From dfcb41067d6f3e5241688eeff905ded367a8c1ed Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:18:52 -0800
Subject: [PATCH 01/39] Added MTE EOD prereq note

---
 .../microsoft-defender-advanced-threat-protection.md         | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index 56b73435ad..ef2ddb98d9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -108,6 +108,11 @@ Microsoft Defender ATP includes a secure score to help you dynamically assess th
 **[Microsoft Threat Experts](microsoft-threat-experts.md)**<br>
 Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately.
 
+>[!IMPORTANT]
+>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
+
+If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+
 <a name="apis"></a>
 
 **[Management and APIs](management-apis.md)**<br>

From c3562695aa16fb761dbf4dd33130a3febb2ce01c Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:19:33 -0800
Subject: [PATCH 02/39] Update microsoft-defender-advanced-threat-protection.md

---
 .../microsoft-defender-advanced-threat-protection.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index ef2ddb98d9..dacbda8e0a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -111,7 +111,7 @@ Microsoft Defender ATP's new managed threat hunting service provides proactive h
 >[!IMPORTANT]
 >Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
 
-If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
 
 <a name="apis"></a>
 

From 6385e6de1c14ec7a0a0ef4adbdadcbf1a631342e Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:20:16 -0800
Subject: [PATCH 03/39] Update microsoft-defender-advanced-threat-protection.md

---
 .../microsoft-defender-advanced-threat-protection.md             | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index dacbda8e0a..09fb7a88c4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -110,7 +110,6 @@ Microsoft Defender ATP's new managed threat hunting service provides proactive h
 
 >[!IMPORTANT]
 >Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
-
 >If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
 
 <a name="apis"></a>

From e4016ed9b3f9e6948ceee070ba664ff77737c220 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:21:01 -0800
Subject: [PATCH 04/39] Added MTE EOD prereq

---
 .../threat-protection/microsoft-defender-atp/overview.md      | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index be86e6742f..acf20a1482 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -42,5 +42,7 @@ Topic | Description
 [Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand.
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
-[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. 
+[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. >[!IMPORTANT]
+>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
+>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
 [Portal overview](portal-overview.md) |Learn to navigate your way around Microsoft Defender Security Center.

From 687a4e70bd4ada22774612c9f2a197f9db5dbeaf Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:22:12 -0800
Subject: [PATCH 05/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md    | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index acf20a1482..3878d155ec 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -42,7 +42,7 @@ Topic | Description
 [Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand.
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
-[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. >[!IMPORTANT]
->Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
->If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. <br>IMPORTANT
+<br>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
+If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
 [Portal overview](portal-overview.md) |Learn to navigate your way around Microsoft Defender Security Center.

From e1436580fa84d9057672cffb75cce6d5e5d2a58d Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:23:03 -0800
Subject: [PATCH 06/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md      | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index 3878d155ec..efe28abc3b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -42,7 +42,5 @@ Topic | Description
 [Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand.
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
-[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. <br>IMPORTANT
-<br>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
-If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. IMPORTANT: Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
 [Portal overview](portal-overview.md) |Learn to navigate your way around Microsoft Defender Security Center.

From a7a35320c4cfa891a468bd66f508a4a25705ae47 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:23:37 -0800
Subject: [PATCH 07/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index efe28abc3b..10cd7206dc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -42,5 +42,5 @@ Topic | Description
 [Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand.
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
-[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. IMPORTANT: Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. <p>IMPORTANT: Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
 [Portal overview](portal-overview.md) |Learn to navigate your way around Microsoft Defender Security Center.

From 38351e2f038aae39f4639d89b5defe5853a57734 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:24:26 -0800
Subject: [PATCH 08/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index 10cd7206dc..31aeed1093 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -42,5 +42,5 @@ Topic | Description
 [Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand.
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
-[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. <p>IMPORTANT: Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. <p><p>IMPORTANT: Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
 [Portal overview](portal-overview.md) |Learn to navigate your way around Microsoft Defender Security Center.

From 716617647dbbad4fc2054889d8bb4f862bbf672c Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:25:23 -0800
Subject: [PATCH 09/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index 31aeed1093..de767b478d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -42,5 +42,5 @@ Topic | Description
 [Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand.
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
-[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. <p><p>IMPORTANT: Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
 [Portal overview](portal-overview.md) |Learn to navigate your way around Microsoft Defender Security Center.

From 1b408ef7f963444cb427bc5aac3dc149dcdd897e Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:26:05 -0800
Subject: [PATCH 10/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index de767b478d..3f9210c536 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -39,8 +39,8 @@ Topic | Description
 [Endpoint detection and response](overview-endpoint-detection-response.md) | Understand how Microsoft Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization and the features you can use to mitigate and remediate threats.
 [Automated investigation and remediation](automated-investigations.md) | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
 [Secure score](overview-secure-score.md) | Quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to better protect your organization - all in one place.
-[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand.
+[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
-[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+[Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. 
 [Portal overview](portal-overview.md) |Learn to navigate your way around Microsoft Defender Security Center.

From 3d004a08a5e9138916493909ad3c6b244c735945 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:30:38 -0800
Subject: [PATCH 11/39] Added MTE EOD in the prereq

---
 .../microsoft-defender-atp/microsoft-threat-experts.md   | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
index c451cf8400..d98ece13ea 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
@@ -26,9 +26,12 @@ Microsoft Threat Experts is a managed detection and response (MDR) service that
   
 This new capability provides expert-driven insights and data through targeted attack notification and access to experts on demand. 
 
->[!NOTE]
->Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration. See [Configure Microsoft Threat Experts capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#before-you-begin) for details. 
- 
+
+## Before you begin 
+Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
+
+If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription. See [Configure Microsoft Threat Experts capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#before-you-begin) for details. 
+
 ## Targeted attack notification 
 Microsoft Threat Experts provides proactive hunting for the most important threats to your network, including human adversary intrusions, hands-on-keyboard attacks, or advanced attacks like cyberespionage. The managed hunting service includes:  
 - Threat monitoring and analysis, reducing dwell time and risk to the business 

From e4b2638edf847a3074b8a146b38cd5c7e34be6cb Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:32:40 -0800
Subject: [PATCH 12/39] Added MTE EOD prereq

---
 .../configure-microsoft-threat-experts.md                   | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
index 6140a832e2..2f864f309a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
@@ -26,8 +26,10 @@ ms.topic: article
 ## Before you begin 
 Ensure that you have Microsoft Defender ATP deployed in your environment with machines enrolled, and not just on a laboratory set-up.
 
->[!NOTE]
->Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
+Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
+
+If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+
 
 ## Register to Microsoft Threat Experts managed threat hunting service 
 If you're already a Microsoft Defender ATP customer, you can apply through the Microsoft Defender ATP portal. 

From 14479419850647bc50b1bff92e4cb985aecc8379 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 28 Jan 2020 15:36:50 -0800
Subject: [PATCH 13/39] Update microsoft-defender-advanced-threat-protection.md

---
 .../microsoft-defender-advanced-threat-protection.md           | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index 09fb7a88c4..c25f83a0a0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -109,8 +109,7 @@ Microsoft Defender ATP includes a secure score to help you dynamically assess th
 Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately.
 
 >[!IMPORTANT]
->Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
->If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration. If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
 
 <a name="apis"></a>
 

From 4a3e2884915f0038737634ea0da903fb0369fef8 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 4 Feb 2020 15:47:37 -0800
Subject: [PATCH 14/39] Update microsoft-defender-advanced-threat-protection.md

---
 .../microsoft-defender-advanced-threat-protection.md           | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index c25f83a0a0..59fff4a335 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -109,7 +109,8 @@ Microsoft Defender ATP includes a secure score to help you dynamically assess th
 Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately.
 
 >[!IMPORTANT]
->Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration. If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes targeted attack notifications.
+><br>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
 
 <a name="apis"></a>
 

From 016d3c2642ac1171b6920f38fc49a11db4eb7687 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 4 Feb 2020 15:49:11 -0800
Subject: [PATCH 15/39] Update microsoft-defender-advanced-threat-protection.md

---
 .../microsoft-defender-advanced-threat-protection.md          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index 59fff4a335..7cf601b819 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -109,8 +109,8 @@ Microsoft Defender ATP includes a secure score to help you dynamically assess th
 Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately.
 
 >[!IMPORTANT]
->Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes targeted attack notifications.
-><br>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
+>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.
+><p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
 
 <a name="apis"></a>
 

From 2d3d85dfd7ebf4a040c5eb0e023e9868d58c6160 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 4 Feb 2020 15:50:55 -0800
Subject: [PATCH 16/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md       | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index 3f9210c536..07f3d06551 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -39,7 +39,8 @@ Topic | Description
 [Endpoint detection and response](overview-endpoint-detection-response.md) | Understand how Microsoft Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization and the features you can use to mitigate and remediate threats.
 [Automated investigation and remediation](automated-investigations.md) | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
 [Secure score](overview-secure-score.md) | Quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to better protect your organization - all in one place.
-[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.
+><p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
 [Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. 

From 6eee9c8dda805559e72ccbc39f11d439695adde6 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 4 Feb 2020 15:51:30 -0800
Subject: [PATCH 17/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index 07f3d06551..8ada0f809f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -40,7 +40,7 @@ Topic | Description
 [Automated investigation and remediation](automated-investigations.md) | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
 [Secure score](overview-secure-score.md) | Quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to better protect your organization - all in one place.
 [Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.
-><p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
+<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
 [Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. 

From 88be1e96679a792f22abb434772fddd54b368c36 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 4 Feb 2020 15:52:28 -0800
Subject: [PATCH 18/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md       | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index 8ada0f809f..970e018c39 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -39,8 +39,7 @@ Topic | Description
 [Endpoint detection and response](overview-endpoint-detection-response.md) | Understand how Microsoft Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization and the features you can use to mitigate and remediate threats.
 [Automated investigation and remediation](automated-investigations.md) | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
 [Secure score](overview-secure-score.md) | Quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to better protect your organization - all in one place.
-[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.
-<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
+[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.  
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
 [Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. 

From 8553f7b3e53b53f5fb5f6368230c8ffe3e5f38f8 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 4 Feb 2020 15:54:08 -0800
Subject: [PATCH 19/39] Update microsoft-threat-experts.md

---
 .../microsoft-defender-atp/microsoft-threat-experts.md        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
index d98ece13ea..94ac467817 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
@@ -28,9 +28,9 @@ This new capability provides expert-driven insights and data through targeted at
 
 
 ## Before you begin 
-Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
+Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.
 
-If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription. See [Configure Microsoft Threat Experts capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#before-you-begin) for details. 
+If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription. See [Configure Microsoft Threat Experts capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#before-you-begin) for details. 
 
 ## Targeted attack notification 
 Microsoft Threat Experts provides proactive hunting for the most important threats to your network, including human adversary intrusions, hands-on-keyboard attacks, or advanced attacks like cyberespionage. The managed hunting service includes:  

From c2268c8f63ed16f81c7332e4615eda8e1e3dfc08 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 4 Feb 2020 15:55:25 -0800
Subject: [PATCH 20/39] Update configure-microsoft-threat-experts.md

---
 .../configure-microsoft-threat-experts.md                    | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
index 2f864f309a..608a38d180 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
@@ -26,10 +26,9 @@ ms.topic: article
 ## Before you begin 
 Ensure that you have Microsoft Defender ATP deployed in your environment with machines enrolled, and not just on a laboratory set-up.
 
-Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive targeted attack notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. A Microsoft Threat Experts subscription is a prerequisite for experts on demand collaboration.
-
-If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply for a 90-day trial. Contact your Microsoft representative to get a full Experts on Demand subscription.
+Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.
 
+If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription. 
 
 ## Register to Microsoft Threat Experts managed threat hunting service 
 If you're already a Microsoft Defender ATP customer, you can apply through the Microsoft Defender ATP portal. 

From d845702ac72adbd906016bb9d4f272441f6f3a73 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 4 Feb 2020 16:01:33 -0800
Subject: [PATCH 21/39] Update microsoft-defender-advanced-threat-protection.md

---
 .../microsoft-defender-advanced-threat-protection.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index 7cf601b819..b142442a59 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -109,7 +109,7 @@ Microsoft Defender ATP includes a secure score to help you dynamically assess th
 Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately.
 
 >[!IMPORTANT]
->Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.
+>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.<p>
 ><p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
 
 <a name="apis"></a>

From 12f04bc42d14e1b85bd2accec5a15bdbcad52d51 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Tue, 4 Feb 2020 16:09:25 -0800
Subject: [PATCH 22/39] Update microsoft-defender-advanced-threat-protection.md

---
 .../microsoft-defender-advanced-threat-protection.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index b142442a59..fc5831b2a9 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -110,7 +110,7 @@ Microsoft Defender ATP's new managed threat hunting service provides proactive h
 
 >[!IMPORTANT]
 >Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.<p>
-><p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
+><p>If you are not enrolled yet and would like to experience its benefits, go to <b>Settings</b> > <b>General</b> > <b>Advanced features</b> > <b>Microsoft Threat Experts</b> to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
 
 <a name="apis"></a>
 

From 7c0d07305cff0d22f7955f305a1b24796328e845 Mon Sep 17 00:00:00 2001
From: Ben Alfasi <bealfasi@microsoft.com>
Date: Thu, 6 Feb 2020 18:51:21 +0200
Subject: [PATCH 23/39] 1

---
 windows/security/threat-protection/TOC.md     |  1 +
 .../microsoft-defender-atp/common-errors.md   | 86 +++++++++++++++++++
 .../microsoft-defender-atp/oldTOC.txt         |  1 +
 3 files changed, 88 insertions(+)
 create mode 100644 windows/security/threat-protection/microsoft-defender-atp/common-errors.md

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index e37e6d8711..93955396d4 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -383,6 +383,7 @@
 
 ##### [Microsoft Defender ATP APIs Schema]()
 ###### [Supported Microsoft Defender ATP APIs](microsoft-defender-atp/exposed-apis-list.md)
+###### [Common REST API error codes](microsoft-defender-atp/common-errors.md)
 ###### [Advanced Hunting](microsoft-defender-atp/run-advanced-query-api.md)
 
 ###### [Alert]()
diff --git a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
new file mode 100644
index 0000000000..80062ce564
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
@@ -0,0 +1,86 @@
+---
+title: Common Microsoft Defender ATP API errors
+description: List of common Microsoft Defender ATP API errors with descriptions.
+keywords: apis, mdatp api, errors, troubleshooting 
+search.product: eADQiWindows 10XVcnh
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: macapara
+author: mjcaparas
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance 
+ms.topic: article
+---
+
+# Common REST API error codes
+
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
+
+The error codes listed in the following table may be returned by an operation on any of Microsoft Defender ATP APIs.
+<br>note that in addition to the error code, every error response contains an error message which can help resolving the problem.
+<br>Note that the message is a free text that can be changed.
+<br>At the bottom of the page you can find response examples.
+
+Error code |HTTP status code |Message 
+:---|:---|:---
+BadRequest | BadRequest (400) | General Bad Request error message.
+ODataError | BadRequest (400) | Invalid OData URI query (the specific error is specified).
+InvalidInput | BadRequest (400) | Invalid input {the invalid input}.
+InvalidRequestBody | BadRequest (400) | Invalid request body.
+InvalidHashValue | BadRequest (400) | Hash value {the invalid hash} is invalid.
+InvalidDomainName | BadRequest (400) | Domain name {the invalid domain} is invalid.
+InvalidIpAddress | BadRequest (400) | IP address {the invalid IP} is invalid.
+InvalidUrl | BadRequest (400) | URL {the invalid URL} is invalid.
+MaximumBatchSizeExceeded | BadRequest (400) | Maximum indicators batch size exceeded. Received: {batch size received}, allowed: {batch size allowed}.
+MissingRequiredParameter | BadRequest (400) | Parameter {the missing parameter} is missing.
+OsPlatformNotSupported | BadRequest (400) | OS Platform {the client OS Platform} is not supported for this action.
+ClientVersionNotSupported | BadRequest (400) | {The requested action} is supported on client version {supported client version} and above.
+Unauthorized | Unauthorized (401) | Unauthorized (usually invalid or expired authorization header).
+Forbidden | Forbidden (403) | Forbidden (valid token but insufficient permission for the action).
+DisabledFeature | Forbidden (403) | Tenant feature is not enabled.
+DisallowedOperation | Forbidden (403) | {the disallowed operation and the reason}.
+NotFound | Not Found (404) | General Not Found error message.
+ResourceNotFound | Not Found (404) | Resource {the requested resource} was not found.
+
+## Body parameters are case sensitive
+
+The submitted body parameters are currently case sensitive.
+<br>If you experience an InvalidRequestBody or MissingRequiredParameter errors, it might be caused from a wrong parameter capital or lower-case letter.
+<br>It is recommended to go to the requested Api documentation page and check that the submitted parameters match the relevant example.
+
+## Correlation request ID
+
+Each error response contains a unique ID parameter for tracking.
+<br>The property name of this parameter is "target".
+<br>When contacting us about an error, attaching this ID will help find the root cause of the problem.
+
+## Exapmles
+
+```json
+{
+    "error": {
+        "code": "ResourceNotFound",
+        "message": "Machine 123123123 was not found",
+        "target": "43f4cb08-8fac-4b65-9db1-745c2ae65f3a"
+    }
+}
+```
+<br><br>
+
+```json
+{
+    "error": {
+        "code": "InvalidRequestBody",
+        "message": "Request body is incorrect",
+        "target": "1fa66c0f-18bd-4133-b378-36d76f3a2ba0"
+    }
+}
+```
+
+
diff --git a/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt b/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt
index 987d3c8ce0..2e2b69385b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt
+++ b/windows/security/threat-protection/microsoft-defender-atp/oldTOC.txt
@@ -345,6 +345,7 @@
 
 ##### [APIs]()
 ###### [Supported Microsoft Defender ATP APIs](exposed-apis-list.md)
+###### [Common REST API error codes](common-errors.md)
 ###### [Advanced Hunting](run-advanced-query-api.md)
 
 ###### [Alert]()

From 60bc51d15d7762256eea828c9304dfdbda7a75ca Mon Sep 17 00:00:00 2001
From: Ben Alfasi <bealfasi@microsoft.com>
Date: Thu, 6 Feb 2020 18:58:29 +0200
Subject: [PATCH 24/39] s

---
 .../microsoft-defender-atp/common-errors.md                  | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
index 80062ce564..e5c1a31b9d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
@@ -37,7 +37,7 @@ InvalidHashValue | BadRequest (400) | Hash value {the invalid hash} is invalid.
 InvalidDomainName | BadRequest (400) | Domain name {the invalid domain} is invalid.
 InvalidIpAddress | BadRequest (400) | IP address {the invalid IP} is invalid.
 InvalidUrl | BadRequest (400) | URL {the invalid URL} is invalid.
-MaximumBatchSizeExceeded | BadRequest (400) | Maximum indicators batch size exceeded. Received: {batch size received}, allowed: {batch size allowed}.
+MaximumBatchSizeExceeded | BadRequest (400) | Maximum batch size exceeded. Received: {batch size received}, allowed: {batch size allowed}.
 MissingRequiredParameter | BadRequest (400) | Parameter {the missing parameter} is missing.
 OsPlatformNotSupported | BadRequest (400) | OS Platform {the client OS Platform} is not supported for this action.
 ClientVersionNotSupported | BadRequest (400) | {The requested action} is supported on client version {supported client version} and above.
@@ -47,11 +47,12 @@ DisabledFeature | Forbidden (403) | Tenant feature is not enabled.
 DisallowedOperation | Forbidden (403) | {the disallowed operation and the reason}.
 NotFound | Not Found (404) | General Not Found error message.
 ResourceNotFound | Not Found (404) | Resource {the requested resource} was not found.
+InternalServerError | Internal Server Error (500) | (No error message, try retry the operation or contact us if it does not resolved)
 
 ## Body parameters are case sensitive
 
 The submitted body parameters are currently case sensitive.
-<br>If you experience an InvalidRequestBody or MissingRequiredParameter errors, it might be caused from a wrong parameter capital or lower-case letter.
+<br>If you experience an **InvalidRequestBody** or **MissingRequiredParameter** errors, it might be caused from a wrong parameter capital or lower-case letter.
 <br>It is recommended to go to the requested Api documentation page and check that the submitted parameters match the relevant example.
 
 ## Correlation request ID

From d16aa0651eba0559040a06236292decd47016cfe Mon Sep 17 00:00:00 2001
From: Ben Alfasi <bealfasi@microsoft.com>
Date: Thu, 6 Feb 2020 19:18:12 +0200
Subject: [PATCH 25/39] s

---
 windows/security/threat-protection/TOC.md     |  8 ++--
 .../get-all-recommendations.md                |  6 +--
 .../get-all-vulnerabilities.md                | 10 ++---
 .../get-device-secure-score.md                |  9 ++---
 .../get-exposure-score.md                     |  3 +-
 .../get-machine-group-exposure-score.md       | 19 +++------
 .../get-machines-by-software.md               |  9 +++--
 .../get-machines-by-vulnerability.md          |  8 ++--
 .../get-recommendation-by-id.md               |  3 +-
 .../get-recommendation-machines.md            |  4 +-
 .../get-recommendation-software.md            |  3 +-
 .../get-recommendation-vulnerabilities.md     | 10 ++---
 .../get-software-ver-distribution.md          |  3 +-
 .../microsoft-defender-atp/get-software.md    | 29 +++++++-------
 .../get-vuln-by-software.md                   | 31 ++++++++-------
 .../get-vulnerability-by-id.md                |  3 +-
 .../microsoft-defender-atp/score.md           | 39 +------------------
 17 files changed, 75 insertions(+), 122 deletions(-)

diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 93955396d4..64d2f552fc 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -461,7 +461,7 @@
 ####### [Score methods and properties](microsoft-defender-atp/score.md)
 ####### [List exposure score by machine group](microsoft-defender-atp/get-machine-group-exposure-score.md)
 ####### [Get exposure score](microsoft-defender-atp/get-exposure-score.md)
-####### [Get device secure score](microsoft-defender-atp/get-device-secure-score.md)
+####### [Get machine secure score](microsoft-defender-atp/get-device-secure-score.md)
 
 ###### [Software]()
 ####### [Software methods and properties](microsoft-defender-atp/software.md)
@@ -473,7 +473,7 @@
 
 ###### [Vulnerability]()
 ####### [Vulnerability methods and properties](microsoft-defender-atp/vulnerability.md)
-####### [Get all vulnerabilities](microsoft-defender-atp/get-all-vulnerabilities.md)
+####### [List vulnerabilities](microsoft-defender-atp/get-all-vulnerabilities.md)
 ####### [Get vulnerability by Id](microsoft-defender-atp/get-vulnerability-by-id.md)
 ####### [List machines by vulnerability](microsoft-defender-atp/get-machines-by-vulnerability.md)
 
@@ -482,8 +482,8 @@
 ####### [List all recommendations](microsoft-defender-atp/get-all-recommendations.md)
 ####### [Get recommendation by Id](microsoft-defender-atp/get-recommendation-by-id.md)
 ####### [Get recommendation by software](microsoft-defender-atp/get-recommendation-software.md)
-####### [Get recommendation by machines](microsoft-defender-atp/get-recommendation-machines.md)
-####### [Get recommendation by vulnerabilities](microsoft-defender-atp/get-recommendation-vulnerabilities.md)
+####### [List machines by recommendation](microsoft-defender-atp/get-recommendation-machines.md)
+####### [List vulnerabilities by recommendation](microsoft-defender-atp/get-recommendation-vulnerabilities.md)
 
 ##### [How to use APIs - Samples]()
 ###### [Microsoft Flow](microsoft-defender-atp/api-microsoft-flow.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
index 1735811830..5f0bb3386d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-recommendations.md
@@ -66,8 +66,7 @@ GET https://api.securitycenter.windows.com/api/recommendations
 Here is an example of the response.
 
 
-```
-Content-type: json
+```json
 {
     "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Recommendations",
     "value": [
@@ -99,7 +98,8 @@ Content-type: json
             "nonProductivityImpactedAssets": 0,
             "relatedComponent": "Windows 10"
         }
-        ]
+		...
+     ]
 }
 ```
 ## Related topics
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
index e0e4243d76..4114015c39 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-all-vulnerabilities.md
@@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Get all vulnerabilities
+# List vulnerabilities
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
@@ -66,8 +66,7 @@ GET https://api.securitycenter.windows.com/api/Vulnerabilities
 Here is an example of the response.
 
 
-```
-Content-type: json
+```json
 {
     "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Vulnerabilities",
     "value": [
@@ -86,8 +85,9 @@ Content-type: json
             "exploitTypes": [],
             "exploitUris": []
         }
-        ]
-        {
+		...
+    ]
+
 }
 ```
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
index dfd844de6b..b0f731be41 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-device-secure-score.md
@@ -1,6 +1,6 @@
 ---
-title: Get Device Secure score
-description: Retrieves the organizational device secure score.
+title: Get Machine Secure score
+description: Retrieves the organizational machine secure score.
 keywords: apis, graph api, supported apis, get, alerts, recent
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Get Device Secure score
+# Get Machine Secure score
 
 **Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
@@ -75,8 +75,7 @@ Here is an example of the response.
 {
     "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#ConfigurationScore/$entity",
     "time": "2019-12-03T09:15:58.1665846Z",
-    "score": 340,
-    "rbacGroupId": null
+    "score": 340
 }
 ```
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
index f57f5e53cf..794272d101 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-exposure-score.md
@@ -76,8 +76,7 @@ Here is an example of the response.
 {
     "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#ExposureScore/$entity",
     "time": "2019-12-03T07:23:53.280499Z",
-    "score": 33.491554051195706,
-    "rbacGroupId": null
+    "score": 33.491554051195706
 }
 
 ```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
index a85a0bc44e..b9a2498569 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machine-group-exposure-score.md
@@ -18,9 +18,9 @@ ms.topic: article
 
 # List exposure score by machine group
 
-**Applies to:**
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
@@ -74,23 +74,14 @@ Here is an example of the response.
         {
             "time": "2019-12-03T09:51:28.214338Z",
             "score": 41.38041766305988,
-            "rbacGroupId": 10
+            "rbacGroupName": "GroupOne"
         },
         {
             "time": "2019-12-03T09:51:28.2143399Z",
             "score": 37.403726933165366,
-            "rbacGroupId": 11
-        },
-        {
-            "time": "2019-12-03T09:51:28.2143407Z",
-            "score": 26.390921344426033,
-            "rbacGroupId": 9
-        },
-        {
-            "time": "2019-12-03T09:51:28.2143414Z",
-            "score": 23.58823563070858,
-            "rbacGroupId": 5
+            "rbacGroupName": "GroupTwo"
         }
+		...
     ]
 }
 ```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
index 81d6659101..b4a8ff7d35 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-software.md
@@ -24,7 +24,7 @@ ms.topic: article
 
 [!include[Prerelease information](../../includes/prerelease.md)]
 
-Retrieve a list of machines that has this software installed.
+Retrieve a list of machine references that has this software installed.
 
 ## Permissions
 One of the following permissions is required to call this API. To learn more, including how to choose permissions, see [Use Microsoft Defender ATP APIs](apis-intro.md) for details.
@@ -75,15 +75,16 @@ Here is an example of the response.
             "id": "7c7e1896fa39efb0a32a2cf421d837af1b9bf762",
             "computerDnsName": "dave_desktop",
             "osPlatform": "Windows10",
-            "rbacGroupId": 9
+            "rbacGroupName": "GroupTwo"
         },
         {
             "id": "7d5cc2e7c305e4a0a290392abf6707f9888fda0d",
             "computerDnsName": "jane_PC",
             "osPlatform": "Windows10",
-            "rbacGroupId": 9
+            "rbacGroupName": "GroupTwo"
         }
-]
+		...
+	]
 }
 ```
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
index 5ee5fe1b47..b27ecfca50 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-machines-by-vulnerability.md
@@ -66,8 +66,7 @@ GET https://api.securitycenter.windows.com/api/vulnerabilities/CVE-2019-0608/mac
 Here is an example of the response.
 
 
-```
-Content-type: json
+```json
 {
     "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#MachineReferences",
     "value": [
@@ -75,14 +74,15 @@ Content-type: json
             "id": "235a2e6278c63fcf85bab9c370396972c58843de",
             "computerDnsName": "h1mkn_PC",
             "osPlatform": "Windows10",
-            "rbacGroupId": 1268
+            "rbacGroupName": "GroupTwo"
         },
         {
             "id": "afb3f807d1a185ac66668f493af028385bfca184",
             "computerDnsName": "chat_Desk ",
             "osPlatform": "Windows10",
-            "rbacGroupId": 410
+            "rbacGroupName": "GroupTwo"
         }
+		...
     ]
  }
 ```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
index 6a56d41c99..9254f80562 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-by-id.md
@@ -65,8 +65,7 @@ GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chr
 
 Here is an example of the response.
 
-```
-Content-type: json
+```json
 {
     "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Recommendations/$entity",
     "id": "va-_-google-_-chrome",
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
index d74dc47279..99fc59caf2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
@@ -1,5 +1,5 @@
 ---
-title: Get recommendation by machines
+title: List machines by recommendation
 description: Retrieves a list of machines associated with the security recommendation. 
 keywords: apis, graph api, supported apis, get, security recommendation for vulnerable machines, threat and vulnerability management, threat and vulnerability management api 
 search.product: eADQiWindows 10XVcnh
@@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Get recommendation by machines
+# List machines by recommendation
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
index de192c1e9f..d4e5a895ef 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-software.md
@@ -65,8 +65,7 @@ GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chr
 
 Here is an example of the response.
 
-```
-Content-type: json
+```json
 {
     "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Analytics.Contracts.PublicAPI.PublicProductDto",
     "id": "google-_-chrome",
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
index c9ca363c20..e7e5725b8a 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-vulnerabilities.md
@@ -1,5 +1,5 @@
 ---
-title: Get recommendation by vulnerabilities
+title: List vulnerabilities by recommendation
 description: Retrieves a list of vulnerabilities associated with the security recommendation.
 keywords: apis, graph api, supported apis, get, list of vulnerabilities, security recommendation, security recommendation for vulnerabilities, threat and vulnerability management, threat and vulnerability management api 
 search.product: eADQiWindows 10XVcnh
@@ -16,7 +16,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ---
 
-# Get recommendation by vulnerabilities
+# List vulnerabilities by recommendation
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
@@ -65,8 +65,7 @@ GET https://api.securitycenter.windows.com/api/recommendations/va-_-google-_-chr
 
 Here is an example of the response.
 
-```
-Content-type: json
+```json
 {
     "@odata.context": "https://api.securitycenter.windows.com/api/$metadata#Collection(Analytics.Contracts.PublicAPI.PublicVulnerabilityDto)",
     "value": [
@@ -85,7 +84,8 @@ Content-type: json
             "exploitTypes": [],
             "exploitUris": []
         }
-        ]
+		...
+     ]
 }
 ```
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
index 2ba8c06b69..159f48e08e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software-ver-distribution.md
@@ -81,7 +81,8 @@ Here is an example of the response.
             "installations": 750,
             "vulnerabilities": 0
         }
-        ]
+		...
+    ]
 }
 ```
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
index 1ec2bcccd1..883c240d11 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-software.md
@@ -17,10 +17,10 @@ ms.topic: article
 ---
 
 # List software inventory API
-**Applies to:**
-- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-[!include[Prerelease information](../../includes/prerelease.md)]
+**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
+
+- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
 
 Retrieves the organization software inventory.
 
@@ -66,20 +66,21 @@ GET https://api.securitycenter.windows.com/api/Software
 Here is an example of the response.
 
 
-```
+```json
 {
     "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Software",
     "value": [
-        {
-            "id": "microsoft-_-edge",
-            "name": "edge",
-            "vendor": "microsoft",
-            "weaknesses": 467,
-            "publicExploit": true,
-            "activeAlert": false,
-            "exposedMachines": 172,
-            "impactScore": 2.39947438
-        }
+			{
+				"id": "microsoft-_-edge",
+				"name": "edge",
+				"vendor": "microsoft",
+				"weaknesses": 467,
+				"publicExploit": true,
+				"activeAlert": false,
+				"exposedMachines": 172,
+				"impactScore": 2.39947438
+			}
+			...
         ]
 }
 ```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
index 6fa52754b7..42147bc353 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vuln-by-software.md
@@ -71,21 +71,22 @@ Here is an example of the response.
 {
     "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Collection(Analytics.Contracts.PublicAPI.PublicVulnerabilityDto)",
     "value": [
-        {
-            "id": "CVE-2017-0140",
-            "name": "CVE-2017-0140",
-            "description": "A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted.In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.The security update addresses the vulnerability by modifying how affected Microsoft Edge handles different-origin requests.",
-            "severity": "Medium",
-            "cvssV3": 4.2,
-            "exposedMachines": 1,
-            "publishedOn": "2017-03-14T00:00:00Z",
-            "updatedOn": "2019-10-03T00:03:00Z",
-            "publicExploit": false,
-            "exploitVerified": false,
-            "exploitInKit": false,
-            "exploitTypes": [],
-            "exploitUris": []
-        }
+			{
+				"id": "CVE-2017-0140",
+				"name": "CVE-2017-0140",
+				"description": "A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins. The vulnerability allows Microsoft Edge to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored. An attacker who successfully exploited the vulnerability could force the browser to send data that would otherwise be restricted.In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.The security update addresses the vulnerability by modifying how affected Microsoft Edge handles different-origin requests.",
+				"severity": "Medium",
+				"cvssV3": 4.2,
+				"exposedMachines": 1,
+				"publishedOn": "2017-03-14T00:00:00Z",
+				"updatedOn": "2019-10-03T00:03:00Z",
+				"publicExploit": false,
+				"exploitVerified": false,
+				"exploitInKit": false,
+				"exploitTypes": [],
+				"exploitUris": []
+			}
+			...
         ]
 }
 ```
diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
index e4ccb6c433..a7ec42d80f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-vulnerability-by-id.md
@@ -65,8 +65,7 @@ GET https://api.securitycenter.windows.com/api/Vulnerabilities/CVE-2019-0608
 
 Here is an example of the response.
 
-```
-Content-type: json
+```json
 {
     "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#Vulnerabilities/$entity",
     "id": "CVE-2019-0608",
diff --git a/windows/security/threat-protection/microsoft-defender-atp/score.md b/windows/security/threat-protection/microsoft-defender-atp/score.md
index 9a903d296f..a0a67a5dd0 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/score.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/score.md
@@ -37,41 +37,4 @@ Property |	Type	|	Description
 :---|:---|:---
 Score | Double | The current score.
 Time | DateTime | The date and time in which the call for this API was made.
-RbacGroupId | Nullable Int | RBAC Group ID.
-
-
-### Response example for getting machine groups score:
-
-```
-GET https://api.securitycenter.windows.com/api/exposureScore/byMachineGroups
-```
-
-```json
-{
-    "@odata.context": "https://api-us.securitycenter.windows.com/api/$metadata#ExposureScore",
-    "value": [
-        {
-            "time": "2019-12-03T07:26:49.9376328Z",
-            "score": 41.38041766305988,
-            "rbacGroupId": 10
-        },
-        {
-            "time": "2019-12-03T07:26:49.9376375Z",
-            "score": 23.58823563070858,
-            "rbacGroupId": 5
-        },
-        {
-            "time": "2019-12-03T07:26:49.9376382Z",
-            "score": 37.403726933165366,
-            "rbacGroupId": 11
-        },
-        {
-            "time": "2019-12-03T07:26:49.9376388Z",
-            "score": 26.323200116475423,
-            "rbacGroupId": 9
-        }
-    ]
-}
- 
-
-```
+RbacGroupName | String | The machine group name.

From a4fcdc33640e0d13c3399a96bba59611790ffa2d Mon Sep 17 00:00:00 2001
From: Ben Alfasi <bealfasi@microsoft.com>
Date: Thu, 6 Feb 2020 19:19:53 +0200
Subject: [PATCH 26/39] s

---
 .../microsoft-defender-atp/common-errors.md          | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
index e5c1a31b9d..50c1ad528c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
@@ -18,14 +18,10 @@ ms.topic: article
 
 # Common REST API error codes
 
-**Applies to:** [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-
-- Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) 
-
-The error codes listed in the following table may be returned by an operation on any of Microsoft Defender ATP APIs.
-<br>note that in addition to the error code, every error response contains an error message which can help resolving the problem.
-<br>Note that the message is a free text that can be changed.
-<br>At the bottom of the page you can find response examples.
+* The error codes listed in the following table may be returned by an operation on any of Microsoft Defender ATP APIs.
+* Note that in addition to the error code, every error response contains an error message which can help resolving the problem.
+* Note that the message is a free text that can be changed.
+* At the bottom of the page you can find response examples.
 
 Error code |HTTP status code |Message 
 :---|:---|:---

From ceb9dfd8c9f54c6c14c36b5099f1e18fbbc7651e Mon Sep 17 00:00:00 2001
From: Ben Alfasi <bealfasi@microsoft.com>
Date: Thu, 6 Feb 2020 19:20:23 +0200
Subject: [PATCH 27/39] s

---
 .../threat-protection/microsoft-defender-atp/common-errors.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
index 50c1ad528c..1ab79ce76b 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
@@ -68,7 +68,7 @@ Each error response contains a unique ID parameter for tracking.
     }
 }
 ```
-<br><br>
+
 
 ```json
 {

From af89f7fbc9fd5dbadab6e411704c867346ab270b Mon Sep 17 00:00:00 2001
From: Ben Alfasi <bealfasi@microsoft.com>
Date: Thu, 6 Feb 2020 19:40:42 +0200
Subject: [PATCH 28/39] s

---
 .../microsoft-defender-atp/get-recommendation-machines.md      | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
index 99fc59caf2..1343ebbc71 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/get-recommendation-machines.md
@@ -75,7 +75,8 @@ Here is an example of the response.
             "osPlatform": "Windows10",
             "rbacGroupId": 2154
         }
-        ]
+		...
+    ]
 }
 ```
 

From 17a1392c94b9066fe9e56a404268776520c2a0f4 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 6 Feb 2020 10:24:45 -0800
Subject: [PATCH 29/39] Updated based on PM feedback

---
 .../microsoft-defender-advanced-threat-protection.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index fc5831b2a9..3cd3c240cd 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -109,7 +109,7 @@ Microsoft Defender ATP includes a secure score to help you dynamically assess th
 Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately.
 
 >[!IMPORTANT]
->Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.<p>
+>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts threat hunting service.<p>
 ><p>If you are not enrolled yet and would like to experience its benefits, go to <b>Settings</b> > <b>General</b> > <b>Advanced features</b> > <b>Microsoft Threat Experts</b> to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
 
 <a name="apis"></a>

From 8154d0df6239172b638bd7f7916a6dc972251c7e Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 6 Feb 2020 10:25:17 -0800
Subject: [PATCH 30/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index 970e018c39..4d4366723f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -39,7 +39,7 @@ Topic | Description
 [Endpoint detection and response](overview-endpoint-detection-response.md) | Understand how Microsoft Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization and the features you can use to mitigate and remediate threats.
 [Automated investigation and remediation](automated-investigations.md) | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
 [Secure score](overview-secure-score.md) | Quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to better protect your organization - all in one place.
-[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.  
+[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts threat hunting service.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.  
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
 [Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. 

From 253684f082426906a9f314d29d6f3574edc19c07 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 6 Feb 2020 10:25:55 -0800
Subject: [PATCH 31/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index 4d4366723f..ab2ee7912f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -39,7 +39,7 @@ Topic | Description
 [Endpoint detection and response](overview-endpoint-detection-response.md) | Understand how Microsoft Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization and the features you can use to mitigate and remediate threats.
 [Automated investigation and remediation](automated-investigations.md) | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
 [Secure score](overview-secure-score.md) | Quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to better protect your organization - all in one place.
-[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts threat hunting service.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.  
+[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.  
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
 [Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. 

From bbaeadc8f7e58b28d5d069a127805b2bbb8c39ca Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 6 Feb 2020 10:26:36 -0800
Subject: [PATCH 32/39] Update microsoft-defender-advanced-threat-protection.md

---
 .../microsoft-defender-advanced-threat-protection.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index 3cd3c240cd..be8013e046 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -109,7 +109,7 @@ Microsoft Defender ATP includes a secure score to help you dynamically assess th
 Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately.
 
 >[!IMPORTANT]
->Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts threat hunting service.<p>
+>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.<p>
 ><p>If you are not enrolled yet and would like to experience its benefits, go to <b>Settings</b> > <b>General</b> > <b>Advanced features</b> > <b>Microsoft Threat Experts</b> to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
 
 <a name="apis"></a>

From 8375e5b44961901f03b5a9f8216058aa7815c0bf Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 6 Feb 2020 10:27:19 -0800
Subject: [PATCH 33/39] Update microsoft-threat-experts.md

---
 .../microsoft-defender-atp/microsoft-threat-experts.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
index 94ac467817..083d620d2e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
@@ -28,7 +28,7 @@ This new capability provides expert-driven insights and data through targeted at
 
 
 ## Before you begin 
-Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.
+Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.
 
 If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription. See [Configure Microsoft Threat Experts capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#before-you-begin) for details. 
 

From c36101869473125e4811b3bc73d98a49fbef1930 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 6 Feb 2020 10:27:52 -0800
Subject: [PATCH 34/39] Update configure-microsoft-threat-experts.md

---
 .../configure-microsoft-threat-experts.md                       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
index 608a38d180..8e3d6c2b73 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
@@ -26,7 +26,7 @@ ms.topic: article
 ## Before you begin 
 Ensure that you have Microsoft Defender ATP deployed in your environment with machines enrolled, and not just on a laboratory set-up.
 
-Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Your Microsoft Threat Experts subscription already includes Targeted Attack Notifications.
+Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.
 
 If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription. 
 

From f49a0677297f09083bb1eea7e00d424aa9faf2a5 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 6 Feb 2020 10:30:13 -0800
Subject: [PATCH 35/39] Update configure-microsoft-threat-experts.md

---
 .../configure-microsoft-threat-experts.md                       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
index 8e3d6c2b73..c25ee5cfa4 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md
@@ -26,7 +26,7 @@ ms.topic: article
 ## Before you begin 
 Ensure that you have Microsoft Defender ATP deployed in your environment with machines enrolled, and not just on a laboratory set-up.
 
-Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.
+Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.
 
 If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription. 
 

From 6898d957bb453237f84c718466d73ffbba2a0fcf Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 6 Feb 2020 10:30:33 -0800
Subject: [PATCH 36/39] Update microsoft-threat-experts.md

---
 .../microsoft-defender-atp/microsoft-threat-experts.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
index 083d620d2e..a28cd30703 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md
@@ -28,7 +28,7 @@ This new capability provides expert-driven insights and data through targeted at
 
 
 ## Before you begin 
-Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.
+Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.
 
 If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription. See [Configure Microsoft Threat Experts capabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts#before-you-begin) for details. 
 

From e2944a00c13c6c047dca7291e170aad018a97548 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 6 Feb 2020 10:30:51 -0800
Subject: [PATCH 37/39] Update overview.md

---
 .../threat-protection/microsoft-defender-atp/overview.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview.md b/windows/security/threat-protection/microsoft-defender-atp/overview.md
index ab2ee7912f..0e926f6f8d 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/overview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/overview.md
@@ -39,7 +39,7 @@ Topic | Description
 [Endpoint detection and response](overview-endpoint-detection-response.md) | Understand how Microsoft Defender ATP continuously monitors your organization for possible attacks against systems, networks, or users in your organization and the features you can use to mitigate and remediate threats.
 [Automated investigation and remediation](automated-investigations.md) | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale.
 [Secure score](overview-secure-score.md) | Quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to better protect your organization - all in one place.
-[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.  
+[Microsoft Threat Experts](microsoft-threat-experts.md) | Managed cybersecurity threat hunting service. Learn how you can get expert-driven insights and data through targeted attack notification and access to experts on demand. <p><p>**NOTE:** <p>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.<p>If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.  
 [Advanced hunting](advanced-hunting-overview.md) |  Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
 [Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other how Microsoft Defender ATP works with other Microsoft security solutions. 

From e9d6bc17a1b18a64db9b7302c1b480c2e79823f4 Mon Sep 17 00:00:00 2001
From: Dulce Montemayor <Dolcita.Montemayor@microsoft.com>
Date: Thu, 6 Feb 2020 10:31:15 -0800
Subject: [PATCH 38/39] Update microsoft-defender-advanced-threat-protection.md

---
 .../microsoft-defender-advanced-threat-protection.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
index be8013e046..34a417fdef 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md
@@ -109,7 +109,7 @@ Microsoft Defender ATP includes a secure score to help you dynamically assess th
 Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately.
 
 >[!IMPORTANT]
->Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications is always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.<p>
+>Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.<p>
 ><p>If you are not enrolled yet and would like to experience its benefits, go to <b>Settings</b> > <b>General</b> > <b>Advanced features</b> > <b>Microsoft Threat Experts</b> to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a  90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription.
 
 <a name="apis"></a>

From 83fd869dfb465e7b314a89ad2111fd2181d78d8a Mon Sep 17 00:00:00 2001
From: Tina Burden <v-tibur@microsoft.com>
Date: Thu, 6 Feb 2020 11:41:57 -0800
Subject: [PATCH 39/39] pencil edit

---
 .../threat-protection/microsoft-defender-atp/common-errors.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
index 1ab79ce76b..bcc6ba7dc3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/common-errors.md
@@ -57,7 +57,7 @@ Each error response contains a unique ID parameter for tracking.
 <br>The property name of this parameter is "target".
 <br>When contacting us about an error, attaching this ID will help find the root cause of the problem.
 
-## Exapmles
+## Examples
 
 ```json
 {