diff --git a/windows/keep-secure/TOC.md b/windows/keep-secure/TOC.md
index f3083323dc..1b8635b28f 100644
--- a/windows/keep-secure/TOC.md
+++ b/windows/keep-secure/TOC.md
@@ -768,7 +768,7 @@
 ######## [Submit files for analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#submit-files-for-analysis)
 ######## [View deep analysis reports](respond-file-alerts-windows-defender-advanced-threat-protection.md#view-deep-analysis-reports)
 ######## [Troubleshoot deep analysis](respond-file-alerts-windows-defender-advanced-threat-protection.md#troubleshoot-deep-analysis)
-#### [Configure SIEM tools or use REST API to pull alerts](configure-siem-windows-defender-advanced-threat-protection.md)
+#### [Pull alerts using SIEM tools or REST API](configure-siem-windows-defender-advanced-threat-protection.md)
 ##### [Enable SIEM integration in Windows Defender ATP](enable-siem-integration-windows-defender-advanced-threat-protection.md)
 ##### [Configure Splunk to pull Windows Defender ATP alerts](configure-splunk-windows-defender-advanced-threat-protection.md)
 ##### [Configure HP ArcSight to pull Windows Defender ATP alerts](configure-arcsight-windows-defender-advanced-threat-protection.md)
diff --git a/windows/keep-secure/configure-siem-windows-defender-advanced-threat-protection.md b/windows/keep-secure/configure-siem-windows-defender-advanced-threat-protection.md
index e4b7b55a10..4bdfdffd72 100644
--- a/windows/keep-secure/configure-siem-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/configure-siem-windows-defender-advanced-threat-protection.md
@@ -1,5 +1,5 @@
 ---
-title: Configure SIEM tools and use REST API to pull alerts from Windows Defender Advanced Threat Protection
+title: Pull alerts by configuring SIEM tools or REST API to pull alerts from Windows Defender Advanced Threat Protection
 description: Learn how to use REST API and configure supported security information and events management tools to receive and pull alerts using REST API.
 keywords: configure siem, security information and events management tools, splunk, arcsight, custom indicators, rest api, alert definitions, indicators of compromise
 search.product: eADQiWindows 10XVcnh
@@ -11,7 +11,7 @@ author: mjcaparas
 localizationpriority: high
 ---
 
-# Configure SIEM tools or use REST API to pull alerts
+# Pull alerts using SIEM tools or use REST API
 
 **Applies to:**