resolve the conflict

windows/security/threat-protection/intelligence/top-scoring-industry-antivirus-tests.md

@@ -24,10 +24,11 @@ Microsoft Defender Advanced Threat Protection ([Microsoft Defender ATP](https://
 
 [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10?ocid=cx-docs-avreports) consistently performs highly in independent tests, displaying how it is a top choice in the antivirus market. Note that these tests only provide results for antivirus and do not test for additional security protections.
 
-Windows Defender Antivirus is  part of the  [next generation](https://www.youtube.com/watch?v=Xy3MOxkX_o4) Microsoft Defender ATP security stack which addresses the latest and most sophisticated threats today. In some cases, customers might not even know they were protected because a cyberattack is stopped [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign?ocid=cx-docs-avreports). That's because Windows Defender Antivirus detects and stops malware at first sight by using [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering?ocid=cx-docs-avreports), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak?ocid=cx-docs-avreports), behavioral analysis, and other advanced technologies.
+Windows Defender Antivirus is the [next generation protection](https://www.youtube.com/watch?v=Xy3MOxkX_o4) capability in the Microsoft Defender ATP security stack which addresses the latest and most sophisticated threats today. In some cases, customers might not even know they were protected because a cyberattack is stopped [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign?ocid=cx-docs-avreports). That's because Windows Defender Antivirus detects and stops malware at first sight by using [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering?ocid=cx-docs-avreports), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak?ocid=cx-docs-avreports), behavioral analysis, and other advanced technologies.
 <br><br>
+![String of images showing scores](./images/Transparency-report-August-2.png)
 
-![Graph describing Real-World detection rate](./images/transparency-report-purple-60.png) **Download the latest transparency report: [Examining industry test results, August 2019](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE3Esbl)**
+**Download the latest transparency report: [Examining industry test results, August 2019](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE3Esbl)**
 
 ### AV-TEST: Protection score of 6.0/6.0 in the latest test
 
@@ -47,10 +48,6 @@ The AV-TEST Product Review and Certification Report tests on three categories: p
 
 - July - August 2018 AV-TEST Business User test: [Protection score 6.0/6.0](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/august-2018/microsoft-windows-defender-antivirus-4.12--4.18-183212/) | [Analysis](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2IL3Y)
 
-|||
-|---|---|
-|![Graph showing Microsoft's Real-World detection rate scores for AV-Test](./images/real-world-aug-small.png)|![Graph showing Microsoft's Prevalent Malware detection rate scores for AV-Test](./images/prevalent-malware-aug-small.png)|
-
 ### AV-Comparatives: Protection rating of 99.9% in the latest test
 
 Business Security Test consists of three main parts: the Real-World Protection Test which mimics online malware attacks, the Malware Protection Test where the malware enters the system from outside the internet (e.g. USB), and the Performance Test which looks at the impact on the system’s performance.
@@ -63,8 +60,6 @@ Business Security Test consists of three main parts: the Real-World Protection T
 
 - Business Security Test 2018 (March - June): [Real-World Protection Rate 98.7%](https://www.av-comparatives.org/tests/business-security-test-2018-march-june/)
 
-![Graph showing Microsoft's Real-World Protection scores for AV-Comparatives](./images/real-world-protection-aug-small.png)
-
 ### SE Labs: Total accuracy rating of AAA in the latest test
 
 SE Labs tests a range of solutions used by products and services to detect and/or protect against attacks, including endpoint software, network appliances, and cloud services.
@@ -83,6 +78,10 @@ SE Labs tests a range of solutions used by products and services to detect and/o
 
 Microsoft Defender ATP [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) capabilities provide advanced attack detections that are near real-time and actionable. Security analysts can prioritize alerts effectively, gain visibility into the full scope of a breach, and take response actions to remediate threats.
 
+![String of images showing EDR capabilities](./images/MITRE-Microsoft-Defender-ATP.png)
+
+**Read our analysis: [MITRE evaluation highlights industry-leading EDR capabilities in Windows Defender ATP](https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/MITRE-evaluation-highlights-industry-leading-EDR-capabilities-in/ba-p/369831)**
+
 ### MITRE: Industry-leading optics and detection capabilities
 
 MITRE tested the ability of products to detect techniques commonly used by the targeted attack group APT3 (also known as Boron or UPS). To isolate detection capabilities, all protection and prevention features were turned off. Microsoft is happy to be one of the first EDR vendors to sign up for the MITRE evaluation based on the ATT&CK framework, widely regarded today as the most comprehensive catalog of attacker techniques and tactics.

windows/security/threat-protection/microsoft-defender-atp/respond-file-alerts.md

@@ -40,6 +40,18 @@ Response actions run along the top of the file page, and include:
 
 You can also submit files for deep analysis, to run the file in a secure cloud sandbox. When the analysis is complete, you'll get a detailed report that provides information about the behavior of the file. You can submit files for deep analysis and read past reports by selecting the **Deep analysis** tab. It's located below the file information cards.
 
+Some actions require certain permissions. The following table describes what action certain permissions can take on portable executable (PE) and non-PE files:
+
+Permission | PE files | Non-PE files
+:---|:---|:---
+View data | X | X
+Alerts investigation | ☑ | X
+Live response basic | X | X
+Live response advanced | ☑ |☑
+
+For more information on roles, see [Create and manage roles for role-based access control](user-roles.md).
+
+
 ## Stop and quarantine files in your network
 
 You can contain an attack in your organization by stopping the malicious process and quarantining the file where it was observed.

windows/security/threat-protection/microsoft-defender-atp/respond-machine-alerts.md

@@ -188,3 +188,4 @@ All other related details are also shown, for example, submission date/time, sub
 
 ## Related topic
 - [Take response actions on a file](respond-file-alerts.md)
+- [Report inaccuracy](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation#report-inaccuracy)

windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md

@@ -54,6 +54,14 @@ From that page, you can do any of the following depending on what you need to do
 
 - Choose from exception options - Submit an exception, provide justification, and set exception duration if you can't remediate the issue just yet due to specific business reasons, compensation controls, or if it is a false positive. 
 
+## Report inaccuracy
+
+You can report on a false positive when you see any vague, inaccurate, incomplete, or already remediated information in the machine page, under **Security recommendation** column.
+
+Click **:** then select the inaccuracy category from the dropdown menu. Your feedback is immediately sent to the Threat & Vulnerability Management experts with its context.
+
+![Report inaccuracy from the machine page within the Security recommendation column](images/tvm_report_inaccuracy.png)
+
 
 ## Related topics
 - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)