Merge remote-tracking branch 'refs/remotes/origin/july18'

windows/keep-secure/dashboard-windows-defender-advanced-threat-protection.md

@@ -45,7 +45,7 @@ See the [View and organize the Windows Defender Advanced Threat Protection Alert
 The **Latest ATP alerts** section includes the latest active alerts in your network. Each row includes an alert severity category and a short description of the alert. Click an alert to see its detailed view, or **Alerts queue** at the top of the list to go directly to the Alerts queue. See the [Investigate Windows Defender Advanced Threat Protection alerts](investigate-alerts-windows-defender-advanced-threat-protection.md) and [View and organize the Windows Defender Advanced Threat Protection Alerts queue](alerts-queue-windows-defender-advanced-threat-protection.md) topics for more information.
 
 ## Machines at risk
-This tile shows you a list of machines with the highest number of active alerts. The total number of alerts for each machine is shown in a circle next to the machine name, and then further categorized by severity levels at the far end of the tile (hover over each severity bar to its label).
+This tile shows you a list of machines with the highest number of active alerts. The total number of alerts for each machine is shown in a circle next to the machine name, and then further categorized by severity levels at the far end of the tile (hover over each severity bar to see its label).
 
 ![The Machines at risk tile shows a list of machines with the highest number of alerts, and a breakdown of the severity of the alerts](images/machines-at-risk.png)
 
@@ -54,7 +54,7 @@ Click the name of the machine to see details about that machine. See the [Invest
 You can also click **Machines view** at the top of the tile to go directly to the **Machines view**, sorted by the number of active alerts. See the [Investigate machines in the Windows Defender Advanced Threat Protection Machines view](investigate-machines-windows-defender-advanced-threat-protection.md) topic for more information.
 
 ## Status
-The **Status** tile informs you if the service is active and running and the specific number of machines (endpoints) reporting to Windows Defender ATP.
+The **Status** tile informs you if the service is active and running and the unique number of machines (endpoints) reporting over the past 30 days.
 
 ![The Status tile shows an overall indicator of the service and the total number of machines reporting to the service](images/status-tile.png)
 
@@ -66,7 +66,7 @@ The **Machines reporting** tile shows a bar graph that represents the number of
 ## Machines with active malware detections
 The **Machines with active malware detections** tile will only appear if your endpoints are using Windows Defender.
 
-Active malware is defined as threats that are actively executing at the time of detection.
+Active malware is defined as threats that were actively executing at the time of detection.
 
 Hover over each bar to see the number of active malware detections (as **Malware detections**) and the number of endpoints with at least one active detection (as **Machines**) over the past 30 days.
 

windows/keep-secure/investigate-machines-windows-defender-advanced-threat-protection.md

@@ -106,7 +106,6 @@ Use the search bar to look for specific alerts or files associated with the mach
 
 You can also filter by:
 
-- Signed or unsigned files
 - Detections mode: displays Windows ATP Alerts and detections
 - Behaviors mode: displays "detections" and selected events of interest
 - Verbose mode: displays "behaviors" (including "detections"), and all reported events