Merge pull request #4824 from MicrosoftDocs/file-prevalence

add file prevalence and rebrand

windows/security/threat-protection/microsoft-defender-atp/add-or-remove-machine-tags.md

@@ -1,6 +1,6 @@
 ---
 title: Add or Remove Machine Tags API
-description: Learn how to use the Add or Remove machine tags API to adds or remove a tag for a machine in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Add or Remove machine tags API to adds or remove a tag for a machine in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, tags, machine tags
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-assignedipaddress-function.md

@@ -1,7 +1,7 @@
 ---
-title: AssignedIPAddresses() function in advanced hunting for Microsoft Defender Advanced Threat Protection
+title: AssignedIPAddresses() function in advanced hunting for Microsoft Defender for Endpoint
 description: Learn how to use the AssignedIPAddresses() function to get the latest IP addresses assigned to a device
-keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection, search, query, telemetry, schema reference, kusto, FileProfile, file profile, function, enrichment
+keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, Microsoft Defender ATP, Microsoft Defender for Endpoint, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection, search, query, telemetry, schema reference, kusto, FileProfile, file profile, function, enrichment
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-extend-data.md

@@ -1,7 +1,7 @@
 ---
 title: Extend advanced hunting coverage with the right settings
 description: Check auditing settings on Windows devices and other settings to help ensure that you get the most comprehensive data in advanced hunting
-keywords: advanced hunting, incident, pivot, entity, audit settings, user account management, security group management, threat hunting, cyber threat hunting, search, query, telemetry, mdatp, Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection
+keywords: advanced hunting, incident, pivot, entity, audit settings, user account management, security group management, threat hunting, cyber threat hunting, search, query, telemetry, mdatp, Microsoft Defender ATP, Microsoft Defender for Endpoint, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-fileprofile-function.md

@@ -1,7 +1,7 @@
 ---
-title: FileProfile() function in advanced hunting for Microsoft Defender Advanced Threat Protection
+title: FileProfile() function in advanced hunting for Microsoft Defender for Endpoint
 description: Learn how to use the FileProfile() to enrich information about files in your advanced hunting query results
-keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection, search, query, telemetry, schema reference, kusto, FileProfile, file profile, function, enrichment
+keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, Microsoft Defender ATP, Microsoft Defender for Endpoint, Windows Defender, Windows Defender ATP, Windows Defender Advanced Threat Protection, search, query, telemetry, schema reference, kusto, FileProfile, file profile, function, enrichment
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/alerts.md

@@ -1,6 +1,6 @@
 ---
 title: Get alerts API
-description: Learn about the methods and properties of the Alert resource type in Microsoft Defender Advanced Threat Protection.
+description: Learn about the methods and properties of the Alert resource type in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, alerts, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md

@@ -1,7 +1,7 @@
 ---
-title: Hello World for Microsoft Defender Advanced Threat Protection API
+title: Hello World for Microsoft Defender for Endpoint API
 ms.reviewer: 
-description: Create a practice 'Hello world'-style API call to the Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) API.
+description: Create a practice 'Hello world'-style API call to the Microsoft Defender for Endpoint (Microsoft Defender ATP) API.
 keywords: apis, supported apis, advanced hunting, query
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md

@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender ATP APIs connection to Power BI
 ms.reviewer: 
-description: Create a Power Business Intelligence (BI) report on top of Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) APIs.
+description: Create a Power Business Intelligence (BI) report on top of Microsoft Defender for Endpoint APIs.
 keywords: apis, supported apis, Power BI, reports
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/apis-intro.md

@@ -1,5 +1,5 @@
 ---
-title: Access the Microsoft Defender Advanced Threat Protection APIs
+title: Access the Microsoft Defender for Endpoint APIs
 ms.reviewer: 
 description: Learn how you can use APIs to automate workflows and innovate based on Microsoft Defender ATP capabilities
 keywords: apis, api, wdatp, open api, microsoft defender atp api, public api, supported apis, alerts, device, user, domain, ip, file, advanced hunting, query

windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md

@@ -1,6 +1,6 @@
 ---
 title: Assign user access to Microsoft Defender Security Center
-description: Assign read and write or read only access to the Microsoft Defender Advanced Threat Protection portal.
+description: Assign read and write or read only access to the Microsoft Defender for Endpoint portal.
 keywords: assign user roles, assign read and write access, assign read only access, user, user roles, roles
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/attack-simulations.md

@@ -1,7 +1,7 @@
 ---
 title: Experience Microsoft Defender ATP through simulated attacks
 description: Run the provided attack scenario simulations to experience how Microsoft Defender ATP can detect, investigate, and respond to breaches.
-keywords: wdatp, test, scenario, attack, simulation, simulated, diy, microsoft defender advanced threat protection
+keywords: wdatp, test, scenario, attack, simulation, simulated, diy, Microsoft Defender for Endpoint
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-faq.md

@@ -1,7 +1,7 @@
 ---
 title: Attack surface reduction frequently asked questions (FAQ)
 description: Find answers to frequently asked questions about Microsoft Defender ATP's attack surface reduction rules.
-keywords: Attack surface reduction rules, asr, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP
+keywords: Attack surface reduction rules, asr, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, microsoft defender for endpoint
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction.md

@@ -1,7 +1,7 @@
 ---
 title: Use attack surface reduction rules to prevent malware infection
 description: Attack surface reduction rules can help prevent exploits from using apps and scripts to infect devices with malware.
-keywords: Attack surface reduction rules, asr, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP
+keywords: Attack surface reduction rules, asr, hips, host intrusion prevention system, protection rules, anti-exploit, antiexploit, exploit, infection prevention, Microsoft Defender for Endpoint, Microsoft Defender ATP
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
 ms.mktglfcycl: manage

windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md

@@ -1,6 +1,6 @@
 ---
 title: Use basic permissions to access Microsoft Defender Security Center
-description: Learn how to use basic permissions to access the Microsoft Defender Advanced Threat Protection portal.
+description: Learn how to use basic permissions to access the Microsoft Defender for Endpoint portal.
 keywords: assign user roles, assign read and write access, assign read only access, user, user roles, roles
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/configure-email-notifications.md

@@ -1,6 +1,6 @@
 ---
-title: Configure alert notifications in Microsoft Defender ATP
+title: Configure alert notifications in Microsoft Defender for Endpoint
-description: You can use Microsoft Defender Advanced Threat Protection to configure email notification settings for security alerts, based on severity and other criteria.
+description: You can use Microsoft Defender for Endpoint to configure email notification settings for security alerts, based on severity and other criteria.
 keywords: email notifications, configure alert notifications, microsoft defender atp notifications, microsoft defender atp alerts, windows 10 enterprise, windows 10 education
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md

@@ -1,7 +1,7 @@
 ---
 title: Onboard Windows 10 devices to Microsoft Defender ATP via Group Policy
 description: Use Group Policy to deploy the configuration package on Windows 10 devices so that they are onboarded to the service.
-keywords: configure devices using group policy, device management, configure Windows ATP devices, onboard Microsoft Defender Advanced Threat Protection devices, group policy
+keywords: configure devices using group policy, device management, configure Windows ATP devices, onboard Microsoft Defender for Endpoint devices, group policy
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md

@@ -1,7 +1,7 @@
 ---
 title: Onboard Windows 10 devices using Mobile Device Management tools
 description: Use Mobile Device Management tools to deploy the configuration package on devices so that they are onboarded to the service.
-keywords: onboard devices using mdm, device management, onboard Windows ATP devices, onboard Microsoft Defender Advanced Threat Protection devices, mdm
+keywords: onboard devices using mdm, device management, onboard Windows ATP devices, onboard Microsoft Defender for Endpoint devices, mdm
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md

@@ -1,7 +1,7 @@
 ---
 title: Onboard non-Windows devices to the Microsoft Defender for Endpoint service
 description: Configure non-Windows devices so that they can send sensor data to the Microsoft Defender ATP service.
-keywords: onboard non-Windows devices, macos, linux, device management, configure Windows ATP devices, configure Microsoft Defender Advanced Threat Protection devices
+keywords: onboard non-Windows devices, macos, linux, device management, configure Windows ATP devices, configure Microsoft Defender for Endpoint devices
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md

@@ -1,7 +1,7 @@
 ---
 title: Onboard Windows 10 devices using Configuration Manager
 description: Use Configuration Manager to deploy the configuration package on devices so that they are onboarded to the service.
-keywords: onboard devices using sccm, device management, configure Windows ATP devices, configure Microsoft Defender Advanced Threat Protection devices
+keywords: onboard devices using sccm, device management, configure Windows ATP devices, configure Microsoft Defender for Endpoint devices
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md

@@ -1,7 +1,7 @@
 ---
 title: Onboard Windows 10 devices using a local script
 description: Use a local script to deploy the configuration package on devices so that they are onboarded to the service.
-keywords: configure devices using a local script, device management, configure Windows ATP devices, configure Microsoft Defender Advanced Threat Protection devices
+keywords: configure devices using a local script, device management, configure Windows ATP devices, configure Microsoft Defender for Endpoint devices
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md

@@ -1,7 +1,7 @@
 ---
 title: Onboard non-persistent virtual desktop infrastructure (VDI) devices
 description: Deploy the configuration package on virtual desktop infrastructure (VDI) device so that they are onboarded to Microsoft Defender ATP the service.
-keywords: configure virtual desktop infrastructure (VDI) device, vdi, device management, configure Windows ATP endpoints, configure Microsoft Defender Advanced Threat Protection endpoints
+keywords: configure virtual desktop infrastructure (VDI) device, vdi, device management, configure Windows ATP endpoints, configure Microsoft Defender for Endpoint endpoints
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md

@@ -1,7 +1,7 @@
 ---
 title: Onboard Windows servers to the Microsoft Defender for Endpoint service
 description: Onboard Windows servers so that they can send sensor data to the Microsoft Defender for Endpoint sensor.
-keywords: onboard server, server, 2012r2, 2016, 2019, server onboarding, device management, configure Windows ATP servers, onboard Microsoft Defender Advanced Threat Protection servers, onboard Microsoft Defender for Endpoint servers
+keywords: onboard server, server, 2012r2, 2016, 2019, server onboarding, device management, configure Windows ATP servers, onboard Microsoft Defender for Endpoint servers, onboard Microsoft Defender for Endpoint servers
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/configure-siem.md

@@ -1,5 +1,5 @@
 ---
-title: Pull detections to your SIEM tools from Microsoft Defender Advanced Threat Protection
+title: Pull detections to your SIEM tools from Microsoft Defender for Endpoint
 description: Learn how to use REST API and configure supported security information and events management tools to receive and pull detections.
 keywords: configure siem, security information and events management tools, splunk, arcsight, custom indicators, rest api, alert definitions, indicators of compromise
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/create-alert-by-reference.md

@@ -1,6 +1,6 @@
 ---
 title: Create alert from event API
-description: Learn how to use the Create alert API to create a new Alert on top of Event in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Create alert API to create a new Alert on top of Event in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, alert, information, id
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/data-retention-settings.md

@@ -1,6 +1,6 @@
 ---
 title: Verify data storage location and update data retention settings
-description: Verify data storage location and update data retention settings for Microsoft Defender Advanced Threat Protection
+description: Verify data storage location and update data retention settings for Microsoft Defender for Endpoint
 keywords: data, storage, settings, retention, update
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/delete-ti-indicator-by-id.md

@@ -1,6 +1,6 @@
 ---
 title: Delete Indicator API.
-description: Learn how to use the Delete Indicator API to delete an Indicator entity by ID in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Delete Indicator API to delete an Indicator entity by ID in Microsoft Defender for Endpoint.
 keywords: apis, public api, supported apis, delete, ti indicator, entity, id
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/get-alert-related-domain-info.md

@@ -1,6 +1,6 @@
 ---
 title: Get alert related domains information
-description: Retrieve all domains related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve all domains related to a specific alert using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get alert information, alert information, related domain
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/get-alert-related-files-info.md

@@ -1,6 +1,6 @@
 ---
 title: Get alert related files information
-description: Retrieve all files related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender for Endpoint).
+description: Retrieve all files related to a specific alert using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get alert information, alert information, related files
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/get-alert-related-ip-info.md

@@ -1,6 +1,6 @@
 ---
 title: Get alert related IPs information
-description: Retrieve all IPs related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender for Endpoint).
+description: Retrieve all IPs related to a specific alert using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get alert information, alert information, related ip
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/get-alert-related-machine-info.md

@@ -1,6 +1,6 @@
 ---
 title: Get alert related machine information
-description: Retrieve all devices related to a specific alert using Microsoft Defender Advanced Threat Protection (Microsoft Defender for Endpoint).
+description: Retrieve all devices related to a specific alert using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get alert information, alert information, related device
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/get-alert-related-user-info.md

@@ -1,6 +1,6 @@
 ---
 title: Get alert related user information
-description: Learn how to use the Get alert related user information API to retrieve the user related to a specific alert in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get alert related user information API to retrieve the user related to a specific alert in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, alert, information, related, user
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/get-ip-related-alerts.md

@@ -1,6 +1,6 @@
 ---
 title: Get IP related alerts API
-description: Retrieve a collection of alerts related to a given IP address using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve a collection of alerts related to a given IP address using Microsoft Defender for Endpoint
 keywords: apis, graph api, supported apis, get, ip, related, alerts
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/get-ip-statistics.md

@@ -1,6 +1,6 @@
 ---
 title: Get IP statistics API
-description: Get the latest stats for your IP using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Get the latest stats for your IP using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, ip, statistics, prevalence
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/get-kbinfo-collection.md

@@ -1,6 +1,6 @@
 ---
 title: Get KB collection API
-description: Retrieve a collection of knowledge bases (KB's) and KB details with Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve a collection of knowledge bases (KB's) and KB details with Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, kb
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/get-machine-by-id.md

@@ -1,6 +1,6 @@
 ---
 title: Get machine by ID API
-description: Learn how to use the Get machine by ID API to retrieve a machine by its device ID or computer name in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get machine by ID API to retrieve a machine by its device ID or computer name in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, devices, entity, id
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10

windows/security/threat-protection/microsoft-defender-atp/get-machine-log-on-users.md

@@ -1,6 +1,6 @@
 ---
 title: Get machine logon users API
-description: Learn how to use the Get machine logon users API to retrieve a collection of logged on users on a device in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get machine logon users API to retrieve a collection of logged on users on a device in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, device, log on, users
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10

windows/security/threat-protection/microsoft-defender-atp/get-machine-related-alerts.md

@@ -1,6 +1,6 @@
 ---
 title: Get machine related alerts API
-description: Learn how to use the Get machine related alerts API to retrieve all alerts related to a specific device in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get machine related alerts API to retrieve all alerts related to a specific device in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, devices, related, alerts
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10

windows/security/threat-protection/microsoft-defender-atp/get-machineaction-object.md

@@ -1,6 +1,6 @@
 ---
 title: Get MachineAction object API
-description: Learn how to use the Get MachineAction API to retrieve a specific Machine Action by its ID in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get MachineAction API to retrieve a specific Machine Action by its ID in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, machineaction object
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10

windows/security/threat-protection/microsoft-defender-atp/get-machineactions-collection.md

@@ -1,6 +1,6 @@
 ---
 title: List machineActions API
-description: Learn how to use the List MachineActions API to retrieve a collection of Machine Actions in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the List MachineActions API to retrieve a collection of Machine Actions in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, machineaction collection
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10

windows/security/threat-protection/microsoft-defender-atp/get-machinesecuritystates-collection.md

@@ -1,6 +1,6 @@
 ---
 title: Get machines security states collection API
-description: Retrieve a collection of device security states using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve a collection of device security states using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, device, security, state
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/get-ti-indicators-collection.md

@@ -1,6 +1,6 @@
 ---
 title: List Indicators API
-description: Learn how to use the List Indicators API to retrieve a collection of all active Indicators in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the List Indicators API to retrieve a collection of all active Indicators in Microsoft Defender for Endpoint.
 keywords: apis, public api, supported apis, Indicators collection
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10

windows/security/threat-protection/microsoft-defender-atp/get-user-information.md

@@ -1,6 +1,6 @@
 ---
 title: Get user information API
-description: Learn how to use the Get user information API to retrieve a User entity by key, or user name, in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get user information API to retrieve a User entity by key, or user name, in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, user, user information
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10

windows/security/threat-protection/microsoft-defender-atp/get-user-related-alerts.md

@@ -1,6 +1,6 @@
 ---
 title: Get user-related alerts API
-description: Retrieve a collection of alerts related to a given user ID using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Retrieve a collection of alerts related to a given user ID using Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, user, related, alerts
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/get-user-related-machines.md

@@ -1,6 +1,6 @@
 ---
 title: Get user-related machines API
-description: Learn how to use the Get user-related machines API to retrieve a collection of devices related to a user ID in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Get user-related machines API to retrieve a collection of devices related to a user ID in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, get, user, user related alerts
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/helpful-resources.md

@@ -1,6 +1,6 @@
 ---
-title: Helpful Microsoft Defender Advanced Threat Protection resources
+title: Helpful Microsoft Defender for Endpoint resources
-description: Access helpful resources such as links to blogs and other resources related to  Microsoft Defender Advanced Threat Protection
+description: Access helpful resources such as links to blogs and other resources related to  Microsoft Defender for Endpoint
 keywords: Microsoft Defender Security Center, product brief, brief, capabilities, licensing
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/import-ti-indicators.md

@@ -1,6 +1,6 @@
 ---
 title: Import Indicators API
-description: Learn how to use the Import batch of Indicator API in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Import batch of Indicator API in Microsoft Defender for Endpoint.
 keywords: apis, supported apis, submit, ti, indicator, update
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10

windows/security/threat-protection/microsoft-defender-atp/investigate-alerts.md

@@ -1,5 +1,5 @@
 ---
-title: Investigate Microsoft Defender Advanced Threat Protection alerts
+title: Investigate Microsoft Defender for Endpoint alerts
 description: Use the investigation options to get details on alerts are affecting your network, what they mean, and how to resolve them.
 keywords: investigate, investigation, devices, device, alerts queue, dashboard, IP address, file, submit, submissions, deep analysis, timeline, search, domain, URL, IP
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/investigate-domain.md

@@ -1,5 +1,5 @@
 ---
-title: Investigate Microsoft Defender Advanced Threat Protection domains
+title: Investigate Microsoft Defender for Endpoint domains
 description: Use the investigation options to see if devices and servers have been communicating with malicious domains.
 keywords: investigate domain, domain, malicious domain, microsoft defender atp, alert, URL
 search.product: eADQiWindows 10XVcnh
@@ -77,7 +77,7 @@ You can view events from different periods of time by entering the dates into th
 5. Clicking any of the device names will take you to that device's view, where you can continue investigate reported alerts, behaviors, and events.
 
 ## Related topics
-- [View and organize the Microsoft Defender Advanced Threat Protection Alerts queue](alerts-queue.md)
+- [View and organize the Microsoft Defender for Endpoint Alerts queue](alerts-queue.md)
 - [Manage Microsoft Defender for Endpoint alerts](manage-alerts.md)
 - [Investigate Microsoft Defender for Endpoint alerts](investigate-alerts.md)
 - [Investigate a file associated with a Microsoft Defender for Endpoint alert](investigate-files.md)

windows/security/threat-protection/microsoft-defender-atp/investigate-files.md

@@ -1,5 +1,5 @@
 ---
-title: Investigate Microsoft Defender Advanced Threat Protection files
+title: Investigate Microsoft Defender for Endpoint files
 description: Use the investigation options to get details on files associated with alerts, behaviors, or events.
 keywords: investigate, investigation, file, malicious activity, attack motivation, deep analysis, deep analysis report
 search.product: eADQiWindows 10XVcnh
@@ -65,7 +65,12 @@ For more information on these actions, see [Take response action on a file](resp
 
 The file details, incident, malware detection, and file prevalence cards display various attributes about the file.
 
-You'll see details such as the file’s MD5, the Virus Total detection ratio, and Microsoft Defender AV detection if available, and the file’s prevalence, both worldwide and within your organizations.
+You'll see details such as the file’s MD5, the Virus Total detection ratio, and Microsoft Defender AV detection if available, and the file’s prevalence.
+
+The file prevalence card shows where the file was seen in devices in the organization and worldwide. 
+
+> [!NOTE] 
+> Different users may see dissimilar values in the *devices in organization* section of the file prevalence card. This is because the card displays information based on the RBAC scope that a user has. Meaning, if a user has been granted visibility on a specific set of devices, they will only see the file organizational prevalence on those devices.
 
 ![Image of file information](images/atp-file-information.png)
 

windows/security/threat-protection/microsoft-defender-atp/isolate-machine.md

@@ -1,6 +1,6 @@
 ---
 title: Isolate machine API
-description: Learn how to use the Isolate machine API to isolate a device from accessing external network in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Isolate machine API to isolate a device from accessing external network in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, isolate device
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md

@@ -1,5 +1,5 @@
 ---
-title: What's new in Microsoft Defender Advanced Threat Protection for Linux
+title: What's new in Microsoft Defender for Endpoint for Linux
 description: List of major changes for Microsoft Defender ATP for Linux.
 keywords: microsoft, defender, atp, linux, whatsnew, release
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md

@@ -1,6 +1,6 @@
 ---
 title: Live response command examples
-description: Learn to run basic or advanced live response commands for Microsoft Defender Advanced Threat Protection (ATP) and see examples on how it's used.
+description: Learn to run basic or advanced live response commands for Microsoft Defender for Endpoint and see examples on how it's used.
 keywords: example, command, cli, remote, shell, connection, live, response, real-time, command, script, remediate, hunt, export, log, drop, download, file
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/mac-schedule-scan-atp.md

@@ -97,6 +97,6 @@ You can create a scanning schedule using the *launchd* daemon on a macOS device.
 
 ## Schedule a scan with Intune
 
-You can also schedule scans with Microsoft Intune. The [runMDATPQuickScan.sh](https://github.com/microsoft/shell-intune-samples/tree/master/Misc/MDATP#runmdatpquickscansh) shell script available at [Scripts for Microsoft Defender Advanced Threat Protection](https://github.com/microsoft/shell-intune-samples/tree/master/Misc/MDATP) will persist when the device resumes from sleep mode. 
+You can also schedule scans with Microsoft Intune. The [runMDATPQuickScan.sh](https://github.com/microsoft/shell-intune-samples/tree/master/Misc/MDATP#runmdatpquickscansh) shell script available at [Scripts for Microsoft Defender for Endpoint](https://github.com/microsoft/shell-intune-samples/tree/master/Misc/MDATP) will persist when the device resumes from sleep mode. 
 
 See [Use shell scripts on macOS devices in Intune](https://docs.microsoft.com/mem/intune/apps/macos-shell-scripts) for more detailed instructions on how to use this script in your enterprise.

windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md

@@ -1,6 +1,6 @@
 ---
-title: What's new in Microsoft Defender Advanced Threat Protection for Mac
+title: What's new in Microsoft Defender for Endpoint for Mac
-description: Learn about the major changes for previous versions of Microsoft Defender Advanced Threat Protection for Mac.
+description: Learn about the major changes for previous versions of Microsoft Defender for Endpoint for Mac.
 keywords: microsoft, defender, atp, mac, installation, macos, whatsnew
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/machine.md

@@ -1,6 +1,6 @@
 ---
 title: Machine resource type
-description: Learn about the methods and properties of the Machine resource type in Microsoft Defender Advanced Threat Protection.
+description: Learn about the methods and properties of the Machine resource type in Microsoft Defender for Endpoint.
 keywords: apis, supported apis, get, machines
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/machineaction.md

@@ -1,6 +1,6 @@
 ---
 title: machineAction resource type
-description: Learn about the methods and properties of the MachineAction resource type in Microsoft Defender Advanced Threat Protection.
+description: Learn about the methods and properties of the MachineAction resource type in Microsoft Defender for Endpoint.
 keywords: apis, supported apis, get, machineaction, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md

@@ -1,5 +1,5 @@
 ---
-title: Manage Microsoft Defender Advanced Threat Protection alerts
+title: Manage Microsoft Defender for Endpoint alerts
 description: Change the status of alerts, create suppression rules to hide alerts, submit comments, and review change history for individual alerts with the Manage Alert menu.
 keywords: manage alerts, manage, alerts, status, new, in progress, resolved, resolve alerts, suppress, supression, rules, context, history, comments, changes
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/manage-suppression-rules.md

@@ -1,5 +1,5 @@
 ---
-title: Manage Microsoft Defender Advanced Threat Protection suppression rules
+title: Manage Microsoft Defender for Endpoint suppression rules
 description: You might need to prevent alerts from appearing in the portal by using suppression rules. Learn how to manage your suppression rules in Microsoft Defender ATP.
 keywords: manage suppression, rules, rule name, scope, action, alerts, turn on, turn off
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md

@@ -1,7 +1,7 @@
 ---
 title: Microsoft Cloud App Security integration overview
 ms.reviewer: 
-description: Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) integrates with Cloud App Security by forwarding all cloud app networking activities.
+description: Microsoft Defender for Endpoint integrates with Cloud App Security by forwarding all cloud app networking activities.
 keywords: cloud, app, networking, visibility, usage
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md

@@ -123,7 +123,7 @@ Microsoft Defender for Endpoint's new managed threat hunting service provides pr
 <a name="apis"></a>
 
 **[Centralized configuration and administration, APIs](management-apis.md)**<br>
-Integrate Microsoft Defender Advanced Threat Protection into your existing workflows.
+Integrate Microsoft Defender for Endpoint into your existing workflows.
 
 <a name="mtp"></a>
 

windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md

@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender ATP for Mac
 ms.reviewer: 
-description: Learn how to install, configure, update, and use Microsoft Defender Advanced Threat Protection for Mac.
+description: Learn how to install, configure, update, and use Microsoft Defender for Endpoint for Mac.
 keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-security-center.md

@@ -1,6 +1,6 @@
 ---
 title: Microsoft Defender Security Center
-description: Microsoft Defender Security Center is the portal where you can access Microsoft Defender Advanced Threat Protection.
+description: Microsoft Defender Security Center is the portal where you can access Microsoft Defender for Endpoint.
 keywords: windows, defender, security, center, defender, advanced, threat, protection
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md

@@ -1,7 +1,7 @@
 ---
 title: Microsoft Threat Experts
 ms.reviewer: 
-description: Microsoft Threat Experts provides an additional layer of expertise to Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Microsoft Threat Experts provides an additional layer of expertise to Microsoft Defender for Endpoint.
 keywords: managed threat hunting service, managed threat hunting, managed detection and response (MDR) service, MTE, Microsoft Threat Experts, MTE-TAN, targeted attack notification, Targeted Attack Notification
 search.product: Windows 10
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/offboard-machines.md

@@ -1,7 +1,7 @@
 ---
 title: Offboard devices from the Microsoft Defender ATP service
 description: Onboard Windows 10 devices, servers, non-Windows devices from the Microsoft Defender ATP service
-keywords: offboarding, microsoft defender advanced threat protection offboarding, windows atp offboarding
+keywords: offboarding, microsoft defender for endpoint offboarding, windows atp offboarding
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md

@@ -1,7 +1,7 @@
 ---
 title: Onboard devices to the Microsoft Defender ATP service
 description: Onboard Windows 10 devices, servers, non-Windows devices and learn how to run a detection test.
-keywords: onboarding, microsoft defender advanced threat protection onboarding, windows atp onboarding, sccm, group policy, mdm, local script, detection test
+keywords: onboarding, microsoft defender for endpoint onboarding, windows atp onboarding, sccm, group policy, mdm, local script, detection test
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/overview-attack-surface-reduction.md

@@ -2,7 +2,7 @@
 title: Overview of attack surface reduction
 ms.reviewer: 
 description: Learn about the attack surface reduction capabilities of Microsoft Defender ATP.
-keywords: asr, attack surface reduction, microsoft defender atp, microsoft defender advanced threat protection, microsoft defender, antivirus, av, windows defender
+keywords: asr, attack surface reduction, microsoft defender atp, microsoft defender for endpoint, microsoft defender, antivirus, av, windows defender
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/portal-overview.md

@@ -1,5 +1,5 @@
 ---
-title: Microsoft Defender Advanced Threat Protection portal overview
+title: Microsoft Defender for Endpoint portal overview
 description: Microsoft Defender Security Center can monitor your enterprise network and assist in responding to potential advanced persistent threats (APT) or data breaches.
 keywords: Microsoft Defender Security Center, portal, cybersecurity threat intelligence, dashboard, alerts queue, devices list, settings, device management, advanced attacks
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md

@@ -1,6 +1,6 @@
 ---
 title: Submit or Update Indicator API
-description: Learn how to use the Submit or Update Indicator API to submit or update a new Indicator entity in Microsoft Defender Advanced Threat Protection.
+description: Learn how to use the Submit or Update Indicator API to submit or update a new Indicator entity in Microsoft Defender for Endpoint.
 keywords: apis, graph api, supported apis, submit, ti, indicator, update
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/preview-settings.md

@@ -1,6 +1,6 @@
 ---
 title: Turn on the preview experience in Microsoft Defender ATP
-description: Turn on the preview experience in Microsoft Defender Advanced Threat Protection to try upcoming features.
+description: Turn on the preview experience in Microsoft Defender for Endpoint to try upcoming features.
 keywords: advanced features, settings, block file
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/preview.md

@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender ATP preview features
-description: Learn how to access Microsoft Defender Advanced Threat Protection preview features.
+description: Learn how to access Microsoft Defender for Endpoint preview features.
-keywords: preview, preview experience, Microsoft Defender Advanced Threat Protection, features, updates
+keywords: preview, preview experience, Microsoft Defender for Endpoint, features, updates
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/raw-data-export-event-hub.md

@@ -1,5 +1,5 @@
 ---
-title: Stream Microsoft Defender Advanced Threat Protection events to Azure Event Hubs
+title: Stream Microsoft Defender for Endpoint events to Azure Event Hubs
 description: Learn how to configure Microsoft Defender ATP to stream Advanced Hunting events to your Event Hub.
 keywords: raw data export, streaming API, API, Azure Event Hubs, Azure storage, storage account, Advanced Hunting, raw data sharing
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/raw-data-export-storage.md

@@ -1,5 +1,5 @@
 ---
-title: Stream Microsoft Defender Advanced Threat Protection events to your Storage account
+title: Stream Microsoft Defender for Endpoint events to your Storage account
 description: Learn how to configure Microsoft Defender ATP to stream Advanced Hunting events to your Storage account.
 keywords: raw data export, streaming API, API, Event Hubs, Azure storage, storage account, Advanced Hunting, raw data sharing
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/raw-data-export.md

@@ -1,5 +1,5 @@
 ---
-title: Stream Microsoft Defender Advanced Threat Protection event
+title: Stream Microsoft Defender for Endpoint event
 description: Learn how to configure Microsoft Defender ATP to stream Advanced Hunting events to Event Hubs or Azure storage account
 keywords: raw data export, streaming API, API, Event hubs, Azure storage, storage account, Advanced Hunting, raw data sharing
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/review-alerts.md

@@ -1,5 +1,5 @@
 ---
-title: Review alerts in Microsoft Defender Advanced Threat Protection
+title: Review alerts in Microsoft Defender for Endpoint
 description: Review alert information, including a visualized alert story and details for each step of the chain.
 keywords: incident, incidents, machines, devices, users, alerts, alert, investigation, graph, evidence
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-api.md

@@ -1,7 +1,7 @@
 ---
 title: Advanced Hunting API
 ms.reviewer: 
-description: Learn to use the advanced hunting API to run advanced queries on Microsoft Defender Advanced Threat Protection. Find out about limitations and see an example.
+description: Learn to use the advanced hunting API to run advanced queries on Microsoft Defender for Endpoint. Find out about limitations and see an example.
 keywords: apis, supported apis, advanced hunting, query
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-powershell.md

@@ -1,7 +1,7 @@
 ---
 title: Advanced Hunting with PowerShell API Basics
 ms.reviewer: 
-description: Learn the basics of querying the Microsoft Defender Advanced Threat Protection API, using PowerShell.
+description: Learn the basics of querying the Microsoft Defender for Endpoint API, using PowerShell.
 keywords: apis, supported apis, advanced hunting, query
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/run-advanced-query-sample-python.md

@@ -1,7 +1,7 @@
 ---
 title: Advanced Hunting with Python API Guide
 ms.reviewer: 
-description: Learn how to query using the Microsoft Defender Advanced Threat Protection API, by using Python, with examples.
+description: Learn how to query using the Microsoft Defender for Endpoint API, by using Python, with examples.
 keywords: apis, supported apis, advanced hunting, query
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/run-detection-test.md

@@ -1,7 +1,7 @@
 ---
 title: Run a detection test on a newly onboarded Microsoft Defender ATP device
 description: Run the detection script on a newly onboarded device to verify that it is properly onboarded to the Microsoft Defender ATP service.
-keywords: detection test, detection, powershell, script, verify, onboarding, microsoft defender advanced threat protection onboarding, clients, servers, test
+keywords: detection test, detection, powershell, script, verify, onboarding, microsoft defender for endpoint onboarding, clients, servers, test
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md

@@ -68,7 +68,7 @@ This tile shows you a list of devices with the highest number of active alerts.
 
 ![The Devices at risk tile shows a list of devices with the highest number of alerts, and a breakdown of the severity of the alerts](images/devices-at-risk-tile.png)
 
-Click the name of the device to see details about that device. For more information see, [Investigate devices in the Microsoft Defender Advanced Threat Protection Devices list](investigate-machines.md).
+Click the name of the device to see details about that device. For more information see, [Investigate devices in the Microsoft Defender for Endpoint Devices list](investigate-machines.md).
 
 You can also click **Devices list** at the top of the tile to go directly to the **Devices list**, sorted by the number of active alerts. For more information see, [Investigate devices in the Microsoft Defender for Endpoint Devices list](investigate-machines.md).
 

windows/security/threat-protection/microsoft-defender-atp/set-device-value.md

@@ -1,6 +1,6 @@
 ---
 title: Set device value API
-description: Learn how to specify the value of a device using a Microsoft Defender Advanced Threat Protection API.
+description: Learn how to specify the value of a device using a Microsoft Defender for Endpoint API.
 keywords: apis, graph api, supported apis, tags, machine tags
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/stop-and-quarantine-file.md

@@ -1,6 +1,6 @@
 ---
 title: Stop and quarantine file API
-description: Learn how to stop running a file on a device and delete the file in Microsoft Defender Advanced Threat Protection. See an example.
+description: Learn how to stop running a file on a device and delete the file in Microsoft Defender for Endpoint. See an example.
 keywords: apis, graph api, supported apis, stop and quarantine file
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/switch-to-microsoft-defender-onboard.md

@@ -67,7 +67,7 @@ To verify that your onboarded devices are properly connected to Microsoft Defend
 |Operating system  |Guidance  |
 |---------|---------|
 |- Windows 10 <br/>- Windows Server 2019 <br/>- Windows Server, version 1803 <br/>- Windows Server 2016 <br/>- Windows Server 2012 R2     |See [Run a detection test](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/run-detection-test). <br/><br/>Visit the Microsoft Defender for Endpoint demo scenarios site ([https://demo.wd.microsoft.com](https://demo.wd.microsoft.com)) and try one or more of the scenarios. For example, try the **Cloud-delivered protection** demo scenario.         |
-|macOS<br/>- 10.15 (Catalina)<br/>- 10.14 (Mojave)<br/>- 10.13 (High Sierra)     |Download and use the DIY app at [https://aka.ms/mdatpmacosdiy](https://aka.ms/mdatpmacosdiy). <br/><br/>For more information, see [Microsoft Defender Advanced Threat Protection for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac).        |
+|macOS<br/>- 10.15 (Catalina)<br/>- 10.14 (Mojave)<br/>- 10.13 (High Sierra)     |Download and use the DIY app at [https://aka.ms/mdatpmacosdiy](https://aka.ms/mdatpmacosdiy). <br/><br/>For more information, see [Microsoft Defender for Endpoint for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac).        |
 |Linux:<br/>- RHEL 7.2+<br/>- CentOS Linux 7.2+<br/>- Ubuntu 16 LTS, or higher LTS<br/>- SLES 12+<br/>- Debian 9+<br/>- Oracle Linux 7.2 |1. Run the following command, and look for a result of **1**: <br/>`mdatp health --field real_time_protection_enabled`. <br/><br/>2. Open a Terminal window, and run the following command: <br/>`curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt`. <br/><br/>3. Run the following command to list any detected threats: <br/>`mdatp threat list`. <br/><br/>For more information, see [Microsoft Defender ATP for Linux](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux). |
 
 ## Uninstall your non-Microsoft solution

windows/security/threat-protection/microsoft-defender-atp/symantec-to-microsoft-defender-atp-onboard.md

@@ -67,7 +67,7 @@ To verify that your onboarded devices are properly connected to Microsoft Defend
 |Operating system  |Guidance  |
 |---------|---------|
 |- Windows 10 <br/>- Windows Server 2019 <br/>- Windows Server, version 1803 <br/>- Windows Server 2016 <br/>- Windows Server 2012 R2     |See [Run a detection test](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/run-detection-test). <br/><br/>Visit the Microsoft Defender for Endpoint demo scenarios site ([https://demo.wd.microsoft.com](https://demo.wd.microsoft.com)) and try one or more of the scenarios. For example, try the **Cloud-delivered protection** demo scenario.         |
-|macOS<br/>- 10.15 (Catalina)<br/>- 10.14 (Mojave)<br/>- 10.13 (High Sierra)     |Download and use the DIY app at [https://aka.ms/mdatpmacosdiy](https://aka.ms/mdatpmacosdiy). <br/><br/>For more information, see [Microsoft Defender Advanced Threat Protection for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac).        |
+|macOS<br/>- 10.15 (Catalina)<br/>- 10.14 (Mojave)<br/>- 10.13 (High Sierra)     |Download and use the DIY app at [https://aka.ms/mdatpmacosdiy](https://aka.ms/mdatpmacosdiy). <br/><br/>For more information, see [Microsoft Defender for Endpoint for Mac](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac).        |
 |Linux:<br/>- RHEL 7.2+<br/>- CentOS Linux 7.2+<br/>- Ubuntu 16 LTS, or higher LTS<br/>- SLES 12+<br/>- Debian 9+<br/>- Oracle Linux 7.2 |1. Run the following command, and look for a result of **1**: <br/>`mdatp health --field real_time_protection_enabled`. <br/><br/>2. Open a Terminal window, and run the following command: <br/>`curl -o ~/Downloads/eicar.com.txt https://www.eicar.org/download/eicar.com.txt`. <br/><br/>3. Run the following command to list any detected threats: <br/>`mdatp threat list`. <br/><br/>For more information, see [Microsoft Defender for Endpoint for Linux](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux). |
 
 ## Uninstall Symantec

windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-event-timeline.md

@@ -1,7 +1,7 @@
 ---
 title: Event timeline in threat and vulnerability management
 description: Event timeline is a risk news feed that helps you interpret how risk is introduced into the organization, and which mitigations happened to reduce it.
-keywords: event timeline, mdatp event timeline, mdatp tvm event timeline, threat and vulnerability management, Microsoft Defender Advanced Threat Protection
+keywords: event timeline, mdatp event timeline, mdatp tvm event timeline, threat and vulnerability management, Microsoft Defender for Endpoint
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/threat-indicator-concepts.md

@@ -1,6 +1,6 @@
 ---
-title: Understand threat intelligence concepts in Microsoft Defender ATP
+title: Understand threat intelligence concepts in Microsoft Defender for Endpoint
-description: Create custom threat alerts for your organization and learn the concepts around threat intelligence in Microsoft Defender Advanced Threat Protection.
+description: Create custom threat alerts for your organization and learn the concepts around threat intelligence in Microsoft Defender for Endpoint
 keywords: threat intelligence, alert definitions, indicators of compromise, ioc
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/ti-indicator.md

@@ -1,6 +1,6 @@
 ---
 title: Indicator resource type
-description: Specify the entity details and define the expiration of the indicator using Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Specify the entity details and define the expiration of the indicator using Microsoft Defender for Endpoint.
 keywords: apis, supported apis, get, TiIndicator, Indicator, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/troubleshoot-asr.md

@@ -1,7 +1,7 @@
 ---
 title: Troubleshoot problems with attack surface reduction rules
-description: Resources and sample code to troubleshoot issues with attack surface reduction rules in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Resources and sample code to troubleshoot issues with attack surface reduction rules in Microsoft Defender for Endpoint.
-keywords: troubleshoot, error, fix, windows defender eg, asr, rules, hips, troubleshoot, audit, exclusion, false positive, broken, blocking, microsoft defender atp, microsoft defender advanced threat protection
+keywords: troubleshoot, error, fix, windows defender eg, asr, rules, hips, troubleshoot, audit, exclusion, false positive, broken, blocking, microsoft defender for endpoint, microsoft defender advanced threat protection
 search.product: eADQiWindows 10XVcnh
 ms.pagetype: security
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/troubleshoot-mdatp.md

@@ -1,7 +1,7 @@
 ---
-title: Troubleshoot Microsoft Defender Advanced Threat Protection service issues
+title: Troubleshoot Microsoft Defender for Endpoint service issues
 description: Find solutions and work arounds to known issues such as server errors when trying to access the service.
-keywords: troubleshoot Microsoft Defender Advanced Threat Protection, troubleshoot Windows ATP, server error, access denied, invalid credentials, no data, dashboard portal, allow, event viewer
+keywords: troubleshoot microsoft defender for endpoint, troubleshoot Windows ATP, server error, access denied, invalid credentials, no data, dashboard portal, allow, event viewer
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/troubleshoot-np.md

@@ -1,7 +1,7 @@
 ---
 title: Troubleshoot problems with Network protection
-description: Resources and sample code to troubleshoot issues with Network protection in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP).
+description: Resources and sample code to troubleshoot issues with Network protection in Microsoft Defender for Endpoint.
-keywords: troubleshoot, error, fix, windows defender eg, asr, rules, hips, troubleshoot, audit, exclusion, false positive, broken, blocking, microsoft defender atp, microsoft defender advanced threat protection
+keywords: troubleshoot, error, fix, windows defender eg, asr, rules, hips, troubleshoot, audit, exclusion, false positive, broken, blocking, microsoft defender for endpoint, microsoft defender advanced threat protection
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security
 ms.mktglfcycl: manage

windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md

@@ -1,7 +1,7 @@
 ---
 title: Troubleshoot onboarding issues and error messages
-description: Troubleshoot onboarding issues and error message while completing setup of Microsoft Defender Advanced Threat Protection.
+description: Troubleshoot onboarding issues and error message while completing setup of Microsoft Defender for Endpoint.
-keywords: troubleshoot, troubleshooting, Azure Active Directory, onboarding, error message, error messages, microsoft defender atp
+keywords: troubleshoot, troubleshooting, Azure Active Directory, onboarding, error message, error messages, microsoft defender for endpoint
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/tvm-exposure-score.md

@@ -1,7 +1,7 @@
 ---
 title: Exposure score in threat and vulnerability management
 description: The threat and vulnerability management exposure score reflects how vulnerable your organization is to cybersecurity threats.
-keywords: exposure score, mdatp exposure score, mdatp tvm exposure score, organization exposure score, tvm organization exposure score, threat and vulnerability management, Microsoft Defender Advanced Threat Protection
+keywords: exposure score, mdatp exposure score, mdatp tvm exposure score, organization exposure score, tvm organization exposure score, threat and vulnerability management, Microsoft Defender for Endpoint
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: m365-security

windows/security/threat-protection/microsoft-defender-atp/user.md

@@ -1,6 +1,6 @@
 ---
 title: User resource type
-description: Retrieve recent Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) alerts related to users.
+description: Retrieve recent Microsoft Defender for Endpoint alerts related to users.
 keywords: apis, graph api, supported apis, get, alerts, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: m365-security