From 4fabe42624590f685149b2f86f1d13ea48083d34 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Tue, 21 Sep 2021 12:50:30 -0700
Subject: [PATCH 1/5] Update trusted-boot.md
---
windows/security/trusted-boot.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/windows/security/trusted-boot.md b/windows/security/trusted-boot.md
index 69631d8340..8f33995589 100644
--- a/windows/security/trusted-boot.md
+++ b/windows/security/trusted-boot.md
@@ -1,5 +1,5 @@
---
-title: Trusted Boot
+title: Secure Boot and Trusted Boot
description: Trusted Boot prevents corrupted components from loading during the boot-up process in Windows 11
search.appverid: MET150
author: denisebmsft
@@ -7,7 +7,7 @@ ms.author: deniseb
manager: dansimp
audience: ITPro
ms.topic: conceptual
-ms.date: 09/08/2021
+ms.date: 09/21/2021
ms.prod: w10
ms.localizationpriority: medium
ms.collection:
From 27ca51efc3c1876435d0a4ca0ef84c993ed848a2 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Tue, 21 Sep 2021 12:51:55 -0700
Subject: [PATCH 2/5] Update security-foundations.md
---
windows/security/security-foundations.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/security-foundations.md b/windows/security/security-foundations.md
index 2e2f94b61b..7ec5414862 100644
--- a/windows/security/security-foundations.md
+++ b/windows/security/security-foundations.md
@@ -18,7 +18,7 @@ ms.technology: windows-sec
Microsoft is committed to continuously invest in improving our software development process, building highly secure-by-design software, and addressing security compliance requirements. At Microsoft, we embed security and privacy considerations from the earliest life-cycle phases of all our software development processes. We build in security from the ground for powerful defense in today’s threat environment.
-Our strong security foundation leverages Microsoft Security Development Lifecycle (SDL) Bug Bounty, support for product security standards and certifications, and Azure Code signing. As a result, we improve security by producing software with fewer defects and vulnerabilities instead of relying on applying updates after vulnerabilities have been identified.
+Our strong security foundation uses Microsoft Security Development Lifecycle (SDL) Bug Bounty, support for product security standards and certifications, and Azure Code signing. As a result, we improve security by producing software with fewer defects and vulnerabilities instead of relying on applying updates after vulnerabilities have been identified.
Use the links in the following table to learn more about the security foundations:
From 41b1eb9c09c2873bce590ef20d041b72500dd382 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Tue, 21 Sep 2021 12:52:28 -0700
Subject: [PATCH 3/5] Update operating-system.md
---
windows/security/operating-system.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index 9c4e6c86ea..c231c53e4b 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -12,7 +12,7 @@ author: denisebmsft
ms.collection: M365-security-compliance
ms.prod: m365-security
ms.technology: windows-sec
-ms.date:
+ms.date: 09/21/2021
---
# Windows operating system security
From f28c1928b10c6f0468da649945e64b55c0abb613 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Tue, 21 Sep 2021 12:53:08 -0700
Subject: [PATCH 4/5] Update operating-system.md
---
windows/security/operating-system.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index c231c53e4b..66115fef04 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -35,7 +35,7 @@ Windows Security app | The Windows built-in security application found in settin
| Antivirus & antimalware protection | Microsoft Defender Antivirus is included in all versions of Windows 10, Windows Server 2016 and later, and Windows 11. If you have another antivirus app installed and turned on, Microsoft Defender Antivirus will turn off automatically. If you uninstall the other app, Microsoft Defender Antivirus will turn back on.
From the moment you boot Windows, Microsoft Defender Antivirus continually monitors for malware, viruses, and security threats. Updates are downloaded automatically to help protect your device from threats. Microsoft Defender Antivirus continually scans for malware and threats, and also detects and blocks [potentially unwanted applications](/microsoft-365/security/defender-endpoint/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus) (applications that can negatively impact your device even though they are not considered malware).
Microsoft Defender Antivirus integrates with [cloud-delivered protection](/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-defender-antivirus), which helps ensure near-instant detection and blocking of new and emerging threats.
Learn more about [next-generation protection and Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows).|
| Attack surface reduction rules | Your attack surfaces are the places and ways you are vulnerable to a cyber attack. Attack surface reduction rules are built into Windows and Windows Server to prevent and block certain behaviors that are often abused to compromise your device or network. Such behaviors can include launching scripts or executables that attempt to download or run other files, running suspicious scripts, or performing other behaviors that apps don't typically initiate during normal work. You can configure your attack surface reduction rules to protect against these risky behaviors.
Learn more about [Attack surface reduction rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction) |
| Anti-tampering protection | During cyber attacks (like ransomware attempts), bad actors attempt to disable security features, such as antivirus protection on targeted devices. Bad actors like to disable security features to get easier access to user’s data, to install malware, or to otherwise exploit user’s data, identity, and devices without fear of being blocked. Tamper protection helps prevent these kinds of activities.
With tamper protection, malware is prevented from taking actions such as:
- Disabling virus and threat protection
- Disabling real-time protection
- Turning off behavior monitoring
- Disabling antivirus (such as IOfficeAntivirus (IOAV))
- Disabling cloud-delivered protection
- Removing security intelligence updates
Learn more about [Tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection). |
-| Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an additional layer of protection for a user. Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses.
In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/), which provides detailed reporting into protection events as part of larger investigation scenarios.
Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |
+| Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an extra layer of protection for a user. Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses.
In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/), which provides detailed reporting into protection events as part of larger investigation scenarios.
Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |
| Controlled folder access | With controlled folder access, you can protect your valuable information in specific folders by managing apps’ access to specific folders. Only trusted apps can access protected folders, which are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, are included in the list of controlled folders. Controlled folder access helps protect valuable data from malicious apps and threats, such as ransomware.
Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
| Exploit protection | Exploit protection, available in Windows 10, version 1709 and later, automatically applies several exploit mitigation techniques to operating system processes and apps. Exploit protection works best with Microsoft Defender for Endpoint, which gives organizations detailed reporting into exploit protection events and blocks as part of typical alert investigation scenarios.
You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices simultaneously. When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information. You can also enable the rules individually to customize which techniques the feature monitors.
Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). |
| Microsoft Defender for Endpoint | Windows E5 customers benefit from [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint), an enterprise endpoint detection and response capability that helps enterprise security teams detect, investigate, and respond to advanced threats. With rich event data and attack insights, Defender for Endpoint enables your security team to investigate incidents and take remediation actions effectively and efficiently.
Defender for Endpoint also is part of [Microsoft 365 Defender](/microsoft-365/security/defender/), a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.
Learn more about [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint) and [Microsoft 365 Defender](/microsoft-365/security/defender/). |
From 6f36336636b21df687530f325ab798d13fbdd2ae Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Tue, 21 Sep 2021 12:56:09 -0700
Subject: [PATCH 5/5] little fixes
---
windows/security/cryptography-certificate-mgmt.md | 3 ++-
windows/security/encryption-data-protection.md | 3 ++-
windows/security/trusted-boot.md | 3 ++-
3 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/windows/security/cryptography-certificate-mgmt.md b/windows/security/cryptography-certificate-mgmt.md
index dbc385fefd..7c781c1bdf 100644
--- a/windows/security/cryptography-certificate-mgmt.md
+++ b/windows/security/cryptography-certificate-mgmt.md
@@ -8,7 +8,8 @@ manager: dansimp
audience: ITPro
ms.topic: conceptual
ms.date: 09/07/2021
-ms.prod: w11
+ms.prod: m365-security
+ms.technology: windows-sec
ms.localizationpriority: medium
ms.collection:
ms.custom:
diff --git a/windows/security/encryption-data-protection.md b/windows/security/encryption-data-protection.md
index b9967d05ac..359afde71f 100644
--- a/windows/security/encryption-data-protection.md
+++ b/windows/security/encryption-data-protection.md
@@ -8,7 +8,8 @@ manager: dansimp
audience: ITPro
ms.topic: conceptual
ms.date: 09/08/2021
-ms.prod: w11
+ms.prod: m365-security
+ms.technology: windows-sec
ms.localizationpriority: medium
ms.collection:
ms.custom:
diff --git a/windows/security/trusted-boot.md b/windows/security/trusted-boot.md
index 8f33995589..6792a8df14 100644
--- a/windows/security/trusted-boot.md
+++ b/windows/security/trusted-boot.md
@@ -8,7 +8,8 @@ manager: dansimp
audience: ITPro
ms.topic: conceptual
ms.date: 09/21/2021
-ms.prod: w10
+ms.prod: m365-security
+ms.technology: windows-sec
ms.localizationpriority: medium
ms.collection:
ms.custom: