clean ups

windows/keep-secure/alerts-queue-windows-defender-advanced-threat-protection.md

@@ -46,9 +46,9 @@ There are three mechanisms to pivot the queue against:
 
 2. Filter alerts by their **Severity** by opening the drop-down menu in the **Filter by** field and selecting one or more of the check boxes:
 
-  - High (Red) - Threats often associated with advanced persistent threat (APT). These alerts pose a high risk due to the severity of the damage they might inflict on endpoints.
+  - High (Red) - Threats often associated with advanced persistent threats (APT). These alerts indicate a high risk due to the severity of damage they can inflict on endpoints.
-  - Medium (Orange) - Threats considered to be abnormal or suspicious in nature such as anomalous registry modifications and loading of executable files.
+  - Medium (Orange) - Threats rarely observed in the organization, such as anomalous registry change, execution of suspicious files, and observed behaviors typical of attack stages.
-  - Low (Yellow) - Threats associated with prevalent malware and hack-tools that pose a lower risk to endpoints.
+  - Low (Yellow) - Threats associated with prevalent malware and hack-tools that do not appear to indicate an advanced threat targeting the organization.
 
 3. Limit the queue to see alerts from various set periods by clicking the drop-down menu in the date range field (by default, this is selected as **6 months**):
 
@@ -62,7 +62,6 @@ There are three mechanisms to pivot the queue against:
 
 ### Related topics
 - [View the Windows Defender Advanced Threat Protection Dashboard](dashboard-windows-defender-advanced-threat-protection.md)
-- [View and organize the Windows Defender Advanced Threat Protection Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md)
 - [Investigate Windows Defender Advanced Threat Protection alerts](investigate-alerts-windows-defender-advanced-threat-protection.md)
 - [Investigate machines in the Windows Defender ATP Machines view](investigate-machines-windows-defender-advanced-threat-protection.md)
 - [Investigate a file associated with a Windows Defender ATP alert](investigate-files-windows-defender-advanced-threat-protection.md)

windows/keep-secure/configure-proxy-internet-windows-defender-advanced-threat-protection.md

@@ -109,7 +109,7 @@ After configuring the endpoints, you'll need to verify that the correct proxy se
 netsh winhttp show proxy
 ```
 
-For more information on how to use Netsh see, [https://technet.microsoft.com/en-us/library/cc731131(v=ws.10).aspx](https://technet.microsoft.com/en-us/library/cc731131(v=ws.10).aspx)     
+For more information on how to use Netsh see, [Netsh Commands for Windows Hypertext Transfer Protocol (WINHTTP)](https://technet.microsoft.com/en-us/library/cc731131(v=ws.10).aspx)     
 
 ## Enable access to Windows Defender ATP service URLs in the proxy server
 
@@ -179,7 +179,6 @@ If the any of the verification steps indicate a fail, then verify that you have
 ## Related topics
 <!--- [Windows Defender ATP service onboarding](service-onboarding-windows-defender-advanced-threat-protection.md)-->
 - [Configure Windows Defender ATP endpoints](configure-endpoints-windows-defender-advanced-threat-protection.md)
-- [Configure endpoint proxy and Internet connectivity settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)
 - [Additional Windows Defender ATP configuration settings](additional-configuration-windows-defender-advanced-threat-protection.md)
 - [Monitor the Windows Defender ATP onboarding](monitor-onboarding-windows-defender-advanced-threat-protection.md)
 - [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md)

windows/keep-secure/investigate-files-windows-defender-advanced-threat-protection.md

@@ -120,7 +120,7 @@ HKLM\SOFTWARE\Policies\Microsoft\Sense\AllowSampleCollection
   Value = 0 - block sample collection
   Value = 1 - allow sample collection
 ```
-5. Change the organizational unit through the GPO. See [Configure with Group Policy](additional-configuration-windows-defender-advanced-threat-protection.md#configure-with-group-policy).
+5. Change the organizational unit through the Group Policy. See [Configure with Group Policy](additional-configuration-windows-defender-advanced-threat-protection.md#configure-with-group-policy).
 6. If these steps do not resolve the issue, contact [winatp@microsoft.com](mailto:winatp@microsoft.com).
 
 > **Note**  If the value *AllowSampleCollection* is not available, the client will allow sample collection by default.

windows/keep-secure/portal-overview-windows-defender-advanced-threat-protection.md

@@ -14,7 +14,7 @@ author: DulceMV
 **Applies to:**
 
 - Windows 10 Insider Preview Build 14332 or later
-Windows Defender Advanced Threat Protection (Windows Defender ATP)
+- Windows Defender Advanced Threat Protection (Windows Defender ATP)
 
 <span style="color:#ED1C24;">[Some information relates to pre-released product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.]</span>
 

windows/keep-secure/settings-windows-defender-advanced-threat-protection.md

@@ -32,7 +32,7 @@ Your current time zone setting is shown in the Windows Defender ATP menu. You ca
 ### UTC time zone
 Windows Defender ATP uses UTC time by default.
 
-Setting the Windows Defender ATP time zone to UTC will display all system timestamps (alerts, events, etc.) in UTC for all users. Choosing this setting means that all users will see the same timestamps in Windows Defender ATP, regardless of their regional settings. This can help security analysts working in different locations across the globe to use the same time stamps while investigating events.
+Setting the Windows Defender ATP time zone to UTC will display all system timestamps (alerts, events, and others) in UTC for all users. Choosing this setting means that all users will see the same timestamps in Windows Defender ATP, regardless of their regional settings. This can help security analysts working in different locations across the globe to use the same time stamps while investigating events.
 
 ### Local time zone
 You can choose to have Windows Defender ATP use local time zone settings. All alerts and events will be displayed using your local time zone.

windows/keep-secure/troubleshoot-windows-defender-advanced-threat-protection.md

@@ -51,3 +51,4 @@ See the topic [Review events and errors on endpoints with Event Viewer](event-er
 
 ### Related topic
 - [Troubleshoot Windows Defender Advanced Threat Protection onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md)
+- [Review events and errors on endpoints with Event Viewer](event-error-codes-windows-defender-advanced-threat-protection.md)

windows/keep-secure/windows-defender-advanced-threat-protection.md

@@ -83,3 +83,4 @@ Topic | Description
 [Use the Windows Defender Advanced Threat Protection portal](use-windows-defender-advanced-threat-protection.md) | Learn about the capabilities of Windows Defender ATP to help you investigate alerts that might be indicators of possible breaches in your enterprise.
 [Windows Defender Advanced Threat Protection settings](settings-windows-defender-advanced-threat-protection.md) | Learn about setting the time zone and configuring the suppression rules to configure the service to your requirements.  
 [Troubleshoot Windows Defender Advanced Threat Protection](troubleshoot-windows-defender-advanced-threat-protection.md) | This topic contains information to help IT Pros find workarounds for the known issues and troubleshoot issues in Windows Defender ATP.
+[Review events and errors on endpoints with Event Viewer](event-error-codes-windows-defender-advanced-threat-protection.md)| Review events and errors associated with event IDs to determine if further troubleshooting steps are required.