diff --git a/windows/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md b/windows/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
index 77c6833644..4d07119caa 100644
--- a/windows/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
+++ b/windows/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
@@ -40,7 +40,7 @@ The cloud-delivered protection is always on and requires an active connection to
 
 ## Product updates
 
-Windows Defender AV requires monthly updates (known as "engine updates"), and will receive major feature updates alongside Windows 10 releases.
+Windows Defender AV requires [monthly updates](https://support.microsoft.com/en-us/help/4052623/update-for-windows-defender-antimalware-platform) (known as "engine updates" and "platform updates"), and will receive major feature updates alongside Windows 10 releases.
 
 You can manage the distribution of updates through Windows Server Update Service (WSUS), with [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/sum/understand/software-updates-introduction), or in the normal manner that you deploy Microsoft and Windows updates to endpoints in your network.
 
diff --git a/windows/threat-protection/windows-defender-exploit-guard/emet-exploit-protection-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/emet-exploit-protection-exploit-guard.md
index 5d6e4f6de6..7c30cde7a7 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/emet-exploit-protection-exploit-guard.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/emet-exploit-protection-exploit-guard.md
@@ -36,14 +36,22 @@ ms.date: 08/25/2017
 >  
 >You can [convert an existing EMET configuration file into Exploit protection](import-export-exploit-protection-emet-xml.md#convert-an-emet-configuration-file-to-an-exploit-protection-configuration-file) to make the migration easier and keep your existing settings.
 
+This topic describes the differences between the Enhance Mitigation Experience Toolkit (EMET) and its replacement in Windows 10: Windows Defender Exploit Guard. 
 
- The Enhanced Mitigation Experience Toolkit (EMET) is a stand-alone product that is available on earlier versions of Windows and provides a number of system- and app-based mitigations against known exploit techniques.
+ In Windows 10, version 1709 (also known as the Fall Creators Update), we released [Windows Defender Exploit Guard](windows-defender-exploit-guard.md), which provides unparalleled mitigation of known and unknown threat attack vectors, including exploits. 
+ 
+ Windows Defender Exploit Guard is our successor to EMET and provides stronger protection, more customization, an easier user interface, and better configuration and management options.
+
+ EMET is a stand-alone product that is available on earlier versions of Windows and provides a number of system- and app-based mitigations against known exploit techniques.
 
  After July 31, 2018, it will reach its end of life, which means it will not be supported and no additional development will be made on it.
 
- In Windows 10, version 1709 (also known as the Fall Creators Update), we released Windows Defender Exploit Guard, which provides unparalleled mitigation of known and unknown threat attack vectors, including exploits. 
- 
- Windows Defender Exploit Guard is our successor to EMET and provides stronger protection, more customization, an easier user interface, and better configuration and management options.
+ For more information about the individual features and mitigations available in Windows Defender Exploit Guard, as well as how to enable, configure, and deploy them to better protect your network, see the following topics:
+
+- [Windows Defender Exploit Guard](windows-defender-exploit-guard.md)
+- [Protect devices from exploits with Windows Defender Exploit Guard](exploit-protection-exploit-guard.md)
+- [Configure and audit Exploit protection mitigations](customize-exploit-protection.md)
+
 
 
 
@@ -56,24 +64,24 @@ ms.date: 08/25/2017
 Windows versions | [!include[Check mark yes](images/svg/check-yes.md)] <br />All versions of Windows 10 starting with version 1709 | [!include[Check mark yes](images/svg/check-yes.md)] <br />Windows 8.1; Windows 8; Windows 7<br />Cannot be installed on Windows 10, version 1709 and later
 Installation requirements | [Windows Defender Security Center in Windows 10](../windows-defender-security-center/windows-defender-security-center.md) <br />(no additional installation required)<br />Windows Defender Exploit Guard is built into Windows - it doesn't require a separate tool or package for management, configuration, or deployment. | Available only as an additional download and must be installed onto a management device
 User interface | Modern interface integrated with the [Windows Defender Security Center](../windows-defender-security-center/windows-defender-security-center.md) | Older, complex interface that requires considerable ramp-up training
-Supportability | [!include[Check mark yes](images/svg/check-yes.md)] <br /><!-- [Dedicated submission-based support channel](https://www.microsoft.com/en-us/wdsi/filesubmission)<sup id="ref1">[[1](#fn1)]</sup> -->Throughout the [Windows 10 support lifecycle](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) | [!include[Check mark no](images/svg/check-no.md)]<br />Ends after July 31, 2018
+Supportability | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Dedicated submission-based support channel](https://www.microsoft.com/en-us/wdsi/filesubmission)<sup id="ref1">[[1](#fn1)]</sup><br />[Throughout the Windows 10 support lifecycle](https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet) | [!include[Check mark no](images/svg/check-no.md)]<br />Ends after July 31, 2018
 Updates | [!include[Check mark yes](images/svg/check-yes.md)] <br />Ongoing updates and development of new features, released twice yearly as part of the [Windows 10 semi-annual update channel](https://blogs.technet.microsoft.com/windowsitpro/2017/07/27/waas-simplified-and-aligned/) | [!include[Check mark no](images/svg/check-no.md)]<br />No planned updates or development
-Exploit protection | [!include[Check mark yes](images/svg/check-yes.md)] <br />All EMET mitigations plus new, specific mitigations ([see table](#mitigation-comparison)) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Limited set of mitigations
-[Attack surface reduction](attack-surface-reduction-exploit-guard.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Configuration of individual rules](enable-attack-surface-reduction.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Limited ruleset configuration only for modules (no processes)
-[Network protection](network-protection-exploit-guard.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
-[Controlled folder access](controlled-folders-exploit-guard.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available and [configurable for apps and folders](customize-controlled-folders-exploit-guard.md) | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
-Configuration with Group Policy | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available | [!include[Check mark yes](images/svg/check-yes.md)]<br />Available
-Configuration with GUI (user interface) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Windows-based configuration | [!include[Check mark yes](images/svg/check-yes.md)]<br />Requires installation and use of EMET tool
-Configuration with shell tools | [!include[Check mark yes](images/svg/check-yes.md)] <br />PowerShell| [!include[Check mark yes](images/svg/check-yes.md)]<br />Requires use of EMET tool (EMET_CONF)
-System Center Configuration Manager |  [!include[Check mark yes](images/svg/check-yes.md)] <br />Available | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
-Microsoft Intune | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
-Reporting | [!include[Check mark yes](images/svg/check-yes.md)] <br />[With Windows event logs](event-views-exploit-guard.md) and full [audit mode reporting](audit-windows-defender-exploit-guard.md) <br />[Full integration with Windows Defender Advanced Threat Protection](../windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Limited Windows event log monitoring
-[Audit mode](audit-windows-defender-exploit-guard.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Available | [!include[Check mark no](images/svg/check-no.md)]<br />Limited to EAF, EAF+, and anti-ROP mitigations
+Exploit protection | [!include[Check mark yes](images/svg/check-yes.md)] <br />All EMET mitigations plus new, specific mitigations ([see table](#mitigation-comparison))<br />[Can convert and import existing EMET configurations](import-export-exploit-protection-emet-xml.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Limited set of mitigations
+Attack surface reduction | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Helps block known infection vectors](attack-surface-reduction-exploit-guard.md)<br />[Can configure individual rules](enable-attack-surface-reduction.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Limited ruleset configuration only for modules (no processes)
+Network protection | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Helps block malicious network connections](network-protection-exploit-guard.md) | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
+Controlled folder access | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Helps protect important folders](controlled-folders-exploit-guard.md)<br/>[Configurable for apps and folders](customize-controlled-folders-exploit-guard.md) | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
+Configuration with GUI (user interface) | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Use Windows Defender Security Center app to customize and manage configurations](customize-exploit-protection.md) | [!include[Check mark yes](images/svg/check-yes.md)]<br />Requires installation and use of EMET tool
+Configuration with Group Policy | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Use Group Policy to deploy and manage configurations](import-export-exploit-protection-emet-xml.md#manage-or-deploy-a-configuration) | [!include[Check mark yes](images/svg/check-yes.md)]<br />Available
+Configuration with shell tools | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Use PowerShell to customize and manage configurations](customize-exploit-protection.md#powershell-reference) | [!include[Check mark yes](images/svg/check-yes.md)]<br />Requires use of EMET tool (EMET_CONF)
+System Center Configuration Manager |  [!include[Check mark yes](images/svg/check-yes.md)] <br />[Use Configuration Manager to customize, deploy, and manage configurations](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/create-deploy-exploit-guard-policy) | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
+Microsoft Intune | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Use Intune to customize, deploy, and manage configurations](https://docs.microsoft.com/en-us/intune/whats-new#window-defender-exploit-guard-is-a-new-set-of-intrusion-prevention-capabilities-for-windows-10----1063615---) | [!include[Check mark no](images/svg/check-no.md)]<br />Not available
+Reporting | [!include[Check mark yes](images/svg/check-yes.md)] <br />With [Windows event logs](event-views-exploit-guard.md) and [full audit mode reporting](audit-windows-defender-exploit-guard.md) <br />[Full integration with Windows Defender Advanced Threat Protection](../windows-defender-atp/security-analytics-dashboard-windows-defender-advanced-threat-protection.md) | [!include[Check mark yes](images/svg/check-yes.md)] <br />Limited Windows event log monitoring
+Audit mode | [!include[Check mark yes](images/svg/check-yes.md)] <br />[Full audit mode with Windows event reporting](audit-windows-defender-exploit-guard.md) | [!include[Check mark no](images/svg/check-no.md)]<br />Limited to EAF, EAF+, and anti-ROP mitigations
+
 
 
-<!--
 <span id="fn1"></span>([1](#ref1)) Support coming in December 2017. Requires an enterprise subscription with Azure Active Directory or a [Software Assurance ID](https://www.microsoft.com/en-us/licensing/licensing-programs/software-assurance-default.aspx).
--->
+
 
 
 
@@ -92,14 +100,14 @@ Block untrusted fonts | [!include[Check mark yes](images/svg/check-yes.md)] | [!
 Data Execution Prevention (DEP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
 Export address filtering (EAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
 Force randomization for images (Mandatory ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-NullPage Security Mitigation | [!include[Check mark yes](images/svg/check-yes.md)]<br />Included natively in Windows 10 | [!include[Check mark yes](images/svg/check-yes.md)]
+NullPage Security Mitigation | [!include[Check mark yes](images/svg/check-yes.md)]<br />Included natively in Windows 10<br/>See  [Mitigate threats by using Windows 10 security features](../overview-of-threat-mitigations-in-windows-10.md#understanding-windows-10-in-relation-to-the-enhanced-mitigation-experience-toolkit) for more information | [!include[Check mark yes](images/svg/check-yes.md)]
 Randomize memory allocations (Bottom-Up ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
 Simulate execution (SimExec) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
 Validate API invocation (CallerCheck) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
 Validate exception chains (SEHOP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
 Validate stack integrity (StackPivot) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Certificate trust (configurable certificate pinning) | No longer supported by the industry as newer mitigations provide better protection with fewer errors | [!include[Check mark yes](images/svg/check-yes.md)]
-Heap spray allocation | Ineffective against modern browser exploits, newer mitigations provide better protection | [!include[Check mark yes](images/svg/check-yes.md)]
+Certificate trust (configurable certificate pinning) | Windows 10 provides enterprise certificate pinning | [!include[Check mark yes](images/svg/check-yes.md)]
+Heap spray allocation | Ineffective against newer browser-based exploits, newer mitigations provide better protection<br/>See  [Mitigate threats by using Windows 10 security features](../overview-of-threat-mitigations-in-windows-10.md#understanding-windows-10-in-relation-to-the-enhanced-mitigation-experience-toolkit) for more information | [!include[Check mark yes](images/svg/check-yes.md)]
 Block low integrity images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
 Code integrity guard | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
 Disable extension points | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
@@ -115,12 +123,11 @@ Validate image dependency integrity | [!include[Check mark yes](images/svg/check
 
 
 
-
-
-
-
 >[!NOTE] 
->The Advanced ROP mitigations that are available in EMET refer to additional configuration options for other mitigations, such as "Memory protection checks" and "Load library checks". These mitigations have been included in Windows Defender Exploit Guard with enhancements that natively increase the protection beyond those options in EMET.
+>The Advanced ROP mitigations that are available in EMET are superseded by ACG in Windows 10, which other EMET advanced settings are enabled by default in Windows Defender Exploit Guard as part of enabling the anti-ROP mitigations for a process.
+> 
+>See the [Mitigation threats by using Windows 10 security features](../overview-of-threat-mitigations-in-windows-10.md#understanding-windows-10-in-relation-to-the-enhanced-mitigation-experience-toolkit) for more information on how Windows 10 employs existing EMET technology.
+
 
 ## Related topics
 
@@ -131,59 +138,3 @@ Validate image dependency integrity | [!include[Check mark yes](images/svg/check
 - [Import, export, and deploy Exploit protection configurations](import-export-exploit-protection-emet-xml.md)
 
 
-## Table A-Z mitigations
-
-Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
--|:-:|:-:
-Arbitrary code guard (ACG) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]<br />As "Memory Protection Check"
-Block low integrity images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Block remote images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]<br/>As "Load Library Check"
-Block untrusted fonts | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Certificate trust (configurable certificate pinning) | No longer supported by the industry as newer mitigations provide better protection with fewer errors | [!include[Check mark yes](images/svg/check-yes.md)]
-Code integrity guard | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Data Execution Prevention (DEP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Disable extension points | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Disable Win32k system calls | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Do not allow child processes | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Export address filtering (EAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Force randomization for images (Mandatory ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Heap spray allocation | Ineffective against modern browser exploits, newer mitigations provide better protection | [!include[Check mark yes](images/svg/check-yes.md)]
-Import address filtering (IAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-NullPage Security Mitigation | [!include[Check mark yes](images/svg/check-yes.md)]<br />Included natively in Windows 10 | [!include[Check mark yes](images/svg/check-yes.md)]
-Randomize memory allocations (Bottom-Up ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Simulate execution (SimExec) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Validate API invocation (CallerCheck) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Validate exception chains (SEHOP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Validate handle usage | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Validate heap integrity | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Validate image dependency integrity | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Validate stack integrity (StackPivot) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-
-
-# Table WDEG yes > EMET no > Emet > yes
-
-Mitigation | Available in Windows Defender Exploit Guard | Available in EMET
--|:-:|:-:
-Block low integrity images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Code integrity guard | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Disable extension points | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Disable Win32k system calls | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Do not allow child processes | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Import address filtering (IAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Validate handle usage | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Validate heap integrity | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Validate image dependency integrity | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark no](images/svg/check-no.md)]
-Heap spray allocation | Ineffective against modern browser exploits, newer mitigations provide better protection | [!include[Check mark yes](images/svg/check-yes.md)]
-Certificate trust (configurable certificate pinning) | No longer supported by the industry as newer mitigations provide better protection with fewer errors | [!include[Check mark yes](images/svg/check-yes.md)]
-NullPage Security Mitigation | [!include[Check mark yes](images/svg/check-yes.md)]<br />Included natively in Windows 10 | [!include[Check mark yes](images/svg/check-yes.md)]
-Block untrusted fonts | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Data Execution Prevention (DEP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Export address filtering (EAF) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Force randomization for images (Mandatory ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Randomize memory allocations (Bottom-Up ASLR) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Simulate execution (SimExec) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Validate API invocation (CallerCheck) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Validate exception chains (SEHOP) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Validate stack integrity (StackPivot) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]
-Arbitrary code guard (ACG) | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]<br />As "Memory Protection Check"
-Block remote images | [!include[Check mark yes](images/svg/check-yes.md)] | [!include[Check mark yes](images/svg/check-yes.md)]<br/>As "Load Library Check"