diff --git a/windows/configuration/lock-down-windows-10-to-specific-apps.md b/windows/configuration/lock-down-windows-10-to-specific-apps.md
index b927ef5c8e..14905d408b 100644
--- a/windows/configuration/lock-down-windows-10-to-specific-apps.md
+++ b/windows/configuration/lock-down-windows-10-to-specific-apps.md
@@ -155,6 +155,7 @@ The profile **Id** is a GUID attribute to uniquely identify the profile. You can
- For UWP apps, you need to provide the App User Model ID (AUMID). [Learn how to get the AUMID](https://go.microsoft.com/fwlink/p/?LinkId=614867), or [get the AUMID from the Start Layout XML](#startlayout).
- For desktop apps, you need to specify the full path of the executable, which can contain one or more system environment variables in the form of %variableName% (i.e. %systemroot%, %windir%).
+- If an app has a dependency on another app, both must be included in the allowed apps list. For example, Internet Explorer 64-bit has a dependency on Internet Explorer 32-bit, so you must allow both "C:\Program Files\internet explorer\iexplore.exe" and “C:\Program Files (x86)\Internet Explorer\iexplore.exe”.
- To configure a single app to launch automatically when the user signs in, include `rs5:AutoLaunch="true"` after the AUMID or path. You can also include arguments to be passed to the app. For an example, see [the AllowedApps sample XML](#apps-sample).
When the mult-app kiosk configuration is applied to a device, AppLocker rules will be generated to allow the apps that are listed in the configuration. Here are the predefined assigned access AppLocker rules for **UWP apps**:
diff --git a/windows/security/threat-protection/windows-defender-atp/configure-arcsight-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-arcsight-windows-defender-advanced-threat-protection.md
index 852dfacc9f..f6ac3a4c36 100644
--- a/windows/security/threat-protection/windows-defender-atp/configure-arcsight-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/configure-arcsight-windows-defender-advanced-threat-protection.md
@@ -97,8 +97,8 @@ The following steps assume that you have completed all the required steps in [Be
For example, if the configuration file in "flexagent" directory is named "WDATP-Connector.jsonparser.properties", you must type "WDATP-Connector" as the name of the client property file.
| Events URL |
- Depending on the location of your datacenter, select either the EU or the US URL: **For EU**: https://wdatp-alertexporter-eu.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME
- **For US:** https://wdatp-alertexporter-us.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME |
+ Depending on the location of your datacenter, select either the EU or the US URL: **For EU**: https://wdatp-alertexporter-eu.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME
+ **For US:** https://wdatp-alertexporter-us.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME
**For UK**: https://wdatp-alertexporter-uk.windows.com/api/alerts/?sinceTimeUtc=$START_AT_TIME |
| Authentication Type |
OAuth 2 |
diff --git a/windows/security/threat-protection/windows-defender-atp/configure-splunk-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/configure-splunk-windows-defender-advanced-threat-protection.md
index 2177e72018..259719c095 100644
--- a/windows/security/threat-protection/windows-defender-atp/configure-splunk-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/configure-splunk-windows-defender-advanced-threat-protection.md
@@ -69,7 +69,7 @@ You'll need to configure Splunk so that it can pull Windows Defender ATP alerts.
| Endpoint URL |
- Depending on the location of your datacenter, select either the EU or the US URL: **For EU**: `https://wdatp-alertexporter-eu.securitycenter.windows.com/api/alerts`**For US:**` https://wdatp-alertexporter-us.securitycenter.windows.com/api/alerts`
+ | Depending on the location of your datacenter, select any of the following URL: **For EU**: `https://wdatp-alertexporter-eu.securitycenter.windows.com/api/alerts`
**For US:**` https://wdatp-alertexporter-us.securitycenter.windows.com/api/alerts`
**For UK:**` https://wdatp-alertexporter-uk.securitycenter.windows.com/api/alerts`
|
| HTTP Method |
diff --git a/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md
index 69d7354d93..e33cf0d910 100644
--- a/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md
@@ -15,7 +15,6 @@ manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 11/19/2018
---
# Pull Windows Defender ATP alerts using REST API
@@ -93,7 +92,7 @@ With an access token, your app can make authenticated requests to the Windows De
### Request syntax
Method | Request URI
:---|:---|
-GET| Use the URI applicable for your region.
**For EU**: `https://wdatp-alertexporter-eu.windows.com/api/alerts` **For US**: `https://wdatp-alertexporter-us.windows.com/api/alerts`
+GET| Use the URI applicable for your region.
**For EU**: `https://wdatp-alertexporter-eu.windows.com/api/alerts` **For US**: `https://wdatp-alertexporter-us.windows.com/api/alerts`
**For UK**: `https://wdatp-alertexporter-uk.windows.com/api/alerts`
### Request header
Header | Type | Description|
@@ -134,7 +133,7 @@ The return value is an array of alert objects in JSON format.
Here is an example return value:
-```json
+```json
{"AlertTime":"2017-01-23T07:32:54.1861171Z",
"ComputerDnsName":"desktop-bvccckk",
"AlertTitle":"Suspicious PowerShell commandline",