Merge remote-tracking branch 'refs/remotes/origin/master' into jd5holo

.openpublishing.redirection.json

@@ -1,6 +1,11 @@
 {
 "redirections": [
 {
+"source_path": "windows/application-management/msix-app-packaging-tool-walkthrough.md",
+"redirect_url": "https://docs.microsoft.com/windows/msix/mpt-overview",
+"redirect_document_id": true
+},
+{
 "source_path": "browsers/edge/enterprise-guidance-using-microsoft-edge-and-ie11.md",
 "redirect_url": "https://docs.microsoft.com/en-us/microsoft-edge/deploy/emie-to-improve-compatibility",
 "redirect_document_id": true
@@ -5426,6 +5431,26 @@
 "redirect_document_id": true
 },
 {
+"source_path": "devices/hololens/hololens-microsoft-layout-app.md",
+"redirect_url": "/hololens/hololens-microsoft-dynamics-365-layout-app",
+"redirect_document_id": true
+},
+{
+"source_path": "devices/hololens/hololens-microsoft-dynamics-365-layout-app.md",
+"redirect_url": "https://docs.microsoft.com/dynamics365/mixed-reality/layout/",
+"redirect_document_id": true
+},
+{
+"source_path": "devices/hololens/hololens-microsoft-remote-assist-app.md",
+"redirect_url": "https://docs.microsoft.com/dynamics365/mixed-reality/remote-assist/",
+"redirect_document_id": true
+},
+{
+"source_path": "devices/hololens/hololens-public-preview-apps.md",
+"redirect_url": "https://docs.microsoft.com/dynamics365/#pivot=mixed-reality-apps",
+"redirect_document_id": true
+},
+{
 "source_path": "devices/surface-hub/provisioning-packages-for-certificates-surface-hub.md",
 "redirect_url": "/surface-hub/provisioning-packages-for-surface-hub",
 "redirect_document_id": true

browsers/edge/change-history-for-microsoft-edge.md

@@ -41,8 +41,8 @@ We have discontinued the **Configure Favorites** group policy, so use the [Provi
 | New              | [Configure collection of browsing data for Microsoft 365 Analytics](group-policies/telemetry-management-gp.md#configure-collection-of-browsing-data-for-microsoft-365-analytics)     | [!INCLUDE [configure-browser-telemetry-for-m365-analytics-shortdesc](shortdesc/configure-browser-telemetry-for-m365-analytics-shortdesc.md)]                  |
 | New               | [Configure Favorites Bar](group-policies/favorites-management-gp.md#configure-favorites-bar)        | [!INCLUDE [configure-favorites-bar-shortdesc](shortdesc/configure-favorites-bar-shortdesc.md)]                 |
 | New           | [Configure Home Button](group-policies/home-button-gp.md#configure-home-button)     | [!INCLUDE [configure-home-button-shortdesc](shortdesc/configure-home-button-shortdesc.md)]                     |
-| New             | [Configure kiosk mode](microsoft-edge-kiosk-mode-deploy.md#relevant-policies)     | [!INCLUDE [configure-kiosk-mode-shortdesc](shortdesc/configure-kiosk-mode-shortdesc.md)]                   |
-| New      | [Configure kiosk reset after idle timeout](microsoft-edge-kiosk-mode-deploy.md#relevant-policies)    |[!INCLUDE [configure-kiosk-reset-after-idle-timeout-shortdesc](shortdesc/configure-kiosk-reset-after-idle-timeout-shortdesc.md)]        |
+| New             | [Configure kiosk mode](microsoft-edge-kiosk-mode-deploy.md#configure-kiosk-mode)     | [!INCLUDE [configure-kiosk-mode-shortdesc](shortdesc/configure-kiosk-mode-shortdesc.md)]                   |
+| New      | [Configure kiosk reset idle timeout](microsoft-edge-kiosk-mode-deploy.md#configure-kiosk-reset-idle-timeout)    |[!INCLUDE [configure-kiosk-reset-after-idle-timeout-shortdesc](shortdesc/configure-kiosk-reset-after-idle-timeout-shortdesc.md)]        |
 | New              | [Configure Open Microsoft Edge With](group-policies/start-pages-gp.md#configure-open-microsoft-edge-with)      | [!INCLUDE [configure-open-microsoft-edge-with-shortdesc](shortdesc/configure-open-microsoft-edge-with-shortdesc.md)]            |
 | New            | [Prevent certificate error overrides](group-policies/security-privacy-management-gp.md#prevent-certificate-error-overrides)   | [!INCLUDE [prevent-certificate-error-overrides-shortdesc](shortdesc/prevent-certificate-error-overrides-shortdesc.md)]        |
 | New      | [Prevent users from turning on browser syncing](group-policies/sync-browser-settings-gp.md#prevent-users-from-turning-on-browser-syncing)  | [!INCLUDE [prevent-users-to-turn-on-browser-syncing-shortdesc](shortdesc/prevent-users-to-turn-on-browser-syncing-shortdesc.md)]      |

browsers/edge/microsoft-edge-kiosk-mode-deploy.md

@@ -7,62 +7,68 @@ ms.prod: edge
 ms.sitesec: library
 title: Deploy Microsoft Edge kiosk mode
 ms.localizationpriority: medium
-ms.date: 10/02/2018 
+ms.date: 10/08/2018 
 ---
 
 # Deploy Microsoft Edge kiosk mode
 
 >Applies to: Microsoft Edge on Windows 10, version 1809
 
-In the Windows 10 October 2018 Update, we added the capability to use Microsoft Edge as a kiosk (referred to as Microsoft Edge kiosk mode). We added and updated Microsoft Edge group policies to enhance the kiosk experience depending on the Microsoft Edge kiosk mode type you configure.
+In the Windows 10 October 2018 Update, we added Microsoft Edge kiosk mode which works with assigned access, locking down a Windows 10 device to only run a single application or multiple applications. It also prevents access to the file system and running executables or other apps from Microsoft Edge. Assigned access lets IT administrators create a tailored browsing experience designed for kiosk devices. Learn more about [assigned access](https://docs.microsoft.com/en-us/windows-hardware/customize/enterprise/assigned-access).
 
-Microsoft Edge kiosk mode works with assigned access, which lets IT administrators create a tailored browsing experience designed for kiosk devices. Assigned access prevents users from accessing the file system and running other apps from Microsoft Edge, such as the address bar or downloads. For example, you can configure Microsoft Edge to load only a single URL in full-screen mode when you configure digital/interactive signage on a single-app kiosk device.
+Microsoft Edge kiosk mode supports four configurations types. For example, you can configure Microsoft Edge to load only a single URL in full-screen mode when you configure digital/interactive signage on a single-app kiosk device.
 
-In addition to digital/interactive signage, you can configure Microsoft Edge for public browsing either on a single and multi-app kiosk device. Public browsing runs a multi-tab version of InPrivate browsing mode with limited functionality to run in full-screen mode or normal browsing of Microsoft Edge.
+In addition to digital/interactive signage, you can configure Microsoft Edge kiosk mode for public browsing either on a single or multi-app kiosk device. The public browsing kiosk types run Microsoft Edge InPrivate mode to protect user data with a browsing experience designed for public kiosks. For example, the Microsoft Edge Settings are disabled, favorites, extensions, and books are unavailable to prevent users from customizing Microsoft Edge.
 
-Both digital/interactive signage and public browsing help protect the user’s data by running Microsoft Edge with InPrivate browsing. In single-app public browsing, there is both an ‘End Session’ button that users click to end the browsing session or that resets the session after a specified time of user inactivity. The idle timer is set to 5 minutes by default, but you can choose a value of your own.
-
-In this topic, you learn about the different Microsoft Edge kiosk mode types to help you determine what configuration is best suited for your kiosk device. You also learn how to set up your Microsoft Edge kiosk mode experience.  Learn more about [Configuring kiosk and shared devices running Windows desktop editions](https://docs.microsoft.com/en-us/windows/configuration/kiosk-shared-pc).
+In single-app public browsing, there is an “End session” button and reset after an idle timeout. Both restart Microsoft Edge and clear the user’s session. The reset after the idle timer is set to 5 minutes by default, but you can choose a value of your own.
 
+In this topic, you learn about the different Microsoft Edge kiosk mode types to help you determine what configuration is best suited for your kiosk device. You also learn how to set up your Microsoft Edge kiosk mode experience. Learn more about [Configuring kiosk and shared devices running Windows desktop editions](https://docs.microsoft.com/en-us/windows/configuration/kiosk-shared-pc).
 
 ## Microsoft Edge kiosk types
-Depending on how Microsoft Edge is set up in assigned access, Microsoft Edge kiosk mode supports four types, single-app or multi-app kiosk mode with both supporting public browsing.  Learn more about [assigned access](https://docs.microsoft.com/en-us/windows-hardware/customize/enterprise/assigned-access).
 
-### Single-app kiosk
+Microsoft Edge kiosk mode supports four configuration types that depending on how Microsoft Edge is set up with assigned access. Two for single-app kiosk devices (Digital/Interactive signage and Public browsing) and two for multi-app kiosk devices (Public browsing and Normal mode).
 
-When you set up Microsoft Edge kiosk mode in single-app assigned access, Microsoft Edge runs InPrivate either in full-screen or a limited multi-tab version for public browsing. For more details about setting up a single-app kiosk, see [Set up a kiosk or digital signage on Windows 10 Pro, Enterprise, or Education](https://docs.microsoft.com/en-us/windows/configuration/setup-kiosk-digital-signage).  
+### Single app
 
-The single-app Microsoft Edge kiosk mode types include:
+When you set up Microsoft Edge kiosk mode in single-app assigned access, Microsoft Edge runs InPrivate either in full-screen or a multi-tab version designed for public browsing. For more details about setting up a single-app kiosk, see [Set up a kiosk or digital signage on Windows 10 Pro, Enterprise, or Education](https://docs.microsoft.com/en-us/windows/configuration/setup-kiosk-digital-signage).
 
-1. **Digital / Interactive signage** devices display a specific site in full-screen mode that runs InPrivate browsing mode. 
+The single-app Microsoft Edge kiosk mode types are:
 
-   - **Digital signage** does not require user interaction and best used for a rotating advertisement or menu.
+1.  **Digital / Interactive signage** devices display a specific site in full-screen mode that runs InPrivate browsing mode.
 
-   - **Interactive signage**, on the other hand, requires user interaction within the page but doesn’t allow for any other uses, such as browsing the internet. Use interactive signage for things like a building business directory or restaurant order/pay station.
+    -   **Digital signage** does not require user interaction and best used for a rotating advertisement or menu.
 
-2. **Public browsing** devices are publicly accessible and run a limited multi-tab version of InPrivate browsing in Microsoft Edge, which is the only app available on the device. Users can’t minimize, close, or open new Microsoft Edge windows or customize Microsoft Edge.<p>The single-app public browsing mode is the only kiosk mode that has an ‘End Session’ button that users click to end the browsing session and an idle timer that resets the session after a specified time of user inactivity.  Use the “Configure kiosk reset after idle timeout” policy to set the idle timer, which is set to 5 minutes by default, but you can provide a value of your own.<p>A public library or hotel concierge desk are two examples of public browsing that restricts access to only Microsoft Edge. 
+    -   **Interactive signage**, on the other hand, requires user interaction within the page but doesn’t allow for any other uses, such as browsing the internet. Use interactive signage for things like a building business directory or restaurant order/pay station.
+
+2.  **Public browsing** runs Microsoft Edge InPrivate mode to protect user data with a browsing experience designed for publicly accessible kiosk devices. For example, the Microsoft Edge Settings are disabled, favorites, extensions, and books are unavailable to prevent users from customizing Microsoft Edge. Users can’t minimize, close or open a new Microsoft Window. Microsoft Edge is the only app users can use on the device.<p>The single-app public browsing mode is the only kiosk mode that has an ‘End session’ button that users click to end the browsing session and an idle timer that resets the session after a specified time of user inactivity. Both restart Microsoft Edge and clear the user’s session, including any downloads. Use the “Configure kiosk reset after idle timeout” policy to set the idle timer, which is set to 5 minutes by default.<p>A public library or hotel concierge desk are two examples of public browsing that restricts access to only Microsoft Edge.
 
     ![Public browsing Microsoft Edge kiosk mode on a single-app kiosk device](images/surface_hub_single-app_browse_kiosk_inframe.png)
 
-### Multi-app kiosk
-When you set up Microsoft Edge kiosk mode in multi-app assigned access, Microsoft Edge runs a limited multi-tab version of InPrivate or a normal browsing version.  For more details about running a multi-app kiosk, or fixed-purpose device, see [Create a Windows 10 kiosk that runs multiple apps](https://docs.microsoft.com/en-us/windows/configuration/lock-down-windows-10-to-specific-apps). Here you learn how to create kiosks that run more than one app and the benefits of a multi-app kiosk, or fixed-purpose device.
+### Multi-app
+
+Microsoft Edge two kiosk mode in multi-app assigned access runs InPrivate mode and a regular browsing version. For more details about running a multi-app kiosk, or fixed-purpose device, see [Create a Windows 10 kiosk that runs multiple apps](https://docs.microsoft.com/en-us/windows/configuration/lock-down-windows-10-to-specific-apps).
+
+Here you learn how to create kiosks that run more than one app and the benefits of a multi-app kiosk, or fixed-purpose device.
 
 The multi-app Microsoft Edge kiosk mode types include:
 
-3. **Public browsing** devices are publicly accessible and supports browsing the internet. Public browsing runs a multi-tab version of InPrivate browsing mode with limited functionality that runs in full-screen mode.<p>In this configuration, Microsoft Edge can interact with other applications. For example, if Internet Explorer 11 is set up in multi-app assigned access, you can enable Enterprise Mode to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support.<p>A public library or hotel concierge desk are two examples of public browsing that provides access to Microsoft Edge and other apps.  
+3.  **Public browsing**, which is similar to the single-app version, runs Microsoft Edge InPrivate mode to protect user data with a browsing experience designed for publicly accessible kiosk devices running more than  one application.<p>Users can open and close Microsoft Edge and launch other apps if allowed by assigned access. Instead of an “End session” button to clear their browsing session, the user closes Microsoft Edge normally.<p>In this configuration, Microsoft Edge can interact with other applications. For example, if Internet Explorer 11 is set up in multi-app assigned access, you can enable Enterprise Mode to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support.<p>A public library or hotel concierge desk are two examples of public browsing that provides access to Microsoft Edge and other apps. 
 
     ![Public browsing Microsoft Edge kiosk mode on a multi-app kiosk device](images/surface_hub_multi-app_kiosk_inframe.png)
 
-4. **Normal mode** devices run a full-featured version of Microsoft Edge (referred to as normal browsing).<p>Some features may not work depending on what other apps you have configured in assigned access. For example, if Internet Explorer 11 is set up in assigned access, you can enable Enterprise Mode to automatically switch users to Internet Explorer 11 for sites that need backward compatibility support.  
+4. **Normal mode** provides all the Microsoft Edge browsing features and preserves the user data and state between sessions.<p>Some features may not work depending on what other apps you have configured in assigned access. For example, installing extensions or books from the Microsoft store are not allowed if the store is not available. If Internet Explorer 11 is set up in assigned access, you can enable Enterprise Mode to  automatically switch users to Internet Explorer 11 for sites that need backward compatibility support.  
 
     ![Normal Microsoft Edge kiosk mode on a multi-app kiosk device](images/surface_hub_multi-app_normal_kiosk_inframe.png)
 
 ## Let’s get started!
-Before you can configure Microsoft Edge kiosk mode, you must set up Microsoft Edge in assigned access. With assigned access, you restrict a local standard user account so that it only has access to one Windows app, such as Microsoft Edge in kiosk mode. You can set up Microsoft Edge kiosk mode in assigned access using:
 
--   **Windows Settings.** Best for physically setting up a couple of devices as kiosks.  You can configure Microsoft Edge in single-app (full-screen or public browsing as the kiosk type) and define a single URL for the Home button, Start page, and New Tab page. You can also set the reset after an idle timeout. 
+Before you can configure Microsoft Edge kiosk mode, you must set up Microsoft Edge in assigned access. With assigned access, you restrict a local standard user account so that it only has access to one or more Windows app, such as Microsoft Edge in kiosk mode. You can set up Microsoft Edge kiosk mode in assigned access using:
 
--   **Microsoft Intune or other MDM service.** Best for setting up multiple devices as a kiosk. With this method, you configure Microsoft Edge in assigned access and configure how Microsoft Edge behaves when it’s running in kiosk mode with assigned access.
+-   **Windows Settings.** Use to set up a couple of single-app kiosk devices. If you hit the Windows key and type “kiosk” you can setup Microsoft Edge kiosk mode for a single-app (Digital / Interactive signage or Public browsing) expereince and define a single URL for the Home button, Start page, and New Tab page. You can also set the reset after an idle timeout.
+
+IMPORTANT: Do not use the Windows 10 Settings to configure multi-app kiosks.
+
+-   **Microsoft Intune or other MDM service.** Use to set up several single-app and multi-app kiosk devices. Microsoft Intune and other MDM service providers offer more options for customizing the Microsoft Edge kiosk mode experience by using the [supported or available] Microsoft Edge policies. For a list of supported polices see [Supported policies for kiosk mode]().
 
     >[!NOTE]
     >For other MDM service, check with your provider for instructions.
@@ -73,64 +79,52 @@ Before you can configure Microsoft Edge kiosk mode, you must set up Microsoft Ed
 
 ### Prerequisites
 
--  Microsoft Edge on Windows 10, version 1809 (Professional, Enterprise, and Education).
+-   Microsoft Edge on Windows 10, version 1809 (Professional, Enterprise, and Education).
 
--  Configuration and deployment service, such as Windows PowerShell, Microsoft Intune or other MDM service, or Windows Configuration Designer.  With these methods, you must have the AppUserModelID (AUMID) to set up Microsoft Edge: 
- 
-   Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
+-   Configuration and deployment service, such as Windows PowerShell, Microsoft Intune or other MDM service, or Windows Configuration Designer. With these methods, you must have the AppUserModelID (AUMID) to set up Microsoft Edge:<p>Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge
 
 
-### Use Windows Settings 
+### Use Windows Settings
 
 Windows Settings is the simplest and easiest way to set up one or a couple of devices because you perform these steps physically on each device. This method is ideal for small businesses.
 
-When you set up a single-app kiosk device using Windows Settings, you must first set up assigned access before configuring the device. With assigned access, you restrict a local standard user account so that it only has access to one Windows app, such as Microsoft Edge, in kiosk mode. 
+When you set up a single-app kiosk device using Windows Settings, you must first set up assigned access before configuring the device. With assigned access, you restrict a local standard user account so that it only has access to one Windows app, such as Microsoft Edge in kiosk mode.
 
-1. In the search field of Windows Settings, type **kiosk** and then select **Set up a kiosk (assigned access)**.
+1.  In the search field of Windows Settings, type **kiosk** and then select **Set up a kiosk (assigned access)**.
 
-2. On the **Set up a kiosk** page, click **Get started**.
+2.  On the **Set up a kiosk** page, click **Get started**.
 
-3. Type a name to create a new account or you can choose an existing account and click **Next**.
+3.  Type a name to create a new account or you can choose an existing account and click **Next**.
 
-4. On the **Choose a kiosk app** page, select **Microsoft Edge** and then click **Next**.
+4.  On the **Choose a kiosk app** page, select **Microsoft Edge** and then click **Next**.
 
-5. Select how Microsoft Edge displays when running in kiosk mode:
+5.  Select how Microsoft Edge displays when running in kiosk mode:
 
-    - **As a digital sign or interactive display**, the default URL shows in full screen, without browser controls.
+    -   **As a digital sign or interactive display**, the default URL shows in full screen, without browser controls.
 
-    - **As a public browser**, the default URL shows in a browser view with limited browser controls.
+    -   **As a public browser**, the default URL shows in a browser view with
+        limited browser controls.
 
-6. Select **Next**.
+6.  Select **Next**.
 
-7. Type the URL to load when the kiosk launches.
+7.  Type the URL to load when the kiosk launches.
 
-   >[!NOTE]
-   >The URL sets the Home button, Start page, and New Tab page.
+    >[!NOTE]
+	>The URL sets the Home button, Start page, and New Tab page.
 
-8. Accept the default value of **5 minutes** for the idle time or provide your own value.
+8.  Accept the default value of **5 minutes** for the idle time or provide your
+    own value.
 
-   >[!TIP]
-   >Microsoft Edge kiosk mode has a built-in timer to help keep data safe in public browsing sessions. When the idle time (no user activity) meets the time limit, a confirmation message prompts the user to continue. If the user does not **Continue**, Microsoft Edge resets to the default URL.
+    >[!TIP]
+	>Microsoft Edge kiosk mode has a built-in timer to help keep data safe in public browsing sessions. When the idle time (no user activity) meets the time limit, a confirmation message prompts the user to continue. If the user does not **Continue**, Microsoft Edge resets to the default URL.
 
-9. Click **Next**.
+9.  Click **Next**.
 
 10. Close the **Settings** window to save and apply your choices.
 
-11. Now that you have configured assigned access, selected how Microsoft Edge displays the kiosk, and set the idle timer, you can configure the group policies for Microsoft Edge kiosk mode.
+11. Once you've configured the policies, restart the kiosk device and sign in with the local kiosk account to validate the configuration.
 
-   >>You can find the Microsoft Edge Group Policy settings in the following location of the Group Policy Editor unless otherwise noted in the policy:
-   >>
-   >>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;**Computer Configuration\\Administrative Templates\\Windows Components\\Microsoft Edge\\**
-
-   - **[Configure kiosk mode](#configure-kiosk-mode)**: Configure the display mode for Microsoft Edge as a kiosk app. You can control whether Microsoft Edge runs InPrivate full screen, InPrivate multi-tab with limited functionality, or normal Microsoft Edge. For this policy to work, you must configure assigned access; otherwise, Microsoft Edge ignores the settings in this policy.
-    
-   - **[Configure kiosk reset after idle timeout](#configure-kiosk-reset-idle-timeout)**: Change the time, in minutes, from the last user activity before Microsoft Edge kiosk mode resets to the default kiosk configuration. For this policy to work, you must enable the Configure kiosk mode policy (InPrivate public browsing) and configure Microsoft Edge as a single-app in assigned access; otherwise, Microsoft Edge ignores this setting. 
-    
-   - **[Additional policies for kiosk mode](#additional-policies-for-kiosk-mode)**: We have other new and existing policies that work with Microsoft Edge kiosk mode, such as Allow cookies, Allow printing, Configure Home button, and Configure telemetry for Microsoft 365 analytics.  At this time, only a few features work in all kiosk types, for example, Unlock Home button works only in normal browsing. 
-
-12. Once you've configured the group policies, restart the kiosk device and sign in with the local kiosk account to validate the configuration. 
-
-**_Congratulations!_** You’ve just finished setting up Microsoft Edge in assigned access, a kiosk or digital sign, and configured the group policies for Microsoft Edge kiosk mode.
+*Congratulations!* You’ve just finished setting up Microsoft Edge in assigned access, a kiosk or digital sign, and configured Microsoft Edge kiosk mode.
 
 **_Next steps._** 
 
@@ -142,14 +136,14 @@ When you set up a single-app kiosk device using Windows Settings, you must first
 
 ### Use Microsoft Intune or other MDM service
 
-With this method, you can use Microsoft Intune or other MDM services to configure Microsoft Edge kiosk mode in assigned access and how it behaves on a kiosk device.  
+With this method, you can use Microsoft Intune or other MDM services to configure Microsoft Edge kiosk mode in assigned access and how it behaves on a kiosk device.
 
 >[!IMPORTANT]
->If you are using a local account as a kiosk account in Intune or a provisioning package, make sure to sign into this account and then sign out before configuring the assigned access single-app kiosk.
+>If you are using a local account as a kiosk account in Microsoft Intune or a provisioning package, make sure to sign into this account and then sign out before configuring the assigned access single-app kiosk.
 
 1.  In Microsoft Intune or other MDM service, configure [AssignedAccess](https://docs.microsoft.com/windows/client-management/mdm/assignedaccess-csp) to prevent users from accessing the file system, running executables, or other apps.
 
-2.  Configure the following MDM settings to control a web browser app on the kiosk device and then restart the device.
+2.  Configure the following MDM settings to setup Microsoft Edge kiosk mode on the kiosk device and then restart the device.
 
     |   |   |
     |---|---|
@@ -203,9 +197,9 @@ With this method, you can use a provisioning package to configure Microsoft Edge
 
 ---
 
+## Microsoft Edge kiosk mode policies
 
-## Relevant policies
-We added and updated Microsoft Edge group policies to enhance the kiosk experience depending on the Microsoft Edge kiosk mode type you configure.
+We added new Microsoft Edge policies to configure the kiosk mode type as well as the idle timer. For these polices to work correctly, you must set up Microsoft Edge in assigned access.
 
 ### Configure kiosk mode
 [!INCLUDE [configure-microsoft-edge-kiosk-mode-include](includes/configure-microsoft-edge-kiosk-mode-include.md)]
@@ -213,7 +207,7 @@ We added and updated Microsoft Edge group policies to enhance the kiosk experien
 ### Configure kiosk reset idle timeout
 [!INCLUDE [configure-edge-kiosk-reset-idle-timeout-include](includes/configure-edge-kiosk-reset-idle-timeout-include.md)]
 
-### Additional policies for kiosk mode
+### Supported policies for kiosk mode
 
 Use any of the Microsoft Edge policies listed below to enhance the kiosk experience depending on the Microsoft Edge kiosk mode type you configure. To learn more about these policies, see [Policy CSP - Browser](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser).
 

devices/hololens/TOC.md

@@ -9,8 +9,5 @@
 ## [Share HoloLens with multiple people](hololens-multiple-users.md)
 ## [Configure HoloLens using a provisioning package](hololens-provisioning.md)
 ## [Install apps on HoloLens](hololens-install-apps.md)
-## [Preview new mixed reality apps for HoloLens](hololens-public-preview-apps.md)
-### [Microsoft Remote Assist app](hololens-microsoft-remote-assist-app.md)
-### [Microsoft Layout app](hololens-microsoft-layout-app.md)
 ## [Enable Bitlocker device encryption for HoloLens](hololens-encryption.md)
 ## [Change history for Microsoft HoloLens documentation](change-history-hololens.md)

devices/hololens/change-history-hololens.md

@@ -20,6 +20,14 @@ This topic lists new and updated topics in the [Microsoft HoloLens documentation
 
 The topics in this library have been updated for Windows 10 Holographic for Business, version 1809.
 
+## October 2018
+
+New or changed topic | Description
+--- | ---
+[Preview new mixed reality apps for HoloLens](hololens-public-preview-apps.md) | Removed, and redirected to [Mixed reality apps](https://docs.microsoft.com/dynamics365/#pivot=mixed-reality-apps)
+[Microsoft Remote Assist app](hololens-microsoft-remote-assist-app.md) | Removed, and redirected to [Overview of Dynamics 365 Remote Assist](https://docs.microsoft.com/dynamics365/mixed-reality/remote-assist/)
+[Microsoft Dynamics 365 Layout app](hololens-microsoft-dynamics-365-layout-app.md) | Removed, and redirected to [Overview of Dynamics 365 Layout](https://docs.microsoft.com/dynamics365/mixed-reality/layout/)
+
 ## July 2018
 
 New or changed topic | Description

devices/hololens/hololens-microsoft-layout-app.md

@@ -1,73 +0,0 @@
----
-title: Microsoft Layout
-description: How to get and deploy the Microsoft Layout app throughout your organization
-ms.prod: hololens
-ms.sitesec: library
-author: alhopper-msft
-ms.author: alhopper
-ms.topic: article
-ms.localizationpriority: medium
-ms.date: 05/21/2018
----
-# Microsoft Layout
-
-Bring designs from concept to completion with confidence and speed. Import 3D models to easily create room layouts in real-world scale. Experience designs as high-quality holograms in physical space or virtual reality and edit with stakeholders in real time. With Microsoft Layout, see ideas in context, saving valuable time and money.
-
-## Device options and technical requirements
-
-Below are the device options, and technical requirements, to use and deploy Microsoft Layout throughout your organization.
-
-### Device options
-
-Microsoft Layout works with a HoloLens, or with a Windows Mixed Reality headset with motion controllers.
-
-#### HoloLens requirements
-
-| OS requirements                   | Details                                                    |
-|:----------------------------------|:-----------------------------------------------------------|
-| Build 10.0.17134.77 or above | See [Update HoloLens](https://support.microsoft.com/help/12643/hololens-update-hololens) for instructions on upgrading to this build. |
-
-#### Windows Mixed Reality headset requirements
-
-| Requirements                                  | Details                                                    |
-|:----------------------------------------------|:-----------------------------------------------------------|
-| Windows 10 PC with build 16299.0 or higher    | The Windows 10 PC hardware must be able to support the headset. See [Windows Mixed Reality PC hardware guidelines](https://support.microsoft.com/en-us/help/4039260/windows-10-mixed-reality-pc-hardware-guidelines) for specific hardware requirements. We recommend following the **Windows Mixed Reality Ultra** hardware guidelines.  |
-| Motion controllers                            | Motion controllers are hardware accessories that allow users to take action in mixed reality. See [Motion controllers](https://docs.microsoft.com/en-us/windows/mixed-reality/motion-controllers) to learn more.  |
-
-### Technical requirements
-
-Have the following technical requirements in place to start using Microsoft Layout.
-
-| Requirement                       | Details           | Learn more        |
-|:----------------------------------|:------------------|:------------------|
-| Azure Active Directory (Azure AD) | Required for app distribution through the [Microsoft Store for Business](https://docs.microsoft.com/en-us/microsoft-store/sign-up-microsoft-store-for-business). If you choose not to distribute the app through the Microsoft Store for Business, users can also install Layout on a HoloLens or PC from the [Microsoft Store](https://www.microsoft.com/en-us/store/apps). | [Get started with Azure AD](https://docs.microsoft.com/en-us/azure/active-directory/get-started-azure-ad) |
-| Network connectivity              | Internet access is required to download the app, and utilize all of its features. There are no bandwidth requirements.    | |
-| Apps for sharing                  | Video calling or screen sharing requires a separate app, such as Microsoft Remote Assist on HoloLens, or Skype or Skype for Business on Windows Mixed Reality headsets.<br/><br/>A Windows 10 PC that meets the Windows Mixed Reality Ultra specifications is also required for video calling or screen sharing when using Layout with a Windows Mixed Reality headset. | [Remote Assist](hololens-microsoft-remote-assist-app.md) <br/><br/>[Windows Mixed Reality PC hardware guidelines](https://support.microsoft.com/en-us/help/4039260/windows-10-mixed-reality-pc-hardware-guidelines) |
-| Import Tool for Microsoft Layout  | The Import Tool for Microsoft Layout is a companion app for Layout that makes model optimization and management easy. The Import Tool runs on Windows 10 PCs, and is required to transfer existing 3D models from your PC to Microsoft Layout, so they can be viewed and edited from the HoloLens or mixed reality headset. The Import Tool is also required to transfer Visio space dimensions to the HoloLens or Windows Mixed Reality headset. | [Import Tool for Microsoft Layout](#get-and-deploy-the-import-tool-for-microsoft-layout)  |
-
-## Get and deploy Microsoft Layout
-
-Microsoft Layout is available from the Microsoft Store for Business for free for a limited time:
-
-1. Go to the [Microsoft Layout](https://businessstore.microsoft.com/en-us/store/details/app/9NSJN53K3GFJ) app in the Microsoft Store for Business.
-1. Click **Get the app**. Microsoft Layout is added to the **Products and Services** tab for your private store.
-1. Users can open the **Products and Services** tab to install the app to their device, or you can deploy the app throughout your organization using MDM. See [Install apps on HoloLens](hololens-install-apps.md) for further instructions on deploying apps.
-
-For a limited time, users can also [Get Microsoft Layout from the Microsoft Store](https://www.microsoft.com/store/productId/9NSJN53K3GFJ) for free.
-
-### Get and deploy the Import Tool for Microsoft Layout
-
-The **Import Tool for Microsoft Layout** is a companion app for Layout that makes model optimization and management easy. The Import Tool runs on Windows 10 PCs, and is required to transfer existing 3D models from your PC to Microsoft Layout, for viewing and editing on Microsoft HoloLens or a Windows Mixed Reality headset.
-
-The companion app is available in both the Microsoft Store for Business, and the Microsoft Store, for free for a limited time:
-
-* [Get the Microsoft Layout Import Tool](https://businessstore.microsoft.com/en-us/store/details/app/9N88Q3RXPLP0) from the Microsoft Store for Business. See [Distribute apps to your employees from Microsoft Store for Business](https://docs.microsoft.com/en-us/microsoft-store/distribute-apps-to-your-employees-microsoft-store-for-business) for instructions on using the Microsoft Store for Business, and/or MDM, to deploy Windows 10 apps throughout your organization.
-* Alternately, have your users [Get the Microsoft Layout Import Tool](https://www.microsoft.com/store/productId/9N88Q3RXPLP0) from the Microsoft Store to install the app on their Windows 10 PC.
-
-## Use Microsoft Layout
-
-For guidance on using the features of the Microsoft Layout app, please see [Set up and use Microsoft Layout](https://support.microsoft.com/help/4294437).
-
-## Questions and support
-
-You can ask questions and engage with our team in the [Mixed Reality Tech Community](https://techcommunity.microsoft.com/t5/Mixed-Reality/ct-p/MixedReality).

devices/hololens/hololens-microsoft-remote-assist-app.md

@@ -1,64 +0,0 @@
----
-title: Microsoft Remote Assist
-description: How to get and deploy the Microsoft Remote Assist app throughout your organization
-ms.prod: hololens
-ms.sitesec: library
-author: alhopper-msft
-ms.author: alhopper
-ms.topic: article
-ms.localizationpriority: medium
-ms.date: 05/22/2018
----
-# Microsoft Remote Assist
-
-Collaborate remotely with heads-up, hands-free video calling, image sharing, and mixed reality annotations. Firstline workers can share what they see with any expert on Microsoft Teams, while staying hands on to solve problems and complete tasks together, faster. Backed by enterprise-level security, Microsoft Remote Assist enables communication with peace of mind.
-
-## Technical requirements
-
-Below are the technical requirements to deploy and use Microsoft Remote Assist throughout your organization.
-
-### Device requirements
-
-| Device                     | OS requirements                   | Details                                                    |
-|:---------------------------|:----------------------------------|:-----------------------------------------------------------|
-| HoloLens                   | Build 10.0.14393.0 or above  | See [Manage updates to HoloLens](https://docs.microsoft.com/en-us/HoloLens/hololens-updates) for instructions on using Windows Update for Business, MDM, and Windows Server Update Service (WSUS) to deploy updates to HoloLens.   |
-| Windows 10 PC (optional)   | Any Windows 10 build              | A Windows 10 PC can collaborate with the HoloLens using Microsoft Teams. |
-
-> [!Note]
-> HoloLens build 10.0.14393.0 is the minimum that supports Remote Assist. We recommend updating the HoloLens to newer versions when they are available.
-
-### Licensing & product requirements
-
-| Product required                  | Details           | Learn more        |
-|:----------------------------------|:------------------|:------------------|
-| Azure Active Directory (Azure AD) | Required to log users into the Remote Assist app through Microsoft Teams. Also required for app distribution through the [Microsoft Store for Business](https://docs.microsoft.com/en-us/microsoft-store/sign-up-microsoft-store-for-business). If you choose not to distribute the app through the Microsoft Store for Business, users can alternately install Remote Assist on a HoloLens or PC from the [Microsoft Store](https://www.microsoft.com/en-us/store/apps). | [Get started with Azure AD](https://docs.microsoft.com/en-us/azure/active-directory/get-started-azure-ad) |
-| Microsoft Teams                   | Microsoft Teams facilitates communication in Remote Assist. Microsoft Teams must be installed on any device that will make calls to the HoloLens. | [Overview of Microsoft Teams](https://docs.microsoft.com/en-us/MicrosoftTeams/teams-overview) |
-| Microsoft Office 365              | Because Microsoft Teams is part of Office 365, each user who will make calls from their PC/phone to the HoloLens will need an Office 365 license. | [Office 365 licensing for Microsoft Teams](https://docs.microsoft.com/en-us/MicrosoftTeams/office-365-licensing) |
-
-### Network requirements
-
-1.5 MB/s is the recommended bandwidth for optimal performance of Microsoft Remote Assist. Though audio/video calls may be possible in environments with reduced bandwidth, you may experience HoloLens feature degradation, limiting the user experience. To test your company’s network bandwidth, follow these steps:
-
-   1. Have a Teams user video call another Teams user.
-   2. Add another separate video call between a 3rd and 4th user, and another for a 5th and 6th user.
-   3. Continue adding video callers to stress test your network bandwidth until confident that multiple users can successfully connect on video calls at the same time.
-
-See [Preparing your organization's network for Microsoft Teams](https://docs.microsoft.com/en-us/MicrosoftTeams/prepare-network) to learn more.
-
-## Get and deploy Microsoft Remote Assist
-
-Microsoft Remote Assist is available from the Microsoft Store for Business for free for a limited time:
-
-1. Go to the [Microsoft Remote Assist](https://businessstore.microsoft.com/en-us/store/details/app/9PPJSDMD680S) app in the Microsoft Store for Business.
-1. Click **Get the app**. Microsoft Remote Assist is added to the **Products and Services** tab for your private store.
-1. Users can open the **Products and Services** tab to install the app to their device, or you can deploy the app throughout your organization using MDM. See [Install apps on HoloLens](hololens-install-apps.md) for further instructions on deploying apps.
-
-For a limited time, users can also [Get Microsoft Remote Assist from the Microsoft Store](https://www.microsoft.com/store/productId/9PPJSDMD680S) for free.
-
-## Use Microsoft Remote Assist
-
-For guidance on using the features of the Microsoft Remote Assist app, please see [Set up and use Microsoft Remote Assist](https://support.microsoft.com/en-us/help/4294812).
-
-## Questions and support
-
-You can ask questions and engage with our team in the [Mixed Reality Tech Community](https://techcommunity.microsoft.com/t5/Mixed-Reality/ct-p/MixedReality).

devices/hololens/hololens-public-preview-apps.md

@@ -1,31 +0,0 @@
----
-title: Preview new mixed reality apps for HoloLens
-description: Here's how to download and distribute new mixed reality apps for HoloLens, free for a limited time during public preview
-ms.prod: hololens
-ms.sitesec: library
-author: alhopper
-ms.author: alhopper
-ms.topic: article
-ms.localizationpriority: medium
-ms.date: 05/21/2018
----
-# Preview new mixed reality apps for HoloLens
-
-Microsoft has just announced two new mixed reality apps coming to HoloLens: Microsoft Remote Assist and Microsoft Layout.
-
-The gap between the real and digital world limits our ability to take advantage of new technologies and transform how we work, learn, create, communicate, and live. **Mixed reality is here to close that gap**.
-
-Mixed reality has the potential to help customers and businesses across the globe do things that until now, have never been possible. Mixed reality helps businesses and employees complete crucial tasks faster, safer, more efficiently, and create new ways to connect to customers and partners.
-
-Ready to get started? Check out the links below to learn more about how you can download and deploy Microsoft's new commercial-focused mixed reality apps.
-
-## In this section
-
-| Topic | Description |
-| --- | --- |
-| [Microsoft Remote Assist](hololens-microsoft-remote-assist-app.md) | Microsoft Remote Assist enables collaboration in mixed reality to solve problems faster. Firstline workers can collaborate remotely with heads-up, hands-free video calling, image sharing, and mixed reality annotations. They can share what they see with an expert on Microsoft Teams, while staying hands-on to solve problems and complete tasks together, faster. |
-| [Microsoft Layout](hololens-microsoft-layout-app.md ) | Bring designs from concept to completion with confidence and speed using Microsoft Layout. Import 3D models to easily create room layouts in real-world scale. Experience designs as high-quality holograms in physical or virtual space and edit in real time. With Microsoft Layout, you can see ideas in context, saving valuable time and money. |
-
-## Questions and support
-
-You can ask questions and engage with our team in the [Mixed Reality Tech Community](https://techcommunity.microsoft.com/t5/Mixed-Reality/ct-p/MixedReality).

devices/hololens/index.md

@@ -31,7 +31,6 @@ ms.date: 07/27/2018
 [Share HoloLens with multiple people](hololens-multiple-users.md) | Multiple users can shared a HoloLens device by using their Azure Active Directory accounts. |
 | [Configure HoloLens using a provisioning package](hololens-provisioning.md) | Provisioning packages make it easy for IT administrators to configure HoloLens devices without imaging |
 | [Install apps on HoloLens](hololens-install-apps.md) | Use Microsoft Store for Business, mobile device management (MDM), or the Windows Device Portal to install apps on HoloLens |
-| [Preview new mixed reality apps for HoloLens](hololens-public-preview-apps.md) | Download and deploy new mixed reality apps for HoloLens, free for a limited time during public preview |
 | [Enable Bitlocker device encryption for HoloLens](hololens-encryption.md) | Learn how to use Bitlocker device encryption to protect files and information stored on the HoloLens |
 | [Change history for Microsoft HoloLens documentation](change-history-hololens.md) | See new and updated topics in the HoloLens documentation library. |
 

devices/surface/battery-limit.md

@@ -19,7 +19,7 @@ Battery Limit option is a UEFI setting that changes how the Surface device batte
 
 Setting the device on Battery Limit changes the protocol for charging the device battery. When Battery Limit is enabled, the battery charge will be limited to 50% of its maximum capacity. The charge level reported in Windows will reflect this limit. Therefore, it will show that the battery is charged up to 50% and will not charge beyond  this limit. If you enable Battery Limit while the device is above 50% charge, the Battery icon will show that the device is plugged in but discharging until the device reaches 50% of its maximum charge capacity.  
 
-Adding the Battery Limit option to Surface UEFI will require a [Surface UEFI firmware update](update.md), which will be made available through Windows Update or via the MSI driver and firmware packages on the Microsoft Download Center. Check [support article](https://support.microsoft.com/help/4464941) for the specific Surface UEFI version required for each device and supported devices. Currently, Battery Limit is only supported on Surface Pro 4 and Surface Pro 3. However, the setting will be available in the future on other Surface device models. 
+Adding the Battery Limit option to Surface UEFI will require a [Surface UEFI firmware update](update.md), which will be made available through Windows Update or via the MSI driver and firmware packages on the Microsoft Download Center. Check [Enable "Battery Limit" for Surface devices that have to be plugged in for extended periods of time](https://support.microsoft.com/help/4464941) for the specific Surface UEFI version required for each device and supported devices. Currently, Battery Limit is only supported on Surface Pro 4 and Surface Pro 3. However, the setting will be available in the future on other Surface device models. 
 
 ## Enabling Battery Limit in Surface UEFI (Surface Pro 4 and later)
 

mdop/appv-v5/how-to-create-and-use-a-project-template.md

@@ -19,8 +19,6 @@ You can use an App-V 5.0 project template to save commonly applied settings asso
 **Note**  
 You can, and often should apply an App-V 5.0 project template during a package upgrade. For example, if you sequenced an application with a custom exclusion list, it is recommended that an associated template is created and saved for later use while upgrading the sequenced application.
 
- 
-
 App-V 5.0 project templates differ from App-V 5.0 Application Accelerators because App-V 5.0 Application Accelerators are application-specific, and App-V 5.0 project templates can be applied to multiple applications.
 
 Use the following procedures to create and apply a new template.
@@ -29,25 +27,20 @@ Use the following procedures to create and apply a new template.
 
 1.  To start the App-V 5.0 sequencer, on the computer that is running the sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
 
-2.  **Note**  
+**Note**  
     If the virtual application package is currently open in the App-V 5.0 Sequencer console, skip to step 3 of this procedure.
 
-     
-
-    To open the existing virtual application package that contains the settings you want to save with the App-V 5.0 project template, click **File** / **Open**, and then click **Edit Package**. On the **Select Package** page, click **Browse** and locate the virtual application package that you want to open. Click **Edit**.
+2.  To open the existing virtual application package that contains the settings you want to save with the App-V 5.0 project template, click **File** / **Open**, and then click **Edit Package**. On the **Select Package** page, click **Browse** and locate the virtual application package that you want to open. Click **Edit**.
 
 3.  In the App-V 5.0 Sequencer console, to save the template file, click **File** / **Save As Template**. After you have reviewed the settings that will be saved with the new template, click **OK**. Specify a name that will be associated with the new App-V 5.0 project template. Click Save.
-
-    The new App-V 5.0 project template is saved in the directory specified in step 3 of this procedure.
+The new App-V 5.0 project template is saved in the directory specified in step 3 of this procedure.
 
 **To apply a project template**
 
-1.  **Important**  
+**Important**  
     Creating a virtual application package using a project template in conjunction with a Package Accelerator is not supported.
 
-     
-
-    To start the App-V 5.0 sequencer, on the computer that is running the sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
+1.  To start the App-V 5.0 sequencer, on the computer that is running the sequencer, click **Start** / **All Programs** / **Microsoft Application Virtualization** / **Microsoft Application Virtualization Sequencer**.
 
 2.  To create or upgrade a new virtual application package by using an App-V 5.0 project template, click **File** / **New From Template**.
 
@@ -62,9 +55,9 @@ Use the following procedures to create and apply a new template.
 
 [Operations for App-V 5.0](operations-for-app-v-50.md)
 
- 
-
- 
+
+
+
 
 
 

store-for-business/prerequisites-microsoft-store-for-business.md

@@ -47,7 +47,7 @@ While not required, you can use a management tool to distribute and manage apps.
 
 ## Proxy configuration
 
-If your organization restricts computers on your network from connecting to the Internet, there is a set of URLs that need to be available for devices to use Microsoft Store. Some of the Microsoft Store features use Store services. Devices using Microsoft Store – either to acquire, install, or update apps – will need access to these URLs. If you use a proxy sever to block traffic, your configuration needs to allow these URLs:
+If your organization restricts computers on your network from connecting to the Internet, there is a set of URLs that need to be available for devices to use Microsoft Store. Some of the Microsoft Store features use Store services. Devices using Microsoft Store – either to acquire, install, or update apps – will need access to these URLs. If you use a proxy server to block traffic, your configuration needs to allow these URLs:
 
 -   login.live.com
 -   login.windows.net

windows/application-management/TOC.md

@@ -5,7 +5,6 @@
 ## [Understand apps in Windows 10](apps-in-windows-10.md)
 ## [Add apps and features in Windows 10](add-apps-and-features.md)
 ## [Repackage win32 apps in the MSIX format](msix-app-packaging-tool.md)
-### [Learn how to repackage win32 apps in the MSIX format](msix-app-packaging-tool-walkthrough.md)
 ## [Application Virtualization (App-V) for Windows](app-v/appv-for-windows.md)
 ### [Getting Started with App-V](app-v/appv-getting-started.md)
 #### [What's new in App-V for Windows 10, version 1703 and earlier](app-v/appv-about-appv.md)

windows/application-management/msix-app-packaging-tool-walkthrough.md

@@ -1,160 +0,0 @@
----
-title: Learn how to repackage your existing win32 applications to the MSIX format. This walkthrough provides in-depth detail on how the MSIX app packaging tool can be used.
-description: Learn how to use the MSIX packaging tool with this in-depth walkthrough.
-keywords: ["MSIX", "application", "app", "win32", "packaging tool"]
-ms.prod: w10
-ms.mktglfcycl: manage
-ms.sitesec: library
-ms.localizationpriority: medium
-ms.author: mikeblodge
-ms.topic: article
-ms.date: 08/027/2018
----
-
-# MSIX Packaging tool walkthrough
-
-Learn how to repackage your legacy win32 application installers to MSIX, without the need for making code changes to your apps. The MSIX Packaging Tool allows you to modernize your app to take adavantage of Microsoft Store or Microsoft Store for Business to deploy apps on Windows 10 in S mode.
-
-## Terminology
-
-
-|Term  |Definition  |
-|---------|---------|
-|MPT     |  MSIX Packaging Tool. An enterprise grade tool that allows to package apps in the enterprise easily as MSIX without app code changes.       |
-|PSF     |   Package Support Framework. An open source framework to allow the packaging tool and the IT Admin to apply targeted fixes to the app in order to bypass some of the modern environment constrains. Some fixes will be added automatically by the tool and some will be added manually.      |
-|Modification Package     |  MSIX package to stores app preferences/settings and add-ins, decoupled from the main package.       |
-|Installer     |  Application installer can be an MSI, EXE, App-V , ClickOnce.       |
-|Project template file     | Template file that saves the settings and parameters used for a certain package conversion. Information captured in the template includes general Tooling packaging options, settings in the options menus like exclusion lists, package deployment settings, application install location, package manifest information like Package Family Name, publisher, version and package properties like capabilities and advanced enterprise features.        |
-
-## Creating an Application package
-
-![Create a package](images/welcomescreen.png)
-
-When the tool is first launched, you will be prompted to provide consent to sending telemtry data. It's important to note that the diagnostic data you share only comes from the app and is never used to identify or contact you. This just helps us fix things faster for you.
-
-![creating an application package](images/Selectinstaller.png)
-
-Creating an Application package is the most commonly used option. This is where you will create an MSIX package from an installer, or by manual installation of application payload. 
-- If an installer is being used, browse to and select the desired application installer and click **Next**.
-    - This field accepts a valid existing file path.
-    - The field can be empty if you are manually packaging.
-- If there is no installer (manual packaging) click **Next**.
-
-*Optionally*
-- Check the box under "Use Existing MSIX Package", browse, and select an existing MSIX package you'd like to update.
-- Check the box under "Use installer Preferences" and enter the desired argument in the provided field. This field accepts any string.
-
-### Packaging method
-![selecting the package environment](images/selectenvironmentthiscomputer.png)
-- Select the packaging environment by selecting one of the radio buttons:
-    - "Create package on an existing virtual machine" if you plan to do the package creation on a VM. Click **Next**. (You will be presented with user and password fields to provide credentials for the VM if there are any).
-    - "Create package on this computer" if you plan to package the application on the current machine where the tool is installed. Click **Next**.
-
-### Create package on this computer
-
-![Create a package on this computer](images/packageinfo.png)
-
-You've selected to package your application on the current machine where the tool is installed. Nice job! Provide the information pertaining to the app. The tool will try to auto-fill these fields based on the information available from the installer. You will always have a choice to update the entries as needed. If the field as an asterisk*, it's required, but you already knew that. Inline help is provided if the entry is not valid. 
-
-- Package name:
-    - Required and corresponds to package identity Name in the manifest to describe the contents of the package. 
-    - Must match the Name subject information of the certificate used to sign a package. 
-    - Is not shown to the end user. 
-    - Is case-sensitive and cannot have a space. 
-    - Can accept string between 3 and 50 characters in length that consists of alpha-numeric, period, and dash characters. 
-    - Cannot end with a period and be one of these: "CON", "PRN", "AUX", "NUL", "COM1", "COM2", "COM3", "COM4", "COM5", "COM6", "COM7", "COM8", "COM9", "LPT1", "LPT2", "LPT3", "LPT4", "LPT5", "LPT6", "LPT7", "LPT8", and "LPT9." 
-- Package display name:
-    - Required and corresponds to package <DisplayName> in the manifest to display a friendly package name to the user, in start menu and settings pages.
-    - Field accepts A string between 1 and 256 characters in length and is localizable.
-- Publisher name
-    - Required and corresponds to package <Publisher Name> that describes the publisher information.  
-    - The Publisher attribute must match the publisher subject information of the certificate used to sign a package. 
-    - This field accepts a string between 1 and 8192 characters in length that fits the regular expression of a distinguished name : "(CN | L | O | OU | E | C | S | STREET | T | G | I | SN | DC | SERIALNUMBER | Description | PostalCode | POBox | Phone | X21Address | dnQualifier | (OID.(0 | [1-9][0-9])(.(0 | [1-9][0-9]))+))=(([^,+="<>#;])+ | ".")(, ((CN | L | O | OU | E | C | S | STREET | T | G | I | SN | DC | SERIALNUMBER | Description | PostalCode | POBox | Phone | X21Address | dnQualifier | (OID.(0 | [1-9][0-9])(.(0 | [1-9][0-9]))+))=(([^,+="<>#;])+ | ".")))*".
-- Publisher display name
-    - Reuqired and corresponds to package <PublisherDisplayName> in the manifest to display a friendly publisher name to the user, in App installer and settings pages.
-    - Field accepts A string between 1 and 256 characters in length and is localizable. 
-- Version
-    - Required and corresponds to package <Identity Version> in the manifest to describe the The version number of the package. 
-    - This field accepts a version string in quad notation, "Major.Minor.Build.Revision". 
-- Install location
-    - This is the location that the installer is going to copy the application payload to (usually Programs Files folder). 
-    - This field is optional but recommended. 
-    - Browse to and select a folder path. 
-    - Make sure this filed matches Installers Install location while you go through the application install operation.
-
-### Prepare computer
-
-![prepare your computer](images/preparecomputer.png)
-
-- You are provided with options to prepare the computer for packaging. 
-- MSIX Packaging Tool Driver is required and the tool will automatically try to enable it if it is not enabled. 
-   > [!NOTE]
-   > MSIX Packaging tool driver monitors the system to capture the changes that an installer is making on the system which allows MSIX Packaging Tool to create a package based on those changes.
-  - The tool will first check with DISM to see if the driver is installed. 
-- [Optional] Check the box for “Windows Search is Active” and select “disable selected” if you choose to disable the search service. 
-    - This is not required, only recommended. 
-    - Once disabled, the tool will update the status field to “disabled” 
-- [Optional] Check the box for “Windows Update is Active” and select “disable selected” if you choose to disable the Update service. 
-    - This is not required, only recommended. 
-    - Once disabled, the tool will update the status field to “disabled” 
-- “Pending reboot” checkbox is disabled by default. You'll need to manually restart the machine and then launch the tool again if you are prompted that pending operations need a reboot. 
-    - This not required, only recommended. 
-When you're done preparing the machine, click **Next**. 
-
-### Installation
-
-![Installation phase for capturing the install operations](images/installation.png)
-
-- This is installation phase where the tool is monitoring and capturing the application install operations. 
-- If you've provided an installer, the tool will launch the installer and you'll need to go through the installer wizard to install the application. 
-    - Make sure the installation path matches what was defined earlier in the package information page. 
-    - You'll need to create a shortcut in desktop for the newly installed application. 
-    - Once you're done with the application installation wizard, make sure you finish or close on the installation wizard. 
-    - If you need to run multiple installers you can do that manually at this point. 
-    - If the app needs other pre-reqs, you need to install them now. 
-    - If the application needs .Net 3.5/20, add the optional feature to Windows. 
-- If installer was not provided, manually copy the application binaries to the install location that you've defined earlier in package information. 
-- When you've completed installing the application, click **Next**. 
-
-### Manage first launch tasks
-
-![Managing first launch tasks](images/managefirstlaunchtasks.png)
-
-- This page shows application executables that the tool captured. 
-- We recommended launching the application at least once to capture any first launch tasks. 
-- If there are multiple applications, check the box that corresponds to the main entry point. 
-- If you don't see the application .exe here, manually browse to and run it. 
-- Click **Next** 
-
-![pop up asking for confirmation you are done monitoring](images/donemonitoring..png)
-
-You'll be prompted with a pop up asking for confirmation that you're finished with application installation and managing first launch tasks. 
-- If you're done, click **Yes, move on**. 
-- If you're not done, click **No, I'm not done**. You'll be taken back to the last page to where you can launch applications, install or copy other files, and dlls/executables. 
-
-### Package support report
-
-![Package support, runtime fixes that might be appliciable to the app](images/packagesupport.png)
-
-- Here you'll have a chance to add PSF runtime fixes that might be applicable to the application. *(not supported in preview)*
-    - The tool will make some suggestions and apply fixes that it thinks are applicable. 
-    - You'll have the opportunity to add, remove or edit PSF runtime fixes 
-    - You can see a list of PSFs provided by the community from Github. 
-    - You'll also see a packaging report on this page. The report will call out noteworthy items for example:
-        - If certain restricted capabilities like allowElevation is added 
-        - If certain files were excluded from the package. 
-        - Etc 
-Once done, click **Next**. 
-
-## Create package
-
-![Creating the new package](images/createpackage.png)
-
-- Provide a location to save the MSIX package.
-- By default, packages are saved in local app data folder.
-- You can define the default save location in Settings menu.
-- If you'd like to continue to edit the content and properties of the package before saving the MSIX package, you can select “Package editor” and be taken to package editor. 
-- If you prefer to sign the package with a pre-made certificate for testing, browse to and select the certificate. 
-- Click **Create** to create the MSIX package. 
-
-You'll be presented with the pop up when the package is created. This pop up will include the name, publisher, and save location of the newly created package. You can close this pop up and get redirected to the welcome page. You can also select package editor to see and modify the package content and properties. 

windows/client-management/mandatory-user-profile.md

@@ -61,22 +61,11 @@ First, you create a default user profile with the customizations that you want,
 
 3. [Create an answer file (Unattend.xml)](https://msdn.microsoft.com/library/windows/hardware/dn915085.aspx) that sets the [CopyProfile](https://msdn.microsoft.com/library/windows/hardware/dn922656.aspx) parameter to **True**. The CopyProfile parameter causes Sysprep to copy the currently signed-on user’s profile folder to the default user profile. You can use [Windows System Image Manager](https://msdn.microsoft.com/library/windows/hardware/dn922445.aspx), which is part of the Windows Assessment and Deployment Kit (ADK) to create the Unattend.xml file. 
  
-3. For devices running Windows 10, use the [Remove-AppxProvisionedPackage](https://technet.microsoft.com/library/dn376476%28v=wps.620%29.aspx) cmdlet in Windows PowerShell to uninstall the following applications: 
- 
-     - Microsoft.windowscommunicationsapps_8wekyb3d8bbwe
-     - Microsoft.BingWeather_8wekyb3d8bbwe
-     - Microsoft.DesktopAppInstaller_8wekyb3d8bbwe
-     - Microsoft.Getstarted_8wekyb3d8bbwe
-     - Microsoft.Windows.Photos_8wekyb3d8bbwe
-     - Microsoft.WindowsCamera_8wekyb3d8bbwe
-     - Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe
-     - Microsoft.WindowsStore_8wekyb3d8bbwe
-     - Microsoft.XboxApp_8wekyb3d8bbwe
-     - Microsoft.XboxIdentityProvider_8wekyb3d8bbwe
-     - Microsoft.ZuneMusic_8wekyb3d8bbwe 
+3. Uninstall any application you do not need or want from the PC. For examples on how to uninstall Windows 10 Application see [Remove-AppxProvisionedPackage](https://docs.microsoft.com/powershell/module/dism/remove-appxprovisionedpackage?view=winserver2012-ps). For a list of uninstallable applications, see [Understand the different apps included in Windows 10](https://docs.microsoft.com/windows/application-management/apps-in-windows-10).
+
      
      >[!NOTE]
-     >Uninstalling these apps will decrease sign-in time. If your deployment needs any of these apps, you can leave them installed.
+     >It is highly recommended to uninstall unwanted or unneeded apps as it will speed up user sign-in times.
 
 3. At a command prompt, type the following command and press **ENTER**.
 

windows/client-management/mdm/certificate-authentication-device-enrollment.md

@@ -187,7 +187,7 @@ The following snippet shows the policy web service response.
 ```
 HTTP/1.1 200 OK
 Date: Fri, 03 Aug 2012 20:00:00 GMT
-Server: <sever name here>
+Server: <server name here>
 Content-Type: application/soap+xml
 Content-Length: xxxx
 

windows/client-management/mdm/clientcertificateinstall-csp.md

@@ -90,7 +90,7 @@ The following image shows the ClientCertificateInstall configuration service pro
 <p style="margin-left: 20px">Supported operations are Get, Add, and Replace.
 
 <a href="" id="clientcertificateinstall-pfxcertinstall-uniqueid-pfxcertpasswordencryptiontype"></a>**ClientCertificateInstall/PFXCertInstall/*UniqueID*/PFXCertPasswordEncryptionType**
-<p style="margin-left: 20px">Optional. Used to specify whtether the PFX certificate password is encrypted with the MDM certificate by the MDM sever.
+<p style="margin-left: 20px">Optional. Used to specify whtether the PFX certificate password is encrypted with the MDM certificate by the MDM server.
 
 <p style="margin-left: 20px">The data type is int. Valid values:
 

windows/client-management/mdm/clientcertificateinstall-ddf-file.md

@@ -626,7 +626,7 @@ Supported operations are Get, Add, Delete noreplace</Description>
                                 <Replace />
                             </AccessType>
                             <DefaultValue>3</DefaultValue>
-                            <Description>Optional. Special to SCEP. Specify device retry times when the SCEP sever sends pending status. Format is int. Default value is 3. Max value: the value cannot be larger than 30. If it is larger than 30, the device will use 30.
+                            <Description>Optional. Special to SCEP. Specify device retry times when the SCEP server sends pending status. Format is int. Default value is 3. Max value: the value cannot be larger than 30. If it is larger than 30, the device will use 30.
 The min value is 0 which means no retry. Supported operations are Get, Add, Delete, Replace.</Description>
                             <DFFormat>
                                 <int />

windows/configuration/multi-app-kiosk-troubleshoot.md

@@ -34,6 +34,9 @@ For example:
 1. [Verify that the provisioning package is applied successfully](kiosk-validate.md).
 2. Verify that the account (config) is mapped to a profile in the configuration XML file.
 3. Verify that the configuration XML file is authored and formatted correctly. Correct any configuration errors, then create and apply a new provisioning package. Sign out and sign in again to check the new configuration.
+4. Additional logs about configuration and runtime issues can be obtained by enabling the **Applications and Services Logs\Microsoft\Windows\AssignedAccess\Operational** channel, which is disabled by default.
+
+![Event Viewer, right-click Operational, select enable log](images/enable-assigned-access-log.png)
 
 
 ## Apps configured in AllowedList are blocked

windows/deployment/planning/windows-10-1809-removed-features.md

@@ -32,7 +32,6 @@ We're removing the following features and functionalities from the installed pro
 |Hologram app|We've replaced the Hologram app with the [Mixed Reality Viewer](https://support.microsoft.com/help/4041156/windows-10-mixed-reality-help). If you would like to create 3D word art, you can still do that in Paint 3D and view your art in VR or Hololens with the Mixed Reality Viewer.|
 |limpet.exe|We're releasing the limpet.exe tool, used to access TPM for Azure connectivity, as open source.|
 |Phone Companion|When you update to Windows 10, version 1809, the Phone Companion app will be removed from your PC. Use the **Phone** page in the Settings app to sync your mobile phone with your PC. It includes all the Phone Companion features.|
-|Trusted Platform Module (TPM) management console|The information previously available in the TPM management console is now available on the [**Device security**](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/wdsc-device-security) page in the [Windows Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center).|
 |Future updates through [Windows Embedded Developer Update](https://docs.microsoft.com/previous-versions/windows/embedded/ff770079\(v=winembedded.60\)) for Windows Embedded Standard 8 and Windows Embedded 8 Standard|We’re no longer publishing new updates to the WEDU server. Instead, you may secure any new updates from the [Microsoft Update Catalog](http://www.catalog.update.microsoft.com/Home.aspx).|
 
 ## Features we’re no longer developing

windows/deployment/update/update-compliance-delivery-optimization.md

@@ -7,7 +7,7 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
-ms.date: 03/27/2018
+ms.date: 10/04/2018
 keywords: oms, operations management suite, optimization, downloads, updates, log analytics
 ms.localizationpriority: medium
 ---
@@ -15,9 +15,7 @@ ms.localizationpriority: medium
 # Delivery Optimization in Update Compliance
 The Update Compliance solution of Windows Analytics provides you with information about your Delivery Optimization configuration, including the observed bandwidth savings across all devices that used peer-to-peer distribution over the past 28 days.
 
->[!Note]
->Delivery Optimization Status is currently in development. See the [Known Issues](#known-issues) section for issues we are aware of and potential workarounds. 
-
+![DO status](images/UC_workspace_DO_status.png)
 
 ## Delivery Optimization Status
  
@@ -27,7 +25,7 @@ The Delivery Optimization Status section includes three blades:
 - The **Content Distribution (%)** blade shows the percentage of bandwidth savings for each category
 - The **Content Distribution (GB)** blade shows the total amount of data seen from each content type broken down by the download source (peers vs non-peers).
 
-![DO status](images/uc-DO-status.png)
+
 
  
 ## Device Configuration blade
@@ -46,8 +44,3 @@ The download sources that could be included are:
 - Group Bytes: Bytes downloaded from Group Peers which are other devices that belong to the same Group (available when the “Group” download mode is used)
 - HTTP Bytes: Non-peer bytes. The HTTP download source can be Microsoft Servers, Windows Update Servers, a WSUS server or an SCCM Distribution Point for Express Updates. 
 
-## Known Issues
-Delivery Optimization is currently in development. The following issues are known:
-
-- DO Download Mode is not accurately portrayed in the Device Configuration blade. There is no workaround at this time. 
-

windows/deployment/update/update-compliance-feature-update-status.md

@@ -5,20 +5,20 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: deploy
-author: DaniHalfin
-ms.author: daniha
-ms.date: 10/18/2017
+author: Jaimeo
+ms.author: jaimeo
+ms.date: 10/04/2018
 ---
 
 # Feature Update Status
 
-![The Feature Update Status report](images/uc-featureupdatestatus.png)
+![The Feature Update Status report](images/UC_workspace_FU_status.png)
 
-The Feature Update Status section provides information about the status of [feature updates](waas-quick-start.md#definitions) across all devices. This section tile in the [Overview Blade](update-compliance-using.md#overview-blade) gives a percentage of devices that are on the latest applicable feature update; [Servicing Channel](waas-overview.md#servicing-channels) is considered in determining applicability. Within this section are two blades; one providing a holistic view of feature updates, the other containing three **Deployment Status** tiles, each charged with tracking the deployment for a different [Servicing Channel](https://docs.microsoft.com/en-us/windows/deployment/update/waas-overview#servicing-channels). 
+The Feature Update Status section provides information about the status of [feature updates](waas-quick-start.md#definitions) across all devices. This section tile in the [Overview Blade](update-compliance-using.md#overview-blade) gives a percentage of devices that are on the latest applicable feature update; [Servicing Channel](waas-overview.md#servicing-channels) is considered in determining applicability. Within this section are two blades; one providing a holistic view of feature updates, the other containing three **Deployment Status** tiles, each charged with tracking the deployment for a different [Servicing Channel](waas-overview.md#servicing-channels). 
 
 ## Overall Feature Update Status
 
-The Overall Feature Update Status blade breaks down how many devices are up-to-date or not, with a special callout for how many devices are running a build that is not supported (for a full list of feature updates, check out the [Windows 10 Release Information](https://technet.microsoft.com/en-us/windows/release-info.aspx) page). The table beneath the visualization breaks devices down by Servicing Channel and OS Version, then defining whether this combination is *up-to-date*, *not up-to-date* or *out of support*. Finally, the table provides a count of devices that fall into this category.  
+The Overall Feature Update Status blade breaks down how many devices are up-to-date or not, with a special callout for how many devices are running a build that is not supported (for a full list of feature updates, check out the [Windows 10 Release Information](https://technet.microsoft.com/en-us/windows/release-info.aspx) page). The table beneath the visualization breaks devices down by Servicing Channel and operating system version, then defining whether this combination is *up-to-date*, *not up-to-date* or *out of support*. Finally, the table provides a count of devices that fall into this category.  
 
 ## Deployment Status by Servicing Channel
 
@@ -31,4 +31,3 @@ Refer to the following list for what each state means:
 * Devices that have failed the given feature update installation are counted as **Update failed**.
 * If a device should be, in some way, progressing toward this security update, but its status cannot be inferred, it will count as **Status Unknown**. Devices not using Windows Update are the most likely devices to fall into this category.
 
-Clicking on any row will navigate to the query relevant to that feature update. These queries are attached to [Perspectives](update-compliance-perspectives.md) that contain detailed deployment data for that update. 

windows/deployment/update/update-compliance-get-started.md

@@ -8,76 +8,65 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: Jaimeo
 ms.author: jaimeo
-ms.date: 08/21/2018
+ms.date: 10/04/2018
 ms.localizationpriority: medium
 ---
 
 # Get started with Update Compliance
-
->[!IMPORTANT]
->**The OMS portal has been deprecated; you should start using the [Azure portal](https://portal.azure.com) instead as soon as possible.** Many experiences are the same in the two portals, but there are some key differences. See [Windows Analytics in the Azure Portal](windows-analytics-azure-portal.md) for steps to use Windows Analytics in the Azure portal. For much more information about the transition from OMS to Azure, see [OMS portal moving to Azure](https://docs.microsoft.com/azure/log-analytics/log-analytics-oms-portal-transition).
-
-This topic explains the steps necessary to configure your environment for Windows Analytics: Update Compliance. 
+This topic explains the steps necessary to configure your environment for Windows Analytics: Update Compliance.
 
 Steps are provided in sections that follow the recommended setup process:
-1. [Add Update Compliance](#add-update-compliance-to-microsoft-operations-management-suite) to Microsoft Operations Management Suite.
-2. [Enroll devices in Windows Analytics](#enroll-devices-in-windows-analytics) to your organization’s devices.
-3. [Use Update Compliance to monitor Windows Updates](#use-update-compliance-to-monitor-windows-updates) once your devices are enrolled.
 
+1. Ensure you meet the [Update Compliance prerequisites](#update-compliance-prerequisites).
+2. [Add Update Compliance to your Azure subscription](#add-update-compliance-to-your-azure-subscription).
+3. [Enroll devices in Windows Analytics](#enroll-devices-in-windows-analytics).
+4. [Use Update Compliance](update-compliance-using.md) to monitor Windows Updates, Windows Defender Antivirus status, and Delivery Optimization.
 
+## Update Compliance prerequisites
+Before you begin the process to add Update Compliance to your Azure subscription, first ensure you can meet the prerequisites:
+1.	Update Compliance works only with Windows 10 Professional, Education, and Enterprise editions. Update Compliance only provides data for the standard Desktop Windows 10 version and is not currently compatible with Windows Server, Surface Hub, IoT, etc. 
+2.	Update Compliance provides detailed deployment data for devices on the Semi-Annual Channel and the Long-term Servicing Channel. Update Compliance will show Windows Insider Preview devices, but currently will not provide detailed deployment information for them.
+3.	Update Compliance requires at least the Basic level of diagnostic data and a Commercial ID to be enabled on the device. 
+4.	To show device names for versions of Windows 10 starting with 1803 in Windows Analytics you must opt in. For details about this, see the "AllowDeviceNameinTelemetry (in Windows 10)" entry in the table in the [Distributing policies at scale](windows-analytics-get-started.md#deploying-windows-analytics-at-scale) section of [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
+5.	To use the Windows Defender Status, devices must be E3-licensed and have Cloud Protection enabled. E5-licensed devices will not appear here. For E5 devices, you should use [Windows Defender ATP](https://docs.microsoft.com/en-us/sccm/protect/deploy-use/windows-defender-advanced-threat-protection) instead. For more information on Windows 10 Enterprise licensing, see [Windows 10 Enterprise: FAQ for IT Professionals](https://docs.microsoft.com/en-us/windows/deployment/planning/windows-10-enterprise-faq-itpro).
 
-## Add Update Compliance to Microsoft Operations Management Suite or Azure Log Analytics
+## Add Update Compliance to your Azure subscription
+Update Compliance is offered as a solution which is linked to a new or existing [Azure Log Analytics](https://docs.microsoft.com/en-us/azure/log-analytics/query-language/get-started-analytics-portal) workspace within your Azure subscription. To configure this, follow these steps:
 
-Update Compliance is offered as a solution in the Microsoft Operations Management Suite (OMS), a collection of cloud-based servicing for monitoring and automating your on-premises and cloud environments. For more information about OMS, see [Operations Management Suite overview](https://azure.microsoft.com/en-us/documentation/articles/operations-management-suite-overview/) or the Azure [Log Analytics overview](https://azure.microsoft.com/services/log-analytics/).
+1.	Sign in to the [Azure Portal](https://portal.azure.com) with your work or school account or a Microsoft account. If you don't already have an Azure subscription you can create one (including free trial options) through the portal.
 
->[!IMPORTANT]
->Update Compliance is a free solution for Azure subscribers.
+> [!NOTE]
+> Update Compliance is included at no additional cost with Windows 10 Professional, Education, and Enterprise editions. An Azure subscription is required for managing and using Update Compliance, but no Azure charges are expected to accrue to the subscription as a result of using Update Compliance. 
 
-If you are already using OMS, skip to step **6** to add Update Compliance to your workspace.
+2.	In the Azure portal select **+ Create a resource**, and search for “Update Compliance". You should see it in the results below. 
 
->[!NOTE]
->If you are already using OMS, you can also follow [this link](https://portal.mms.microsoft.com/#Workspace/ipgallery/details/details/index?IPId=WaaSUpdateInsights) to go directly to the Update Compliance solution and add it to your workspace.
+![Update Compliance marketplace search results](images/UC_00_marketplace_search.png)
 
+3.	Select **Update Compliance** and a blade will appear summarizing the solution’s offerings. At the bottom, select **Create** to begin adding the solution to Azure.
 
-If you are not yet using OMS, use the following steps to subscribe to OMS Update Compliance:
+![Update Compliance solution creation](images/UC_01_marketplace_create.png)
 
-1.	Go to [Operations Management Suite](https://www.microsoft.com/en-us/cloud-platform/operations-management-suite) on Microsoft.com and click **Sign in**.   
-  ![Operations Management Suite bar with sign-in button](images/uc-02a.png)  
-  
-2.	Sign in to Operations Management Suite (OMS). You can use either a Microsoft Account or a Work or School account to create a workspace. If your company is already using Azure Active Directory (Azure AD), use a Work or School account when you sign in to OMS. Using a Work or School account allows you to use identities from your Azure AD to manage permissions in OMS.   
-  ![OMS Sign-in dialog box for account name and password](images/uc-03a.png)  
-  
-3.	Create a new OMS workspace.   
-  ![OMS dialog with buttons to create a new OMS workspace or cancel](images/uc-04a.png)  
-   
-4.	Enter a name for the workspace, select the workspace region, and provide the email address that you want associated with this workspace. Click **Create**.   
-  ![OMS Create New Workspace dialog](images/uc-05a.png)](images/uc-05.png)
-  
-5.	If your organization already has an Azure subscription, you can link it to your workspace. Note that you may need to request access from your organization’s Azure administrator. If your organization does not have an Azure subscription, create a new one or select the default OMS Azure subscription from the list. If you do not yet have an Azure subscription, follow [this guide](https://blogs.technet.microsoft.com/upgradeanalytics/2016/11/08/linking-operations-management-suite-workspaces-to-microsoft-azure/) to create and link an Azure subscription to an OMS workspace.  
-  ![OMS dialog to link existing Azure subscription or create a new one](images/uc-06a.png)  
-  
-6.	To add the Update Compliance solution to your workspace, go to the Solutions Gallery.  While you have this dialog open, you should also consider adding the [Upgrade Readiness](../upgrade/use-upgrade-readiness-to-manage-windows-upgrades.md) and [Device Health](device-health-monitor.md) solutions as well, if you haven't already. To do so, just select the check boxes for those solutions.   
-  ![OMS workspace with Solutions Gallery tile highlighted](images/uc-07a.png)   
-  
-7.	Select the **Update Compliance** tile in the gallery and then select **Add** on the solution’s details page. You might need to scroll to find **Update Compliance**. The solution is now visible in your workspace.   
-  ![Workspace showing Solutions Gallery](images/uc-08a.png)  
-  
-8.	Click the **Update Compliance** tile to configure the solution. The **Settings Dashboard** opens.   
-  ![OMS workspace with new Update Compliance tile on the right side highlighted](images/uc-09a.png)  
-  
-9.	Click **Subscribe** to subscribe to OMS Update Compliance. You will then need to distribute your Commercial ID across all your organization’s devices. More information on the Commercial ID is provided below.   
-  ![Series of blades showing Connected Sources, Windows Diagnostic Data, and Upgrade Analytics solution with Subscribe button](images/uc-10a.png)  
-  
-After you are subscribed to OMS Update Compliance and your devices have a Commercial ID, you will begin receiving data. It will typically take 24 hours for the first data to begin appearing. The following section explains how to deploy your Commercial ID to your Windows 10 devices.
+4.	Choose an existing workspace or create a new workspace that will be assigned to the Update Compliance solution. 
+    - If you already have another Windows Analytics solution, you should use the same workspace. 
+    - If you are creating a new workspace, and your organization does not have policies governing naming conventions and structure, consider the following workspace settings to get started:
+        - Choose a workspace name which reflects the scope of planned usage in your organization, for example *PC-Analytics*.
+        - For the resource group setting select **Create new** and use the same name you chose for your new workspace.
+        - For the location setting, choose the Azure region where you would prefer the data to be stored.
+        - For the pricing tier select **Free**.
 
->[!NOTE]
->You can unsubscribe from the Update Compliance solution if you no longer want to monitor your organization’s devices. User device data will continue to be shared with Microsoft while the opt-in keys are set on user devices and the proxy allows traffic.
+![Update Compliance workspace creation](images/UC_02_workspace_create.png)
+
+5.	The resource group and workspace creation process could take a few minutes. After this, you are able to use that workspace for Update Compliance. Select **Create**.
+
+![Update Compliance workspace selection](images/UC_03_workspace_select.png)
+
+6.	Watch for a notification in the Azure portal that your deployment has been successful. This might take a few minutes. Then, select **Go to resource**. 
+
+![Update Compliance deployment successful](images/UC_04_resourcegrp_deployment_successful.png)
 
 ## Enroll devices in Windows Analytics
+Once you've added Update Compliance to a workspace in your Azure subscription, you can start enrolling the devices in your organization. For Update Compliance there are two key steps for enrollment:
+1.	Deploy your Commercial ID (from the Update Compliance Settings page) to your Windows 10 devices (typically by using Group Policy, [Mobile Device Management](https://docs.microsoft.com/en-us/windows/client-management/windows-10-mobile-and-mdm), [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/core/understand/introduction) or similar).
+2.	Ensure the Windows Diagnostic Data setting on devices is set to at least Basic (typically using Group Policy or similar). For full enrollment instructions and troubleshooting, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
 
-Once you've added Update Compliance to Microsoft Operations Management Suite, you can now start enrolling the devices in your organization. For full instructions, see [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).
-
-
-## Use Update Compliance to monitor Windows Updates
-
-Once your devices are enrolled, you can start to [Use Update Compliance to monitor Windows Updates](update-compliance-using.md).
+After enrolling your devices (by deploying your CommercialID and Windows Diagnostic Data settings), it might take 48-72 hours for the first data to appear in the solution. Until then, Update Compliance will indicate it is still assessing devices. 

windows/deployment/update/update-compliance-monitor.md

@@ -8,51 +8,39 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: Jaimeo
 ms.author: jaimeo
-ms.date: 02/09/2018
+ms.date: 10/04/2018
 ms.localizationpriority: medium
 ---
 
-# Monitor Windows Updates and Windows Defender Antivirus with Update Compliance
+# Monitor Windows Updates with Update Compliance
 
 ## Introduction
 
-With Windows 10, organizations need to change the way they approach monitoring and deploying updates. Update Compliance is a powerful set of tools that enable organizations to monitor and track all important aspects of the new servicing strategy from Microsoft: [Windows as a Service](waas-overview.md).
+Update Compliance is a [Windows Analytics solution](windows-analytics-overview.md) that enables organizations to:
 
-Update Compliance is a solution built within Operations Management Suite (OMS), a cloud-based monitoring and automation service which has a flexible servicing subscription based off data usage/retention. For more information about OMS, see [Operations Management Suite overview](https://azure.microsoft.com/documentation/articles/operations-management-suite-overview/).
+* Monitor Windows 10 Professional, Education, and Enterprise security, quality, and feature updates.
+* View a report of device and update issues related to compliance that need attention.
+* See the status of Windows Defender Antivirus signatures and threats.
+* Check bandwidth savings incurred across multiple content types by using [Delivery Optimization](waas-delivery-optimization.md).
 
-Update Compliance uses the Windows diagnostic data that is part of all Windows 10 devices. It collects system data including update installation progress, Windows Update for Business (WUfB) configuration data, Windows Defender Antivirus data, and other update-specific information, and then sends this data privately to a secure cloud to be stored for analysis and usage within the solution.
+Update Compliance is offered through the Azure portal, and is available free for devices that meet the [prerequisites](update-compliance-get-started.md#update-compliance-prerequisites).
 
-Update Compliance provides the following:
-
-- Dedicated drill-downs for devices that might need attention
-- An inventory of devices, including the version of Windows they are running and their update status
-- The ability to track protection and threat status for Windows Defender Antivirus-enabled devices
-- An overview of WUfB deferral configurations (Windows 10 Anniversary Update [1607] and later)
-- Powerful built-in [log analytics](https://www.microsoft.com/en-us/cloud-platform/insight-and-analytics?WT.srch=1&WT.mc_id=AID529558_SEM_%5B_uniqid%5D&utm_source=Bing&utm_medium=CPC&utm_term=log%20analytics&utm_campaign=Hybrid_Cloud_Management) to create useful custom queries
-- Cloud-connected access utilizing Windows 10 diagnostic data means no need for new complex, customized infrastructure
+Update Compliance uses Windows 10 and Windows Defender Antivirus diagnostic data for all of its reporting. It collects system data including update deployment progress, [Windows Update for Business](waas-manage-updates-wufb.md) configuration data, Windows Defender Antivirus data, and Delivery Optimization usage data, and then sends this data to a secure cloud to be stored for analysis and usage in [Azure Log Analytics](https://docs.microsoft.com/en-us/azure/log-analytics/query-language/get-started-analytics-portal).
 
 See the following topics in this guide for detailed information about configuring and using the Update Compliance solution:
 
 - [Get started with Update Compliance](update-compliance-get-started.md): How to add Update Compliance to your environment.
 - [Using Update Compliance](update-compliance-using.md): How to begin using Update Compliance.
 
-Click the following link to see a video demonstrating Update Compliance features.
-
-[![YouTube video demonstrating Update Compliance](images/UC-vid-crop.jpg)](https://www.youtube-nocookie.com/embed/1cmF5c_R8I4)
-
 ## Update Compliance architecture
 
 The Update Compliance architecture and data flow is summarized by the following five-step process:
 
 **(1)** User computers send diagnostic data to a secure Microsoft data center using the Microsoft Data Management Service.<BR>
 **(2)** Diagnostic data is analyzed by the Update Compliance Data Service.<BR>
-**(3)** Diagnostic data is pushed from the Update Compliance Data Service to your OMS workspace.<BR>
+**(3)** Diagnostic data is pushed from the Update Compliance Data Service to your Azure Log Analytics workspace.<BR>
 **(4)** Diagnostic data is available in the Update Compliance solution.<BR>
-**(5)** You are able to monitor and troubleshoot Windows updates and Windows Defender AV in your environment.<BR>
 
-These steps are illustrated in following diagram:
-
-![Update Compliance architecture](images/uc-01-wdav.png)
 
 >[!NOTE]
 >This process assumes that Windows diagnostic data is enabled and data sharing is enabled as described in [Enrolling devices in Windows Analytics](windows-analytics-get-started.md).

windows/deployment/update/update-compliance-need-attention.md

@@ -5,34 +5,39 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: deploy
-author: DaniHalfin
-ms.author: daniha
-ms.date: 10/13/2017
+author: Jaimeo
+ms.author: jaimeo
+ms.date: 10/04/2018
 ---
 
-# Need Attention!
+# Needs attention!
+![Needs attention section](images/UC_workspace_needs_attention.png)
 
-![Need Attention! report](images/uc-needattentionoverview.png)
-
-The “Need Attention!” section provides a breakdown of all device issues detected by Update Compliance. The summary tile for this section counts the number of devices that have issues, while the blades within break down the issues encountered. Finally, a [list of queries](#list-of-queries) blade is shown within this section that contains queries that provide values but do not fit within any other main section. 
+The **Needs attention!** section provides a breakdown of all Windows 10 device and update issues detected by Update Compliance. The summary tile for this section counts the number of devices that have issues, while the blades within break down the issues encountered. Finally, a [list of queries](#list-of-queries) blade in this section contains queries that provide values but do not fit within any other main section. 
 
 >[!NOTE]
->The summary tile counts the number of devices that have issues, while the blades within the section break down the issues encountered. A single device can have more than one issue, so these numbers may not add up.
+>The summary tile counts the number of devices that have issues, while the blades within the section break down the issues encountered. A single device can have more than one issue, so these numbers might not add up.
 
-The different issues are broken down by Device Issues and Update Issues, which are iterated below:
+The different issues are broken down by Device Issues and Update Issues:
 
 ## Device Issues
 
-* **Missing multiple security updates:** This issue occurs when a device is behind by two or more security updates. These devices may be more vulnerable and should be investigated and updated.
-* **Out of support OS Version:** This issue occurs when a device has fallen out of support due to the version of Windows 10 it is running. When a device has fallen out of support, it will no longer be serviced, and may be vulnerable. These devices should be updated to a supported version of Windows 10.
+* **Missing multiple security updates:** This issue occurs when a device is behind by two or more security updates. These devices might be more vulnerable and should be investigated and updated.
+* **Out of support OS Version:** This issue occurs when a device has fallen out of support due to the version of Windows 10 it is running. When a device has fallen out of support, it will no longer receive important security updates, and might be vulnerable. These devices should be updated to a supported version of Windows 10.
 
 ## Update Issues
 
-* **Failed:** This issue occurs when an error halts the process of downloading and applying an update on a device. Some of these errors may be transient, but should be investigated further to be sure.
+* **Failed:** This issue occurs when an error halts the process of downloading and applying an update on a device. Some of these errors might be transient, but should be investigated further to be sure.
+* **Cancelled**: This issue occurs when a user cancels the update process.
+* **Rollback**: This issue occurs when a fatal error occurs during a feature update, and the device is rolled back to the previous version.
+* **Uninstalled**: This issue occurs when a feature update is uninstalled from a device by a user or an administrator. Note that this might not be a problem if the uninstallation was intentional, but is highlighted as it might need attention.
 * **Progress stalled:** This issue occurs when an update is in progress, but has not completed over a period of 10 days.
 
-Clicking on any of the issues will navigate you to the Log Search view with all devices that have the given issue.
+Selecting any of the issues will take you to a [Log Analytics](https://docs.microsoft.com/en-us/azure/log-analytics/query-language/get-started-analytics-portal) view with all devices that have the given issue.
+
+>[!NOTE]
+>This blade also has a link to the [Setup Diagnostic Tool](https://docs.microsoft.com/en-us/windows/deployment/upgrade/setupdiag), a standalone tool you can use to obtain details about why a Windows 10 feature update was unsuccessful. 
 
 ## List of Queries
 
-The List of Queries blade resides within the “Need Attention!” section of Update Compliance. This blade contains a list of queries with a description and a link to the query. These queries contain important meta-information that did not fit within any specific section or were listed to serve as a good starting point for modification into custom queries. 
+The **List of Queries** blade is in the **Needs Attention** section of Update Compliance. This blade contains a list of queries with a description and a link to the query. These queries contain important meta-information that did not fit within any specific section or were listed to serve as a good starting point for modification into custom queries.

windows/deployment/update/update-compliance-security-update-status.md

@@ -5,28 +5,25 @@ ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: deploy
-author: DaniHalfin
-ms.author: daniha
-ms.date: 10/13/2017
+author: Jaimeo
+ms.author: jaimeo
+ms.date: 10/04/2018
 ---
 
 # Security Update Status
 
-![The Security Update Status report](images/uc-securityupdatestatus.png)
+![The Security Update Status report](images/UC_workspace_SU_status.png)
 
-The Security Update Status section provides information about [quality updates](waas-quick-start.md#definitions) across all devices. The section tile within the O[verview Blade](update-compliance-using.md#overview-blade) lists the percentage of devices on the latest security update to provide the most essential data without needing to navigate into the section. However, within the section the Overall Quality Update Status blade also considers whether devices are up-to-date on non-security updates. 
+The Security Update Status section provides information about [security updates](waas-quick-start.md#definitions) across all devices. The section tile within the [Overview Blade](update-compliance-using.md#overview-blade) lists the percentage of devices on the latest security update available. Meanwhile, the blades within show the percentage of devices on the latest security update for each Windows 10 version and the deployment progress toward the latest two security updates.  
 
->[!NOTE]
->It is possible for the percentage of devices on the latest security update to differ from devices that are up-to-date on all quality updates. This is because some devices may have non-security updates that are applicable to them. 
-
-The **Overall Quality Update Status** blade provides a visualization of devices that are and are not up-to-date on the latest quality updates (not just security updates). Below the visualization are all devices further broken down by OS Version and a count of how many are up-to-date and not up-to-date. Within the “Not up-to-date” column, the count of update failures is also given.
+The **Overall Security Update Status** blade provides a visualization of devices that are and do not have the latest security updates. Below the visualization are all devices further broken down by operating system version and a count of devices that are up to date and not up to date. The **Not up to date** column also provides a count of update failures.
  
 The **Latest Security Update Status** and **Previous Security Update Status** tiles are stacked to form one blade. The **Latest Security Update Status** provides a visualization of the different deployment states devices are in regarding the latest update for each build (or version) of Windows 10, along with the revision of that update. The **Previous Security Update Status** blade provides the same information without the accompanying visualization. 
 
-What follows is a breakdown of the different deployment states reported by devices:
+The various deployment states reported by devices are as follows:
 * **Installed** devices are devices that have completed installation for the given update.
-* When a device is counted as **In Progress or Deferred**, it has either begun the installation process for the given update or has been intentionally deferred or paused using WU for Business Settings.
-* Devices that have **Update Failed**, failed updating at some point during the installation process of the given security update.
-* If a device should be, in some way, progressing toward this security update, but its status cannot be inferred, it will count as **Status Unknown**. Devices not using Windows Update are the most likely devices to fall into this category.
+* When a device is counted as **In Progress or Deferred**, it has either begun the installation process for the given update or has been intentionally deferred or paused using Windows Update for Business Settings.
+* Devices that have **Update Issues** have failed to update at some point during the installation process of the given security update or have not seen progress for a period of seven days.
+* If a device should be, in some way, progressing toward this security update, but its status cannot be inferred, it will count as **Status Unknown**. This is most often devices that have not scanned for an update in some time, or devices not being managed through Windows Update.
 
-The rows of each tile in this section are interactive; clicking on them will navigate you to the query that is representative of that row and section. These queries are also attached to [Perspectives](update-compliance-perspectives.md) with detailed deployment data for that update.
+The rows of each tile in this section are interactive; selecting them will navigate you to the query that is representative of that row and section. 

windows/deployment/update/update-compliance-using.md

@@ -8,7 +8,7 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
-ms.date: 10/13/2017
+ms.date: 10/04/2018
 ms.localizationpriority: medium
 ---
 
@@ -18,64 +18,72 @@ In this section you'll learn how to use Update Compliance to monitor your device
 
 
 Update Compliance: 
-- Uses diagnostic data gathered from user devices to form an all-up view of Windows 10 devices in your organization. 
-- Enables you to maintain a high-level perspective on the progress and status of updates across all devices.
-- Provides a workflow that can be used to quickly identify which devices require attention. 
-- Enables you to track deployment compliance targets for updates.
-- Summarizes Windows Defender Antivirus status for devices that use it.
+- Provides detailed deployment data for Windows 10 security, quality, and feature updates.
+- Reports when devices have issues related to updates that need attention.
+- Shows Windows Defender AV status information for devices that use it and meet the [prerequisites](update-compliance-get-started.md#update-compliance-prerequisites).
+- Shows bandwidth usage and savings for devices that are configured to use [Delivery Optimization](waas-delivery-optimization.md).
+- Provides all of the above data in [Log Analytics](#using-log-analytics), which affords additional querying and export capabilities.
 
->[!NOTE]
->Information is refreshed daily so that update progress can be monitored. Changes will be displayed about 24 hours after their occurrence, so you always have a recent snapshot of your devices.
+## The Update Compliance tile
+After Update Compliance has successfully been [added to your Azure subscription](update-compliance-get-started.md#add-update-compliance-to-your-azure-subscription), you’ll see this tile:
 
-In Update Compliance, data is separated into vertically-sliced sections. Each section is referred to as a blade. Within a blade, there may or may not be multiple tiles, which serve to represent the data in different ways. Blades are summarized by their title in the upper-left corner above it. Every number displayed in OMS is the direct result of one or more queries. Clicking on data in blades will often navigate you to the query view, with the query used to produce that data. Some of these queries have perspectives attached to them; when a perspective is present, an additional tab will load in the query view. These additional tabs provide blades containing more information relevant to the results of the query.
+![Update Compliance tile no data](images/UC_tile_assessing.png)
 
-## The Update Compliance Tile
+When the solution is added, data is not immediately available. Data will begin to be collected after data is sent up that belongs to the Commercial ID associated with the device. This process assumes that Windows diagnostic data is enabled and data sharing is enabled as described in [Enrolling devices in Windows Analytics](windows-analytics-get-started.md). After Microsoft has collected and processed any device data associated with your Commercial ID, the tile will be replaced with the following summary:
 
-After Update Compliance has successfully been added from the solution gallery, you’ll see this tile:
-![Empty Update Compliance Tile](images/uc-emptyworkspacetile.png)
+![Update Compliance tile with data](images/UC_tile_filled.png)
 
-When the solution is added, data is not immediately available. Data will begin to be collected after data is sent up that is associated with the Commercial ID associated with the device. This process assumes that Windows diagnostic data is enabled and data sharing is enabled as described in [Enrolling devices in Windows Analytics](windows-analytics-get-started.md). After Microsoft has collected and processed any device data associated with your Commercial ID, the tile will be replaced with the following summary:
+The summary details the total number of devices that Microsoft has received data from with your Commercial ID. It also provides the number of devices that need attention if any. Finally, it details the last point at which your Update Compliance workspace was refreshed.
 
-![Filled Update Compliance Tile](images/uc-filledworkspacetile.png)
+## The Update Compliance workspace
 
-The summary details the total number of devices that Microsoft has received data from with your Commercial ID. It also provides the number of devices that need attention if any. Finally, it details the last point at which your Update Compliance workspace was updated. 
+![Update Compliance workspace view](images/UC_workspace_needs_attention.png)
 
-## The Update Compliance Workspace
+When you select this tile, you will be redirected to the Update Compliance workspace. The workspace is organized with the Overview blade providing a hub from which to navigate to different reports of your devices' data. 
 
-![Update Compliance workspace view](images/uc-filledworkspaceview.png)
+### Overview blade
 
-Upon clicking the tile, you will be redirected to the Update Compliance workspace. The workspace is organized with the Overview Blade providing a hub from which to navigate to different reports of your device’s data. 
+![The Overview blade](images/UC_workspace_overview_blade.png)
 
-### Overview Blade
-
-![The Overview Blade](images/uc-overviewblade.png)
-
-Update Compliance’s overview blade provides a summarization of all the data Update Compliance focuses on. It functions as a hub from which different sections can be navigated to. The total number of devices detected by Update Compliance are counted within the title of this blade. What follows is a distribution for all devices as to whether they are up to date on:
-* Quality updates: A device is up to date on quality updates whenever it has the latest applicable quality update installed. Quality updates are monthly cumulative updates that are specific to a version of Windows 10.
+Update Compliance’s overview blade summarizes all the data Update Compliance provides. It functions as a hub from which you can navigate to different sections. The total number of devices detected by Update Compliance is reported in the title of this blade. What follows is a distribution for all devices as to whether they are up to date on the following items:
+* Security updates: A device is up to date on quality updates whenever it has the latest applicable quality update installed. Quality updates are monthly cumulative updates that are specific to a version of Windows 10.
 * Feature updates: A device is up to date on feature updates whenever it has the latest applicable feature update installed. Update Compliance considers [Servicing Channel](waas-overview.md#servicing-channels) when determining update applicability. 
 * AV Signature: A device is up to date on Antivirus Signature when the latest Windows Defender Signatures have been downloaded. This distribution only considers devices that are running Windows Defender Antivirus. 
 
-The blade also provides the time at which your Update Compliance workspace was refreshed. 
+The blade also provides the time at which your Update Compliance workspace was [refreshed](#data-latency). 
 
-Below the “Last Updated” time, a list of the different sections follows that can be clicked on to view more information, they are:
-* [Need Attention!](update-compliance-need-attention.md) - This section is the default section when arriving to your Update Compliance workspace. It counts the number of devices encountering issues and need attention; clicking into this provides blades that summarize the different issues that devices are encountering, and provides a List of Queries that Microsoft finds useful.
-* [Security Update Status](update-compliance-security-update-status.md) - This section lists the percentage of devices that are on the latest security update released for the version of Windows 10 it is running. Clicking into this section provides blades that summarize the overall status of Quality updates across all devices; including deployment. 
-* [Feature Update Status](update-compliance-feature-update-status.md) - This section lists the percentage of devices that are on the latest feature update that is applicable to a given device. Clicking into this section provides blades that summarize the overall feature update status across all devices, with an emphasis on deployment progress. 
-* [Windows Defender AV Status](update-compliance-wd-av-status.md) - This section lists the percentage of devices running Windows Defender Antivirus that are not sufficiently protected. Clicking into this section provides a summary of signature and threat status across all devices that are running Windows Defender Antivirus. This section is not applicable to devices not running Windows Defender Antivirus.  
+The following is a breakdown of the different sections available in Update Compliance:
+* [Need Attention!](update-compliance-need-attention.md) - This section is the default section when arriving to your Update Compliance workspace. It provides a summary of the different issues devices are facing relative to Windows 10 updates.
+* [Security Update Status](update-compliance-security-update-status.md) - This section lists the percentage of devices that are on the latest security update released for the version of Windows 10 it is running. Selecting this section provides blades that summarize the overall status of security updates across all devices and a summary of their deployment progress towards the latest two security updates. 
+* [Feature Update Status](update-compliance-feature-update-status.md) - This section lists the percentage of devices that are on the latest feature update that is applicable to a given device. Selecting this section provides blades that summarize the overall feature update status across all devices and a summary of deployment status for different versions of Windows 10 in your environment.
+* [Windows Defender AV Status](update-compliance-wd-av-status.md) - This section lists the percentage of devices running Windows Defender Antivirus that are not sufficiently protected. Selecting this section provides a summary of signature and threat status across all devices that are running Windows Defender Antivirus. This section is not applicable to devices not running Windows Defender Antivirus or devices that do not meet the [prerequisites](update-compliance-get-started.md#update-compliance-prerequisites) to be assessed. 
+* [Delivery Optimization Status](update-compliance-delivery-optimization.md) - This section summarizes bandwidth savings incurred by utilizing Delivery Optimization in your environment. It provides a breakdown of Delivery Optimization configuration across devices, and summarizes bandwidth savings and utilization across multiple content types.
 
-Use [Perspectives](update-compliance-perspectives.md) for data views that provide deeper insight into your data.
 
-## Utilizing Log Analytics
+## Update Compliance data latency
+Update Compliance uses Windows 10 diagnostic data as its data source. After you add Update Compliance and appropriately configure your devices, it could take 48-72 hours before they first appear. The  process that follows is as follows:
 
-Update Compliance is built upon the Log Analytics platform that is integrated into Operations Management Suite. All data within the workspace is the direct result of a query. Understanding the tools and features at your disposal, all integrated within OMS, can deeply enhance your experience and complement Update Compliance. 
+Update Compliance is refreshed every 12 hours. This means that every 12 hours all data that has been gathered over the last 12-hour interval is pushed to Log Analytics. However, the rate that each data type is sent and how long it takes to be ready for Update Compliance varies, roughly outlined below.
+| Data Type | Refresh Rate | Data Latency |
+|--|--|--|
+|WaaSUpdateStatus | Once per day |4 hours |
+|WaaSInsiderStatus| Once per day |4 hours |
+|WaaSDeploymentStatus|Every update event (Download, install, etc.)|24-36 hours |
+|WDAVStatus|On signature update|24 hours |
+|WDAVThreat|On threat detection|24 hours |
+|WUDOAggregatedStatus|On update event, aggregated over time|24-36 hours |
+|WUDOStatus|Once per day|12 hours |
+
+This means you should generally expect to see new data every 24-36 hours, except for WaaSDeploymentStatus and WUDOAggregatedStatus, which may take 36-48 hours (if it misses the 36th hour refresh, it would be in the 48th, so the data will be present in the 48th hour refresh). 
+
+## Using Log Analytics
+
+Update Compliance is built on the Log Analytics platform that is integrated into Operations Management Suite. All data in the workspace is the direct result of a query. Understanding the tools and features at your disposal, all integrated within OMS, can deeply enhance your experience and complement Update Compliance. 
 
 See below for a few topics related to Log Analytics: 
 * Learn how to effectively execute custom Log Searches by referring to Microsoft Azure’s excellent documentation on [querying data in Log Analytics](https://docs.microsoft.com/azure/log-analytics/log-analytics-log-searches).
 * To develop your own custom data views in Operations Management Suite or [Power BI](https://powerbi.microsoft.com/); check out documentation on [analyzing data for use in Log Analytics](https://docs.microsoft.com/azure/log-analytics/log-analytics-dashboards). 
-* [Gain an overview of Log Analytics’ alerts](https://docs.microsoft.com/azure/log-analytics/log-analytics-alerts) and learn how to utilize it to always stay informed about the most critical issues you care about. 
-
->[!NOTE]
->You can use the Feedback Hub App on Windows 10 devices to [provide feedback about Update Compliance](feedback-hub://?referrer=itProDocs&tabid=2&contextid=797) and other Windows Analytics solutions. 
+* [Gain an overview of Log Analytics’ alerts](https://docs.microsoft.com/azure/log-analytics/log-analytics-alerts) and learn how to use it to always stay informed about the most critical issues you care about. 
 
 ## Related topics
 

windows/deployment/update/update-compliance-wd-av-status.md

@@ -7,25 +7,29 @@ ms.sitesec: library
 ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
-ms.date: 05/17/2018
+ms.date: 10/04/2018
 ---
 
 # Windows Defender AV Status
 
-![The Windows Defender AV Status report](images/uc-windowsdefenderavstatus.png)
+![The Windows Defender AV Status report](images/UC_workspace_WDAV_status.png)
 
 The Windows Defender AV Status section deals with data concerning signature and threat status for devices that use Windows Defender Antivirus. The section tile in the [Overview Blade](update-compliance-using.md#overview-blade) provides the percentage of devices with insufficient protection – this percentage only considers devices using Windows Defender Antivirus.
 
 >[!NOTE]
->Customers with E5 licenses can monitor the Windows Defender AV status by using the Windows Defender ATP portal. For more information about monitoring devices with this portal, see [Onboard Windows 10 machines](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-endpoints-windows-defender-advanced-threat-protection).
+>Update Compliance's Windows Defender Antivirus status is compatible with E3, B, F1, VL Professional and below licenses. Devices with an E5 license are not shown here; devices with an E5 license can be monitored using the [Windows Defender ATP portal](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-endpoints-windows-defender-advanced-threat-protection). If you'd like to learn more about Windows 10 licensing, see the [Windows 10 product licensing options](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx). 
 
-The **Protection Status** blade gives a count for devices that have either out-of-date signatures or real-time protection turned off. Below, it gives a more detailed breakdown of the two issues. Clicking any of these statuses will navigate you to a Log Search view containing the query. 
+# Windows Defender AV Status sections
+The **Protection Status** blade gives a count for devices that have either out-of-date signatures or real-time protection turned off. Below, it gives a more detailed breakdown of the two issues. Selecting any of these statuses will navigate you to a Log Search view containing the query. 
 
-The **Threat Status** blade provides a visualization of, for devices that have encountered threats, how many were and were not remediated successfully. It also provides a detailed count. Clicking either of these will navigate to the respective query in Log Search for further investigation. 
+The **Threat Status** blade shows, among devices that have encountered threats, how many were and were not remediated successfully. It also provides a detailed count. Selecting either of these will take you to the respective query in Log Search for further investigation. 
 
-Here are some important terms to consider when utilizing the Windows Defender AV Status section of Update Compliance:
-* **Signature out of date** devices are devices with signature older than 14 days.
-* **No real-time protection** devices are devices who are using Windows Defender AV but have turned off Real-time protection.
+Here are some important terms to consider when using the Windows Defender AV Status section of Update Compliance:
+* **Signature out of date** devices are devices with a signature older than 14 days.
+* **No real-time protection** devices are devices that are using Windows Defender AV but have turned off real-time protection.
 * **Recently disappeared** devices are devices that were previously seen by Windows Defender AV and are no longer seen in the past 7 days.
-* **Remediation failed** devices are devices where Windows Defender AV failed to remediate the threat. This can be due to reason like disk full, network error, operation aborted, etc. Manual intervention may be needed from IT team.
-* **Not assessed** devices are devices where either a third-party AV solution is used or it has been more than 7 days since the device recently disappeared.
+* **Remediation failed** devices are devices where Windows Defender AV failed to remediate the threat. This could be due to a number of reasons, including a full disk, network error, operation aborted, etc. Manual intervention might be needed from IT team.
+* **Not assessed** devices are devices where either a non-Microsoft AV solution is used or it has been more than 7 days since the device recently disappeared.
+
+## Windows Defender data latency
+Because of the way Windows Defender is associated with the rest of Windows device data, Defender data for new devices might take much longer to appear than other data types. This process could take up to 28 days. 

windows/deployment/update/windows-analytics-azure-portal.md

@@ -5,7 +5,7 @@ keywords: Device Health, oms, Azure, portal, operations management suite, add, m
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
-ms.date: 09/12/2018
+ms.date: 10/05/2018
 ms.pagetype: deploy
 author: jaimeo
 ms.author: jaimeo
@@ -26,8 +26,15 @@ Go to the [Azure portal](https://portal.azure.com), select **All services**, and
 
 ### Permissions
 
+It's important to understand the difference between Azure Active Directory and an Azure subscription:
+
+**Azure Active Directory** is the directory that Azure uses. Azure Active Directory (AD) is a separate service which sits by itself and is used by all of Azure and also Office 365.
+ 
+An **Azure subscription** is a container for billing, but also acts as a security boundary. Every Azure subscription has a trust relationship with at least one Azure AD instance. This means that a subscription trusts that directory to authenticate users, services, and devices.
+
+
 >[!IMPORTANT]
->Unlike the OMS portal (which only requires permission to access the Azure Log Analytics workspace), the Azure portal also requires access to be configured to either the linked Azure subscription or Azure resource group.
+>Unlike the OMS portal (which only requires permission to access the Azure Log Analytics workspace), the Azure portal also requires access to be configured to either the linked *Azure subscription* or Azure resource group.
 
 To check the Log Analytics workspaces you can access, select **Log Analytics**. You should see a grid control listing all workspaces, along with the Azure subscription each is linked to:
 

windows/deployment/update/windows-analytics-get-started.md

@@ -41,7 +41,7 @@ Microsoft uses a unique commercial ID to map information from user computers to
 
 ## Enable data sharing
 
-To enable data sharing, configure your proxy sever to whitelist the following endpoints. You might need to get approval from your security group to do this.
+To enable data sharing, configure your proxy server to whitelist the following endpoints. You might need to get approval from your security group to do this.
 
 | **Endpoint**  | **Function**  |
 |---------------------------------------------------------|-----------|
@@ -53,7 +53,7 @@ To enable data sharing, configure your proxy sever to whitelist the following en
 | `http://adl.windows.com` | Allows the compatibility update to receive the latest compatibility data from Microsoft. |
 | `https://watson.telemetry.microsoft.com` | Windows Error Reporting (WER); required for Device Health and Update Compliance AV reports. Not used by Upgrade Readiness. |
 | `https://oca.telemetry.microsoft.com`  | Online Crash Analysis; required for Device Health and Update Compliance AV reports. Not used by Upgrade Readiness. |
-| `https://login.live.com` | Windows Error Reporting (WER); required by Device Health. **Note:** WER does *not* use login.live.com to access Microsoft Account consumer services such as Xbox Live. WER uses an anti-spoofing API at that address to enhance the integrity of error reports. |
+| `https://login.live.com` | This end-point is required by Device Health to ensure data integrity and provides a more reliable device identity for all Windows Analtyics solutions on Windows 10. Those who wish to disable end-user MSA access should do so by applying [policy](https://docs.microsoft.com/windows/security/identity-protection/access-control/microsoft-accounts#block-all-consumer-microsoft-account-user-authentication) rather than blocking this end-point. |
 | `https://www.msftncsi.com` | Windows Error Reporting (WER); required for Device Health to check connectivity. |
 | `https://www.msftconnecttest.com` | Windows Error Reporting (WER); required for Device Health to check connectivity.  |
 

windows/security/identity-protection/remote-credential-guard.md

@@ -157,6 +157,8 @@ If you don't use Group Policy in your organization, or if not all your remote ho
 mstsc.exe /remoteGuard
 ```
 
+> [!NOTE]
+> The user must be part of administrators group.
 
 ## Considerations when using Windows Defender Remote Credential Guard
 

windows/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip.md

@@ -9,7 +9,7 @@ ms.sitesec: library
 ms.pagetype: security
 author: justinha
 ms.localizationpriority: medium
-ms.date: 05/30/2018
+ms.date: 10/05/2018
 ---
 
 # List of enlightened Microsoft apps for use with Windows Information Protection (WIP)
@@ -82,7 +82,7 @@ You can add any or all of the enlightened Microsoft apps to your allowed apps li
 |PowerPoint Mobile |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Product Name:** Microsoft.Office.PowerPoint<br>**App Type:** Universal app |
 |OneNote |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Product Name:** Microsoft.Office.OneNote<br>**App Type:** Universal app |
 |Outlook Mail and Calendar |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Product Name:** microsoft.windowscommunicationsapps<br>**App Type:** Universal app |
-|Office 365 ProPlus|Office 365 ProPlus apps are set up as a suite. You must use the [O365 ProPlus - Allow and Exempt AppLocker policy files (.zip files)](https://download.microsoft.com/download/7/0/D/70D72459-D72D-4673-B309-F480E3BEBCC9/O365%20ProPlus%20-%20WIP%20Enterprise%20AppLocker%20Policy%20Files.zip) to turn the suite on for WIP.<br>We don't recommend setting up Office by using individual paths or publisher rules.|
+|Office 365 ProPlus and Office 2019 Professional Plus |Office 365 ProPlus and Office 2019 Professional Plus apps are set up as a suite. You must use the [O365 ProPlus - Allow and Exempt AppLocker policy files (.zip files)](https://download.microsoft.com/download/7/0/D/70D72459-D72D-4673-B309-F480E3BEBCC9/O365%20ProPlus%20-%20WIP%20Enterprise%20AppLocker%20Policy%20Files.zip) to turn the suite on for WIP.<br>We don't recommend setting up Office by using individual paths or publisher rules.|
 |Microsoft Photos |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Product Name:** Microsoft.Windows.Photos<br>**App Type:** Universal app |
 |Groove Music |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Product Name:** Microsoft.ZuneMusic<br>**App Type:** Universal app |
 |Microsoft Movies & TV |**Publisher:** `CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`<br>**Product Name:** Microsoft.ZuneVideo<br>**App Type:** Universal app |

windows/security/threat-protection/TOC.md

@@ -17,6 +17,12 @@
 #### [Endpoint detection and response](windows-defender-atp/overview-endpoint-detection-response.md)
 ##### [Security operations dashboard](windows-defender-atp/security-operations-dashboard-windows-defender-advanced-threat-protection.md)
 
+##### [Incidents queue](windows-defender-atp/incidents-queue.md)
+###### [View and organize the Incidents queue](windows-defender-atp/view-incidents-queue.md)
+###### [Manage incidents](windows-defender-atp/manage-incidents-windows-defender-advanced-threat-protection.md)
+###### [Investigate incidents](windows-defender-atp/investigate-incidents-windows-defender-advanced-threat-protection.md)
+
+
 
 ##### Alerts queue
 ###### [View and organize the Alerts queue](windows-defender-atp/alerts-queue-windows-defender-advanced-threat-protection.md)
@@ -971,6 +977,8 @@
 #### [Security Compliance Toolkit](security-compliance-toolkit-10.md)
 #### [Get support](get-support-for-security-baselines.md)
 
+### [MBSA removal and alternatives](mbsa-removal-and-guidance.md)
+
 ### [Windows 10 Mobile security guide](windows-10-mobile-security-guide.md)
 
 ## [Change history for Threat protection](change-history-for-threat-protection.md)

windows/security/threat-protection/index.md

@@ -43,6 +43,7 @@ The attack surface reduction set of capabilities provide the first line of defen
 
 - [Hardware based isolation](windows-defender-atp/overview-hardware-based-isolation.md) 
 - [Application control](windows-defender-application-control/windows-defender-application-control.md)
+- [Device control](device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
 - [Exploit protection](windows-defender-exploit-guard/exploit-protection-exploit-guard.md)
 - [Network protection](windows-defender-exploit-guard/network-protection-exploit-guard.md)
 - [Controlled folder access](windows-defender-exploit-guard/controlled-folders-exploit-guard.md)

windows/security/threat-protection/mbsa-removal-and-guidance.md

@@ -7,16 +7,16 @@ ms.mktglfcycl: deploy
 ms.localizationpriority: medium
 ms.author: astoica
 author: andreiztm
-ms.date: 10/04/2018
+ms.date: 10/05/2018
 ---
  
-### What is Microsoft Baseline Security Analyzer and its uses?
+# What is Microsoft Baseline Security Analyzer and its uses?
  
 Microsoft Baseline Security Analyzer (MBSA) is used to verify patch compliance. MBSA also performed several other security checks for Windows, IIS, and SQL Server. Unfortunately, the logic behind these additional checks had not been actively maintained since Windows XP and Windows Server 2003. Changes in the products since then rendered many of these security checks obsolete and some of their recommendations counterproductive. 
  
-MBSA was largely used in situations where neither Microsoft Update nor a local WSUS/SCCM server was available, or as a compliance tool to ensure that all security updates were deployed to a managed environment. While MBSA version 2.3 support for Windows Server 2012 R2 and Windows 8.1 was added, it has since been deprecated and no longer developed. MBSA 2.3 is not updated to fully support Windows 10 and Windows Server 2016.
+MBSA was largely used in situations where neither Microsoft Update nor a local WSUS/SCCM server was available, or as a compliance tool to ensure that all security updates were deployed to a managed environment. While MBSA version 2.3 introduced support for Windows Server 2012 R2 and Windows 8.1, it has since been deprecated and no longer developed. MBSA 2.3 is not updated to fully support Windows 10 and Windows Server 2016.
  
-### The Solution 
+## The Solution 
 A script can help you with an alternative to MBSA’s patch-compliance checking:
  
 - [Using WUA to Scan for Updates Offline](https://docs.microsoft.com/previous-versions/windows/desktop/aa387290(v=vs.85)), which includes a sample .vbs script. 
@@ -30,7 +30,7 @@ For example:
 The preceding scripts leverage the [WSUS offline scan file](https://support.microsoft.com/help/927745/detailed-information-for-developers-who-use-the-windows-update-offline) (wsusscn2.cab) to perform a scan and get the same information on missing updates as MBSA supplied. MBSA also relied on the wsusscn2.cab to determine which updates were missing from a given system without connecting to any online service or server. The wsusscn2.cab file is still available and there are currently no plans to remove or replace it.
 The wsusscn2.cab file contains the metadata of only security updates, update rollups and service packs available from Microsoft Update; it does not contain any information on non-security updates, tools or drivers.
  
-### More Information  
+## More Information  
 
 For security compliance and for desktop/server hardening, we recommend the Microsoft Security Baselines and the Security Compliance Toolkit.
 

windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md

@@ -11,7 +11,7 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: andreabichsel
 ms.author: v-anbic
-ms.date: 09/03/2018
+ms.date: 10/08/2018
 ---
 
 # Configure and validate Windows Defender Antivirus network connections
@@ -60,8 +60,9 @@ The following table lists the services and their associated URLs that your netwo
  Used by Windows Defender Antivirus to provide cloud-delivered protection
 </td>
 <td>
-*.wdcp.microsoft.com*<br />
-*.wdcpalt.microsoft.com*
+*.wdcp.microsoft.com<br />
+*.wdcpalt.microsoft.com<br />
+*.wd.microsoft.com
 </td>
 </tr>
 <tr style="vertical-align:top">

windows/security/threat-protection/windows-defender-atp/TOC.md

@@ -16,6 +16,13 @@
 #### [Security operations dashboard](security-operations-dashboard-windows-defender-advanced-threat-protection.md)
 
 
+#### [Incidents queue](incidents-queue.md)
+##### [View and organize the Incidents queue](view-incidents-queue.md)
+##### [Manage incidents](manage-incidents-windows-defender-advanced-threat-protection.md)
+##### [Investigate incidents](investigate-incidents-windows-defender-advanced-threat-protection.md)
+
+
+
 #### Alerts queue
 ##### [View and organize the Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md)
 ##### [Manage alerts](manage-alerts-windows-defender-advanced-threat-protection.md)

windows/security/threat-protection/windows-defender-atp/configure-email-notifications-windows-defender-advanced-threat-protection.md

@@ -10,14 +10,12 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
-ms.date: 07/16/2018
+ms.date: 10/08/2018
 ---
 
 # Configure alert notifications in Windows Defender ATP
 
 **Applies to:**
-
-
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
 

windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection.md

@@ -133,6 +133,9 @@ To onboard Windows Server, version 1803 or Windows Server 2019, use the same met
 ## Integration with Azure Security Center
 Windows Defender ATP integrates with Azure Security Center to provide a comprehensive server protection solution. With this integration Azure Security Center can leverage the power of Windows Defender ATP to provide improved threat detection for Windows Servers.
 
+>[!NOTE]
+>You'll need to have the appropriate license to enable this feature. 
+
 The following capabilities are included in this integration:
 - Automated onboarding - Windows Defender ATP sensor is automatically enabled on Windows Servers that are onboarded to Azure Security Center. For more information on Azure Security Center onboarding, see [Onboarding to Azure Security Center Standard for enhanced security](https://docs.microsoft.com/en-us/azure/security-center/security-center-onboarding).
 

windows/security/threat-protection/windows-defender-atp/enable-siem-integration-windows-defender-advanced-threat-protection.md

@@ -10,14 +10,12 @@ ms.pagetype: security
 ms.author: macapara
 author: mjcaparas
 ms.localizationpriority: medium
-ms.date: 04/24/2018
+ms.date: 10/08/2018
 ---
 
 # Enable SIEM integration in Windows Defender ATP
 
 **Applies to:**
-
-
 - Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
 
@@ -54,7 +52,8 @@ Enable security information and event management (SIEM) integration so you can p
 
 You can now proceed with configuring your SIEM solution or connecting to the alerts REST API through programmatic access. You'll need to use the tokens when configuring your SIEM solution to allow it to receive alerts from Windows Defender Security Center.
 
-
+## Integrate Windows Defender ATP with IBM QRadar 
+You can configure IBM QRadar to collect alerts from Windows Defender ATP. For more information, see [IBM Knowledge Center](https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/c_dsm_guide_MS_Win_Defender_ATP_overview.html?cp=SS42VS_7.3.1).
 
 ## Related topics
 - [Configure Splunk to pull Windows Defender ATP alerts](configure-splunk-windows-defender-advanced-threat-protection.md)

windows/security/threat-protection/windows-defender-atp/incidents-queue.md

@@ -0,0 +1,35 @@
+---
+title: Incidents queue in Windows Defender ATP
+description:
+keywords: incidents, aggregate, investigations, queue, ttp
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+ms.date: 10/08/2018
+---
+
+# Incidents queue in Windows Defender ATP
+**Applies to:**
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
+[!include[Prerelease information](prerelease.md)]
+
+When a cybersecurity threat is emerging, or a potential attacker is deploying its tactics, techniques/tools, and procedures (TTPs) on the network, Windows Defender ATP will quickly trigger alerts and launch matching automatic investigations. 
+
+Windows Defender ATP applies correlation analytics and aggregates all related alerts and investigations into an incident. Doing so helps narrate a broader story of an attack, thus providing you with the right visuals (upgraded incident graph) and data representations to understand and deal with complex cross-entity threats to your organization's network.
+ 
+
+## In this section
+
+Topic | Description 
+:---|:---
+[View and organize the Incidents queue](view-incidents-queue.md)|  See the list of incidents and learn how to apply filters to limit the list and get a more focused view.
+[Manage incidents](manage-incidents-windows-defender-advanced-threat-protection.md) | Learn how to manage incidents by assigning it, updating its status, or setting its classification and other actions.
+[Investigate incidents](investigate-incidents-windows-defender-advanced-threat-protection.md)|  See associated alerts, manage the incident, see alert metadata, and visualizations to help you investigate an incident.
+
+

windows/security/threat-protection/windows-defender-atp/investigate-incidents-windows-defender-advanced-threat-protection.md

@@ -0,0 +1,78 @@
+---
+title: Investigate incidents in Windows Defender ATP
+description: See associated alerts, manage the incident, and see alert metadata to help you investigate an incident 
+keywords: investigate, incident, alerts, metadata, risk, detection source, affected machines, patterns, correlation
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+ms.date: 10/08/2018
+---
+
+# Investigate incidents in Windows Defender ATP
+
+**Applies to:**
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
+[!include[Prerelease information](prerelease.md)]
+
+Investigate incidents that affect your network, understand what they mean, and collate evidence to resolve them. 
+
+## Analyze incident details 
+Click an incident to see the **Incident pane**. Select **Open incident page** to see the incident details and related information (alerts, machines, investigations, evidence, graph). 
+
+![Image of incident details](images/atp-incident-details.png)
+
+### Alerts
+You can investigate the alerts and see how they were linked together in an incident. 
+Alerts are grouped into incidents based on the following reasons:
+- Automated investigation - The automated investigation triggered the linked alert while investigating the original alert 
+- File characteristics - The files associated with the alert have similar characteristics
+- Manual association - A user manually linked the alerts
+- Proximate time - The alerts were triggered on the same machine within a certain timeframe
+- Same file - The files associated with the alert are exactly the same
+
+![Image of alerts tab in incident page showing the Linked by tool tip](images/atp-incidents-alerts-tooltip.png)
+
+![Image of alerts tab with incident details page showing the reasons the alerts were linked together in that incident](images/atp-incidents-alerts-reason.png)
+
+You can also manage an alert and see alert metadata along with other information. For more information, see [Investigate alerts](investigate-alerts-windows-defender-advanced-threat-protection.md). 
+
+### Machines
+You can also investigate the machines that are part of, or related to, a given incident. For more information, see [Investigate machines](investigate-machines-windows-defender-advanced-threat-protection.md).
+
+![Image of machines tab in incident details page](images/atp-incident-machine-tab.png)
+
+### Investigations
+Select **Investigations** to see all the automatic investigations launched by the system in response to the incident alerts.
+
+![Image of investigations tab in incident details page](images/atp-incident-investigations-tab.png)
+
+## Going through the evidence
+Windows Defender Advanced Threat Protection automatically investigates all the incidents' supported events and suspicious entities in the alerts, providing you with auto-response and information about the important files, processes, services, and more. This helps quickly detect and block potential threats in the incident. 
+Each of the analyzed entities will be marked as infected, remediated, or suspicious. 
+
+![Image of evidence tab in incident details page](images/atp-incident-evidence-tab.png)
+
+## Visualizing associated cybersecurity threats 
+Windows Defender Advanced Threat Protection aggregates the threat information into an incident so you can see the patterns and correlations coming in from various data points. You can view such correlation through the incident graph.
+
+### Incident graph
+The **Graph** tells the story of the cybersecurity attack. For example, it shows you what was the entry point, which indicator of compromise or activity was observed on which machine. etc.
+
+![Image of the incident graph](images/atp-incident-graph-tab.png)
+
+You can click the circles on the incident graph to view the details of the malicious files, associated file detections, how many instances has there been worldwide, whether it’s been observed in your organization, if so, how many instances.
+
+![Image of indcident details](images/atp-incident-graph-details.png)
+
+## Related topics
+- [Incidents queue](incidents-queue.md)
+- [View and organize the Incidents queue](view-incidents-queue.md)
+- [Manage incidents](manage-incidents-windows-defender-advanced-threat-protection.md)
+
+

windows/security/threat-protection/windows-defender-atp/manage-incidents-windows-defender-advanced-threat-protection.md

@@ -0,0 +1,61 @@
+---
+title: Manage Windows Defender ATP incidents
+description: Manage incidents by assigning it, updating its status, or setting its classification. 
+keywords: incidents, manage, assign, status, classification, true alert, false alert
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+ms.date: 010/08/2018
+---
+
+# Manage Windows Defender ATP incidents
+
+**Applies to:**
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
+[!include[Prerelease information](prerelease.md)]
+
+
+Managing incidents is an important part of every cybersecurity operation. You can manage incidents by selecting an incident from the **Incidents queue** or the **Incidents management pane**. You can assign incidents to yourself, change the status, classify, rename, or comment on them to keep track of their progress. 
+
+![Image of the incidents management pane](images/atp-incidents-mgt-pane.png)
+
+Selecting an incident from the **Incidents queue** brings up the **Incident management pane** where you can open the incident page for details.
+
+![Image of incident detail page](images/atp-incident-details-page.png)
+
+
+## Assign incidents
+If an incident has not been assigned yet, you can select **Assign to me** to assign the incident to yourself. Doing so assumes ownership of not just the incident, but also all the alerts associated with it.
+
+## Change the incident status
+You can categorize incidents (as **Active**, or **Resolved**) by changing their status as your investigation progresses. This helps you organize and manage how your team can respond to incidents.
+
+For example, your SoC analyst can review the urgent **Active** incidents for the day, and decide to assign them to himself for investigation.
+
+Alternatively, your SoC analyst might set the incident as **Resolved** if the incident has been remediated. 
+
+## Classify the incident 
+You can choose not to set a classification, or decide to specify whether an incident is true or false. Doing so helps the team see patterns and learn from them.
+
+## Rename incident
+By default, incidents are assigned with numbers. You can rename the incident if your organization uses a naming convention for easier cybersecurity threat identification.
+
+![Image of incident renaming](images/atp-rename-incident.png)
+
+## Add comments and view the history of an incident
+You can add comments and view historical events about an incident to see previous changes made to it.
+
+Whenever a change or comment is made to an alert, it is recorded in the Comments and history section.
+
+Added comments instantly appear on the pane.
+
+## Related topics
+- [Incidents queue](incidents-queue.md)
+- [View and organize the Incidents queue](view-incidents-queue.md)
+- [Investigate incidents](investigate-incidents-windows-defender-advanced-threat-protection.md)

windows/security/threat-protection/windows-defender-atp/management-apis.md

@@ -42,6 +42,17 @@ An important aspect of machine management is the ability to analyze the environm
 - The Secure score dashboard provides metrics based method of prioritizing the most important proactive security measures.
 - Windows Defender ATP includes a built-in PowerBI based reporting solution to quickly review trends and details related to Windows Defender ATP alerts and secure score of  machines. The platform also supports full customization of the reports, including mashing of Windows Defender ATP data with your own data stream to produce business specific reports.
 
+
+## In this section
+Topic | Description 
+:---|:---
+Understand threat intelligence concepts | Learn about alert definitions, indicators of compromise, and other threat intelligence concepts.
+Supported Windows Defender ATP APIs | Learn more about the individual supported entities where you can run API calls to and details such as HTTP request values, request headers and expected responses.
+Managed security service provider | Get a quick overview on managed security service provider support.
+
+
+
+
 ## Related topics
 - [Onboard machines](onboard-configure-windows-defender-advanced-threat-protection.md)
 - [Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md)

windows/security/threat-protection/windows-defender-atp/overview-hunting-windows-defender-advanced-threat-protection.md

@@ -30,6 +30,7 @@ With advanced hunting, you can take advantage of the following capabilities:
 Topic | Description 
 :---|:---
 [Query data using Advanced hunting](advanced-hunting-windows-defender-advanced-threat-protection.md) | Learn how to use the basic or advanced query examples to search for possible emerging threats in your organization.
+[Custom detections](overview-custom-detections.md)|  With custom detections, you can create custom queries to monitor events for any kind of behavior such as suspicious or emerging threats.
 
 
 

windows/security/threat-protection/windows-defender-atp/overview-secure-score-windows-defender-advanced-threat-protection.md

@@ -74,3 +74,4 @@ Clicking the link under the Misconfigured machines column opens up the **Machine
 
 ## Related topic
 - [Threat analytics](threat-analytics-dashboard-windows-defender-advanced-threat-protection.md)
+- [Threat analytics for Spectre and Meltdown](threat-analytics-dashboard-windows-defender-advanced-threat-protection.md)

windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection.md

@@ -41,6 +41,10 @@ The following features are included in the preview release:
 - [Threat analytics](threat-analytics.md)<br>
 Threat Analytics is a set of interactive reports published by the Windows Defender ATP research team as soon as emerging threats and outbreaks are identified. The reports help security operations teams assess impact on their environment and provides recommended actions to contain, increase organizational resilience, and prevent specific threats.
 
+- [Incidents](incidents-queue.md)<br>
+Windows Defender ATP applies correlation analytics and aggregates all related alerts and investigations into an incident. Doing so helps narrate a broader story of an attack, thus providing you with the right visuals (upgraded incident graph) and data representations to understand and deal with complex cross-entity threats to your organization's network.
+
+
 - [Custom detection](overview-custom-detections.md)<br>
  With custom detections, you can create custom queries to monitor events for any kind of behavior such as suspicious or emerging threats. This can be done by leveraging the power of Advanced hunting through the creation of custom detection rules. 
 

windows/security/threat-protection/windows-defender-atp/view-incidents-queue.md

@@ -0,0 +1,74 @@
+---
+title: View and organize the Incidents queue
+description: See the list of incidents and learn how to apply filters to limit the list and get a more focused view.
+keywords: view, organize, incidents, aggregate, investigations, queue, ttp
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+ms.date: 10/08/2018
+---
+
+# View and organize the Windows Defender Advanced Threat Protection Incidents queue
+**Applies to:**
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
+
+[!include[Prerelease information](prerelease.md)]
+
+The **Incidents queue** shows a collection of incidents that were flagged from machines in your network. It helps you sort through incidents to prioritize and create an informed cybersecurity response decision.
+
+By default, the queue displays incidents seen in the last 30 days, with the most recent incident showing at the top of the list, helping you see the most recent incidents first.
+
+There are several options you can choose from to customize the Incidents queue view. 
+
+On the top navigation you can:
+- Customize columns to add or remove columns 
+- Modify the number of items to view per page
+- Select the items to show per page
+- Batch-select the incidents to assign 
+- Navigate between pages
+- Apply filters
+
+![Image of incidents queue](images/atp-incident-queue.png)
+
+## Sort and filter the incidents queue
+You can apply the following filters to limit the list of incidents and get a more focused view.
+
+Incident severity | Description
+:---|:---
+High </br>(Red) | Threats often associated with advanced persistent threats (APT). These incidents indicate a high risk due to the severity of damage they can inflict on machines.
+Medium </br>(Orange) | Threats rarely observed in the organization, such as anomalous registry change, execution of suspicious files, and observed behaviors typical of attack stages.
+Low </br>(Yellow) | Threats associated with prevalent malware and hack-tools that do not necessarily indicate an advanced threat targeting the organization.
+Informational </br>(Grey) | Informational incidents are those that might not be considered harmful to the network but might be good to keep track of.
+
+### Category
+Incidents are categorized based on the description of the stage by which the cybersecurity kill chain is in. This view helps the threat analyst to determine priority, urgency, and corresponding response strategy to deploy based on context.
+
+### Alerts
+Indicates the number of alerts associated with or part of the incidents.
+
+
+### Machines
+You can limit to show only the machines at risk which are associated with incidents.
+
+### Users
+You can limit to show only the users of the machines at risk which are associated with incidents. 
+
+### Assigned to
+You can choose to show between unassigned incidents or those which are assigned to you.
+
+### Status
+You can choose to limit the list of incidents shown based on their status to see which ones are active or resolved
+
+### Classification
+Use this filter to choose between focusing on incidents flagged as true or false incidents.
+
+## Related topics
+- [Incidents queue](incidents-queue.md)
+- [Manage incidents](manage-incidents-windows-defender-advanced-threat-protection.md)
+- [Investigate incidents](investigate-incidents-windows-defender-advanced-threat-protection.md)
+

windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection.md

@@ -31,7 +31,7 @@ Topic | Description
 :---|:---
 [Overview](overview.md) | Understand the concepts behind the capabilities in Windows Defender ATP so you take full advantage of the complete threat protection platform. 
 [Get started](get-started.md) | Learn about the requirements of the platform and the initial steps you need to take to get started with Windows Defender ATP.
-[Cconfigure and manage capabilities](onboard.md)| Configure and manage the individual capabilities in Windows Defender ATP. 
+[Configure and manage capabilities](onboard.md)| Configure and manage the individual capabilities in Windows Defender ATP. 
 [Troubleshoot Windows Defender ATP](troubleshoot-wdatp.md) | Learn how to address issues that you might encounter while using the platform.
 
 ## Related topic

windows/whats-new/whats-new-windows-10-version-1809.md

@@ -51,7 +51,7 @@ Windows Autopilot self-deploying mode enables a zero touch device provisioning e
 
 This self-deploying capability removes the current need to have an end user interact by pressing the “Next” button during the deployment process. 
 
-You can utilize Windows Autopilot self-deploying mode to register the device to an AAD tenant, enroll in your organization’s MDM provider,and provision policies and applications, all with no user authentication or user interaction required. 
+You can utilize Windows Autopilot self-deploying mode to register the device to an AAD tenant, enroll in your organization’s MDM provider, and provision policies and applications, all with no user authentication or user interaction required. 
 
 To learn more about Autopilot self-deploying mode and to see step-by-step instructions to perform such a deployment, [Windows Autopilot self-deploying mode](https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/self-deploying). 
 
@@ -60,6 +60,7 @@ To learn more about Autopilot self-deploying mode and to see step-by-step instru
 We introduced a simplified assigned access configuration experience in **Settings** that allows device administrators to easily set up a PC as a kiosk or digital sign. A wizard experience walks you through kiosk setup including creating a kiosk account that will automatically sign in when a device starts.
 
 To use this feature, go to **Settings**, search for **assigned access**, and open the **Set up a kiosk** page. 
+
 ![set up a kiosk](images/kiosk-mode.png "set up a kiosk")
 
 Microsoft Edge kiosk mode running in single-app assigned access has two kiosk types.
@@ -123,7 +124,7 @@ We added a new assessment for the Windows time service to the **Device performan
 
 We’re continuing to work on how other security apps you’ve installed show up in the **Windows Security** app. There’s a new page called **Security providers** that you can find in the **Settings** section of the app. Click **Manage providers** to see a list of all the other security providers (including antivirus, firewall, and web protection) that are running on your device. Here you can easily open the providers’ apps or get more information on how to resolve issues reported to you through **Windows Security**.
 
-This also means you’ll see more links to other security apps within **Windows Security**. For example, if you open the **Firewall & network protection** section, you’ll see the firewall apps that are running on your device under each firewall type, which inclueds domain, private, and public networks).
+This also means you’ll see more links to other security apps within **Windows Security**. For example, if you open the **Firewall & network protection** section, you’ll see the firewall apps that are running on your device under each firewall type, which includes domain, private, and public networks).
 
 <pre>HKLM\SOFTWARE\Microsoft\Security Center\Feature DisableAvCheck (DWORD) = 1 </pre>
 
@@ -131,7 +132,7 @@ This also means you’ll see more links to other security apps within **Windows
 
 #### Silent enforcement on fixed drives
 
-Through a Modern Decice Management (MDM) policy, BitLocker can be enabled silently for standard Azure Active Directory (AAD) joined users. In Windows 10, version 1803 automatic BitLocker encryption was enabled for standard AAD users, but this still required modern hardware that passed the Hardware Security Test Interface (HSTI). This new functionality enables BitLocker via policy even on devices that don’t pass the HSTI. 
+Through a Modern Device Management (MDM) policy, BitLocker can be enabled silently for standard Azure Active Directory (AAD) joined users. In Windows 10, version 1803 automatic BitLocker encryption was enabled for standard AAD users, but this still required modern hardware that passed the Hardware Security Test Interface (HSTI). This new functionality enables BitLocker via policy even on devices that don’t pass the HSTI. 
 
 This is an update to the [BitLocker CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/bitlocker-csp), which was introduced in Windows 10, version 1703, and leveraged by Intune and others. 
 
@@ -147,7 +148,7 @@ For example, you can choose the XTS-AES 256 encryption algorithm, and have it ap
 
 Windows Defender Application Guard (WDAG) introduced a new user interface inside **Windows Security** in this release. Standalone users can now install and configure their Windows Defender Application Guard settings in Windows Security without needing to change registry key settings. 
 
-Additionally, users who are managed by enterprise policies will be able to check their settings to see what their administrators have configured for their machines to better understand the behavior of Windows Defender Application Guard. This new UI improves the overall experience for users while managing and checking their Windows Defender Application Guard settings. As long as devices meet the minimum requirements, these settings will appear in Windows Security.For detailed information, click [here](https://techcommunity.microsoft.com/t5/Windows-Insider-Program/test/m-p/214102#M1709).
+Additionally, users who are managed by enterprise policies will be able to check their settings to see what their administrators have configured for their machines to better understand the behavior of Windows Defender Application Guard. This new UI improves the overall experience for users while managing and checking their Windows Defender Application Guard settings. As long as devices meet the minimum requirements, these settings will appear in Windows Security. For detailed information, click [here](https://techcommunity.microsoft.com/t5/Windows-Insider-Program/test/m-p/214102#M1709).
 
 To try this, 
 1. Go to**Windows Security** and select **App & browser control**.
@@ -203,7 +204,7 @@ Threat Analytics is a set of interactive reports published by the Windows Defend
 - [Managed security service provider (MSSP) support](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/mssp-support-windows-defender-advanced-threat-protection)<br>
 Windows Defender ATP adds support for this scenario by providing MSSP integration. 
 The integration will allow MSSPs to take the following actions:
-Get access to MSSP customer's Windows Defender Security Center portal, fet email notifications, and fetch alerts through security information and event management (SIEM) tools.
+Get access to MSSP customer's Windows Defender Security Center portal, fetch email notifications, and fetch alerts through security information and event management (SIEM) tools.
 
 - [Integration with Azure Security Center](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#integration-with-azure-security-center)<br>
 Windows Defender ATP integrates with Azure Security Center to provide a comprehensive server protection solution. With this integration Azure Security Center can leverage the power of Windows Defender ATP to provide improved threat detection for Windows Servers.
@@ -239,4 +240,4 @@ Until now, Windows logon only supported the use of identities federated to ADFS
 3. On the lock screen, select web sign-in under sign-in options.
 4. Click the “Sign in” button to continue.
 
-![Web sign-in](images/websignin.png "web sign-in")
+![Web sign-in](images/websignin.png "web sign-in")