diff --git a/windows/threat-protection/TOC.md b/windows/threat-protection/TOC.md
index 02458df8ff..a1c9446bfb 100644
--- a/windows/threat-protection/TOC.md
+++ b/windows/threat-protection/TOC.md
@@ -70,21 +70,6 @@
#### [Python code examples](windows-defender-atp\python-example-code-windows-defender-advanced-threat-protection.md)
#### [Experiment with custom threat intelligence alerts](windows-defender-atp\experiment-custom-ti-windows-defender-advanced-threat-protection.md)
#### [Troubleshoot custom threat intelligence issues](windows-defender-atp\troubleshoot-custom-ti-windows-defender-advanced-threat-protection.md)
-### [Use the Windows Defender ATP exposed APIs](windows-defender-atp\exposed-apis-windows-defender-advanced-threat-protection.md)
-#### [Supported Windows Defender ATP APIs](windows-defender-atp\supported-apis-windows-defender-advanced-threat-protection.md)
-##### [Collect investigation package](windows-defender-atp\collect-investigation-package-windows-defender-advanced-threat-protection.md)
-##### [Isolate machine](windows-defender-atp\isolate-machine-windows-defender-advanced-threat-protection.md)
-##### [Unisolate machine](windows-defender-atp\unisolate-machine-windows-defender-advanced-threat-protection.md)
-##### [Restrict code execution](windows-defender-atp\restrict-code-execution-windows-defender-advanced-threat-protection.md)
-##### [Unrestrict code execution](windows-defender-atp\unrestrict-code-execution-windows-defender-advanced-threat-protection.md)
-##### [Run antivirus scan](windows-defender-atp\run-av-scan-windows-defender-advanced-threat-protection.md)
-##### [Stop and quarantine files](windows-defender-atp\stop-quarantine-file-windows-defender-advanced-threat-protection.md)
-##### [Request sample](windows-defender-atp\request-sample-windows-defender-advanced-threat-protection.md)
-##### [Block file](windows-defender-atp\block-file-windows-defender-advanced-threat-protection.md)
-##### [Unblock file](windows-defender-atp\unblock-file-windows-defender-advanced-threat-protection.md)
-##### [Get package SAS URI](windows-defender-atp\get-package-sas-uri-windows-defender-advanced-threat-protection.md)
-##### [Get MachineAction object](windows-defender-atp\get-machineaction-object-windows-defender-advanced-threat-protection.md)
-##### [Get FileMachineAction object](windows-defender-atp\get-filemachineaction-object-windows-defender-advanced-threat-protection.md)
### [Create and build Power BI reports using Windows Defender ATP data](windows-defender-atp\powerbi-reports-windows-defender-advanced-threat-protection.md)
### [Check sensor state](windows-defender-atp\check-sensor-status-windows-defender-advanced-threat-protection.md)
#### [Fix unhealthy sensors](windows-defender-atp\fix-unhealhty-sensors-windows-defender-advanced-threat-protection.md)
diff --git a/windows/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md
index d114a9a43f..eab5acb930 100644
--- a/windows/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/block-file-windows-defender-advanced-threat-protection.md
@@ -14,7 +14,7 @@ ms.date: 09/01.2017
---
# Block file
-Prevent a file from being executed in the organization using Windows Defender.
+Prevent a file from being executed in the organization using Windows Defender Antivirus.
## Permissions
Users need to have Security administrator or Global admin directory roles.
diff --git a/windows/threat-protection/windows-defender-atp/configure-endpoints-vdi-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/configure-endpoints-vdi-windows-defender-advanced-threat-protection.md
index ce248c2d22..df4f747169 100644
--- a/windows/threat-protection/windows-defender-atp/configure-endpoints-vdi-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/configure-endpoints-vdi-windows-defender-advanced-threat-protection.md
@@ -60,12 +60,13 @@ You can onboard VDI machines using a single entry or multiple entries for each m
Select the **Scripts** tab, then click **Add** (Windows Explorer will open directly in the path where you copied the onboarding script earlier). Navigate to the onboarding bash script `WindowsDefenderATPOnboardingScript.cmd`.
6. Test your solution:
- a. Create a pool with one machine.
- b. Logon to machine.
- c. Logoff from machine.
- d. Logon to machine with another user.
- e. **For single entry for each machine**: Check only one entry in the Windows Defender ATP portal.
-**For multiple entries for each machine**: Check multiple entries in the Windows Defender ATP portal.
+
+ a. Create a pool with one machine.
+ b. Logon to machine.
+ c. Logoff from machine.
+ d. Logon to machine with another user.
+ e. **For single entry for each machine**: Check only one entry in the Windows Defender ATP portal.
+ **For multiple entries for each machine**: Check multiple entries in the Windows Defender ATP portal.
7. Click **Machines list** on the Navigation pane.
diff --git a/windows/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md
index 280e52d86c..043bdf280d 100644
--- a/windows/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/get-filemachineaction-object-windows-defender-advanced-threat-protection.md
@@ -14,7 +14,7 @@ ms.date: 09/01.2017
---
# Get FileMachineAction object
-Get MachineAction object
+Get MachineAction object.
## Permissions
Users need to have Security administrator or Global admin directory roles.
@@ -59,7 +59,7 @@ Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/testwdatppreview/$metadata#FileMachineActions/$entity",
"id": " 7327b54fd718525cbca07dacde913b5ac3c85673",
- "sha1": “1163788484e3258ab9fcf692f7db7938f72ddfc2”,
+ "sha1": "1163788484e3258ab9fcf692f7db7938f72ddfc2",
"type": "StopAndQuarantineFile",
"status": "Succeeded",
"machineId": "970a58d5f61786bb7799dfdb5395ec364ffceace",
diff --git a/windows/threat-protection/windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md
index e1d38f112e..16581192da 100644
--- a/windows/threat-protection/windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/get-package-sas-uri-windows-defender-advanced-threat-protection.md
@@ -14,7 +14,7 @@ ms.date: 09/01.2017
---
# Get package SAS URI
-Get a Uri that allows downloading an investigation package.
+Get a URI that allows downloading an investigation package.
## Permissions
Users need to have Security administrator or Global admin directory roles.
diff --git a/windows/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md
index 0219c0749d..9d9afa06e9 100644
--- a/windows/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/isolate-machine-windows-defender-advanced-threat-protection.md
@@ -28,7 +28,7 @@ POST /testwdatppreview/machines/{id}/isolate
Header | Value
:---|:---
-Authorization | Bearer {token}. Required.
+Authorization | Bearer {token}. **Required**.
Content-Type | application/json
## Request body
diff --git a/windows/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md
index 60070884f8..f8f9d72658 100644
--- a/windows/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md
@@ -65,9 +65,6 @@ Machine group and tags support proper mapping of the network, enabling you to at
- [Create and build Power BI reports using Windows Defender ATP data](powerbi-reports-windows-defender-advanced-threat-protection.md)
Windows Defender ATP supports the use of Power BI data connectors to enable you to connect and access Windows Defender ATP data using Microsoft Graph.
-- [Use the Windows Defender ATP exposed APIs](configure-server-endpoints-windows-defender-advanced-threat-protection.md)
-Windows Defender ATP exposes much of the available data and actions using a set of programmatic APIs that are part of the Microsoft Intelligence Security Graph. Those APIs will enable you, to automate workflows and innovate based on Windows Defender ATP capabilities.
-
diff --git a/windows/threat-protection/windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md
index 66da51153b..10b78cb11e 100644
--- a/windows/threat-protection/windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/request-sample-windows-defender-advanced-threat-protection.md
@@ -37,7 +37,7 @@ In the request body, supply a JSON object with the following parameters:
Parameter | Type | Description
:---|:---|:---
Comment | String | Comment to associate with the action. **Required**.
-SHA1 | String | Sha1 of the file to upload to the secure storage. **Required**.
+Sha1 | String | Sha1 of the file to upload to the secure storage. **Required**.
## Response
If successful, this method returns 201, Created response code and *FileMachineAction* object in the response body.
diff --git a/windows/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md
index b72692edda..3377eeb2a0 100644
--- a/windows/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/restrict-code-execution-windows-defender-advanced-threat-protection.md
@@ -28,7 +28,7 @@ POST /testwdatppreview/machines/{id}/restrictCodeExecution
Header | Value
:---|:---
-Authorization | Bearer {token}. Required.
+Authorization | Bearer {token}. **Required**.
Content-Type | application/json
## Request body
diff --git a/windows/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md
index c66bf495db..891097b03a 100644
--- a/windows/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/run-av-scan-windows-defender-advanced-threat-protection.md
@@ -28,7 +28,7 @@ POST /testwdatppreview/machines/{id}/runAntiVirusScan
Header | Value
:---|:---
-Authorization | Bearer {token}. Required.
+Authorization | Bearer {token}. **Required**.
Content-Type | application/json
## Request body
diff --git a/windows/threat-protection/windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md
index 6b46dbda48..588e46220b 100644
--- a/windows/threat-protection/windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/stop-quarantine-file-windows-defender-advanced-threat-protection.md
@@ -28,7 +28,7 @@ POST /testwdatppreview/machines/{id}/stopAndQuarantineFile
Header | Value
:---|:---
-Authorization | Bearer {token}. Required.
+Authorization | Bearer {token}. **Required**.
Content-Type | application/json
## Request body
@@ -37,7 +37,7 @@ In the request body, supply a JSON object with the following parameters:
Parameter | Type | Description
:---|:---|:---
Comment | String | Comment to associate with the action. **Required**.
-SHA1 | String | Sha1 of the file to stop and quarantine on the machine. **Required**.
+Sha1 | String | Sha1 of the file to stop and quarantine on the machine. **Required**.
## Response
If successful, this method returns 201, Created response code and _FileMachineAction_ object in the response body.
diff --git a/windows/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md
index e8fef51291..db02510fdf 100644
--- a/windows/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/unisolate-machine-windows-defender-advanced-threat-protection.md
@@ -14,7 +14,7 @@ ms.date: 09/01.2017
---
# Unisolate machine
-Remove machine from isolation.
+Undo isolation of a machine.
## Permissions
Users need to have Security administrator or Global admin directory roles.
@@ -28,7 +28,7 @@ POST /testwdatppreview/machines/{id}/unisolate
Header | Value
:---|:---
-Authorization | Bearer {token}. Required.
+Authorization | Bearer {token}. **Required**.
Content-Type | application/json
## Request body
diff --git a/windows/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md b/windows/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md
index 1bba4ce326..2890ee5631 100644
--- a/windows/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md
+++ b/windows/threat-protection/windows-defender-atp/unrestrict-code-execution-windows-defender-advanced-threat-protection.md
@@ -14,7 +14,7 @@ ms.date: 09/01.2017
---
# Unrestrict code execution
-Remove code execution restriction.
+Unrestrict execution of set of predefined applications.
## Permissions
Users need to have Security administrator or Global admin directory roles.