update windows defender security center to microsoft defender security center

windows/security/threat-protection/microsoft-defender-atp/TOC.md

@@ -120,7 +120,7 @@
 ##### [Network firewall](../windows-firewall/evaluating-windows-firewall-with-advanced-security-design-examples.md)
 #### [Evaluate next generation protection](../windows-defender-antivirus/evaluate-windows-defender-antivirus.md)
 
-### [Access the Windows Defender Security Center Community Center](community.md)
+### [Access the Microsoft Defender Security Center Community Center](community.md)
 
 ## [Configure and manage capabilities](onboard.md)
 ### [Configure attack surface reduction](configure-attack-surface-reduction.md)
@@ -354,7 +354,7 @@
 ####[Configure information protection in Windows](information-protection-in-windows-config.md)
 
 
-### [Configure Windows Defender Security Center settings](preferences-setup.md)
+### [Configure Microsoft Defender Security Center settings](preferences-setup.md)
 #### General
 ##### [Update data retention settings](data-retention-settings.md)
 ##### [Configure alert notifications](configure-email-notifications.md)

windows/security/threat-protection/microsoft-defender-atp/advanced-features.md

@@ -83,7 +83,7 @@ When you complete the integration steps on both portals, you'll be able to see r
 ## Office 365 Threat Intelligence connection
 This feature is only available if you have an active Office 365 E5 or the Threat Intelligence add-on. For more information, see the Office 365 Enterprise E5 product page.
 
-When you enable this feature, you'll be able to incorporate data from Office 365 Advanced Threat Protection into Windows Defender Security Center to conduct a holistic security investigation across Office 365 mailboxes and Windows machines.
+When you enable this feature, you'll be able to incorporate data from Office 365 Advanced Threat Protection into Microsoft Defender Security Center to conduct a holistic security investigation across Office 365 mailboxes and Windows machines.
 
 >[!NOTE]
 >You'll need to have the appropriate license to enable this feature. 

windows/security/threat-protection/microsoft-defender-atp/advanced-hunting.md

@@ -69,7 +69,7 @@ For more information on the query language and supported operators, see  [Query
 
 The following tables are exposed as part of Advanced hunting:
 
-- **AlertEvents** - Alerts on Windows Defender Security Center 
+- **AlertEvents** - Alerts on Microsoft Defender Security Center 
 - **MachineInfo** - Machine information, including OS information 
 - **MachineNetworkInfo** - Network properties of machines, including adapters, IP and MAC addresses, as well as connected networks and domains
 - **ProcessCreationEvents** - Process creation and related events 
@@ -124,7 +124,7 @@ These steps guide you on modifying and overwriting an existing query.
 
 The result set has several capabilities to provide you with effective investigation, including:
 
-- Columns that return entity-related objects, such as Machine name, Machine ID, File name, SHA1, User, IP, and URL, are linked to their entity pages in Windows Defender Security Center.
+- Columns that return entity-related objects, such as Machine name, Machine ID, File name, SHA1, User, IP, and URL, are linked to their entity pages in Microsoft Defender Security Center.
 - You can right-click on a cell in the result set and add a filter to your written query. The current filtering options are **include**, **exclude** or **advanced filter**, which provides additional filtering options on the cell value. These cell values are part of the row set. 
 
 ![Image of Microsoft Defender ATP Advanced hunting result set](images/atp-advanced-hunting-results-filter.png)

windows/security/threat-protection/microsoft-defender-atp/alerts-queue-endpoint-detection-response.md

@@ -1,6 +1,6 @@
 ---
-title: Alerts queue in Windows Defender Security Center
+title: Alerts queue in Microsoft Defender Security Center
-description: View and manage the alerts surfaced in Windows Defender Security Center
+description: View and manage the alerts surfaced in Microsoft Defender Security Center
 keywords: 
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -18,7 +18,7 @@ ms.topic: conceptual
 ms.date: 09/03/2018
 ---
 
-# Alerts queue in Windows Defender Security Center
+# Alerts queue in Microsoft Defender Security Center
 Learn how you can view and manage the queue so that you can effectively investigate threats seen on entities such as machines, files, or user accounts.
 
 

windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md

@@ -1,6 +1,6 @@
 ---
 title: Microsoft Defender ATP alert API fields
-description: Understand how the alert API fields map to the values in Windows Defender Security Center
+description: Understand how the alert API fields map to the values in Microsoft Defender Security Center
 keywords: alerts, alert fields, fields, api, fields, pull alerts, rest api, request, response
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -30,7 +30,7 @@ ms.date: 10/16/2017
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-apiportalmapping-abovefoldlink) 
 
-Understand what data fields are exposed as part of the alerts API and how they map to Windows Defender Security Center.
+Understand what data fields are exposed as part of the alerts API and how they map to Microsoft Defender Security Center.
 
 
 ##	Alert API fields and portal mapping

windows/security/threat-protection/microsoft-defender-atp/assign-portal-access.md

@@ -1,5 +1,5 @@
 ---
-title: Assign user access to Windows Defender Security Center
+title: Assign user access to Microsoft Defender Security Center
 description: Assign read and write or read only access to the Microsoft Defender Advanced Threat Protection portal.
 keywords: assign user roles, assign read and write access, assign read only access, user, user roles, roles
 search.product: eADQiWindows 10XVcnh
@@ -18,7 +18,7 @@ ms.topic: article
 ms.date: 11/28/2018
 ---
 
-# Assign user access to Windows Defender Security Center
+# Assign user access to Microsoft Defender Security Center
 
 **Applies to:**
 - Azure Active Directory

windows/security/threat-protection/microsoft-defender-atp/basic-permissions.md

@@ -1,5 +1,5 @@
 ---
-title: Use basic permissions to access Windows Defender Security Center
+title: Use basic permissions to access Microsoft Defender Security Center
 description: Assign read and write or read only access to the Microsoft Defender Advanced Threat Protection portal.
 keywords: assign user roles, assign read and write access, assign read only access, user, user roles, roles
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/community.md

@@ -35,7 +35,7 @@ There are several spaces you can explore to learn about specific information:
 
 
 There are several ways you can access the Community Center:
-- In the Windows Defender Security Center navigation pane, select **Community center**.  A new browser tab opens and takes you to the Microsoft Defender ATP Tech Community page. 
+- In the Microsoft Defender Security Center navigation pane, select **Community center**.  A new browser tab opens and takes you to the Microsoft Defender ATP Tech Community page. 
 - Access the community through the [Microsoft Defender Advanced Threat Protection Tech Community](https://techcommunity.microsoft.com/t5/Windows-Defender-Advanced-Threat/ct-p/WindowsDefenderAdvanced) page
 
 

windows/security/threat-protection/microsoft-defender-atp/configure-arcsight.md

@@ -1,6 +1,6 @@
 ---
 title: Configure HP ArcSight to pull Microsoft Defender ATP alerts
-description: Configure HP ArcSight to receive and pull alerts from Windows Defender Security Center
+description: Configure HP ArcSight to receive and pull alerts from Microsoft Defender Security Center
 keywords: configure hp arcsight, security information and events management tools, arcsight
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/configure-conditional-access.md

@@ -38,13 +38,13 @@ You need to make sure that all your devices are enrolled in Intune. You can use
 
 
 
-There are steps you'll need to take in Windows Defender Security Center, the Intune portal, and Azure AD portal.
+There are steps you'll need to take in Microsoft Defender Security Center, the Intune portal, and Azure AD portal.
 
 > [!NOTE] 
 > You'll need a Microsoft Intune environment, with Intune managed and Azure AD joined Windows 10 devices.
 
 Take the following steps to enable conditional access:
-- Step 1: Turn on the Microsoft Intune connection from Windows Defender Security Center
+- Step 1: Turn on the Microsoft Intune connection from Microsoft Defender Security Center
 - Step 2: Turn on the Microsoft Defender ATP integration in Intune
 - Step 3: Create the compliance policy in Intune
 - Step 4: Assign the policy 

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-gp.md

@@ -36,7 +36,7 @@ ms.date: 04/24/2018
 > To use Group Policy (GP) updates to deploy the package, you must be on Windows Server 2008 R2 or later.
 
 ## Onboard machines using Group Policy
-1. Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Windows Defender Security Center](https://securitycenter.windows.com/):
+1. Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
  
     a.  In the navigation pane, select **Settings** > **Onboarding**.
 
@@ -66,7 +66,7 @@ ms.date: 04/24/2018
 > After onboarding the machine, you can choose to run a detection test to verify that the machine is properly onboarded to the service. For more information, see [Run a detection test on a newly onboarded Microsoft Defender ATP machine](run-detection-test-windows-defender-advanced-threat-protection.md).
 
 ## Additional Microsoft Defender ATP configuration settings
-For each machine, you can state whether samples can be collected from the machine when a request is made through Windows Defender Security Center to submit a file for deep analysis.
+For each machine, you can state whether samples can be collected from the machine when a request is made through Microsoft Defender Security Center to submit a file for deep analysis.
 
 You can use Group Policy (GP) to configure settings, such as settings for the sample sharing used in the deep analysis feature.
 
@@ -98,7 +98,7 @@ For security reasons, the package used to Offboard machines will expire 30 days
 > [!NOTE]
 > Onboarding and offboarding policies must not be deployed on the same machine at the same time, otherwise this will cause unpredictable collisions.
 
-1.	Get the offboarding package from [Windows Defender Security Center](https://securitycenter.windows.com/):
+1.	Get the offboarding package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
 
     a. In the navigation pane, select **Settings** > **Offboarding**.
 
@@ -132,7 +132,7 @@ For security reasons, the package used to Offboard machines will expire 30 days
 With Group Policy there isn’t an option to monitor deployment of policies on the machines. Monitoring can be done directly on the portal, or by using the different deployment tools.
 
 ## Monitor machines using the portal
-1.	Go to [Windows Defender Security Center](https://securitycenter.windows.com/).
+1.	Go to [Microsoft Defender Security Center](https://securitycenter.windows.com/).
 2.	Click **Machines list**.
 3.	Verify that machines are appearing.
 

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-mdm.md

@@ -57,7 +57,7 @@ For security reasons, the package used to Offboard machines will expire 30 days
 > [!NOTE]
 > Onboarding and offboarding policies must not be deployed on the same machine at the same time, otherwise this will cause unpredictable collisions.
 
-1.	Get the offboarding package from [Windows Defender Security Center](https://securitycenter.windows.com/):
+1.	Get the offboarding package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
 
    a. In the navigation pane, select **Settings** > **Offboarding**.
 

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md

@@ -28,7 +28,7 @@ ms.topic: article
 
 
 
-Microsoft Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Windows Defender Security Center and better protect your organization's network. This experience leverages on a third-party security products’ sensor data. 
+Microsoft Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Microsoft Defender Security Center and better protect your organization's network. This experience leverages on a third-party security products’ sensor data. 
 
 You'll need to know the exact Linux distros and macOS versions that are compatible with Microsoft Defender ATP for the integration to work. 
 
@@ -58,7 +58,7 @@ Create an EICAR test file by saving the string displayed on the portal in an emp
 The file should trigger a detection and a corresponding alert on Microsoft Defender ATP.
 
 ## Offboard non-Windows machines
-To effectively offboard the machine from the service, you'll need to disable the data push on the third-party portal first then switch the toggle to off in Windows Defender Security Center. The toggle in the portal only blocks the data inbound flow.
+To effectively offboard the machine from the service, you'll need to disable the data push on the third-party portal first then switch the toggle to off in Microsoft Defender Security Center. The toggle in the portal only blocks the data inbound flow.
 
 
 1. Follow the third-party documentation to opt-out on the third-party service side.

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-sccm.md

@@ -49,7 +49,7 @@ You can use existing System Center Configuration Manager functionality to create
 ### Onboard machines using System Center Configuration Manager
 
 
-1. Open the SCCM configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Windows Defender Security Center](https://securitycenter.windows.com/):
+1. Open the SCCM configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
 
     a. In the navigation pane, select **Settings** > **Onboarding**.
     
@@ -72,7 +72,7 @@ You can use existing System Center Configuration Manager functionality to create
 > After onboarding the machine, you can choose to run a detection test to verify that an machine is properly onboarded to the service. For more information, see [Run a detection test on a newly onboarded Microsoft Defender ATP machine](run-detection-test-windows-defender-advanced-threat-protection.md).
 
 ### Configure sample collection settings
-For each machine, you can set a configuration value to state whether samples can be collected from the machine when a request is made through Windows Defender Security Center to submit a file for deep analysis.
+For each machine, you can set a configuration value to state whether samples can be collected from the machine when a request is made through Microsoft Defender Security Center to submit a file for deep analysis.
 
 You can set a compliance rule for configuration item in System Center Configuration Manager to change the sample share setting on a machine.
 This rule should be a *remediating* compliance rule configuration item that sets the value of a registry key on targeted machines to make sure they’re complaint.
@@ -103,7 +103,7 @@ For security reasons, the package used to Offboard machines will expire 30 days
 > [!NOTE]
 > Onboarding and offboarding policies must not be deployed on the same machine at the same time, otherwise this will cause unpredictable collisions.
 
-1.	Get the offboarding package from [Windows Defender Security Center](https://securitycenter.windows.com/):
+1.	Get the offboarding package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
 
     a. In the navigation pane, select **Settings** >  **Offboarding**.
 

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-script.md

@@ -35,7 +35,7 @@ You can also manually onboard individual machines to Microsoft Defender ATP. You
 > The script has been optimized to be used on a limited number of machines (1-10 machines). To deploy to scale, use other deployment options. For more information on using other deployment options, see [Onboard Window 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md).
 
 ## Onboard machines 
-1.  Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Windows Defender Security Center](https://securitycenter.windows.com/):
+1.  Open the GP configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
 
     a.  In the navigation pane, select **Settings** > **Onboarding**.
 
@@ -67,7 +67,7 @@ For information on how you can manually validate that the machine is compliant a
 > After onboarding the machine, you can choose to run a detection test to verify that an machine is properly onboarded to the service. For more information, see [Run a detection test on a newly onboarded Microsoft Defender ATP endpoint](run-detection-test-windows-defender-advanced-threat-protection.md).
 
 ## Configure sample collection settings
-For each machine, you can set a configuration value to state whether samples can be collected from the machine when a request is made through Windows Defender Security Center to submit a file for deep analysis.
+For each machine, you can set a configuration value to state whether samples can be collected from the machine when a request is made through Microsoft Defender Security Center to submit a file for deep analysis.
 
 You can manually configure the sample sharing setting on the machine by using *regedit* or creating and running a *.reg* file.  
 
@@ -93,7 +93,7 @@ For security reasons, the package used to Offboard machines will expire 30 days
 > [!NOTE]
 > Onboarding and offboarding policies must not be deployed on the same machine at the same time, otherwise this will cause unpredictable collisions.
 
-1.	Get the offboarding package from [Windows Defender Security Center](https://securitycenter.windows.com/):
+1.	Get the offboarding package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
 
     a.  In the navigation pane, select **Settings** > **Offboarding**.
 
@@ -127,7 +127,7 @@ You can follow the different verification steps in the [Troubleshoot onboarding
 Monitoring can also be done directly on the portal, or by using the different deployment tools.
 
 ### Monitor machines using the portal
-1.	Go to Windows Defender Security Center.
+1.	Go to Microsoft Defender Security Center.
 
 2.	Click **Machines list**.
 

windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md

@@ -43,7 +43,7 @@ You can onboard VDI machines using a single entry or multiple entries for each m
 >[!WARNING]
 > For environments where there are low resource configurations, the VDI boot proceedure might slow the Microsoft Defender ATP sensor onboarding. 
 
-1.  Open the VDI configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Windows Defender Security Center](https://securitycenter.windows.com/):
+1.  Open the VDI configuration package .zip file (*WindowsDefenderATPOnboardingPackage.zip*) that you downloaded from the service onboarding wizard. You can also get the package from [Microsoft Defender Security Center](https://securitycenter.windows.com/):
 
     a.  In the navigation pane, select **Settings** > **Onboarding**.
 
@@ -83,8 +83,8 @@ You can onboard VDI machines using a single entry or multiple entries for each m
 
       d. Logon to machine with another user.
       
-      e. **For single entry for each machine**: Check only one entry in Windows Defender Security Center.<br>
+      e. **For single entry for each machine**: Check only one entry in Microsoft Defender Security Center.<br>
-    **For multiple entries for each machine**: Check multiple entries in Windows Defender Security Center.
+    **For multiple entries for each machine**: Check multiple entries in Microsoft Defender Security Center.
 
 7. Click **Machines list** on the Navigation pane.
 

windows/security/threat-protection/microsoft-defender-atp/configure-microsoft-threat-experts.md

@@ -68,7 +68,7 @@ You'll start receiving targeted attack notification from Microsoft Threat Expert
 
 
 ## Ask a Microsoft threat expert about suspicious cybersecurity activities in your organization 
-You can partner with Microsoft Threat Experts who can be engaged directly from within the Windows Defender Security Center for timely and accurate response. Experts provide insights needed to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, a potentially compromised machine, or a threat intelligence context that you see on your portal dashboard. 
+You can partner with Microsoft Threat Experts who can be engaged directly from within the Microsoft Defender Security Center for timely and accurate response. Experts provide insights needed to better understand complex threats, targeted attack notifications that you get, or if you need more information about the alerts, a potentially compromised machine, or a threat intelligence context that you see on your portal dashboard. 
 
 1. Navigate to the portal page with the relevant information that you'd like to investigate, for example, the **Incident** page. Ensure that the page for the relevant alert or machine is in view before raising an inquiry. 
 2. From the upper right-hand menu, click **?**, then select **Ask a threat expert**.

windows/security/threat-protection/microsoft-defender-atp/configure-mssp-support.md

@@ -35,7 +35,7 @@ You'll need to take the following configuration steps to enable the managed secu
 > - MSSP customers: Organizations that engage the services of MSSPs.
 
 The integration will allow MSSPs to take the following actions:
-- Get access to MSSP customer's Windows Defender Security Center portal
+- Get access to MSSP customer's Microsoft Defender Security Center portal
 - Get email notifications, and 
 - Fetch alerts through security information and event management (SIEM) tools
 
@@ -46,7 +46,7 @@ Typically, MSSP customers take the initial configuration steps to grant MSSPs ac
 
 In general, the following configuration steps need to be taken:
 
-- **Grant the MSSP access to Windows Defender Security Center** <br>
+- **Grant the MSSP access to Microsoft Defender Security Center** <br>
 This action needs to be done by the MSSP customer. It grants the MSSP access to the MSSP customer's Microsoft Defender ATP tenant.
 
 - **Configure alert notifications sent to MSSPs** <br>
@@ -65,21 +65,21 @@ This action is taken by the MSSP. It allows MSSPs to fetch alerts using APIs.
 > These set of steps are directed towards the MSSP customer. <br>
 > Access to the portal can only be done by the MSSP customer.
 
-As a MSSP customer, you'll need to take the following configuration steps to grant the MSSP access to Windows Defender Security Center. 
+As a MSSP customer, you'll need to take the following configuration steps to grant the MSSP access to Microsoft Defender Security Center. 
 
 Authentication and authorization of the MSSP user is built on top of Azure Active Directory (Azure AD) B2B functionality. 
 
 You'll need to take the following 2 steps:
 - Add MSSP user to your tenant as a guest user
-- Grant MSSP user access to Windows Defender Security Center
+- Grant MSSP user access to Microsoft Defender Security Center
 
 ### Add MSSP user to your tenant as a guest user
 Add a user who is a member of the MSSP tenant to your tenant as a guest user.
 
 To grant portal access to the MSSP, you must add the MSSP user to your Azure AD as a guest user. For more information, see [Add Azure Active Directory B2B collaboration users in the Azure portal](https://docs.microsoft.com/azure/active-directory/b2b/add-users-administrator).
 
-### Grant MSSP user access to Windows Defender Security Center
+### Grant MSSP user access to Microsoft Defender Security Center
-Grant the guest user access and permissions to your Windows Defender Security Center tenant.
+Grant the guest user access and permissions to your Microsoft Defender Security Center tenant.
 
 Granting access to guest user is done the same way as granting access to a user who is a member of your tenant. 
 
@@ -94,12 +94,12 @@ It is recommended that groups are created for MSSPs to make authorization access
 
 As a MSSP customer, you can always remove or modify the permissions granted to the MSSP by updating the Azure AD user groups. 
 
-##  Access the Windows Defender Security Center MSSP customer portal
+##  Access the Microsoft Defender Security Center MSSP customer portal
 
 >[!NOTE] 
 >These set of steps are directed towards the MSSP. 
 
-By default, MSSP customers access their Windows Defender Security Center tenant through the following URL: `https://securitycenter.windows.com`.
+By default, MSSP customers access their Microsoft Defender Security Center tenant through the following URL: `https://securitycenter.windows.com`.
 
 MSSPs however, will need to use a tenant-specific URL in the following format:  `https://securitycenter.windows.com?tid=customer_tenant_id` to access the MSSP customer portal. 
 
@@ -142,7 +142,7 @@ Step 1: Create a third-party application
 
 Step 2: Get access and refresh tokens from your customer's tenant
 
-Step 3: Whitelist your application on Windows Defender Security Center
+Step 3: Whitelist your application on Microsoft Defender Security Center
 
 
 
@@ -257,8 +257,8 @@ After providing your credentials, you'll need to grant consent to the applicatio
 
 8. In the PowerShell window, you'll receive an access token and a refresh token. Save the refresh token to configure your SIEM connector. 
 
-### Step 3: Whitelist your application on Windows Defender Security Center
+### Step 3: Whitelist your application on Microsoft Defender Security Center
-You'll need to whitelist the application you created in Windows Defender Security Center.
+You'll need to whitelist the application you created in Microsoft Defender Security Center.
 
 You'll need to have **Manage portal system settings** permission to whitelist the application. Otherwise, you'll need to request your customer to whitelist the application for you.
 

windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md

@@ -31,7 +31,7 @@ ms.topic: article
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-configserver-abovefoldlink)
 
 
-Microsoft Defender ATP extends support to also include the Windows Server operating system, providing advanced attack detection and investigation capabilities, seamlessly through the Windows Defender Security Center console.
+Microsoft Defender ATP extends support to also include the Windows Server operating system, providing advanced attack detection and investigation capabilities, seamlessly through the Microsoft Defender Security Center console.
 
 The service supports the onboarding of the following servers:
 - Windows Server 2012 R2
@@ -47,7 +47,7 @@ For a practical guidance on what needs to be in place for licensing and infrastr
 There are two options to onboard Windows Server 2012 R2 and Windows Server 2016 to Microsoft Defender ATP:
 
 - **Option 1**: Onboard through Azure Security Center
-- **Option 2**: Onboard through Windows Defender Security Center
+- **Option 2**: Onboard through Microsoft Defender Security Center
 
 ### Option 1: Onboard servers through Azure Security Center
 1. In the navigation pane, select **Settings** > **Machine management** > **Onboarding**.
@@ -58,15 +58,15 @@ There are two options to onboard Windows Server 2012 R2 and Windows Server 2016
 
 4. Follow the onboarding instructions in [Microsoft Defender Advanced Threat Protection with Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-wdatp).
 
-### Option 2: Onboard servers through Windows Defender Security Center
+### Option 2: Onboard servers through Microsoft Defender Security Center
-You'll need to tak the following steps if you choose to onboard servers through Windows Defender Security Center. 
+You'll need to tak the following steps if you choose to onboard servers through Microsoft Defender Security Center. 
 
 - For Windows Server 2012 R2: Configure and update System Center Endpoint Protection clients.
 
     >[!NOTE]
     >This step is required only if your organization uses System Center Endpoint Protection (SCEP) and you're onboarding Windows Server 2012 R2.
 
-- Turn on server monitoring from Windows Defender Security Center.
+- Turn on server monitoring from Microsoft Defender Security Center.
 - If you're already leveraging System Center Operations Manager (SCOM) or Azure Monitor (formerly known as Operations Management Suite (OMS)), simply attach the Microsoft Monitoring Agent (MMA) to report to your Microsoft Defender ATP workspace through Multi Homing support. Otherwise, install and configure MMA to report sensor data to Microsoft Defender ATP as instructed below. For more information, see [Collect log data with Azure Log Analytics agent](https://docs.microsoft.com/azure/azure-monitor/platform/log-analytics-agent).
 
 >[!TIP]
@@ -83,7 +83,7 @@ The following steps are required to enable this integration:
 - Configure the SCEP client Cloud Protection Service membership to the **Advanced** setting
 
 
-### Turn on Server monitoring from the Windows Defender Security Center portal
+### Turn on Server monitoring from the Microsoft Defender Security Center portal
 
 1. In the navigation pane, select **Settings** > **Machine management** > **Onboarding**.
 
@@ -174,7 +174,7 @@ The following capabilities are included in this integration:
     > Automated onboarding is only applicable for Windows Server 2012 R2 and Windows Server 2016.
 
 - Servers monitored by  Azure Security Center will also be available in Microsoft Defender ATP - Azure Security Center seamlessly connects to the Microsoft Defender ATP tenant, providing a single view across clients and servers.  In addition, Microsoft Defender ATP alerts will be available in the Azure Security Center console.
-- Server investigation -  Azure Security Center customers can access Windows Defender Security Center to perform detailed investigation to uncover the scope of a potential breach
+- Server investigation -  Azure Security Center customers can access Microsoft Defender Security Center to perform detailed investigation to uncover the scope of a potential breach
 
 >[!IMPORTANT]
 >- When you use Azure Security Center to monitor servers, a Microsoft Defender ATP tenant is automatically created. The Microsoft Defender ATP data is stored in Europe by default. 

windows/security/threat-protection/microsoft-defender-atp/configure-siem.md

@@ -58,6 +58,6 @@ Topic | Description
 [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration-windows-defender-advanced-threat-protection.md)| Learn about enabling the SIEM integration feature in the **Settings** page in the portal so that you can use and generate the required information to configure supported SIEM tools.
 [Configure Splunk to pull Microsoft Defender ATP alerts](configure-splunk-windows-defender-advanced-threat-protection.md)| Learn about installing the REST API Modular Input app and other configuration settings to enable Splunk to pull Microsoft Defender ATP alerts.
 [Configure HP ArcSight to pull Microsoft Defender ATP alerts](configure-arcsight-windows-defender-advanced-threat-protection.md)| Learn about installing the HP ArcSight REST FlexConnector package and the files you need to configure ArcSight to pull Microsoft Defender ATP alerts.
-[Microsoft Defender ATP alert API fields](api-portal-mapping-windows-defender-advanced-threat-protection.md) | Understand what data fields are exposed as part of the alerts API and how they map to Windows Defender Security Center.
+[Microsoft Defender ATP alert API fields](api-portal-mapping-windows-defender-advanced-threat-protection.md) | Understand what data fields are exposed as part of the alerts API and how they map to Microsoft Defender Security Center.
 [Pull Microsoft Defender ATP alerts using REST API](pull-alerts-using-rest-api-windows-defender-advanced-threat-protection.md) | Use the Client credentials OAuth 2.0 flow to pull alerts from Microsoft Defender ATP using REST API.
 [Troubleshoot SIEM tool integration issues](troubleshoot-siem-windows-defender-advanced-threat-protection.md) | Address issues you might encounter when using the SIEM integration feature.

windows/security/threat-protection/microsoft-defender-atp/configure-splunk.md

@@ -1,6 +1,6 @@
 ---
 title: Configure Splunk to pull Microsoft Defender ATP alerts
-description: Configure Splunk to receive and pull alerts from Windows Defender Security Center.
+description: Configure Splunk to receive and pull alerts from Microsoft Defender Security Center.
 keywords: configure splunk, security information and events management tools, splunk
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150

windows/security/threat-protection/microsoft-defender-atp/custom-ti-api.md

@@ -137,7 +137,7 @@ Content-Type: application/json;
 }
 ```
 
-The following values correspond to the alert sections surfaced on Windows Defender Security Center:
+The following values correspond to the alert sections surfaced on Microsoft Defender Security Center:
 ![Image of alert from the portal](images/atp-custom-ti-mapping.png)
 
 Highlighted section | JSON key name

windows/security/threat-protection/microsoft-defender-atp/enable-custom-ti.md

@@ -29,7 +29,7 @@ ms.date: 04/24/2018
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-enablecustomti-abovefoldlink) 
 
-Before you can create custom threat intelligence (TI) using REST API, you'll need to set up the custom threat intelligence application through Windows Defender Security Center.
+Before you can create custom threat intelligence (TI) using REST API, you'll need to set up the custom threat intelligence application through Microsoft Defender Security Center.
 
 1. In the navigation pane, select **Settings** >  **Threat intel**.
 

windows/security/threat-protection/microsoft-defender-atp/enable-siem-integration.md

@@ -26,7 +26,7 @@ ms.date: 12/10/2018
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-enablesiem-abovefoldlink) 
 
-Enable security information and event management (SIEM) integration so you can pull alerts from Windows Defender Security Center using your SIEM solution or by connecting directly to the alerts REST API.
+Enable security information and event management (SIEM) integration so you can pull alerts from Microsoft Defender Security Center using your SIEM solution or by connecting directly to the alerts REST API.
 
 ## Prerequisites
 - The user who activates the setting must have permissions to create an app in Azure Active Directory (AAD). This is typically someone with a **Global administrator** role.
@@ -64,7 +64,7 @@ Enable security information and event management (SIEM) integration so you can p
   > [!NOTE]
   > You'll need to generate a new Refresh token every 90 days. 
 
-You can now proceed with configuring your SIEM solution or connecting to the alerts REST API through programmatic access. You'll need to use the tokens when configuring your SIEM solution to allow it to receive alerts from Windows Defender Security Center.
+You can now proceed with configuring your SIEM solution or connecting to the alerts REST API through programmatic access. You'll need to use the tokens when configuring your SIEM solution to allow it to receive alerts from Microsoft Defender Security Center.
 
 ## Integrate Microsoft Defender ATP with IBM QRadar 
 You can configure IBM QRadar to collect alerts from Microsoft Defender ATP. For more information, see [IBM Knowledge Center](https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/c_dsm_guide_MS_Win_Defender_ATP_overview.html?cp=SS42VS_7.3.1).

windows/security/threat-protection/microsoft-defender-atp/experiment-custom-ti.md

@@ -141,7 +141,7 @@ This step will guide you in simulating an event in connection to a malicious IP
 ## Step 4: Explore the custom alert in the portal
 This step will guide you in exploring the custom alert in the portal.
 
-1.	Open [Windows Defender Security Center](http://securitycenter.windows.com/) on a browser.
+1.	Open [Microsoft Defender Security Center](http://securitycenter.windows.com/) on a browser.
 
 2.	Log in with your Microsoft Defender ATP credentials.
 

windows/security/threat-protection/microsoft-defender-atp/fix-unhealhty-sensors.md

@@ -39,7 +39,7 @@ An inactive machine is not necessarily flagged due to an issue. The following ac
 If the machine has not been in use for more than 7 days for any reason, it will remain in an ‘Inactive’ status in the portal.
 
 **Machine was reinstalled or renamed**</br>
-A reinstalled or renamed machine will generate a new machine entity in Windows Defender Security Center. The previous machine entity will remain with an ‘Inactive’ status in the portal. If you reinstalled a machine and deployed the Microsoft Defender ATP package, search for the new machine name to verify that the machine is reporting normally.
+A reinstalled or renamed machine will generate a new machine entity in Microsoft Defender Security Center. The previous machine entity will remain with an ‘Inactive’ status in the portal. If you reinstalled a machine and deployed the Microsoft Defender ATP package, search for the new machine name to verify that the machine is reporting normally.
 
 **Machine was offboarded**</br>
 If the machine was offboarded it will still appear in machines list. After 7 days, the machine health state should change to inactive.

windows/security/threat-protection/microsoft-defender-atp/get-started.md

@@ -47,7 +47,7 @@ In conjunction with being able to quickly respond to advanced attacks, Microsoft
 Microsoft Defender ATP provides a security posture capability to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security state of your network.
 
 **Advanced hunting**<br>
-Advanced hunting allows you to hunt for possible threats across your organization using a powerful search and query tool. You can also create custom detection rules based on the queries you created and surface alerts in Windows Defender Security Center. 
+Advanced hunting allows you to hunt for possible threats across your organization using a powerful search and query tool. You can also create custom detection rules based on the queries you created and surface alerts in Microsoft Defender Security Center. 
 
 **Management and APIs**<br>
 Integrate Microsoft Defender Advanced Threat Protection into your existing workflows.
@@ -64,4 +64,4 @@ Topic | Description
 [Data storage and privacy](data-storage-privacy-windows-defender-advanced-threat-protection.md) | Explains the data storage and privacy details related to Microsoft Defender ATP.
 [Assign user access to the portal](assign-portal-access-windows-defender-advanced-threat-protection.md) | Set permissions to manage who can access the portal. You can set basic permissions or set granular permissions using role-based access control (RBAC).
 [Evaluate Microsoft Defender ATP](evaluate-atp.md) | Evaluate the various capabilities in Microsoft Defender ATP and test features out.
-[Access the Windows Defender Security Center Community Center](community-windows-defender-advanced-threat-protection.md) | The Microsoft Defender ATP Community Center is a place where community members can learn, collaborate, and share experiences about the product. 
+[Access the Microsoft Defender Security Center Community Center](community-windows-defender-advanced-threat-protection.md) | The Microsoft Defender ATP Community Center is a place where community members can learn, collaborate, and share experiences about the product. 

windows/security/threat-protection/microsoft-defender-atp/information-protection-in-windows-overview.md

@@ -38,7 +38,7 @@ Microsoft Defender ATP applies two methods to discover and protect data:
 
 
 ## Data discovery 
-Microsoft Defender ATP automatically discovers files with sensitivity labels on Windows devices when the feature is enabled. You can enable the Azure Information Protection integration feature from Windows Defender Security Center. For more information, see [Configure advanced features](advanced-features-windows-defender-advanced-threat-protection.md#azure-information-protection).
+Microsoft Defender ATP automatically discovers files with sensitivity labels on Windows devices when the feature is enabled. You can enable the Azure Information Protection integration feature from Microsoft Defender Security Center. For more information, see [Configure advanced features](advanced-features-windows-defender-advanced-threat-protection.md#azure-information-protection).
 
 
 ![Image of settings page with Azure Information Protection](images/atp-settings-aip.png)
@@ -78,8 +78,8 @@ InformationProtectionLogs_CL
 
 **Prerequisites:**
 - Customers must have a subscription for Azure Information Protection.
-- Enable Azure Information Protection integration in Windows Defender Security Center: 
+- Enable Azure Information Protection integration in Microsoft Defender Security Center: 
-    - Go to **Settings** in Windows Defender Security Center, click on **Advanced Settings** under **General**.
+    - Go to **Settings** in Microsoft Defender Security Center, click on **Advanced Settings** under **General**.
 
 
 ## Data protection 

windows/security/threat-protection/microsoft-defender-atp/licensing.md

@@ -51,9 +51,9 @@ To gain access into which licenses are provisioned to your company, and to check
 
    ![Image of O365 admin portal](images\atp-O365-admin-portal-customer.png)
 
-## Access Windows Defender Security Center for the first time
+## Access Microsoft Defender Security Center for the first time
 
-When accessing [Windows Defender Security Center](https://SecurityCenter.Windows.com) for the first time there will be a setup wizard that will guide you through some initial steps. At the end of the setup wizard there will be a dedicated cloud instance of Microsoft Defender ATP created.
+When accessing [Microsoft Defender Security Center](https://SecurityCenter.Windows.com) for the first time there will be a setup wizard that will guide you through some initial steps. At the end of the setup wizard there will be a dedicated cloud instance of Microsoft Defender ATP created.
 
 1. Each time you access the portal you will need to validate that you are authorized to access the product. This **Set up your permissions** step will only be available if you are not currently authorized to access the product.
 
@@ -65,7 +65,7 @@ When accessing [Windows Defender Security Center](https://SecurityCenter.Windows
 
 	![Image of Welcome screen for portal set up](images\welcome1.png)
 
-	You will need to set up your preferences for Windows Defender Security Center.
+	You will need to set up your preferences for Microsoft Defender Security Center.
 
 3. Set up preferences
     
@@ -98,11 +98,11 @@ When accessing [Windows Defender Security Center](https://SecurityCenter.Windows
 4. You will receive a warning notifying you that you won't be able to change some of your preferences once you click **Continue**.
 
 	> [!NOTE]
-	> Some of these options can be changed at a later time in Windows Defender Security Center.
+	> Some of these options can be changed at a later time in Microsoft Defender Security Center.
 
 	![Image of final preference set up](images\setup-preferences2.png)
 
-5. A dedicated cloud instance of Windows Defender Security Center is being created at this time. This step will take an average of 5 minutes to complete.
+5. A dedicated cloud instance of Microsoft Defender Security Center is being created at this time. This step will take an average of 5 minutes to complete.
 
 	![Image of Microsoft Defender ATP cloud instance](images\creating-account.png)
 

windows/security/threat-protection/microsoft-defender-atp/manage-alerts.md

@@ -41,7 +41,7 @@ If an alert is no yet assigned, you can select **Assign to me** to assign the al
 
 
 ## Suppress alerts
-There might be scenarios where you need to suppress alerts from appearing in Windows Defender Security Center. Microsoft Defender ATP lets you create suppression rules for specific alerts that are known to be innocuous such as known tools or processes in your organization. 
+There might be scenarios where you need to suppress alerts from appearing in Microsoft Defender Security Center. Microsoft Defender ATP lets you create suppression rules for specific alerts that are known to be innocuous such as known tools or processes in your organization. 
 
 Suppression rules can be created from an existing alert. They can be disabled and reenabled if needed.
 

windows/security/threat-protection/microsoft-defender-atp/manage-auto-investigation.md

@@ -1,5 +1,5 @@
 ---
-title: Learn about the automated investigations dashboard in Windows Defender Security Center
+title: Learn about the automated investigations dashboard in Microsoft Defender Security Center
 description: View the list of automated investigations, its status, detection source and other details.
 keywords: autoir, automated, investigation, detection, dashboard, source, threat types, id, tags, machines, duration, filter export
 search.product: eADQiWindows 10XVcnh

windows/security/threat-protection/microsoft-defender-atp/manage-edr.md

@@ -26,7 +26,7 @@ Manage the alerts queue, investigate machines in the machines list, take respons
 ## In this section
 Topic | Description 
 :---|:---
-[Alerts queue](alerts-queue-endpoint-detection-response.md)| View the alerts surfaced in Windows Defender Security Center.
+[Alerts queue](alerts-queue-endpoint-detection-response.md)| View the alerts surfaced in Microsoft Defender Security Center.
 [Machines list](machines-view-overview-windows-defender-advanced-threat-protection.md) | Learn how you can view and manage the machines list, manage machine groups, and investigate machine related alerts. 
 [Take response actions](response-actions-windows-defender-advanced-threat-protection.md)| Take response actions on machines and files to quickly respond to detected attacks and contain threats.
 [Query data using advanced hunting](advanced-hunting-windows-defender-advanced-threat-protection.md)| Proactively hunt for possible threats across your organization using a powerful search and query tool.

windows/security/threat-protection/microsoft-defender-atp/microsoft-cloud-app-security-integration.md

@@ -37,7 +37,7 @@ The integration provides the following major improvements to the existing Cloud
 
 - Available everywhere - Since the network activity is collected directly from the endpoint, it's available wherever the device is, on or off corporate network, as it's no longer depended on traffic routed through the enterprise firewall or proxy servers. 
 
-- Works out of the box, no configuration required - Forwarding cloud traffic logs to Cloud App Security requires firewall and proxy server configuration. With the Microsoft Defender ATP and Cloud App Security integration, there's no configuration required. Just switch it on in Windows Defender Security Center settings and you're good to go. 
+- Works out of the box, no configuration required - Forwarding cloud traffic logs to Cloud App Security requires firewall and proxy server configuration. With the Microsoft Defender ATP and Cloud App Security integration, there's no configuration required. Just switch it on in Microsoft Defender Security Center settings and you're good to go. 
 
 - Device context - Cloud traffic logs lack device context. Microsoft Defender ATP network activity is reported with the device context (which device accessed the cloud app), so you are able to understand exactly where (device) the network activity took place, in addition to who (user) performed it. 
 

windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md

@@ -116,7 +116,7 @@ Integrate Microsoft Defender Advanced Threat Protection into your existing workf
 
 
 ## In this section
-To help you maximize the effectiveness of the security platform, you can configure individual capabilities that surface in Windows Defender Security Center. 
+To help you maximize the effectiveness of the security platform, you can configure individual capabilities that surface in Microsoft Defender Security Center. 
 
 Topic | Description
 :---|:---

windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md

@@ -36,7 +36,7 @@ Microsoft Threat Experts provides proactive hunting for the most important threa
 - Scope of compromise and as much context as can be quickly delivered to enable fast SOC response. 
  
 ## Collaborate with experts, on demand  
-Customers can engage our security experts directly from within Windows Defender Security Center for timely and accurate response. Experts provide insights needed to better understand the complex threats affecting your organization, from alert inquiries, potentially compromised machines, root cause of a suspicious network connection, to additional threat intelligence regarding ongoing advanced persistent threat campaigns. With this capability, you can: 
+Customers can engage our security experts directly from within Microsoft Defender Security Center for timely and accurate response. Experts provide insights needed to better understand the complex threats affecting your organization, from alert inquiries, potentially compromised machines, root cause of a suspicious network connection, to additional threat intelligence regarding ongoing advanced persistent threat campaigns. With this capability, you can: 
 - Get additional clarification on alerts including root cause or scope of the incident 
 - Gain clarity into suspicious machine behavior and next steps if faced with an advanced attacker  
 - Determine risk and protection regarding threat actors, campaigns, or emerging attacker techniques 

windows/security/threat-protection/microsoft-defender-atp/mssp-support.md

@@ -35,7 +35,7 @@ To address this demand, managed security service providers (MSSP) offer to deliv
 
 Microsoft Defender ATP adds support for this scenario and to allow MSSPs to take the following actions:
 
-- Get access to MSSP customer's Windows Defender Security Center portal
+- Get access to MSSP customer's Microsoft Defender Security Center portal
 - Get email notifications, and 
 - Fetch alerts through security information and event management (SIEM) tools
 

windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md

@@ -163,7 +163,7 @@ Topic | Description
 [Onboard previous versions of Windows](onboard-downlevel-windows-defender-advanced-threat-protection.md)| Onboard Windows 7 and Windows 8.1 machines to Microsoft Defender ATP. 
 [Onboard Windows 10 machines](configure-endpoints-windows-defender-advanced-threat-protection.md) | You'll need to onboard machines for it to report to the Microsoft Defender ATP service. Learn about the tools and methods you can use to configure machines in your enterprise.
 [Onboard servers](configure-server-endpoints-windows-defender-advanced-threat-protection.md) |  Onboard Windows Server 2012 R2 and Windows Server 2016 to Microsoft Defender ATP 
-[Onboard non-Windows machines](configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md) | Microsoft Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Windows Defender Security Center and better protect your organization's network. This experience leverages on a third-party security products' sensor data. 
+[Onboard non-Windows machines](configure-endpoints-non-windows-windows-defender-advanced-threat-protection.md) | Microsoft Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Microsoft Defender Security Center and better protect your organization's network. This experience leverages on a third-party security products' sensor data. 
 [Run a detection test on a newly onboarded machine](run-detection-test-windows-defender-advanced-threat-protection.md) | Run a script on a newly onboarded machine to verify that it is properly reporting to the Microsoft Defender ATP service.
 [Configure proxy and Internet settings](configure-proxy-internet-windows-defender-advanced-threat-protection.md)| Enable communication with the Microsoft Defender ATP cloud service by configuring the proxy and Internet connectivity settings.
 [Troubleshoot onboarding issues](troubleshoot-onboarding-windows-defender-advanced-threat-protection.md) | Learn about resolving issues that might arise during onboarding.

windows/security/threat-protection/microsoft-defender-atp/onboard.md

@@ -34,7 +34,7 @@ Topic | Description
 [Configure Secure score dashboard security controls](secure-score-dashboard-windows-defender-advanced-threat-protection.md) | Configure the security controls in Secure score to increase the security posture of your organization.
 Configure Microsoft Threat Protection integration| Configure other solutions that integrate with Microsoft Defender ATP.
 Management and API support| Pull alerts to your SIEM or use APIs to create custom alerts. Create and build Power BI reports. 
-[Configure Windows Defender Security Center settings](preferences-setup-windows-defender-advanced-threat-protection.md) |  Configure portal related settings such as general settings, advanced features, enable the preview experience and others.
+[Configure Microsoft Defender Security Center settings](preferences-setup-windows-defender-advanced-threat-protection.md) |  Configure portal related settings such as general settings, advanced features, enable the preview experience and others.
 
 
 

windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md

@@ -27,7 +27,7 @@ ms.date: 10/29/2018
 Alerts in Microsoft Defender ATP are surfaced through the system based on signals gathered from endpoints. With custom detections, you can create custom queries to monitor events for any kind of behavior such as suspicious or emerging threats.
 
 This can be done by leveraging the power of Advanced hunting through the creation of custom detection rules. 
-Custom detections are queries that run periodically every 24 hours and can be configured so that when the query meets the criteria you set, alerts are created and are surfaced in Windows Defender Security Center. These alerts will be treated like any other alert in the system.
+Custom detections are queries that run periodically every 24 hours and can be configured so that when the query meets the criteria you set, alerts are created and are surfaced in Microsoft Defender Security Center. These alerts will be treated like any other alert in the system.
 
 This capability is particularly useful for scenarios when you want to pro-actively prevent threats and be notified quickly of emerging threats.
 

windows/security/threat-protection/microsoft-defender-atp/overview-hunting.md

@@ -22,7 +22,7 @@ ms.date: 09/12/2018
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-Advanced hunting allows you to hunt for possible threats across your organization using a powerful search and query tool. You can also create custom detection rules based on the queries you created and surface alerts in Windows Defender Security Center. 
+Advanced hunting allows you to hunt for possible threats across your organization using a powerful search and query tool. You can also create custom detection rules based on the queries you created and surface alerts in Microsoft Defender Security Center. 
 
 With advanced hunting, you can take advantage of the following capabilities:
 

windows/security/threat-protection/microsoft-defender-atp/overview-secure-score.md

@@ -1,5 +1,5 @@
 ---
-title: Overview of Secure score in Windows Defender Security Center
+title: Overview of Secure score in Microsoft Defender Security Center
 description: Expand your visibility into the overall security posture of your organization
 keywords: secure score, security controls, improvement opportunities, security score over time, score, posture, baseline
 search.product: eADQiWindows 10XVcnh
@@ -18,7 +18,7 @@ ms.topic: conceptual
 ms.date: 09/03/2018
 ---
 
-# Overview of Secure score in Windows Defender Security Center
+# Overview of Secure score in Microsoft Defender Security Center
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 

windows/security/threat-protection/microsoft-defender-atp/overview.md

@@ -41,7 +41,7 @@ Topic | Description
 [Advanced hunting](overview-hunting-windows-defender-advanced-threat-protection.md) |  Use a powerful search and query language to create custom queries and detection rules.
 [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows.
 [Microsoft Threat Protection](threat-protection-integration.md) | Microsoft security products work better together. Learn about other security capabilities in the Microsoft threat protection stack. 
-[Portal overview](portal-overview-windows-defender-advanced-threat-protection.md) |Learn to navigate your way around Windows Defender Security Center. 
+[Portal overview](portal-overview-windows-defender-advanced-threat-protection.md) |Learn to navigate your way around Microsoft Defender Security Center. 
 
 
 

windows/security/threat-protection/microsoft-defender-atp/portal-overview.md

@@ -1,7 +1,7 @@
 ---
 title: Microsoft Defender Advanced Threat Protection portal overview
-description: Use Windows Defender Security Center to monitor your enterprise network and assist in responding to alerts to potential advanced persistent threat (APT) activity or data breaches.
+description: Use Microsoft Defender Security Center to monitor your enterprise network and assist in responding to alerts to potential advanced persistent threat (APT) activity or data breaches.
-keywords: Windows Defender Security Center, portal, cybersecurity threat intelligence, dashboard, alerts queue, machines list, settings, machine management, advanced attacks
+keywords: Microsoft Defender Security Center, portal, cybersecurity threat intelligence, dashboard, alerts queue, machines list, settings, machine management, advanced attacks
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
 ms.prod: w10
@@ -27,14 +27,14 @@ ms.date: 04/24/2018
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) 
 
-Enterprise security teams can use Windows Defender Security Center to monitor and assist in responding to alerts of potential advanced persistent threat (APT) activity or data breaches.
+Enterprise security teams can use Microsoft Defender Security Center to monitor and assist in responding to alerts of potential advanced persistent threat (APT) activity or data breaches.
 
-You can use [Windows Defender Security Center](https://securitycenter.windows.com/) to:
+You can use [Microsoft Defender Security Center](https://securitycenter.windows.com/) to:
 - View, sort, and triage alerts from your endpoints
 - Search for more information on observed indicators such as files and IP Addresses
 - Change Microsoft Defender ATP settings, including time zone and review licensing information.
 
-## Windows Defender Security Center
+## Microsoft Defender Security Center
 When you open the portal, you’ll see the main areas of the application:
 
  ![Microsoft Defender Advanced Threat Protection portal](images/dashboard.png)

windows/security/threat-protection/microsoft-defender-atp/powerbi-reports.md

@@ -41,7 +41,7 @@ You can easily get started by:
 - Creating a dashboard on the Power BI service 
 - Building a custom dashboard on Power BI Desktop and tweaking it to fit the visual analytics and reporting requirements of your organization 
 
-You can access these options from Windows Defender Security Center. Both the Power BI service and Power BI Desktop are supported. 
+You can access these options from Microsoft Defender Security Center. Both the Power BI service and Power BI Desktop are supported. 
 
 ## Create a Microsoft Defender ATP dashboard on Power BI service
 Microsoft Defender ATP makes it easy to create a Power BI dashboard by providing an option straight from the portal. 
@@ -133,7 +133,7 @@ You can create a custom dashboard in Power BI Desktop to create visualizations t
 ### Before you begin
 1.	Make sure you use Power BI Desktop June 2017 and above. [Download the latest version](https://powerbi.microsoft.com/en-us/desktop/).
 
-2.	In the Windows Defender Security Center navigation pane, select **Settings** > **Power BI reports**.
+2.	In the Microsoft Defender Security Center navigation pane, select **Settings** > **Power BI reports**.
 
     ![Image of settings Power BI reports](images/atp-settings-powerbi.png)    
 

windows/security/threat-protection/microsoft-defender-atp/preferences-setup.md

@@ -1,5 +1,5 @@
 ---
-title: Configure Windows Defender Security Center settings
+title: Configure Microsoft Defender Security Center settings
 description: Use the settings page to configure general settings, permissions, apis, and rules.
 keywords: settings, general settings, permissions, apis, rules
 search.product: eADQiWindows 10XVcnh
@@ -17,7 +17,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ms.date: 04/24/2018
 ---
-# Configure Windows Defender Security Center settings
+# Configure Microsoft Defender Security Center settings
 
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)

windows/security/threat-protection/microsoft-defender-atp/pull-alerts-using-rest-api.md

@@ -45,7 +45,7 @@ The _Client credential flow_ uses client credentials to authenticate against the
 Use the following method in the Microsoft Defender ATP API to pull alerts in JSON format.
 
 >[!NOTE]
->Windows Defender Security Center merges similar alert detections into a single alert. This API pulls alert detections in its raw form based on the query parameters you set, enabling you to apply your own grouping and filtering. 
+>Microsoft Defender Security Center merges similar alert detections into a single alert. This API pulls alert detections in its raw form based on the query parameters you set, enabling you to apply your own grouping and filtering. 
 
 ## Before you begin
 - Before calling the Microsoft Defender ATP endpoint to pull alerts, you'll need to enable the SIEM integration application in Azure Active Directory (AAD). For more information, see [Enable SIEM integration in Microsoft Defender ATP](enable-siem-integration-windows-defender-advanced-threat-protection.md).
@@ -111,7 +111,7 @@ string ago | string | Pulls alerts in the following time range: from `(current_t
 int?limit | int | Defines the number of alerts to be retrieved. Most recent alerts will be retrieved based on the number defined.<br><br> **NOTE**: When not specified, all alerts available in the time range will be retrieved.
 machinegroups | String | Specifies machine groups to pull alerts from. <br><br> **NOTE**: When not specified, alerts from all machine groups will be retrieved. <br><br> Example: <br><br> ```https://wdatp-alertexporter-eu.securitycenter.windows.com/api/Alerts/?machinegroups=UKMachines&machinegroups=FranceMachines```
 DeviceCreatedMachineTags | string | Single machine tag from the registry.
-CloudCreatedMachineTags | string | Machine tags that were created in Windows Defender Security Center.
+CloudCreatedMachineTags | string | Machine tags that were created in Microsoft Defender Security Center.
 
 ### Request example
 The following example demonstrates how to retrieve all the alerts in your organization.

windows/security/threat-protection/microsoft-defender-atp/rbac.md

@@ -1,5 +1,5 @@
 ---
-title: Use role-based access control to grant fine-grained access to Windows Defender Security Center
+title: Use role-based access control to grant fine-grained access to Microsoft Defender Security Center
 description: Create roles and groups within your security operations to grant access to the portal.
 keywords: rbac, role, based, access, control, groups, control, tier, aad
 search.product: eADQiWindows 10XVcnh
@@ -55,12 +55,12 @@ Before using RBAC, it's important that you understand the roles that can grant p
 > [!WARNING]
 > Before enabling the feature, it's important that you have a Global Administrator role or Security Administrator role in Azure AD and that you have your Azure AD groups ready to reduce the risk of being locked out of the portal. 
 
-When you first log in to Windows Defender Security Center, you're granted either full access or read only access. Full access rights are granted to users with Security Administrator or Global Administrator roles in Azure AD. Read only access is granted to users with a Security Reader role in Azure AD. 
+When you first log in to Microsoft Defender Security Center, you're granted either full access or read only access. Full access rights are granted to users with Security Administrator or Global Administrator roles in Azure AD. Read only access is granted to users with a Security Reader role in Azure AD. 
 
 Someone with a Microsoft Defender ATP Global administrator role has unrestricted access to all machines, regardless of their machine group association and the Azure AD user groups assignments
 
 > [!WARNING]
-> Initially, only those with Azure AD Global Administrator or Security Administrator rights will be able to create and assign roles in Windows Defender Security Center, therefore, having the right groups ready in Azure AD is important.
+> Initially, only those with Azure AD Global Administrator or Security Administrator rights will be able to create and assign roles in Microsoft Defender Security Center, therefore, having the right groups ready in Azure AD is important.
 >
 > **Turning on role-based access control will cause users with read-only permissions (for example, users assigned to Azure AD Security reader role) to lose access until they are assigned to a role.** 
 >

windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md

@@ -1,5 +1,5 @@
 ---
-title: Windows Defender Security Center Security operations dashboard
+title: Microsoft Defender Security Center Security operations dashboard
 description: Use the dashboard to identify machines at risk, keep track of the status of the service, and see statistics and information about machines and alerts.
 keywords: dashboard, alerts, new, in progress, resolved, risk, machines at risk, infections, reporting, statistics, charts, graphs, health, active malware detections, threat category, categories, password stealer, ransomware, exploit, threat, low severity, active malware
 search.product: eADQiWindows 10XVcnh
@@ -18,7 +18,7 @@ ms.topic: conceptual
 ms.date: 09/04/2018
 ---
 
-# Windows Defender Security Center Security operations dashboard
+# Microsoft Defender Security Center Security operations dashboard
 
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)

windows/security/threat-protection/microsoft-defender-atp/time-settings.md

@@ -1,5 +1,5 @@
 ---
-title: Windows Defender Security Center time zone settings
+title: Microsoft Defender Security Center time zone settings
 description: Use the menu to configure the time zone and view license information.
 keywords: settings, Windows Defender, cybersecurity threat intelligence, advanced threat protection, time zone, utc, local time, license
 search.product: eADQiWindows 10XVcnh
@@ -18,7 +18,7 @@ ms.topic: article
 ms.date: 02/13/2018
 ---
 
-# Windows Defender Security Center time zone settings
+# Microsoft Defender Security Center time zone settings
 
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)

windows/security/threat-protection/microsoft-defender-atp/troubleshoot-onboarding-error-messages.md

@@ -31,11 +31,11 @@ ms.date: 08/01/2018
 
 This page provides detailed steps to troubleshoot issues that might occur when setting up your Microsoft Defender ATP service.
 
-If you receive an error message, Windows Defender Security Center will provide a detailed explanation on what the issue is and relevant links will be supplied.
+If you receive an error message, Microsoft Defender Security Center will provide a detailed explanation on what the issue is and relevant links will be supplied.
 
 ## No subscriptions found
 
-If while accessing Windows Defender Security Center you get a **No subscriptions found** message, it means the Azure Active Directory (AAD) used to login the user to the portal, does not have a Microsoft Defender ATP license.
+If while accessing Microsoft Defender Security Center you get a **No subscriptions found** message, it means the Azure Active Directory (AAD) used to login the user to the portal, does not have a Microsoft Defender ATP license.
 
 Potential reasons:
 - The Windows E5 and Office E5 licenses are separate licenses.
@@ -50,7 +50,7 @@ For both cases you should contact Microsoft support at [General Microsoft Defend
 
 ## Your subscription has expired
 
-If while accessing Windows Defender Security Center you get a **Your subscription has expired** message, your online service subscription has expired. Microsoft Defender ATP subscription, like any other online service subscription, has an expiration date. 
+If while accessing Microsoft Defender Security Center you get a **Your subscription has expired** message, your online service subscription has expired. Microsoft Defender ATP subscription, like any other online service subscription, has an expiration date. 
 
 You can choose to renew or extend the license at any point in time. When accessing the portal after the expiration date a **Your subscription has expired** message will be presented with an option to download the machine offboarding package, should you choose to not renew the license.
 

windows/security/threat-protection/microsoft-defender-atp/troubleshoot.md

@@ -27,7 +27,7 @@ If you encounter a server error when trying to access the service, you’ll need
 Configure your browser to allow cookies.
 
 ## Elements or data missing on the portal
-If some UI elements or data is missing on Windows Defender Security Center it’s possible that proxy settings are blocking it.
+If some UI elements or data is missing on Microsoft Defender Security Center it’s possible that proxy settings are blocking it.
 
 Make sure that `*.securitycenter.windows.com` is included the proxy whitelist.
 

windows/security/threat-protection/microsoft-defender-atp/use-custom-ti.md

@@ -36,7 +36,7 @@ You can use the code examples to guide you in creating calls to the custom threa
 Topic | Description
 :---|:---
 [Understand threat intelligence concepts](threat-indicator-concepts-windows-defender-advanced-threat-protection.md) |  Understand the concepts around threat intelligence so that you can effectively create custom intelligence for your organization.
-[Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md) | Set up the custom threat intelligence application through Windows Defender Security Center so that you can create custom threat intelligence (TI) using REST API.
+[Enable the custom threat intelligence application](enable-custom-ti-windows-defender-advanced-threat-protection.md) | Set up the custom threat intelligence application through Microsoft Defender Security Center so that you can create custom threat intelligence (TI) using REST API.
 [Create custom threat intelligence alerts](custom-ti-api-windows-defender-advanced-threat-protection.md) | Create custom threat intelligence alerts so that you can generate specific alerts that are applicable to your organization.
 [PowerShell code examples](powershell-example-code-windows-defender-advanced-threat-protection.md) | Use the PowerShell code examples to guide you in using the custom threat intelligence API.
 [Python code examples](python-example-code-windows-defender-advanced-threat-protection.md) | Use the Python code examples to guide you in using the custom threat intelligence API.

windows/security/threat-protection/microsoft-defender-atp/use.md

@@ -1,6 +1,6 @@
 ---
-title: Overview of Windows Defender Security Center
+title: Overview of Microsoft Defender Security Center
-description: Learn about the features on Windows Defender Security Center, including how alerts work, and suggestions on how to investigate possible breaches and attacks.
+description: Learn about the features on Microsoft Defender Security Center, including how alerts work, and suggestions on how to investigate possible breaches and attacks.
 keywords: dashboard, alerts queue, manage alerts, investigation, investigate alerts, investigate machines, submit files, deep analysis, high, medium, low, severity, ioc, ioa
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -18,7 +18,7 @@ ms.topic: conceptual
 ms.date: 03/12/2018
 ---
 
-# Overview of Windows Defender Security Center
+# Overview of Microsoft Defender Security Center
 
 **Applies to:**
 
@@ -26,7 +26,7 @@ ms.date: 03/12/2018
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-usewdatp-abovefoldlink) 
 
-Windows Defender Security Center is the portal where you can access Microsoft Defender Advanced Threat Protection capabilities. 
+Microsoft Defender Security Center is the portal where you can access Microsoft Defender Advanced Threat Protection capabilities. 
 
 Use the **Security operations** dashboard to gain insight on the various alerts on machines and users in your network.
 

windows/security/threat-protection/microsoft-defender-atp/user-roles.md

@@ -26,7 +26,7 @@ ms.topic: article
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-roles-abovefoldlink)
 
 ## Create roles and assign the role to an Azure Active Directory group
-The following steps guide you on how to create roles in Windows Defender Security Center. It assumes that you have already created Azure Active Directory user groups.
+The following steps guide you on how to create roles in Microsoft Defender Security Center. It assumes that you have already created Azure Active Directory user groups.
 
 1.	In the navigation pane, select **Settings > Roles**.
 

windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md

@@ -55,7 +55,7 @@ The following capabilities are generally available (GA).
 
 - [Integration with Azure Security Center](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-server-endpoints-windows-defender-advanced-threat-protection#integration-with-azure-security-center)<BR> Microsoft Defender ATP integrates with Azure Security Center to provide a comprehensive server protection solution. With this integration Azure Security Center can leverage the power of Microsoft Defender ATP to provide improved threat detection for Windows Servers.
 
-- [Managed security service provider (MSSP) support](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/mssp-support-windows-defender-advanced-threat-protection)<BR> Microsoft Defender ATP adds support for this scenario by providing MSSP integration. The integration will allow MSSPs to take the following actions: Get access to MSSP customer's Windows Defender Security Center portal, fetch email notifications, and fetch alerts through security information and event management (SIEM) tools.
+- [Managed security service provider (MSSP) support](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/mssp-support-windows-defender-advanced-threat-protection)<BR> Microsoft Defender ATP adds support for this scenario by providing MSSP integration. The integration will allow MSSPs to take the following actions: Get access to MSSP customer's Microsoft Defender Security Center portal, fetch email notifications, and fetch alerts through security information and event management (SIEM) tools.
 
 - [Removable device control](https://cloudblogs.microsoft.com/microsoftsecure/2018/12/19/windows-defender-atp-has-protections-for-usb-and-removable-devices/)<BR>Microsoft Defender ATP provides multiple monitoring and control features to help prevent threats from removable devices, including new settings to allow or block specific hardware IDs.
 
@@ -123,7 +123,7 @@ Query data using Advanced hunting in Microsoft Defender ATP.
 You can now block untrusted processes from writing to disk sectors using Controlled Folder Access.
 
 - [Onboard non-Windows machines](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/configure-endpoints-non-windows-windows-defender-advanced-threat-protection)<BR>
-    Microsoft Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Windows Defender Security Center and better protect your organization's network.
+    Microsoft Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Microsoft Defender Security Center and better protect your organization's network.
 
 - [Role-based access control (RBAC)](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/rbac-windows-defender-advanced-threat-protection)<BR>
     Using role-based access control (RBAC), you can create roles and groups within your security operations team to grant appropriate access to the portal.

windows/security/threat-protection/microsoft-defender-atp/windows-defender-security-center-atp.md

@@ -1,6 +1,6 @@
 ---
-title: Windows Defender Security Center
+title: Microsoft Defender Security Center
-description: Windows Defender Security Center is the portal where you can access Microsoft Defender Advanced Threat Protection.
+description: Microsoft Defender Security Center is the portal where you can access Microsoft Defender Advanced Threat Protection.
 keywords: windows, defender, security, center, defender, advanced, threat, protection
 search.product: eADQiWindows 10XVcnh
 search.appverid: met150
@@ -18,9 +18,9 @@ ms.topic: conceptual
 ms.date: 07/01/2018
 ---
 
-# Windows Defender Security Center
+# Microsoft Defender Security Center
 
-Windows Defender Security Center is the portal where you can access Microsoft Defender Advanced Threat Protection capabilities. It gives enterprise security operations teams a single pane of glass experience to help secure networks.
+Microsoft Defender Security Center is the portal where you can access Microsoft Defender Advanced Threat Protection capabilities. It gives enterprise security operations teams a single pane of glass experience to help secure networks.
 
 ## In this section
 
@@ -30,10 +30,10 @@ Get started  |  Learn about the minimum requirements, validate licensing and com
 [Onboard machines](onboard-configure-windows-defender-advanced-threat-protection.md) | Learn about onboarding client, server, and non-Windows machines. Learn how to run a detection test, configure proxy and Internet connectivity settings, and how to troubleshoot potential onboarding issues.
 [Understand the portal](use-windows-defender-advanced-threat-protection.md) | Understand the Security operations, Secure Score, and Threat analytics dashboards as well as how to navigate the portal.
 Investigate and remediate threats | Investigate alerts, machines, and take response actions to remediate threats.
-API and SIEM support | Use the supported APIs to pull and create custom alerts, or automate workflows. Use the supported SIEM tools to pull alerts from Windows Defender Security Center.
+API and SIEM support | Use the supported APIs to pull and create custom alerts, or automate workflows. Use the supported SIEM tools to pull alerts from Microsoft Defender Security Center.
 Reporting | Create and build Power BI reports using Microsoft Defender ATP data.
 Check service health and sensor state | Verify that the service is running and check the sensor state on machines.
-[Configure Windows Defender Security Center settings](preferences-setup-windows-defender-advanced-threat-protection.md) | Configure general settings, turn on the preview experience, notifications, and enable other features.
+[Configure Microsoft Defender Security Center settings](preferences-setup-windows-defender-advanced-threat-protection.md) | Configure general settings, turn on the preview experience, notifications, and enable other features.
 [Access the Microsoft Defender ATP Community Center](community-windows-defender-advanced-threat-protection.md) | Access the Microsoft Defender ATP Community Center to learn, collaborate, and share experiences about the product.
 [Troubleshoot service issues](troubleshoot-windows-defender-advanced-threat-protection.md) | This section addresses issues that might arise as you use the Windows Defender Advanced Threat service.