation recommendations** — lists specific actionable recommendations to improve your visibility into the threat and increase your organizational resilience. This card lists only measurable mitigations along with the number of machines that don't have these mitigations in place.
 The **Mitigation recommendations** section provides specific actionable recommendations to improve your visibility into this threat and increase your organizational resilience.
 The **Mitigation status** and **Mitigation status over time** shows the endpoint configuration status assessed based on the recommended mitigations.
 >[!IMPORTANT]
->- The chart only reflects mitigations that are measurable and where an evaluation can be made on the machine state as being compliant or non-compliant. There can be additional mitigations or compliance actions that currently cannot be computed or measured that are not reflected in the charts and are covered in the threat description under **Mitigation recommendations** section.
+>- Charts only reflect mitigations that are measurable, meaning an evaluation can be made on whether a machine has applied the mitigations or not. Check the report overview for additional mitigations that are not reflected in the charts.
->- Even if all mitigations were measurable, there is no absolute guarantee of complete resilience but reflects the best possible actions that need to be taken to improve resiliency.
+>- Even if all mitigations were measurable, they don't guarantee complete resilience. They reflect the best possible actions needed to improve resiliency.
 >[!NOTE]
->The Unavailable category indicates that there is no data available from the specific machine yet. 
+>Machines are counted as "unavailable" if they have been unable to transmit data to the service.
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
@ -86,4 +86,53 @@ This can only be done in Group Policy.
 6.  Open the **Hide all notifications** setting and set it to **Enabled**. Click **OK**.
-7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/library/ee663280(v=vs.85).aspx). 
+7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/library/ee663280(v=vs.85).aspx).
 ## Notifications
 | Purpose | Notification text | Toast Identifier | Critical? |
 |---------|------------------|-------------|-----------|
 | Network isolation | Your IT administrator has caused Windows Defender to disconnect your device. Contact IT help desk. | SENSE_ISOLATION | Yes |
 | Network isolation customized | _Company name_ has caused Windows Defender to disconnect your device. Contact IT help desk _phone number_, _email address_, _url_. | SENSE_ISOLATION_CUSTOM (body) | Yes |
 | Restricted access | Your IT administrator has caused Windows Defender to limit actions on this device. Some apps may not function as expected. Contact IT help desk. | SENSE_PROCESS_RESTRICTION | Yes |
 | Restricted access customized | _Company_ has caused Windows Defender to limit actions on this device. Some apps may not function as expected. Contact IT help desk. | SENSE_PROCESS_RESTRICTION_CUSTOM (body) | Yes |
 | HVCI, driver compat check fails (upon trying to enable) | There may be an incompatibility on your device. | HVCI_ENABLE_FAILURE | Yes |
 | HVCI, reboot needed to enable | The recent change to your protection settings requires a restart of your device. | HVCI_ENABLE_SUCCESS | Yes |
 | Item skipped in scan, due to exclusion setting, or network scanning disabled by admin | The Windows Defender Antivirus scan skipped an item due to exclusion or network scanning settings. | ITEM_SKIPPED | Yes |
 | Remediation failure | Windows Defender Antivirus couldn’t completely resolve potential threats. | CLEAN_FAILED | Yes |
 | Follow-up action (restart & scan) | Windows Defender Antivirus found _threat_ in _file name_. Please restart and scan your device. Restart and scan | MANUALSTEPS_REQUIRED | Yes |
 | Follow-up action (restart) | Windows Defender Antivirus found _threat_ in _file_. Please restart your device. | WDAV_REBOOT | Yes |
 | Follow-up action (Full scan) | Windows Defender Antivirus found _threat_ in _file_. Please run a full scan of your device. | FULLSCAN_REQUIRED | Yes |
 | Sample submission prompt | Review files that Windows Defender will send to Microsoft. Sending this information can improve how Windows Defender Antivirus helps protect your device. | SAMPLE_SUBMISSION_REQUIRED | Yes |
 | OS support ending warning | Support for your version of Windows is ending. When this support ends, Windows Defender Antivirus won’t be supported, and your device might be at risk. | SUPPORT_ENDING | Yes |
 | OS support ended, device at risk | Support for your version of Windows has ended. Windows Defender Antivirus is no longer supported, and your device might be at risk. | SUPPORT_ENDED _and_ SUPPORT_ENDED_NO_DEFENDER | Yes |
 | Summary notification, items found | Windows Defender Antivirus successfully took action on _n_ threats since your last summary. Your device was scanned _n_ times. | RECAP_FOUND_THREATS_SCANNED | No |
 | Summary notification, items found, no scan count | Windows Defender Antivirus successfully took action on _n_ threats since your last summary. | RECAP_FOUND_THREATS | No |
 | Summary notification, **no** items found, scans performed | Windows Defender Antivirus did not find any threats since your last summary.  Your device was scanned _n_ times. | RECAP_NO THREATS_SCANNED | No |
 | Summary notification, **no** items found, no scans | Windows Defender Antivirus did not find any threats since your last summary. | RECAP_NO_THREATS | No |
 | Scan finished, manual, threats found | Windows Defender Antivirus scanned your device at _timestamp_ on _date_, and took action against threats. | RECENT_SCAN_FOUND_THREATS | No |
 | Scan finished, manual, **no** threats found | Windows Defender Antivirus scanned your device at _timestamp_ on _date_.  No threats were found. | RECENT_SCAN_NO_THREATS | No |
 | Threat found | Windows Defender Antivirus found threats. Get details. | CRITICAL | No |
 | LPS on notification | Windows Defender Antivirus is periodically scanning your device.  You’re also using another antivirus program for active protection. | PERIODIC_SCANNING_ON | No |
 | Long running BaFS | Your IT administrator  requires a security scan of this item.  The scan could take up to _n_ seconds. | BAFS | No |
 | Long running BaFS customized | _Company_ requires a security scan of this item.  The scan could take up to _n_ seconds. | BAFS_DETECTED_CUSTOM (body) | No |
 | Sense detection | This application was removed because it was blocked by your IT security settings | WDAV_SENSE_DETECTED | No |
 | Sense detection customized | This application was removed because it was blocked by your IT security settings | WDAV_SENSE_DETECTED_CUSTOM (body) | No |
 | Ransomware specific detection | Windows Defender Antivirus has detected threats which may include ransomware. | WDAV_RANSOMWARE_DETECTED | No |
 | ASR (HIPS) block | Your IT administrator caused Windows Defender Security Center to block this action. Contact your IT help desk. | HIPS_ASR_BLOCKED | No |
 | ASR (HIPS) block customized | _Company_ caused Windows Defender Security Center to block this action. Contact your IT help desk. | HIPS_ASR_BLOCKED_CUSTOM (body) | No |
 | CFA (FolderGuard) block | Controlled folder access blocked _process_ from making changes to the folder _path_ | FOLDERGUARD_BLOCKED | No |
 | Network protect (HIPS) network block customized | _Company_ caused Windows Defender Security Center to block this network connection. Contact your IT help desk. | HIPS_NETWORK_BLOCKED_CUSTOM (body) | No |
 | Network protection (HIPS) network block | Your IT administrator caused Windows Defender Security Center to block this network connection. Contact your IT help desk. | HIPS_NETWORK_BLOCKED | No |
 | PUA detection, not blocked | Your settings cause the detection of any app that might perform unwanted actions on your computer. | PUA_DETECTED | No |
 | PUA notification | Your IT settings caused Windows Defender Antivirus to block an app that may potentially perform unwanted actions on your device. | PUA_BLOCKED | No |
 | PUA notification, customized | _Company_ caused Windows Defender Antivirus to block an app that may potentially perform unwanted actions on your device. | PUA_BLOCKED_CUSTOM (body) | No |
 | Network isolation ended |  |  | No |
 | Network isolation ended, customized |  |  | No |
 | Restricted access ended |  |  | No |
 | Restricted access ended, customized |  |  | No |
 | Dynamic lock on, but bluetooth off |  |  | No |
 | Dynamic lock on, bluetooth on, but device unpaired |  |  | No |
 | Dynamic lock on, bluetooth on, but unable to detect device |  |  | No |
 | NoPa or federated no hello |  |  | No |
 | NoPa or federated hello broken |  |  | No |