diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index edf51231d6..342cd04b69 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -33,13 +33,14 @@
 #### [Assign user access to the portal](windows-defender-atp/assign-portal-access-windows-defender-advanced-threat-protection.md)
 
 #### [Evaluate Windows Defender ATP](windows-defender-atp/evaluate-atp.md)
-##### [Hardware-based isolation](windows-defender-application-guard/test-scenarios-wd-app-guard.md)
-##### [Application control](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
-##### [Exploit protection](windows-defender-exploit-guard/evaluate-exploit-protection.md)
-##### [Network Protection](windows-defender-exploit-guard/evaluate-network-protection.md)
-##### [Controlled folder access](windows-defender-exploit-guard/evaluate-controlled-folder-access.md)
-##### [Attack surface reduction](windows-defender-exploit-guard/evaluate-attack-surface-reduction.md)
-##### [Network firewall](windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md)
+#####Evaluate attack surface reduction
+###### [Hardware-based isolation](windows-defender-application-guard/test-scenarios-wd-app-guard.md)
+###### [Application control](device-guard/audit-windows-defender-application-control-policies.md)
+###### [Exploit protection](windows-defender-exploit-guard/evaluate-exploit-protection.md)
+###### [Network Protection](windows-defender-exploit-guard/evaluate-network-protection.md)
+###### [Controlled folder access](windows-defender-exploit-guard/evaluate-controlled-folder-access.md)
+###### [Attack surface reduction](windows-defender-exploit-guard/evaluate-attack-surface-reduction.md)
+###### [Network firewall](windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md)
 ##### [Next generation protection](windows-defender-antivirus/evaluate-windows-defender-antivirus.md)
 
 
@@ -903,4 +904,4 @@
 
 ### [Windows 10 Mobile security guide](windows-10-mobile-security-guide.md)
 
-## [Change history for Threat protection](change-history-for-windows-defender-atp.md)
+## [Change history for Threat protection](change-history-for-threat-protection.md)
diff --git a/windows/security/threat-protection/change-history-for-windows-defender-atp.md b/windows/security/threat-protection/change-history-for-threat-protection.md
similarity index 99%
rename from windows/security/threat-protection/change-history-for-windows-defender-atp.md
rename to windows/security/threat-protection/change-history-for-threat-protection.md
index 45b8d042c9..f8d3b7ffed 100644
--- a/windows/security/threat-protection/change-history-for-windows-defender-atp.md
+++ b/windows/security/threat-protection/change-history-for-threat-protection.md
@@ -17,3 +17,4 @@ This topic lists new and updated topics in the [Windows Defender ATP](windows-de
 New or changed topic | Description
 ---------------------|------------
 [Windows Defender Advanced Threat Protection](windows-defender-atp/windows-defender-advanced-threat-protection.md) | Reorganized Windows 10 security topics to reflect the Windows Defender ATP platform.
+
diff --git a/windows/security/threat-protection/images/AR_icon.png b/windows/security/threat-protection/images/AR_icon.png
new file mode 100644
index 0000000000..887498f7bc
Binary files /dev/null and b/windows/security/threat-protection/images/AR_icon.png differ
diff --git a/windows/security/threat-protection/images/ASR_icon.png b/windows/security/threat-protection/images/ASR_icon.png
new file mode 100644
index 0000000000..28b5b3156f
Binary files /dev/null and b/windows/security/threat-protection/images/ASR_icon.png differ
diff --git a/windows/security/threat-protection/images/EDR_icon.png b/windows/security/threat-protection/images/EDR_icon.png
new file mode 100644
index 0000000000..7e6df62bdf
Binary files /dev/null and b/windows/security/threat-protection/images/EDR_icon.png differ
diff --git a/windows/security/threat-protection/images/NGP_icon.png b/windows/security/threat-protection/images/NGP_icon.png
new file mode 100644
index 0000000000..df1b70e041
Binary files /dev/null and b/windows/security/threat-protection/images/NGP_icon.png differ
diff --git a/windows/security/threat-protection/images/SS_icon.png b/windows/security/threat-protection/images/SS_icon.png
new file mode 100644
index 0000000000..95908405ce
Binary files /dev/null and b/windows/security/threat-protection/images/SS_icon.png differ
diff --git a/windows/security/threat-protection/images/WDATP_pillars3.jpg b/windows/security/threat-protection/images/WDATP_pillars3.jpg
deleted file mode 100644
index dd4def753f..0000000000
Binary files a/windows/security/threat-protection/images/WDATP_pillars3.jpg and /dev/null differ
diff --git a/windows/security/threat-protection/index.md b/windows/security/threat-protection/index.md
index ddcc1fb406..2c0b945eb7 100644
--- a/windows/security/threat-protection/index.md
+++ b/windows/security/threat-protection/index.md
@@ -14,31 +14,28 @@ Windows Defender Advanced Threat Protection (ATP) is a unified platform for prev
 
 ![Windows Defender ATP components](images/wdatp-pillars2.png)
 
-The following capabilities are available across multiple products that make up the Windows Defender ATP platform. 
+Windows Defender ATP is a unified endpoint security platform using built-in, unified security technologies powered by the cloud. 
 
 <table>
 <tr style="text-align:left;">
-<td><a href="#asr"><b>Attack surface reduction</b></a></td>
-<td><a href="#ngp"><b>Next generation protection</b></a></td>
-<td><a href="#edr"><b>Endpoint detection and response</b></a></td>
-<td><a href="#ai"><b>Auto investigation</b></a></td>
-<td><a href="#sp"><b>Security posture</b></a></td>
+<td><a href="#asr"><img src="images/ASR_icon.png"> <br> <b>Attack surface reduction</b></a></td>
+<td><a href="#ngp"><img src="images/ngp_icon.png"><br> <b>Next generation protection</b></a></td>
+<td><a href="#edr"><img src="images/edr_icon.png"><br> <b>Endpoint detection and response</b></a></td>
+<td><a href="#ai"><img src="images/AR_icon.png"><br> <b>Auto investigation and remediation</b></a></td>
+<td><a href="#ss"><img src="images/SS_icon.png"><br> <b>Secure score</b></a></td>
 <td><a href="#ah"><b>Advanced hunting</b></a></td>
 </tr>
 <tr style="text-align:center;">
-<td align="center" style="width:25%; border:1;" colspan="6">
+<td colspan="6">
 <a href="#apis"><b>Management and APIs</a></b></td>
 </tr>
 <tr style="text-align:center;">
-<td align="center" style="width:25%; border:1;" colspan="6"><a href="mtp"><b>Microsoft threat protection</a></b></td>
+<td colspan="6"><a href="#mtp"><b>Microsoft threat protection</a></b></td>
 </tr>
 </table>
 <br>
 
 
-![Windows Defender ATP platform](images/WDATP_pillars3.jpg)
-
-
 <a name="asr"></a>
 
 **Attack surface reduction**<br>
@@ -89,9 +86,9 @@ In conjunction with being able to quickly respond to advanced attacks, Windows D
 
 <a name="sp"></a>
 
-**Security posture**<br>
+**Secure score**<br>
 
-Windows Defender ATP provides a security posture capability to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security state of your network.
+Windows Defender ATP includes a secure score to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization.
 - [Asset inventory](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)
 - [Recommended improvement actions](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)
 - [Secure score](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)
@@ -114,15 +111,15 @@ Integrate Windows Defender Advanced Threat Protection into your existing workflo
 **Microsoft threat protection** <br>
 Bring the power of Microsoft threat protection to your organization.
 - [Conditional access](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection)
-- [O365 ATP](/windows-defender-atp/threat-protection-/windows-defender-atp/threat-protection-integration.md)
-- [Azure ATP](/windows-defender-atp/threat-protection-/windows-defender-atp/threat-protection-integration.md)
-- [Azure Security Center](/windows-defender-atp/threat-protection-/windows-defender-atp/threat-protection-integration.md)
-- [Skype for Business](/windows-defender-atp/threat-protection-/windows-defender-atp/threat-protection-integration.md) 
-- [Microsoft Cloud App Security](/windows-defender-atp/threat-protection-/windows-defender-atp/threat-protection-integration.md)
+- [O365 ATP](integration.md)
+- [Azure ATP](integration.md)
+- [Azure Security Center](integration.md)
+- [Skype for Business](integration.md) 
+- [Microsoft Cloud App Security](integration.md)
 
 Attack surface reduction | Next generation protection | Endpoint detection and response | Auto investigation | Security posture | Advanced hunting | Management and APIs | Microsoft threat protection
 :---|:---|:---|:---|:---|:---|:---|:---
-[Hardware based isolation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview)<br><br> [Application control](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)<br><br> [Exploit protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard)<br><br> [Network protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard)<br> <br>[Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard)<br><br>[Network firewall](https://docs.microsoft.com/en-us/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security)<br><br>[Attack surface reducation controls](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard)| [Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)<br><br> [Machine learning](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus) [Automated sandbox service](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus)| [Alerts queue](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection)<br><br> [Historical endpoint data](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection#machine-timeline)<br><br>[Realtime and historical threat hunting](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection)<br><br>[API and SIEM integration](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection)<br><br>[Response orchestration](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/response-actions-windows-defender-advanced-threat-protection)<br><br>[Forensic collection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection#collect-investigation-package-from-machines)<br><br>[Threat intelligence](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection)<br><br>[Advanced detonation and analysis service](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection#deep-analysis)<br><br>| [Automated investigation and remediation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection)<br><br>[Threat remediation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection#how-threats-are-remediated)<br><br>[Manage automated investigations](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection#manage-automated-investigations)<br><br>[Analyze automated investigation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection#analyze-automated-investigations)|[Asset inventory](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)<br><br>[Recommended improvement actions](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)<br><br>[Secure score](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)<br><br>[Threat analytics](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection)| [Realtime and historical threat hunting](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection)<br><br>Scheduled queries <br><br> Scheduled queries (Github) <br><br> [Custom TI](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/use-custom-ti-windows-defender-advanced-threat-protection) | [Onboarding](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection)<br><br> [Configuration](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/preferences-setup-windows-defender-advanced-threat-protection)<br><br> [Operating system baseline compliance](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)<br><br>[SIEM connectors](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection)<br><br>[Exposed APIs](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/exposed-apis-windows-defender-advanced-threat-protection)<br><br>[RBAC](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/rbac-windows-defender-advanced-threat-protection)<br><br>[Reportin and trends](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection)| [Conditional access](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection)<br><br>[O365 ATP](/windows-defender-atp/threat-protection-integration.md)<br><br>[Azure ATP](/windows-defender-atp/threat-protection-integration.md)<br><br>[Azure Security Center](/windows-defender-atp/threat-protection-integration.md)<br><br>[Skype for Business](/windows-defender-atp/threat-protection-integration.md)<br><br>[Microsoft Cloud App Security](/windows-defender-atp/threat-protection-integration.md)
+[Hardware based isolation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview)<br><br> [Application control](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control)<br><br> [Exploit protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard)<br><br> [Network protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard)<br> <br>[Controlled folder access](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard)<br><br>[Network firewall](https://docs.microsoft.com/en-us/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security)<br><br>[Attack surface reducation controls](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard)| [Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)<br><br> [Machine learning](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus) [Automated sandbox service](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus)| [Alerts queue](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection)<br><br> [Historical endpoint data](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/investigate-machines-windows-defender-advanced-threat-protection#machine-timeline)<br><br>[Realtime and historical threat hunting](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection)<br><br>[API and SIEM integration](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection)<br><br>[Response orchestration](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/response-actions-windows-defender-advanced-threat-protection)<br><br>[Forensic collection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/respond-machine-alerts-windows-defender-advanced-threat-protection#collect-investigation-package-from-machines)<br><br>[Threat intelligence](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/threat-indicator-concepts-windows-defender-advanced-threat-protection)<br><br>[Advanced detonation and analysis service](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/respond-file-alerts-windows-defender-advanced-threat-protection#deep-analysis)<br><br>| [Automated investigation and remediation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection)<br><br>[Threat remediation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection#how-threats-are-remediated)<br><br>[Manage automated investigations](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection#manage-automated-investigations)<br><br>[Analyze automated investigation](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/automated-investigations-windows-defender-advanced-threat-protection#analyze-automated-investigations)|[Asset inventory](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)<br><br>[Recommended improvement actions](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)<br><br>[Secure score](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)<br><br>[Threat analytics](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/threat-analytics-dashboard-windows-defender-advanced-threat-protection)| [Realtime and historical threat hunting](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection)<br><br>Scheduled queries <br><br> Scheduled queries (Github) <br><br> [Custom TI](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/use-custom-ti-windows-defender-advanced-threat-protection) | [Onboarding](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/onboard-configure-windows-defender-advanced-threat-protection)<br><br> [Configuration](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/preferences-setup-windows-defender-advanced-threat-protection)<br><br> [Operating system baseline compliance](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/secure-score-dashboard-windows-defender-advanced-threat-protection)<br><br>[SIEM connectors](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/configure-siem-windows-defender-advanced-threat-protection)<br><br>[Exposed APIs](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/exposed-apis-windows-defender-advanced-threat-protection)<br><br>[RBAC](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/rbac-windows-defender-advanced-threat-protection)<br><br>[Reportin and trends](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/powerbi-reports-windows-defender-advanced-threat-protection)| [Conditional access](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/conditional-access-windows-defender-advanced-threat-protection)<br><br>[O365 ATP](integration.md)<br><br>[Azure ATP](integration.md)<br><br>[Azure Security Center](integration.md)<br><br>[Skype for Business](integration.md)<br><br>[Microsoft Cloud App Security](integration.md)
 
 
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md
index f2d785d66a..740a8eab56 100644
--- a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md
@@ -18,7 +18,7 @@ ms.date: 05/03/2018
 -   Windows 10
 -   Windows Server 2016
 
-When WDAC policies are run in audit mode, it allows administrators to discover any applications that were missed during an initial policy scan and to identify any new applications that have been installed and run since the original policy was created. While a WDAC policy is running in audit mode, any binary that runs and would have been denied had the policy been enforced is logged in the **Applications and Services Logs\\Microsoft\\Windows\\CodeIntegrity\\Operational** event log. When these logged binaries have been validated, they can easily be added to a new WDAC policy. When the new exception policy is created, you can merge it with your existing WDAC policies.
+Running Appication Control in audit mode allows administrators to discover any applications that were missed during an initial policy scan and to identify any new applications that have been installed and run since the original policy was created. While a WDAC policy is running in audit mode, any binary that runs and would have been denied had the policy been enforced is logged in the **Applications and Services Logs\\Microsoft\\Windows\\CodeIntegrity\\Operational** event log. When these logged binaries have been validated, they can easily be added to a new WDAC policy. When the new exception policy is created, you can merge it with your existing WDAC policies.
 
 Before you begin this process, you need to create a WDAC policy binary file. If you have not already done so, see [Create an initial Windows Defender Application Control policy from a reference computer](#create-initial-default-policy).
 
diff --git a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md
index af72b5b90d..275c899061 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/configure-wd-app-guard.md
@@ -12,15 +12,14 @@ ms.date: 10/19/2017
 
 # Configure Windows Defender Application Guard policy settings
 
+**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
 Windows Defender Application Guard (Application Guard) works with Group Policy to help you manage your organization's computer settings. By using Group Policy, you can configure a setting once, and then copy it onto many computers. For example, you can set up multiple security settings in a GPO, which is linked to a domain, and then apply all those settings to every computer in the domain.
 
 Application Guard uses both network isolation and application-specific settings.
 
 ### Network isolation settings
 
-**Applies to:**
-- Windows 10 Enterpise edition, version 1709 or higher
-
 These settings, located at **Computer Configuration\Administrative Templates\Network\Network Isolation**, help you define and manage your company's network boundaries. Application Guard uses this information to automatically transfer any requests to access the non-corporate resources into the Application Guard container.
 
 >[!NOTE]
diff --git a/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md
index dcea68cace..ddc43061f4 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/faq-wd-app-guard.md
@@ -12,9 +12,7 @@ ms.date: 11/07/2017
 
 # Frequently asked questions - Windows Defender Application Guard 
 
-**Applies to:**
-- Windows 10 Enterpise edition, version 1709 or higher
-- Windows 10 Professional edition, version 1803
+**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
 Answering frequently asked questions about Windows Defender Application Guard (Application Guard) features, integration with the Windows operating system, and general configuration.
 
diff --git a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
index 413a76b74a..cfc24514ed 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md
@@ -12,9 +12,7 @@ ms.date: 11/09/2017
 
 # System requirements for Windows Defender Application Guard
 
-**Applies to:**
-- Windows 10 Enterprise edition, version 1709 or higher
-- Windows 10 Professional edition, version 1803
+**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
 The threat landscape is continually evolving. While hackers are busy developing new techniques to breach enterprise networks by compromising workstations, phishing schemes remain one of the top ways to lure employees into social engineering attacks. Windows Defender Application Guard is designed to help prevent old, and newly emerging attacks, to help keep employees productive.
 
diff --git a/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md b/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md
index cffffca2da..0b86cb9722 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/test-scenarios-wd-app-guard.md
@@ -10,13 +10,14 @@ ms.author: justinha
 ms.date: 10/19/2017
 ---
 
-# Testing scenarios using Windows Defender Application Guard in your business or organization
+# Application testing scenarios for hardware-based isolation
 
-We've come up with a list of suggested testing scenarios that you can use to test Windows Defender Application Guard (Application Guard) in your organization.
 
-**Applies to:**
-- Windows 10 Enterpise edition, version 1709 or higher
-- Windows 10 Professional edition, version 1803
+**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
+
+We've come up with a list of scenarios that you can use to test hardware-based isolation in your organization.
+
 
 ## Application Guard in standalone mode
 You can see how an employee would use standalone mode with Application Guard.
diff --git a/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md b/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md
index 8463afc7c4..271a48b9b4 100644
--- a/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md
+++ b/windows/security/threat-protection/windows-defender-application-guard/wd-app-guard-overview.md
@@ -12,9 +12,7 @@ ms.date: 07/09/2018
 
 # Windows Defender Application Guard overview
 
-**Applies to:**
-- Windows 10 Enterprise edition, version 1709 or higher
-- Windows 10 Professional edition, version 1803
+**Applies to:** Windows Defender Advanced Threat Protection (Windows Defender ATP)
  
 Windows Defender Application Guard (Application Guard) is designed to help prevent old and newly emerging attacks to help keep employees productive. Using our unique hardware isolation approach, our goal is to destroy the playbook that attackers use by rendering current attack methods obsolete. 
 
diff --git a/windows/security/threat-protection/windows-defender-atp/TOC.md b/windows/security/threat-protection/windows-defender-atp/TOC.md
index 7e2b725514..29bc7377b9 100644
--- a/windows/security/threat-protection/windows-defender-atp/TOC.md
+++ b/windows/security/threat-protection/windows-defender-atp/TOC.md
@@ -32,12 +32,13 @@
 ### [Assign user access to the portal](assign-portal-access-windows-defender-advanced-threat-protection.md)
 
 ### [Evaluate Windows Defender ATP](evaluate-atp.md)
-#### [Hardware-based isolation](../windows-defender-application-guard/test-scenarios-wd-app-guard.md)
-#### [Application control](../windows-defender-application-control/audit-windows-defender-application-control-policies.md)
-#### [Exploit protection](../windows-defender-exploit-guard/evaluate-exploit-protection.md)
-#### [Network Protection](../windows-defender-exploit-guard/evaluate-network-protection.md)
-#### [Controlled folder access](../windows-defender-exploit-guard/evaluate-controlled-folder-access.md)
-#### [Attack surface reduction controls](../windows-defender-exploit-guard/evaluate-attack-surface-reduction.md)
+####Evaluate attack surface reduction
+##### [Hardware-based isolation](../windows-defender-application-guard/test-scenarios-wd-app-guard.md)
+##### [Application control](../windows-defender-application-control/audit-windows-defender-application-control-policies.md)
+##### [Exploit protection](../windows-defender-exploit-guard/evaluate-exploit-protection.md)
+##### [Network Protection](../windows-defender-exploit-guard/evaluate-network-protection.md)
+##### [Controlled folder access](../windows-defender-exploit-guard/evaluate-controlled-folder-access.md)
+##### [Attack surface reduction controls](../windows-defender-exploit-guard/evaluate-attack-surface-reduction.md)
 #### [Next gen protection](../windows-defender-antivirus/evaluate-windows-defender-antivirus.md)