diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
index 0b01d6d615..0de84a225d 100644
--- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
+++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md
@@ -42,7 +42,7 @@ In Log Analytics, go to **Settings > Connected sources > Windows telemetry** and
 
 Even though devices can take 2-3 days after enrollment to show up due to latency in the system, you can now verify the status of your devices with a few hours of running the deployment script as described in [You can now check on the status of your computers within hours of running the deployment script](https://blogs.technet.microsoft.com/upgradeanalytics/2017/05/12/wheres-my-data/) on the Windows Analytics blog.
 >[!NOTE]
-> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id," please go to **Settings > Connected sources > Windows telemetry** and unsubscribe, wait a minute and then re-subscribe to Upgrade Readiness. This is a known issue and we are working on a fix.
+> If you generate the status report and get an error message saying "Sorry! We’re not recognizing your Commercial Id," go to **Settings > Connected sources > Windows telemetry** and unsubscribe, wait a minute and then re-subscribe to Upgrade Readiness.
  
 If devices are not showing up as expected, find a representative device and follow these steps to run the latest pilot version of the Upgrade Readiness deployment script on it to troubleshoot issues:
 
@@ -163,7 +163,7 @@ Also, on Windows 10 devices remember that IE site discovery requires data diagno
 Finally, Upgrade Readiness only collects IE site discovery data on devices that are not yet upgraded to the target operating system version specified in the Upgrade Readiness Overview blade. This is because Upgrade Readiness targets upgrade planning (for devices not yet upgraded).
 
 ### Device Names don't show up on Windows 10 devices
-Starting with the build currently available in the Windows Insider Program, the device name is no longer collected by default and requires a separate opt-in. For more information, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
+Starting with Windows 10, version 1803, the device name is no longer collected by default and requires a separate opt-in. For more information, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
 
 ### Disable Upgrade Readiness
 
diff --git a/windows/deployment/update/windows-analytics-get-started.md b/windows/deployment/update/windows-analytics-get-started.md
index cec30d4e05..e25fb236b6 100644
--- a/windows/deployment/update/windows-analytics-get-started.md
+++ b/windows/deployment/update/windows-analytics-get-started.md
@@ -44,7 +44,7 @@ To enable data sharing, configure your proxy sever to whitelist the following en
 
 | **Endpoint**  | **Function**  |
 |---------------------------------------------------------|-----------|
-| `https://v10.events.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for use with the build of Windows 10 available in the Windows Insider Program|
+| `https://v10.events.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for use with Windows 10, version 1803|
 | `https://v10.vortex-win.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for Windows 10, version 1709 or earlier |
 | `https://vortex-win.data.microsoft.com` | Connected User Experience and Diagnostic component endpoint for operating systems older than Windows 10 |
 | `https://settings-win.data.microsoft.com` | Enables the compatibility update to send data to Microsoft. 
@@ -137,7 +137,7 @@ These policies are under Microsoft\Windows\DataCollection:
 | CommercialId | In order for your devices to show up in Windows Analytics, they must be configured with your organization’s Commercial ID. |
 | AllowTelemetry (in Windows 10) |	1 (Basic), 2 (Enhanced) or 3 (Full) diagnostic data. Windows Analytics will work with basic diagnostic data, but more features are available when you use the Enhanced level (for example, Device Health requires Enhanced diagnostic data and Upgrade Readiness only collects app usage and site discovery data on Windows 10 devices with Enhanced diagnostic data). For more information, see [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization). |
 | LimitEnhancedDiagnosticDataWindowsAnalytics (in Windows 10) |	Only applies when AllowTelemetry=2. Limits the Enhanced diagnostic data events sent to Microsoft to just those needed by Windows Analytics. For more information, see [Windows 10, version 1709 enhanced diagnostic data events and fields used by Windows Analytics](https://docs.microsoft.com/windows/configuration/enhanced-diagnostic-data-windows-analytics-events-and-fields).|
-| AllowDeviceNameInTelemetry (in Windows 10) |	In the build currently available in the Windows Insider Program for Windows 10, a separate opt-in is required to enable devices to continue to send the device name. |
+| AllowDeviceNameInTelemetry (in Windows 10) |	In Windows 10, version 1803, a separate opt-in is required to enable devices to continue to send the device name. |
 | CommercialDataOptIn (in Windows 7 and Windows 8) |	1 is required for Upgrade Readiness, which is the only solution that runs on Windows 7 or Windows 8. |
 
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md
index bf20b8965c..d0e001795a 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data-update-compliance.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 09/12/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md
index 8669970d58..16ef07c3fd 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 08/26/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md
index 771d56a805..76e434be5e 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-advanced-scan-types-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 
 ---
 
@@ -40,7 +40,7 @@ To configure the Group Policy settings described in the following table:
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
index 7efd232814..255f8595af 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 02/08/2018
+ms.date: 04/30/2018
 ---
 
 
@@ -22,7 +22,7 @@ ms.date: 02/08/2018
 
 **Applies to**
 
-- Windows 10, version 1703
+- Windows 10, version 1703 and later
 
 **Audience**
 
@@ -54,7 +54,7 @@ You can also [customize the message displayed on users' desktops](https://docs.m
 
 When a Windows Defender Antivirus client encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend will apply heuristics, machine learning, and automated analysis of the file to determine the files as malicious or clean. 
 
-The Block at First Sight feature only uses the cloud protection backend for executable files that are downloaded from the Internet, or originating from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
+The Block at First Sight feature only uses the cloud protection backend for executable files and non-portable executable files (such as JS, VBS, or macros) that are downloaded from the Internet, or originating from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
 
  
 
@@ -75,7 +75,7 @@ Block at First Sight requires a number of Group Policy settings to be configured
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > MAPS** and configure the following Group Policies:
     
@@ -137,9 +137,7 @@ You may choose to disable the Block at First Sight feature if you want to retain
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree through **Windows components > Windows Defender Antivirus > MAPS**.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-cloud-block-timeout-period-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-cloud-block-timeout-period-windows-defender-antivirus.md
index b3a7c51466..a342d8ed4d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-cloud-block-timeout-period-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-cloud-block-timeout-period-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Configure the cloud block timeout period
@@ -20,7 +20,7 @@ ms.date: 08/26/2017
 
 **Applies to:**
 
-- Windows 10, version 1703
+- Windows 10, version 1703 and later
 
 **Audience**
 
@@ -55,7 +55,7 @@ You can use Group Policy to specify an extended timeout for cloud checks.
 
 2.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-3.  Click **Policies** then **Administrative templates**.
+3.  Click **Administrative templates**.
 
 4.  Expand the tree to **Windows components > Windows Defender Antivirus > MpEngine**
     
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-end-user-interaction-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-end-user-interaction-windows-defender-antivirus.md
index 4b2e00bfec..8ff899a974 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-end-user-interaction-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-end-user-interaction-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 08/26/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md
index 761ad06d6b..ce689900bf 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-exclusions-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 07/27/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md
index 65858fabe3..9cc2f9b242 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-extension-file-exclusions-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 11/07/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Configure and validate exclusions based on file extension and folder location
@@ -99,7 +99,7 @@ You can [configure how locally and globally defined exclusions lists are merged]
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**. 
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md
index 39660adda8..6620392e7a 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-notifications-windows-defender-antivirus.md
@@ -9,16 +9,16 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/31/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Configure the notifications that appear on endpoints
 
 **Applies to:**
 
-- Windows 10, version 1703
+- Windows 10, version 1703 and later
 
 **Audience**
 
@@ -63,7 +63,7 @@ You can configure the display of additional notifications, such as recent threat
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > Reporting**. 
 
@@ -90,7 +90,7 @@ See the [Customize the Windows Defender Security Center app for your organizatio
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**. 
 
@@ -102,7 +102,7 @@ See the [Customize the Windows Defender Security Center app for your organizatio
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**. 
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md
index 7ec2957bda..8184f9fff9 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-process-opened-file-exclusions-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 07/27/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Configure exclusions for files opened by processes
@@ -73,7 +73,7 @@ You can [configure how locally and globally defined exclusions lists are merged]
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**. 
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-protection-features-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-protection-features-windows-defender-antivirus.md
index 12b87815c2..8eaf0cfc8f 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-protection-features-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-protection-features-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 08/26/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md
index ab4cd78ac7..83cceaf5fc 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-real-time-protection-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -89,7 +89,7 @@ The main real-time protection capability is enabled by default, but you can disa
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > Real-time protection**.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
index 8fbf0984c3..19f9330991 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-remediation-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -49,7 +49,7 @@ To configure these settings:
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md
index ed4fbd000f..701b43b634 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-server-exclusions-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 07/27/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Configure exclusions in Windows Defender AV on Windows Server
@@ -63,7 +63,7 @@ You can disable the auto-exclusions lists with Group Policy, PowerShell cmdlets,
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features.md b/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features.md
index 878ec50fed..ecc4190de1 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/configure-windows-defender-antivirus-features.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 08/26/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
index ca162858e4..5c57af4d4c 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/customize-run-review-remediate-scans-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 08/26/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
index b93c8c5f55..5b1594fd3c 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-manage-report-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Deploy, manage, and report on Windows Defender Antivirus
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus.md
index 9984525b5e..dbd8572db4 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deploy-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 12/12/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Deploy and enable Windows Defender Antivirus
diff --git a/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
index a45301b39d..41343abb5c 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/deployment-vdi-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Deployment guide for Windows Defender Antivirus in a virtual desktop infrastructure (VDI) environment
diff --git a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
index 9f225964af..55ed3cb681 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: detect
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 11/20/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
index 24b6f61d0a..52804b3481 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/enable-cloud-protection-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 11/20/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Enable cloud-delivered protection in Windows Defender AV
@@ -57,7 +57,7 @@ There are specific network-connectivity requirements to ensure your endpoints ca
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > MAPS**
     
diff --git a/windows/security/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md
index 2636c7abd9..225ea553da 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 11/20/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Evaluate Windows Defender Antivirus protection
@@ -19,7 +19,7 @@ ms.date: 11/20/2017
 
 **Applies to:**
 
-- Windows 10, version 1703
+- Windows 10, version 1703 and later
 
 **Audience**
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/limited-periodic-scanning-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/limited-periodic-scanning-windows-defender-antivirus.md
index 78f6f1e33e..18f934df2d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/limited-periodic-scanning-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/limited-periodic-scanning-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/16/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -22,7 +22,7 @@ ms.date: 10/16/2017
 
 **Applies to:**
 
-- Windows 10, version 1703
+- Windows 10, version 1703 and later
 
 
 **Audience**
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md
index e5cf0f54e3..a15ae25596 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-event-based-updates-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Manage event-based forced updates
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md
index 8095eff3ae..00b1ed1c2f 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-outdated-endpoints-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Manage updates and scans for endpoints that are out of date
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md
index 968e10782b..650a73dafb 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-update-schedule-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Manage the schedule for when protection updates should be downloaded and applied
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
index 2d2614358f..5eab19050c 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-protection-updates-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Manage the sources for Windows Defender Antivirus protection updates
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
index d282a66fb9..99051e2f5f 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 12/12/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Manage Windows Defender Antivirus updates and apply baselines
diff --git a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-mobile-devices-vms-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-mobile-devices-vms-windows-defender-antivirus.md
index ae9fbfef91..de30dd760f 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/manage-updates-mobile-devices-vms-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/manage-updates-mobile-devices-vms-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Manage updates for mobile devices and virtual machines (VMs)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-end-user-interaction-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-end-user-interaction-windows-defender-antivirus.md
index 6142a3aa14..d0306388a6 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/prevent-end-user-interaction-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-end-user-interaction-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Prevent users from seeing or interacting with the Windows Defender AV user interface
@@ -56,7 +56,7 @@ In earlier versions of Windows 10, the setting will hide the Windows Defender cl
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**.
 
@@ -76,7 +76,7 @@ You can prevent users from pausing scans. This can be helpful to ensure schedule
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > Scan**.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
index 2d59eb2f93..ba1fdde4da 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/report-monitor-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Report on Windows Defender Antivirus protection
diff --git a/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
index fcf92cbd9d..16d24853fc 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/review-scan-results-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 08/26/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
index 3ba6851fdc..7849eb1cd6 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/run-scan-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 08/26/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
index 1675810808..3bf361e0fd 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/scheduled-catch-up-scans-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/30/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -51,7 +51,7 @@ To configure the Group Policy settings described in this topic:
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
index c938860d27..4dfdd0e9f8 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/specify-cloud-protection-level-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Specify the cloud-delivered protection level
@@ -20,7 +20,7 @@ ms.date: 08/26/2017
 
 **Applies to:**
 
-- Windows 10, version 1703
+- Windows 10, version 1703 and later
 
 **Audience**
 
@@ -44,7 +44,7 @@ You can specify the level of cloud-protection offered by Windows Defender Antivi
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**. 
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > MpEngine**.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md
index 0dd2646921..28d890360d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-reporting.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 09/12/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Troubleshoot Windows Defender Antivirus reporting in Update Compliance
diff --git a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md
index 3b17d0a161..c71d3ab6c0 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 11/20/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/16/2018
 ---
 
 # Review event logs and error codes to troubleshoot issues with Windows Defender AV
@@ -1377,6 +1377,60 @@ User action:
 No action is necessary. The Windows Defender Antivirus client is in a healthy state. This event is reported on an hourly basis.
 </td>
 </tr>
+
+<tr>
+<th colspan="2">Event ID: 1151</th>
+</tr>
+<tr><td>
+Symbolic name:
+</td>
+<td >
+<b>MALWAREPROTECTION_SERVICE_HEALTH_REPORT</b>
+</td>
+</tr>
+<tr>
+<td>
+Message:
+</td>
+<td >
+<b>Endpoint Protection client health report (time in UTC)
+</b>
+</td>
+</tr>
+<tr>
+<td>
+Description:
+</td>
+<td >
+Windows Defender client health report.
+<dl>
+<dt>Platform Version: &lt;Current platform version&gt;</dt>
+<dt>Engine Version: &lt;Antimalware Engine version&gt;</dt>
+<dt>Network Realtime Inspection engine version: &lt;Network Realtime Inspection engine version&gt;</dt>
+<dt>Antivirus signature version: &lt;Antivirus signature version&gt;</dt>
+<dt>Antispyware signature version: &lt;Antispyware signature version&gt;</dt>
+<dt>Network Realtime Inspection signature version: &lt;Network Realtime Inspection signature version&gt;</dt>
+<dt>RTP state: &lt;Realtime protection state&gt; (Enabled or Disabled)</dt>
+<dt>OA state: &lt;On Access state&gt; (Enabled or Disabled)</dt>
+<dt>IOAV state: &lt;IE Downloads and Outlook Express Attachments state&gt; (Enabled or Disabled)</dt>
+<dt>BM state: &lt;Behavior Monitoring state&gt; (Enabled or Disabled)</dt>
+<dt>Antivirus signature age: &lt;Antivirus signature age&gt; (in days)</dt>
+<dt>Antispyware signature age: &lt;Antispyware signature age&gt; (in days)</dt>
+<dt>Last quick scan age: &lt;Last quick scan age&gt; (in days)</dt>
+<dt>Last full scan age: &lt;Last full scan age&gt; (in days)</dt>
+<dt>Antivirus signature creation time: ?&lt;Antivirus signature creation time&gt;</dt>
+<dt>Antispyware signature creation time: ?&lt;Antispyware signature creation time&gt;</dt>
+<dt>Last quick scan start time: ?&lt;Last quick scan start time&gt;</dt>
+<dt>Last quick scan end time: ?&lt;Last quick scan end time&gt;</dt>
+<dt>Last quick scan source: &lt;Last quick scan source&gt; (1 = scheduled, 2 = on demand)</dt>
+<dt>Last full scan start time: ?&lt;Last full scan start time&gt;</dt>
+<dt>Last full scan end time: ?&lt;Last full scan end time&gt;</dt>
+<dt>Last full scan source: &lt;Last full scan source&gt; (1 = scheduled, 2 = on demand)</dt>
+<dt>Product status: For internal troubleshooting
+</dl>
+</td>
+</tr>
+
 <tr>
 <th colspan="2">Event ID: 2000</th>
 </tr>
diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md
index cfcd2ef54f..f13977e93c 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-group-policy-windows-defender-antivirus.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Use Group Policy settings to configure and manage Windows Defender AV
@@ -28,7 +28,7 @@ In general, you can use the following procedure to configure or change Windows D
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus**.
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md
index 80e0cb124d..df26ab7ae1 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-intune-config-manager-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 08/26/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
index 7f32a7cfe9..8a77b98ed5 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-powershell-cmdlets-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 12/12/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/use-wmi-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/use-wmi-windows-defender-antivirus.md
index 98a25ed21b..f8c35eb6c8 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/use-wmi-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/use-wmi-windows-defender-antivirus.md
@@ -9,8 +9,8 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
+author: andreabichsel
+ms.author: v-anbic
 ms.date: 08/26/2017
 ---
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md
index c6efd499b0..c58ed524ef 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-offline.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 08/26/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Run and review the results of a Windows Defender Offline scan
@@ -19,7 +19,7 @@ ms.date: 08/26/2017
 
 **Applies to:**
 
-- Windows 10, version 1607
+- Windows 10, version 1607 and later
 
 **Audience**
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md
index af01e728aa..fcf0420e4e 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-security-center-antivirus.md
@@ -9,20 +9,16 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/02/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
-
-
-
-
 # Windows Defender Antivirus in the Windows Defender Security Center app
 
 **Applies to**
 
-- Windows 10, version 1703
+- Windows 10, version 1703 and later
 
 **Audience**
 
@@ -33,12 +29,12 @@ ms.date: 10/02/2017
 - Windows Defender Security Center app  
 
 
-In Windows 10, version 1703 (also known as the Creators Update), the Windows Defender app is now part of the Windows Defender Security Center.
+In Windows 10, version 1703 and later, the Windows Defender app is part of the Windows Defender Security Center.
 
 Settings that were previously part of the Windows Defender client and main Windows Settings have been combined and moved to the new app, which is installed by default as part of Windows 10, version 1703.
 
 > [!IMPORTANT] 
-> Disabling the Windows Security Center service will not disable Windows Defender AV or [Windows Defender Firewall](https://docs.microsoft.com/en-us/windows/access-protection/windows-firewall/windows-firewall-with-advanced-security). These will be disabled automatically when a third-party antivirus or firewall product is installed and kept up to date.
+> Disabling the Windows Security Center service will not disable Windows Defender AV or [Windows Defender Firewall](https://docs.microsoft.com/en-us/windows/access-protection/windows-firewall/windows-firewall-with-advanced-security). These are disabled automatically when a third-party antivirus or firewall product is installed and kept up to date.
 
 > [!WARNING] 
 > If you do disable the Windows Security Center service, or configure its associated Group Policy settings to prevent it from starting or running, the Windows Defender Security Center may display stale or inaccurate information about any antivirus or firewall products you have installed on the device. 
@@ -49,7 +45,7 @@ Settings that were previously part of the Windows Defender client and main Windo
 See the [Windows Defender Security Center topic](/windows/threat-protection/windows-defender-security-center/windows-defender-security-center) for more information on other Windows security features that can be monitored in the app.
 
 >[!NOTE]
->The Windows Defender Security Center app is a client interface on Windows 10, version 1703. It is not the Windows Defender Security Center web portal that is used to review and manage [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md).
+>The Windows Defender Security Center app is a client interface on Windows 10, version 1703 and later. It is not the Windows Defender Security Center web portal that is used to review and manage [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md).
 
 **Review virus and threat protection settings in the Windows Defender Security Center app:**
 
@@ -69,13 +65,13 @@ The following diagrams compare the location of settings and functions between th
 
 ![Windows Defender Antivirus in Windows 10, version 1703 and later](images/defender/wdav-wdsc.png)
 
-Item | Windows 10, before version 1703 | Windows 10, version 1703 | Description
+Item | Windows 10, before version 1703 | Windows 10, version 1703 and later | Description
 ---|---|---|---
 1 | **Update** tab | **Protection updates** | Update the protection ("definition updates")
 2 | **History** tab | **Scan history** | Review threats that were quarantined, removed, or allowed
 3 | **Settings** (links to **Windows Settings**) | **Virus & threat protection settings** | Enable various features, including Real-time protection, Cloud-delivered protection, Advanced notifications, and Automatic ample submission
 4 | **Scan options** | **Advanced scan** | Run a full scan, custom scan, or a Windows Defender Offline scan
-5 | Run a scan (based on the option chosen under **Scan options** | **Quick scan** | In Windows 10, version 1703 you can run custom and full scans under the **Advanced scan** option
+5 | Run a scan (based on the option chosen under **Scan options** | **Quick scan** | In Windows 10, version 1703 and later, you can run custom and full scans under the **Advanced scan** option
 
 
 ## Common tasks
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
index 02ccecc491..ad413e8016 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
@@ -11,7 +11,7 @@ ms.pagetype: security
 localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 04/01/2018
+ms.date: 04/30/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.date: 04/01/2018
 
 **Applies to:**
 
-- Windows 10, version 1709 (and later)
+- Windows 10, version 1709 and later
 - Microsoft Office 365
 - Microsoft Office 2016
 - Microsoft Office 2013
@@ -65,6 +65,14 @@ You can also use [audit mode](audit-windows-defender-exploit-guard.md) to evalua
 
 ## Attack surface reduction rules
 
+Windows 10, version 1803 has five new Attack surface reduction rules:
+
+- Block executable files from running unless they meet a prevalence, age, or trusted list criteria 
+- Use advanced protection against ransomware
+- Block credential stealing from the Windows local security authority subsystem (lsass.exe)
+- Block process creations originating from PSExec and WMI commands 
+- Block untrusted and unsigned processes that run from USB 
+
 The following sections describe what each rule does. Each rule is identified by a rule GUID, as in the following table:
 
 Rule name | GUID
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md
index f3646e3018..753f9fd8a3 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 12/12/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -19,7 +19,7 @@ ms.date: 12/12/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md b/windows/security/threat-protection/windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md
index f63116481c..19a6ecae33 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md
@@ -9,16 +9,16 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 12/12/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Collect diagnostic data for Windows Defender Exploit Guard file submissions
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 **Audience**
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md
index 88eeed502e..4a24317f84 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 11/20/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.date: 11/20/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md
index ac6af59799..cb3f2d6582 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/customize-controlled-folders-exploit-guard.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/18/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.date: 10/18/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
@@ -82,9 +82,7 @@ You can use the Windows Defender Security Center app or Group Policy to add and
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled folder access**.
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md b/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md
index 2da04a15b8..c4b394bf14 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection.md
@@ -9,16 +9,16 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 12/12/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Customize Exploit protection
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/emet-exploit-protection-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/emet-exploit-protection-exploit-guard.md
index 6c15c1d3d2..0a8fed7550 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/emet-exploit-protection-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/emet-exploit-protection-exploit-guard.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 12/12/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.date: 12/12/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 - Enhanced Mitigation Experience Toolkit version 5.5 (latest version)
 
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md
index 1f24f048fe..aa0862bcbc 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 12/12/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.date: 12/12/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md
index 9768e44f92..cdb72f5af8 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 11/20/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -19,7 +19,7 @@ ms.date: 11/20/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
@@ -100,6 +100,8 @@ Event ID | Description
 5007 | Event when settings are changed
 1124 | Audited Controlled folder access event
 1123 | Blocked Controlled folder access event
+1127 | Blocked Controlled folder access sector write block event
+1128 | Audited Controlled folder access sector write block event
 
 
 ## Use audit mode to measure impact
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md
index b2ee7653e1..4f08ee946e 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 11/20/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -20,7 +20,7 @@ ms.date: 11/20/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md
index 3fc73670a4..2b34248e48 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 11/20/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.date: 11/20/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md
index 687dea2866..a059876e54 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/event-views-exploit-guard.md
@@ -8,11 +8,11 @@ ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
-ms.date: 12/12/2017
+ms.date: 04/16/2018
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.author: iawilt
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
@@ -190,6 +190,8 @@ Network protection | Windows Defender (Operational) | 1126 | Event when Network
 Controlled folder access | Windows Defender (Operational) | 5007 | Event when settings are changed
 Controlled folder access | Windows Defender (Operational) | 1124 | Audited Controlled folder access event
 Controlled folder access | Windows Defender (Operational) | 1123 | Blocked Controlled folder access event
+Controlled folder access | Windows Defender (Operational) | 1127 | Blocked Controlled folder access sector write block event
+Controlled folder access | Windows Defender (Operational) | 1128 | Audited Controlled folder access sector write block event
 Attack surface reduction | Windows Defender (Operational) | 5007 | Event when settings are changed
 Attack surface reduction | Windows Defender (Operational) | 1122 | Event when rule fires in Audit-mode 
 Attack surface reduction | Windows Defender (Operational) | 1121 | Event when rule fires in Block-mode 
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md b/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md
index a260bf90d4..0d2f55a6c5 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 12/12/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.date: 12/12/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/images/cfa-gp-enable.png b/windows/security/threat-protection/windows-defender-exploit-guard/images/cfa-gp-enable.png
index d8f0ccffab..f8d3056d80 100644
Binary files a/windows/security/threat-protection/windows-defender-exploit-guard/images/cfa-gp-enable.png and b/windows/security/threat-protection/windows-defender-exploit-guard/images/cfa-gp-enable.png differ
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md b/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md
index 1809487c8d..e5d4bc9e7e 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 11/30/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.date: 11/30/2017
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
@@ -166,7 +166,7 @@ You can use Group Policy to deploy the configuration you've created to multiple
 
 3.  In the **Group Policy Management Editor** go to **Computer configuration**.
 
-4.  Click **Policies** then **Administrative templates**.
+4.  Click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Exploit Guard > Exploit protection**.
 
diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-exploit-protection-mitigations.md b/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-exploit-protection-mitigations.md
index eb71a22518..250b4353fb 100644
--- a/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-exploit-protection-mitigations.md
+++ b/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-exploit-protection-mitigations.md
@@ -11,7 +11,7 @@ ms.pagetype: security
 localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 01/31/18
+ms.date: 04/30/2018
 ---
 
 
@@ -21,7 +21,7 @@ ms.date: 01/31/18
 
 **Applies to:**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/images/security-center-home.png b/windows/security/threat-protection/windows-defender-security-center/images/security-center-home.png
index 601b2a32b8..8dc14b82c1 100644
Binary files a/windows/security/threat-protection/windows-defender-security-center/images/security-center-home.png and b/windows/security/threat-protection/windows-defender-security-center/images/security-center-home.png differ
diff --git a/windows/security/threat-protection/windows-defender-security-center/images/security-center-virus-and-threat-protection-windows-10-in-s-mode.png b/windows/security/threat-protection/windows-defender-security-center/images/security-center-virus-and-threat-protection-windows-10-in-s-mode.png
new file mode 100644
index 0000000000..abf5a30659
Binary files /dev/null and b/windows/security/threat-protection/windows-defender-security-center/images/security-center-virus-and-threat-protection-windows-10-in-s-mode.png differ
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-account-protection.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-account-protection.md
new file mode 100644
index 0000000000..4dad649653
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-account-protection.md
@@ -0,0 +1,58 @@
+---
+title: Account protection in the Windows Defender Security Center app
+description: Use the Account protection section to manage security for your account and sign in to Microsoft.
+keywords: account protection, wdav, smartscreen, antivirus, wdsc, exploit, protection, hide
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
+---
+
+
+# Account protection
+
+**Applies to**
+
+- Windows 10, version 1803 and later
+
+
+The **Account protection** section contains information and settings for account protection and sign in. IT administrators and IT pros can get more information and documentation about configuration from the following:
+
+- [Microsoft Account](https://account.microsoft.com/account/faq)
+- [Windows Hello for Business](https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-identity-verification)
+- [Lock your Windows 10 PC automatically when you step away from it](https://support.microsoft.com/en-us/help/4028111/windows-lock-your-windows-10-pc-automatically-when-you-step-away-from)
+
+You can also choose to hide the section from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
+
+
+## Hide the Account protection section
+
+You can choose to hide the entire section by using Group Policy. The section will not appear on the home page of the Windows Defender Security Center app, and its icon will not be shown on the navigiation bar on the side of the app.
+
+This can only be done in Group Policy.
+
+>[!IMPORTANT]
+>### Requirements
+>
+>You must have Windows 10, version 1803 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
+
+1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+
+5.  Expand the tree to **Windows components > Windows Defender Security Center > Account protection**.
+
+6.  Open the **Hide the Account protection area** setting and set it to **Enabled**. Click **OK**.
+
+7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx). 
+
+>[!NOTE]
+>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
+>  
+>![Windows Defender Security Center app with all sections hidden by Group Policy](images/wdsc-all-hide.png)
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-app-browser-control.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-app-browser-control.md
index 4bc78122e2..aa52a93e41 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-app-browser-control.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-app-browser-control.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/16/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -24,7 +24,7 @@ ms.date: 10/16/2017
 
 The **App and browser control** section contains information and settings for Windows Defender SmartScreen. IT administrators and IT pros can get configuration guidance from the [Windows Defender SmartScreen documentation library](https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-smartscreen/windows-defender-smartscreen-overview).
 
-In Windows 10, version 1709, the section also provides configuration options for Exploit protection. You can prevent users from modifying these specific options with Group Policy. IT administrators can get more information at the [Exploit protection](../windows-defender-exploit-guard/exploit-protection-exploit-guard.md) topic in the Windows Defender Exploit Guard library.
+In Windows 10, version 1709 and later, the section also provides configuration options for Exploit protection. You can prevent users from modifying these specific options with Group Policy. IT administrators can get more information at the [Exploit protection](../windows-defender-exploit-guard/exploit-protection-exploit-guard.md) topic in the Windows Defender Exploit Guard library.
 
 You can also choose to hide the section from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
 
@@ -38,13 +38,11 @@ You can only prevent users from modifying Exploit protection settings by using G
 >[!IMPORTANT]
 >### Requirements
 >
->You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
+>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Security Center > App and browser protection**.
 
@@ -65,9 +63,7 @@ This can only be done in Group Policy.
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Security Center > App and browser protection**.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information.md
index 5bd67138c3..b528a224eb 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-customize-contact-information.md
@@ -9,16 +9,16 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/16/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Customize the Windows Defender Security Center app for your organization
 
 **Applies to**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 **Audience**
 
@@ -44,7 +44,7 @@ Users can click on the displayed information to initiate a support request:
 
 ## Requirements
 
-You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
+You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
 
 ## Use Group Policy to enable and customize contact information
 
@@ -54,9 +54,7 @@ This can only be done in Group Policy.
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Security Center > Enterprise Customization**.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
index 088e882a0f..49bb4a249e 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-performance-health.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/16/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -27,7 +27,7 @@ The **Device performance & health** section contains information about hardware,
 The [Windows 10 IT pro troubleshooting topic](https://docs.microsoft.com/en-us/windows/client-management/windows-10-support-solutions), and the main [Windows 10 documentation library](https://docs.microsoft.com/en-us/windows/windows-10/) can also be helpful for resolving issues.
 
 
-In Windows 10, version 1709, the section can be hidden from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
+In Windows 10, version 1709 and later, the section can be hidden from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
 
 
 ## Hide the Device performance & health section
@@ -43,9 +43,7 @@ This can only be done in Group Policy.
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Security Center > Device performance and health**.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-security.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-security.md
new file mode 100644
index 0000000000..64af9bb9d8
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-security.md
@@ -0,0 +1,54 @@
+---
+title: Device security in the Windows Defender Security Center app
+description: Use the Device security section to manage security built into your device, including virtualization-based security.
+keywords: device security, device guard, wdav, smartscreen, antivirus, wdsc, exploit, protection, hide
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
+---
+
+
+# Device security
+
+**Applies to**
+
+- Windows 10, version 1803 and later
+
+
+The **Device security** section contains information and settings for built-in device security. 
+
+You can choose to hide the section from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
+
+
+## Hide the Device security section
+
+You can choose to hide the entire section by using Group Policy. The section will not appear on the home page of the Windows Defender Security Center app, and its icon will not be shown on the navigiation bar on the side of the app.
+
+This can only be done in Group Policy.
+
+>[!IMPORTANT]
+>### Requirements
+>
+>You must have Windows 10, version 1803 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
+
+1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+
+5.  Expand the tree to **Windows components > Windows Defender Security Center > Device security**.
+
+6.  Open the **Hide the Device security area** setting and set it to **Enabled**. Click **OK**.
+
+7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx). 
+
+>[!NOTE]
+>If you hide all sections then the app will show a restricted interface, as in the following screenshot:
+>  
+>![Windows Defender Security Center app with all sections hidden by Group Policy](images/wdsc-all-hide.png)
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-family-options.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-family-options.md
index 14ba41602f..47bf08fc3f 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-family-options.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-family-options.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/16/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -38,13 +38,11 @@ This can only be done in Group Policy.
 >[!IMPORTANT]
 >### Requirements
 >
->You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
+>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Security Center > Family options**.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-firewall-network-protection.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-firewall-network-protection.md
index 66e975a809..4986db4e3e 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-firewall-network-protection.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-firewall-network-protection.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/16/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -24,7 +24,7 @@ ms.date: 10/16/2017
 
 The **Firewall & network protection** section contains information about the firewalls and network connections used by the machine, including the status of Windows Defender Firewall and any other third-party firewalls. IT administrators and IT pros can get configuration guidance from the [Windows Defender Firewall with Advanced Security documentation library](https://docs.microsoft.com/en-us/windows/access-protection/windows-firewall/windows-firewall-with-advanced-security).
 
-In Windows 10, version 1709, the section can be hidden from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
+In Windows 10, version 1709 and later, the section can be hidden from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
 
 
 ## Hide the Firewall & network protection section
@@ -36,13 +36,11 @@ This can only be done in Group Policy.
 >[!IMPORTANT]
 >### Requirements
 >
->You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
+>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Security Center > Firewall and network protection**.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
index 007e09586d..551ce1779b 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.md
@@ -9,16 +9,16 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/16/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 # Hide Windows Defender Security Center app notifications
 
 **Applies to**
 
-- Windows 10, version 1709
+- Windows 10, version 1709 and later
 
 **Audience**
 
@@ -52,13 +52,11 @@ This can only be done in Group Policy.
 >[!IMPORTANT]
 >### Requirements
 >
->You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
+>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Security Center > Notifications**.
 
@@ -76,13 +74,11 @@ This can only be done in Group Policy.
 >[!IMPORTANT]
 >### Requirements
 >
->You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
+>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Security Center > Notifications**.
 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-virus-threat-protection.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-virus-threat-protection.md
index 1346ef4193..dc24bce106 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-virus-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-virus-threat-protection.md
@@ -9,9 +9,9 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: iaanw
-ms.author: iawilt
-ms.date: 10/16/2017
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
 ---
 
 
@@ -22,14 +22,16 @@ ms.date: 10/16/2017
 - Windows 10, version 1703 and later
 
 
-The **Virus & threat protection** section contains information and settings for antivirus protection from Windows Defender Antivirus and third-party AV products. IT administrators and IT pros can get more information and documentation about configuration from the following:
+The **Virus & threat protection** section contains information and settings for antivirus protection from Windows Defender Antivirus and third-party AV products. In Windows 10, version 1803 and later, this section also contains information and settings for ransomware protection and recovery, including Controlled folder access settings and sign in to Microsoft OneDrive. IT administrators and IT pros can get more information and documentation about configuration from the following:
 
 - [Windows Defender Antivirus in the Windows Defender Security Center app](../windows-defender-antivirus/windows-defender-security-center-antivirus.md)
 - [Windows Defender Antivirus documentation library](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
+- [Protect important folders with Controlled folder access](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard)
+- [Defend yourself from cybercrime with new Office 365 capabilities](https://blogs.office.com/en-us/2018/04/05/defend-yourself-from-cybercrime-with-new-office-365-capabilities/)
+- [Office 365 advanced protection](https://support.office.com/en-us/article/office-365-advanced-protection-82e72640-39be-4dc7-8efd-740fb289123a)
+- [Ransomware detection and recovering your files](https://support.office.com/en-us/article/ransomware-detection-and-recovering-your-files-0d90ec50-6bfd-40f4-acc7-b8c12c73637f?ui=en-US&rs=en-US&ad=US)
 
-In Windows 10, version 1709, the section also provides configuration options for Controlled folder access. IT administrators can get more information at the [Controlled folder access](../windows-defender-exploit-guard/controlled-folders-exploit-guard.md) topic in the Windows Defender Exploit Guard library.
-
-You can also choose to hide the section from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
+You can choose to hide the **Virus & threat protection** section or the **Ransomware protection** area from users of the machine. This can be useful if you don't want employees in your organization to see or have access to user-configured options for the features shown in the section.
 
 
 ## Hide the Virus & threat protection section
@@ -41,13 +43,11 @@ This can only be done in Group Policy.
 >[!IMPORTANT]
 >### Requirements
 >
->You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
+>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
 
 1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
 
-3.  In the **Group Policy Management Editor** go to **Computer configuration**.
-
-4.  Click **Policies** then **Administrative templates**.
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
 
 5.  Expand the tree to **Windows components > Windows Defender Security Center > Virus and threat protection**.
 
@@ -58,4 +58,25 @@ This can only be done in Group Policy.
 >[!NOTE]
 >If you hide all sections then the app will show a restricted interface, as in the following screenshot:
 >  
->![Windows Defender Security Center app with all sections hidden by Group Policy](images/wdsc-all-hide.png)
\ No newline at end of file
+>![Windows Defender Security Center app with all sections hidden by Group Policy](images/wdsc-all-hide.png)
+
+## Hide the Ransomware protection area
+
+You can choose to hide the **Ransomware protection** area by using Group Policy. The area will not appear on the **Virus & threat protection** section of the Windows Defender Security Center app.
+
+This can only be done in Group Policy.
+
+>[!IMPORTANT]
+>### Requirements
+>
+>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
+
+1.  On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
+
+3.  In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+
+5.  Expand the tree to **Windows components > Windows Defender Security Center > Virus and threat protection**.
+
+6.  Open the **Hide the Ransomware data recovery area** setting and set it to **Enabled**. Click **OK**.
+
+7. [Deploy the updated GPO as you normally do](https://msdn.microsoft.com/en-us/library/ee663280(v=vs.85).aspx). 
diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-windows-10-in-s-mode.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-windows-10-in-s-mode.md
new file mode 100644
index 0000000000..658c5331ba
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-windows-10-in-s-mode.md
@@ -0,0 +1,44 @@
+---
+title: Manage Windows Defender Security Center in Windows 10 in S mode
+description: Windows Defender Security Center settings are different in Windows 10 in S mode
+keywords: windows 10 in s mode, windows 10 s, windows 10 s mode, wdav, smartscreen, antivirus, wdsc, firewall, device health, performance, Edge, browser, family, parental options, security, windows
+search.product: eADQiWindows 10XVcnh
+ms.pagetype: security
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: andreabichsel
+ms.author: v-anbic
+ms.date: 04/30/2018
+---
+
+# Manage Windows Defender Security Center in Windows 10 in S mode
+
+**Applies to**
+
+- Windows 10 in S mode, version 1803
+
+**Audience**
+
+- Enterprise security administrators
+
+**Manageability available with**
+
+- Microsoft Intune
+
+Windows 10 in S mode is streamlined for tighter security and superior performance. With Windows 10 in S mode, users can only use apps from the Microsoft Store, ensuring Microsoft-verified security so you can minimize malware attacks. In addition, using Microsoft Edge provides a more secure browser experience, with extra protections against phishing and malicious software.
+
+The Windows Defender Security Center interface is a little different in Windows 10 in S mode. The **Virus & threat protection** area has fewer options, because the built-in security of Windows 10 in S mode prevents viruses and other threats from running on devices in your organization. In addition, devices running Windows 10 in S mode receive security updates automatically.
+
+![Screen shot of the Windows Defender Security Center app Virus & threat protection area in Windows 10 in S mode](images/security-center-virus-and-threat-protection-windows-10-in-s-mode.png)
+
+For more information about Windows 10 in S mode, including how to switch out of S mode, see Windows 10 Pro in S mode.
+
+##Managing Windows Defender Security Center settings with Intune
+
+In the enterprise, you can only manage security settings for devices running Windows 10 in S mode with Microsoft Intune or other mobile device management apps. Windows 10 in S mode prevents making changes via PowerShell scripts.
+
+For information about using Intune to manage Windows Defender Security Center settings on your organization's devices, see [Set up Intune](https://docs.microsoft.com/en-us/intune/setup-steps) and [Endpoint protection settings for Windows 10 (and later) in Intune](https://docs.microsoft.com/en-us/intune/endpoint-protection-windows-10).
+
diff --git a/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md b/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
index 75d70268f2..8adbc8e2dd 100644
--- a/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
+++ b/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
@@ -27,7 +27,9 @@ ms.date: 04/11/2018
 
 
 
-In Windows 10, version 1703 we introduced the new Windows Defender Security Center app, which brings together common Windows security features into one app. Many settings that were previously part of the individual features and main Windows Settings have been combined and moved to the new app, which is installed out-of-the-box as part of Windows 10, version 1703. 
+In Windows 10, version 1709 and later, the app also shows information from third-party antivirus and firewall apps.
+
+In Windows 10, version 1803, the app has two new areas, **Account protection** and **Device security**.
 
 
 ![Screen shot of the Windows Defender Security Center app showing that the device is protected and five icons for each of the features](images/security-center-home.png)
@@ -54,11 +56,13 @@ You can't uninstall the Windows Defender Security Center app, but you can do one
 You can find more information about each section, including options for configuring the sections - such as hiding each of the sections - at the following topics:
 
 
-- [Virus & threat protection](wdsc-virus-threat-protection.md), which has information and access to antivirus settings and the Controlled folder access feature of Windows Defender Exploit Guard
-- [Device performance & health](wdsc-device-performance-health.md), which has information about drivers, storage space, and general Windows Update issues
-- [Firewall & network protection](wdsc-firewall-network-protection.md), which has information and access to firewall settings, including Windows Defender Firewall
-- [App & browser control](wdsc-app-browser-control.md), covering Windows Defender SmartScreen settings and Exploit protection mitigations
-- [Family options](wdsc-family-options.md), which includes access to parental controls along with tips and information for keeping kids safe online
+- [Virus & threat protection](wdsc-virus-threat-protection.md), which has information and access to antivirus ransomware protection settings and notifications, including the Controlled folder access feature of Windows Defender Exploit Guard and sign-in to Microsoft OneDrive.
+- [Account protection](wdsc-account-protection.md), which has information and access to sign-in and account protection settings.
+- [Firewall & network protection](wdsc-firewall-network-protection.md), which has information and access to firewall settings, including Windows Defender Firewall.
+- [App & browser control](wdsc-app-browser-control.md), covering Windows Defender SmartScreen settings and Exploit protection mitigations.
+- [Device security](wdsc-device-security.md), which provides access to built-in device security settings.
+- [Device performance & health](wdsc-device-performance-health.md), which has information about drivers, storage space, and general Windows Update issues.
+- [Family options](wdsc-family-options.md), which includes access to parental controls along with tips and information for keeping kids safe online.
 
 
 >[!NOTE]