Dropped "Windows Defender"

windows/hub/index.yml

@@ -70,7 +70,7 @@ productDirectory:
         - url: /windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines
           text: Windows security baselines
         - url: /windows/security/identity-protection/credential-guard/credential-guard-how-it-works
-          text: Windows Defender Credential Guard
+          text: Credential Guard
         - url: /windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust
           text: Windows Hello for Business cloud Kerberos trust
         - url: /windows/security/threat-protection/windows-defender-application-control

windows/security/hardware-security/enable-virtualization-based-protection-of-code-integrity.md

@@ -268,24 +268,24 @@ Value | Description
 
 #### SecurityServicesConfigured
 
-This field indicates whether Windows Defender Credential Guard or memory integrity has been configured.
+This field indicates whether Credential Guard or memory integrity has been configured.
 
 Value | Description
 -|-
 **0.** | No services are configured.
-**1.** | If present, Windows Defender Credential Guard is configured.
+**1.** | If present, Credential Guard is configured.
 **2.** | If present, memory integrity is configured.
 **3.** | If present, System Guard Secure Launch is configured.
 **4.** | If present, SMM Firmware Measurement is configured.
 
 #### SecurityServicesRunning
 
-This field indicates whether Windows Defender Credential Guard or memory integrity is running.
+This field indicates whether Credential Guard or memory integrity is running.
 
 Value | Description
 -|-
 **0.** | No services running.
-**1.** | If present, Windows Defender Credential Guard is running.
+**1.** | If present, Credential Guard is running.
 **2.** | If present, memory integrity is running.
 **3.** | If present, System Guard Secure Launch is running.
 **4.** | If present, SMM Firmware Measurement is running.

windows/security/identity-protection/credential-guard/additional-mitigations.md

@@ -1,20 +1,20 @@
 ---
 ms.date: 08/14/2023
 title: Additional mitigations
-description: Advice and sample code for making your domain environment more secure and robust with Windows Defender Credential Guard.
+description: Advice and sample code for making your domain environment more secure and robust with Credential Guard.
 ms.topic: article
 ---
 
 # Additional mitigations
 
-Windows Defender Credential Guard offers mitigations against attacks on derived credentials, preventing the use of stolen credentials elsewhere. However, devices can still be vulnerable to certain attacks, even if the derived credentials are protected by Windows Defender Credential Guard. These attacks can include abusing privileges and use of derived credentials directly from a compromised device, re-using stolen credentials prior to the enablement of Windows Defender Credential Guard, and abuse of management tools and weak application configurations. Because of this, additional mitigation also must be deployed to make the domain environment more robust.
+Credential Guard offers mitigations against attacks on derived credentials, preventing the use of stolen credentials elsewhere. However, devices can still be vulnerable to certain attacks, even if the derived credentials are protected by Credential Guard. These attacks can include abusing privileges and use of derived credentials directly from a compromised device, re-using stolen credentials prior to the enablement of Credential Guard, and abuse of management tools and weak application configurations. Because of this, additional mitigation also must be deployed to make the domain environment more robust.
 
 ## Additional security qualifications
 
-All devices that meet baseline protections for hardware, firmware, and software can use Windows Defender Credential Guard.\
+All devices that meet baseline protections for hardware, firmware, and software can use Credential Guard.\
 Devices that meet more qualifications can provide added protections to further reduce the attack surface.
 
-The following table list qualifications for improved security. We recommend meeting the additional qualifications to strengthen the level of security that Windows Defender Credential Guard can provide.
+The following table list qualifications for improved security. We recommend meeting the additional qualifications to strengthen the level of security that Credential Guard can provide.
 
 |Protection |Requirements|Security Benefits|
 |---|---|---|
@@ -37,7 +37,7 @@ The following table list qualifications for improved security. We recommend meet
 
 ## Restrict domain users to specific domain-joined devices
 
-Credential theft attacks allow the attacker to steal secrets from one device and use them from another device. If a user can sign on to multiple devices then any device could be used to steal credentials. How do you ensure that users only sign on with devices that have Windows Defender Credential Guard enabled? By deploying authentication policies that restrict them to specific domain-joined devices that have been configured with Windows Defender Credential Guard. For the domain controller to know what device a user is signing on from, Kerberos armoring must be used.
+Credential theft attacks allow the attacker to steal secrets from one device and use them from another device. If a user can sign on to multiple devices then any device could be used to steal credentials. How do you ensure that users only sign on with devices that have Credential Guard enabled? By deploying authentication policies that restrict them to specific domain-joined devices that have been configured with Credential Guard. For the domain controller to know what device a user is signing on from, Kerberos armoring must be used.
 
 ### Kerberos armoring
 
@@ -46,11 +46,11 @@ Kerberos armoring is part of RFC 6113. When a device supports Kerberos armoring,
 **To enable Kerberos armoring for restricting domain users to specific domain-joined devices**
 - Users need to be in domains that are running Windows Server 2012 R2 or higher
 - All the domain controllers in these domains must be configured to support Kerberos armoring. Set the **KDC support for claims, compound authentication, and Kerberos armoring** Group Policy setting to either **Supported** or **Always provide claims**.
-- All the devices with Windows Defender Credential Guard that the users will be restricted to must be configured to support Kerberos armoring. Enable the **Kerberos client support for claims, compound authentication and Kerberos armoring** Group Policy settings under **Computer Configuration** -> **Administrative Templates** -> **System** -> **Kerberos**.
+- All the devices with Credential Guard that the users will be restricted to must be configured to support Kerberos armoring. Enable the **Kerberos client support for claims, compound authentication and Kerberos armoring** Group Policy settings under **Computer Configuration** -> **Administrative Templates** -> **System** -> **Kerberos**.
 
 ### Protect domain-joined device secrets
 
-Since domain-joined devices also use shared secrets for authentication, attackers can steal those secrets as well. By deploying device certificates with Windows Defender Credential Guard, the private key can be protected. Then authentication policies can require that users sign on to devices that authenticate using those certificates. This prevents shared secrets stolen from the device to be used with stolen user credentials to sign on as the user.
+Since domain-joined devices also use shared secrets for authentication, attackers can steal those secrets as well. By deploying device certificates with Credential Guard, the private key can be protected. Then authentication policies can require that users sign on to devices that authenticate using those certificates. This prevents shared secrets stolen from the device to be used with stolen user credentials to sign on as the user.
 
 Domain-joined device certificate authentication has the following requirements:
 
@@ -81,7 +81,7 @@ For example, let's say you wanted to use the High Assurance policy only on these
 1.  Under **Issuance Policies**, select **High Assurance**
 1.  On the **Subject name** tab, clear the **DNS name** check box, and then select the **User Principal Name (UPN)** check box
 
-Then on the devices that are running Windows Defender Credential Guard, enroll the devices using the certificate you just created.
+Then on the devices that are running Credential Guard, enroll the devices using the certificate you just created.
 
 **Enroll devices in a certificate**
 

windows/security/identity-protection/credential-guard/configure.md

@@ -1,6 +1,6 @@
 ---
-title: Configure Windows Defender Credential Guard 
-description: Learn how to configure Windows Defender Credential Guard using MDM, Group Policy, or the registry.
+title: Configure Credential Guard 
+description: Learn how to configure Credential Guard using MDM, Group Policy, or the registry.
 ms.date: 08/14/2023
 ms.collection:
   - highpri
@@ -8,14 +8,14 @@ ms.collection:
 ms.topic: how-to
 ---
 
-# Configure Windows Defender Credential Guard
+# Configure Credential Guard
 
-This article describes how to configure Windows Defender Credential Guard using Microsoft Intune, Group Policy, or the registry.
+This article describes how to configure Credential Guard using Microsoft Intune, Group Policy, or the registry.
 
 ## Default enablement
 
-Starting in **Windows 11, version 22H2**, Windows Defender Credential Guard is turned on by default on devices that [meet the requirements](index.md#hardware-and-software-requirements). The default enablement is **without UEFI Lock**, which allows administrators to disable Credential Gurad remotely, if needed.\
-If Windows Defender Credential Guard or VBS are disabled *before* a device is updated to Windows 11, version 22H2 or later, default enablement doesn't overwrite the existing settings.
+Starting in **Windows 11, version 22H2**, Credential Guard is turned on by default on devices that [meet the requirements](index.md#hardware-and-software-requirements). The default enablement is **without UEFI Lock**, which allows administrators to disable Credential Gurad remotely, if needed.\
+If Credential Guard or VBS are disabled *before* a device is updated to Windows 11, version 22H2 or later, default enablement doesn't overwrite the existing settings.
 
 While the default state of Credential Guard changed, system administrators can [enable](#enable-and-configure-windows-defender-credential-guard) or [disable](#disable-windows-defender-credential-guard) it using one of the methods described in this article.
 
@@ -23,15 +23,15 @@ While the default state of Credential Guard changed, system administrators can [
 > For information about known issues related to default enablement, see [Credential Guard: known issues](considerations-known-issues.md#single-sign-on-for-network-services-breaks-after-upgrading-to-windows-11-version-22h2).
 
 > [!NOTE]
-> Devices running Windows 11 Pro/Pro Edu 22H2 or later may have Virtualization-based Security (VBS) and/or Windows Defender Credential Guard automatically enabled if they meet the other requirements for default enablement, and have previously run Windows Defender Credential Guard. For example if Windows Defender Credential Guard was enabled on an Enterprise device that later downgraded to Pro.
+> Devices running Windows 11 Pro/Pro Edu 22H2 or later may have Virtualization-based Security (VBS) and/or Credential Guard automatically enabled if they meet the other requirements for default enablement, and have previously run Credential Guard. For example if Credential Guard was enabled on an Enterprise device that later downgraded to Pro.
 >
-> To determine whether the Pro device is in this state, check if the following registry key exists: `Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\IsolatedCredentialsRootSecret`. In this scenario, if you wish to disable VBS and Windows Defender Credential Guard, follow the instructions to [disable Virtualization-based Security](#disable-virtualization-based-security). If you wish to disable Windows Defender Credential Guard only, without disabling VBS, use the procedures to [disable Windows Defender Credential Guard](#disable-windows-defender-credential-guard).
+> To determine whether the Pro device is in this state, check if the following registry key exists: `Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\IsolatedCredentialsRootSecret`. In this scenario, if you wish to disable VBS and Credential Guard, follow the instructions to [disable Virtualization-based Security](#disable-virtualization-based-security). If you wish to disable Credential Guard only, without disabling VBS, use the procedures to [disable Credential Guard](#disable-windows-defender-credential-guard).
 
-## Enable and configure Windows Defender Credential Guard
+## Enable and configure Credential Guard
 
-Windows Defender Credential Guard should be enabled before a device is joined to a domain or before a domain user signs in for the first time. If Windows Defender Credential Guard is enabled after domain join, the user and device secrets may already be compromised.
+Credential Guard should be enabled before a device is joined to a domain or before a domain user signs in for the first time. If Credential Guard is enabled after domain join, the user and device secrets may already be compromised.
 
-To enable and configure Windows Defender Credential Guard, you can use:
+To enable and configure Credential Guard, you can use:
 
 - Microsoft Intune/MDM
 - Group policy
@@ -50,7 +50,7 @@ To enable and configure Windows Defender Credential Guard, you can use:
 | Device Guard | Credential Guard | Select one of the options:<br>&emsp;- **Enabled with UEFI lock**<br>&emsp;- **Enabled without lock** |
 
 >[!IMPORTANT]
-> If you want to be able to turn off Windows Defender Credential Guard remotely, choose the option **Enabled without lock**.
+> If you want to be able to turn off Credential Guard remotely, choose the option **Enabled without lock**.
 
 [!INCLUDE [intune-settings-catalog-2](../../../../includes/configure/intune-settings-catalog-2.md)]
 
@@ -78,7 +78,7 @@ Once the policy is applied, restart the device.
 |Turn On Virtualization Based Security | **Enabled** and select one of the options listed under the **Credential Guard Configuration** dropdown:<br>&emsp;- **Enabled with UEFI lock**<br>&emsp;- **Enabled without lock**|
 
 >[!IMPORTANT]
-> If you want to be able to turn off Windows Defender Credential Guard remotely, choose the option **Enabled without lock**.
+> If you want to be able to turn off Credential Guard remotely, choose the option **Enabled without lock**.
 
 [!INCLUDE [gpo-settings-2](../../../../includes/configure/gpo-settings-2.md)]
 
@@ -99,13 +99,13 @@ To configure devices using the registry, use the following settings:
 Restart the device to enable Credential Guard.
 
 > [!TIP]
-> You can enable Windows Defender Credential Guard by setting the registry entries in the [*FirstLogonCommands*](/windows-hardware/customize/desktop/unattend/microsoft-windows-shell-setup-firstlogoncommands) unattend setting.
+> You can enable Credential Guard by setting the registry entries in the [*FirstLogonCommands*](/windows-hardware/customize/desktop/unattend/microsoft-windows-shell-setup-firstlogoncommands) unattend setting.
 
 ---
 
-### Verify if Windows Defender Credential Guard is running
+### Verify if Credential Guard is running
 
-Checking the task list or Task Manager if `LsaIso.exe` is running is not a recommended method for determining whether Windows Defender Credential Guard is running. Instead, use one of the following methods:
+Checking the task list or Task Manager if `LsaIso.exe` is running is not a recommended method for determining whether Credential Guard is running. Instead, use one of the following methods:
 
 - System Information
 - PowerShell
@@ -129,12 +129,12 @@ You can use PowerShell to determine whether Credential Guard is running on a dev
 
 The command generates the following output:  
 
-- **0**: Windows Defender Credential Guard is disabled (not running)
-- **1**: Windows Defender Credential Guard is enabled (running)
+- **0**: Credential Guard is disabled (not running)
+- **1**: Credential Guard is enabled (running)
 
 #### Event viewer
 
-Perform regular reviews of the devices that have Windows Defender Credential Guard enabled, using security audit policies or WMI queries.\
+Perform regular reviews of the devices that have Credential Guard enabled, using security audit policies or WMI queries.\
 Open the Event Viewer (`eventvwr.exe`) and go to `Windows Logs\System` and filter the event sources for *WinInit*:
 
 :::row:::
@@ -151,7 +151,7 @@ Open the Event Viewer (`eventvwr.exe`) and go to `Windows Logs\System` and filte
   :::column-end:::
   :::column span="3":::
   ```logging
-  Windows Defender Credential Guard (LsaIso.exe) was started and will protect LSA credentials.
+  Credential Guard (LsaIso.exe) was started and will protect LSA credentials.
   ```
   :::column-end:::
 :::row-end:::
@@ -161,9 +161,9 @@ Open the Event Viewer (`eventvwr.exe`) and go to `Windows Logs\System` and filte
   :::column-end:::
   :::column span="3":::
   ```logging
-  Windows Defender Credential Guard (LsaIso.exe) configuration: [**0x0** | **0x1** | **0x2**], **0**
+  Credential Guard (LsaIso.exe) configuration: [**0x0** | **0x1** | **0x2**], **0**
   ```
-  - The first variable: **0x1** or **0x2** means that Windows Defender Credential Guard is configured to run. **0x0** means that it's not configured to run.
+  - The first variable: **0x1** or **0x2** means that Credential Guard is configured to run. **0x0** means that it's not configured to run.
   - The second variable: **0** means that it's configured to run in protect mode. **1** means that it's configured to run in test mode. This variable should always be **0**.
     :::column-end:::
 :::row-end:::
@@ -173,8 +173,8 @@ Open the Event Viewer (`eventvwr.exe`) and go to `Windows Logs\System` and filte
   :::column-end:::
   :::column span="3":::
   ```logging
-  Windows Defender Credential Guard (LsaIso.exe) is configured but the secure kernel isn't running;
-  continuing without Windows Defender Credential Guard.
+  Credential Guard (LsaIso.exe) is configured but the secure kernel isn't running;
+  continuing without Credential Guard.
   ```
   :::column-end:::
 :::row-end:::
@@ -184,7 +184,7 @@ Open the Event Viewer (`eventvwr.exe`) and go to `Windows Logs\System` and filte
   :::column-end:::
   :::column span="3":::
   ```logging
-  Windows Defender Credential Guard (LsaIso.exe) failed to launch: [error code]
+  Credential Guard (LsaIso.exe) failed to launch: [error code]
   ```
   :::column-end:::
 :::row-end:::
@@ -194,7 +194,7 @@ Open the Event Viewer (`eventvwr.exe`) and go to `Windows Logs\System` and filte
   :::column-end:::
   :::column span="3":::
   ```logging
-  Error reading Windows Defender Credential Guard (LsaIso.exe) UEFI configuration: [error code]
+  Error reading Credential Guard (LsaIso.exe) UEFI configuration: [error code]
   ```
   :::column-end:::
 :::row-end:::
@@ -222,13 +222,13 @@ The following event indicates wether TPM is used for key protection. Path: `Appl
 
 If you're running with a TPM, the TPM PCR mask value will be something other than 0.
 
-## Disable Windows Defender Credential Guard
+## Disable Credential Guard
 
-There are different options to disable Windows Defender Credential Guard. The option you choose depends on how Windows Defender Credential Guard is configured:
+There are different options to disable Credential Guard. The option you choose depends on how Credential Guard is configured:
 
-- Windows Defender Credential Guard running in a virtual machine can be [disabled by the host](#disable-windows-defender-credential-guard-for-a-virtual-machine)
-- If Windows Defender Credential Guard is enabled **with UEFI Lock**, follow the procedure described in [disable Windows Defender Credential Guard with UEFI Lock](#disable-credential-guard-with-uefi-lock)
-- If Windows Defender Credential Guard is enabled **without UEFI Lock**, or as part of the automatic enablement in the Windows 11, version 22H2 update, use one of the following options to disable it:
+- Credential Guard running in a virtual machine can be [disabled by the host](#disable-windows-defender-credential-guard-for-a-virtual-machine)
+- If Credential Guard is enabled **with UEFI Lock**, follow the procedure described in [disable Credential Guard with UEFI Lock](#disable-credential-guard-with-uefi-lock)
+- If Credential Guard is enabled **without UEFI Lock**, or as part of the automatic enablement in the Windows 11, version 22H2 update, use one of the following options to disable it:
   - Microsoft Intune/MDM
   - Group policy
   - Registry
@@ -239,7 +239,7 @@ There are different options to disable Windows Defender Credential Guard. The op
 
 ### Disable Credential Guard with Intune
 
-If Windows Defender Credential Guard is enabled via Intune and without UEFI Lock, disabling the same policy setting will disable Windows Defender Credential Guard.
+If Credential Guard is enabled via Intune and without UEFI Lock, disabling the same policy setting will disable Credential Guard.
 
 [!INCLUDE [intune-settings-catalog-1](../../../../includes/configure/intune-settings-catalog-1.md)]
 
@@ -262,7 +262,7 @@ Once the policy is applied, restart the device.
 
 ### Disable  Credential Guard with group policy
 
-If Windows Defender Credential Guard is enabled via Group Policy and without UEFI Lock, disabling the same group policy setting will disable Windows Defender Credential Guard.
+If Credential Guard is enabled via Group Policy and without UEFI Lock, disabling the same group policy setting will disable Credential Guard.
 
 [!INCLUDE [gpo-settings-1](../../../../includes/configure/gpo-settings-1.md)] `Computer Configuration\Administrative Templates\System\Device Guard`:
 
@@ -278,7 +278,7 @@ Once the policy is applied, restart the device.
 
 ### Disable Credential Guard with registry settings
 
-If Windows Defender Credential Guard is enabled without UEFI Lock and without Group Policy, it's sufficient to edit the registry keys as described below to disable Windows Defender Credential Guard.
+If Credential Guard is enabled without UEFI Lock and without Group Policy, it's sufficient to edit the registry keys as described below to disable Credential Guard.
 
 1. Change the following registry settings to 0:
 
@@ -286,7 +286,7 @@ If Windows Defender Credential Guard is enabled without UEFI Lock and without Gr
    - `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\LsaCfgFlags`
 
      > [!NOTE]
-     > Deleting these registry settings may not disable Windows Defender Credential Guard. They must be set to a value of 0.
+     > Deleting these registry settings may not disable Credential Guard. They must be set to a value of 0.
 
 1. Restart the device
 
@@ -296,13 +296,13 @@ For information on disabling Virtualization-based Security (VBS), see [disable V
 
 ### Disable Credential Guard with UEFI lock
 
-If Windows Defender Credential Guard is enabled with UEFI lock, follow this procedure since the settings are persisted in EFI (firmware) variables.
+If Credential Guard is enabled with UEFI lock, follow this procedure since the settings are persisted in EFI (firmware) variables.
 
 > [!NOTE]
 > This scenario requires physical presence at the machine to press a function key to accept the change.
 
-1. Follow the steps in [Disable Windows Defender Credential Guard](#disable-windows-defender-credential-guard)
-1. Delete the Windows Defender Credential Guard EFI variables by using bcdedit. From an elevated command prompt, type the following commands:
+1. Follow the steps in [Disable Credential Guard](#disable-windows-defender-credential-guard)
+1. Delete the Credential Guard EFI variables by using bcdedit. From an elevated command prompt, type the following commands:
 
    ```cmd
    mountvol X: /s
@@ -317,7 +317,7 @@ If Windows Defender Credential Guard is enabled with UEFI lock, follow this proc
 
 1. Restart the device. Before the OS boots, a prompt will appear notifying that UEFI was modified, and asking for confirmation. The prompt must be confirmed for the changes to persist.
 
-### Disable Windows Defender Credential Guard for a virtual machine
+### Disable Credential Guard for a virtual machine
 
 From the host, you can disable Credential Guard for a virtual machine with the following command:
 
@@ -327,7 +327,7 @@ Set-VMSecurity -VMName <VMName> -VirtualizationBasedSecurityOptOut $true
 
 ## Disable Virtualization-based Security
 
-If you disable Virtualization-based Security (VBS), you'll automatically disable Windows Defender Credential Guard and other features that rely on VBS.
+If you disable Virtualization-based Security (VBS), you'll automatically disable Credential Guard and other features that rely on VBS.
 
 > [!IMPORTANT]
 > Other security features beside Credential Guard rely on VBS. Disabling VBS may have unintended side effects.
@@ -388,7 +388,7 @@ Once the policy is applied, restart the device.
 
 ---
 
-If Windows Defender Credential Guard is enabled with UEFI Lock, the EFI variables stored in firmware must be cleared using the command `bcdedit.exe`. From an elevated command prompt, run the following commands:
+If Credential Guard is enabled with UEFI Lock, the EFI variables stored in firmware must be cleared using the command `bcdedit.exe`. From an elevated command prompt, run the following commands:
 
 ```cmd
 bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO,DISABLE-VBS
@@ -397,8 +397,8 @@ bcdedit /set vsmlaunchtype off
 
 ## Next steps
 
-- Review the advices and sample code for making your environment more secure and robust with Windows Defender Credential Guard in the [Additional mitigations](additional-mitigations.md) article
-- Review [considerations and known issues when using Windows Defender Credential Guard](considerations-known-issues.md)
+- Review the advices and sample code for making your environment more secure and robust with Credential Guard in the [Additional mitigations](additional-mitigations.md) article
+- Review [considerations and known issues when using Credential Guard](considerations-known-issues.md)
 
 <!--links-->
 

windows/security/identity-protection/credential-guard/considerations-known-issues.md

@@ -1,38 +1,38 @@
 ---
-ms.date: 08/14/2023
-title: Considerations and known issues when using Windows Defender Credential Guard
-description: Considerations, recommendations and known issues when using Windows Defender Credential Guard.
+ms.date: 08/16/2023
+title: Considerations and known issues when using Credential Guard
+description: Considerations, recommendations and known issues when using Credential Guard.
 ms.topic: troubleshooting
 ---
 
-# Considerations and known issues when using Windows Defender Credential Guard
+# Considerations and known issues when using Credential Guard
 
-It's recommended that in addition to deploying Windows Defender Credential Guard, organizations move away from passwords to other authentication methods, such as Windows Hello for Business, FIDO 2 security keys or smart cards.
+It's recommended that in addition to deploying Credential Guard, organizations move away from passwords to other authentication methods, such as Windows Hello for Business, FIDO 2 security keys or smart cards.
 
 ## Wi-fi and VPN considerations
 
-When you enable Windows Defender Credential Guard, you can no longer use NTLM classic authentication for single sign-on. You'll be forced to enter your credentials to use these protocols and can't save the credentials for future use.\
+When you enable Credential Guard, you can no longer use NTLM classic authentication for single sign-on. You'll be forced to enter your credentials to use these protocols and can't save the credentials for future use.\
 If you're using WiFi and VPN endpoints that are based on MS-CHAPv2, they're subject to similar attacks as for NTLMv1.
 
 For WiFi and VPN connections, it's recommended to move from MSCHAPv2-based connections (such as PEAP-MSCHAPv2 and EAP-MSCHAPv2), to certificate-based authentication (such as PEAP-TLS or EAP-TLS).
 
 ## Kerberos considerations
 
-When you enable Windows Defender Credential Guard, you can no longer use Kerberos unconstrained delegation or DES encryption. Unconstrained delegation could allow attackers to extract Kerberos keys from the isolated LSA process.\
+When you enable Credential Guard, you can no longer use Kerberos unconstrained delegation or DES encryption. Unconstrained delegation could allow attackers to extract Kerberos keys from the isolated LSA process.\
 Use constrained or resource-based Kerberos delegation instead.
 
 ## Third party Security Support Providers considerations
 
-Some third party Security Support Providers (SSPs and APs) might not be compatible with Windows Defender Credential Guard because it doesn't allow third-party SSPs to ask for password hashes from LSA. However, SSPs and APs still get notified of the password when a user logs on and/or changes their password. Any use of undocumented APIs within custom SSPs and APs aren't supported.\
-It's recommended that custom implementations of SSPs/APs are tested with Windows Defender Credential Guard. SSPs and APs that depend on any undocumented or unsupported behaviors fail. For example, using the KerbQuerySupplementalCredentialsMessage API isn't supported. Replacing the NTLM or Kerberos SSPs with custom SSPs and APs.
+Some third party Security Support Providers (SSPs and APs) might not be compatible with Credential Guard because it doesn't allow third-party SSPs to ask for password hashes from LSA. However, SSPs and APs still get notified of the password when a user logs on and/or changes their password. Any use of undocumented APIs within custom SSPs and APs aren't supported.\
+It's recommended that custom implementations of SSPs/APs are tested with Credential Guard. SSPs and APs that depend on any undocumented or unsupported behaviors fail. For example, using the KerbQuerySupplementalCredentialsMessage API isn't supported. Replacing the NTLM or Kerberos SSPs with custom SSPs and APs.
 
 For more information, see [Restrictions around Registering and Installing a Security Package](/windows/win32/secauthn/restrictions-around-registering-and-installing-a-security-package).
 
 ## Upgrade considerations
 
-As the depth and breadth of protections provided by Windows Defender Credential Guard are increased, new releases of Windows with Windows Defender Credential Guard running may affect scenarios that were working in the past. For example, Windows Defender Credential Guard may block the use of a particular type of credential or a particular component to prevent malware from taking advantage of vulnerabilities.
+As the depth and breadth of protections provided by Credential Guard are increased, new releases of Windows with Credential Guard running may affect scenarios that were working in the past. For example, Credential Guard may block the use of a particular type of credential or a particular component to prevent malware from taking advantage of vulnerabilities.
 
-Test scenarios required for operations in an organization before upgrading a device using Windows Defender Credential Guard.
+Test scenarios required for operations in an organization before upgrading a device using Credential Guard.
 
 ## Saved Windows credentials considerations
 
@@ -42,15 +42,15 @@ Test scenarios required for operations in an organization before upgrading a dev
 - Certificate-based credentials
 - Generic credentials
 
-Domain credentials that are stored in *Credential Manager* are protected with Windows Defender Credential Guard.
+Domain credentials that are stored in *Credential Manager* are protected with Credential Guard.
 
 Generic credentials, such as user names and passwords that you use to sign in websites, aren't protected since the applications require your clear-text password. If the application doesn't need a copy of the password, they can save domain credentials as Windows credentials that are protected. Windows credentials are used to connect to other computers on a network.
 
-The following considerations apply to the Windows Defender Credential Guard protections for Credential Manager:
+The following considerations apply to the Credential Guard protections for Credential Manager:
 
 - Windows credentials saved by the Remote Desktop client can't be sent to a remote host. Attempts to use saved Windows credentials fail, displaying the error message *Logon attempt failed*
 - Applications that extract Windows credentials fail
-- When credentials are backed up from a PC that has Windows Defender Credential Guard enabled, the Windows credentials can't be restored. If you need to back up your credentials, you must do so before you enable Windows Defender Credential Guard
+- When credentials are backed up from a PC that has Credential Guard enabled, the Windows credentials can't be restored. If you need to back up your credentials, you must do so before you enable Credential Guard
 
 ## TPM clearing considerations
 
@@ -105,29 +105,29 @@ When data protected with user DPAPI is unusable, then the user loses access to a
 
 ## Known issues
 
-Windows Defender Credential Guard blocks certain authentication capabilities. Applications that require such capabilities won't function when Credential Guard is enabled.
+Credential Guard blocks certain authentication capabilities. Applications that require such capabilities won't function when Credential Guard is enabled.
 
-This article describes known issues when Windows Defender Credential Guard is enabled.
+This article describes known issues when Credential Guard is enabled.
 
 ### Single sign-on for Network services breaks after upgrading to Windows 11, version 22H2  
 
-Devices that use 802.1x wireless or wired network, RDP, or VPN connections that rely on insecure protocols with password-based authentication are unable to use SSO to sign in and are forced to manually re-authenticate in every new Windows session when Windows Defender Credential Guard is running.  
+Devices that use 802.1x wireless or wired network, RDP, or VPN connections that rely on insecure protocols with password-based authentication are unable to use SSO to sign in and are forced to manually re-authenticate in every new Windows session when Credential Guard is running.  
 
 #### Affected devices
 
-Any device with Windows Defender Credential Guard enabled may encounter the issue. As part of the Windows 11, version 22H2 update, eligible devices that didn't disable Windows Defender Credential Guard, have it enabled by default. This affected all devices on Enterprise (E3 and E5) and Education licenses, as well as some Pro licenses*, as long as they met the [minimum hardware requirements](index.md#hardware-and-software-requirements).
+Any device with Credential Guard enabled may encounter the issue. As part of the Windows 11, version 22H2 update, eligible devices that didn't disable Credential Guard, have it enabled by default. This affected all devices on Enterprise (E3 and E5) and Education licenses, as well as some Pro licenses*, as long as they met the [minimum hardware requirements](index.md#hardware-and-software-requirements).
   
-All Windows Pro devices that previously ran Windows Defender Credential Guard on an eligible license and later downgraded to Pro, and which still meet the [minimum hardware requirements](index.md#hardware-and-software-requirements), will receive default enablement.  
+All Windows Pro devices that previously ran Credential Guard on an eligible license and later downgraded to Pro, and which still meet the [minimum hardware requirements](index.md#hardware-and-software-requirements), will receive default enablement.  
 
 > [!TIP]
 > To determine if a Windows Pro device receives default enablement when upgraded to **Windows 11, version 22H2**, check if the registry key `IsolatedCredentialsRootSecret` is present in `Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0`.
-> If it's' present, the device enables Windows Defender Credential Guard after the update.
+> If it's' present, the device enables Credential Guard after the update.
 >
-> You can Windows Defender Credential Guard can be disabled after upgrade by following the [disablement instructions](configure.md#disable-windows-defender-credential-guard).
+> You can Credential Guard can be disabled after upgrade by following the [disablement instructions](configure.md#disable-windows-defender-credential-guard).
 
 #### Cause of the issue
 
-Applications and services are affected by the issue when they rely on insecure protocols that use password-based authentication. Such protocols are considered insecure because they can lead to password disclosure on the client or the server, and Windows Defender Credential Guard blocks them. Affected protocols include:
+Applications and services are affected by the issue when they rely on insecure protocols that use password-based authentication. Such protocols are considered insecure because they can lead to password disclosure on the client or the server, and Credential Guard blocks them. Affected protocols include:
 
 - Kerberos unconstrained delegation (both SSO and supplied credentials are blocked)
 - Kerberos when PKINIT uses RSA encryption instead of Diffie-Hellman (both SSO and supplied credentials are blocked)
@@ -140,7 +140,7 @@ Applications and services are affected by the issue when they rely on insecure p
 
 #### How to confirm the issue
 
-MS-CHAP and NTLMv1 are relevant to the SSO breakage after the Windows 11, version 22H2 update. To confirm if Windows Defender Credential Guard is blocking MS-CHAP or NTLMv1, open the Event Viewer (`eventvwr.exe`) and go to `Application and Services Logs\Microsoft\Windows\NTLM\Operational`. Check the following logs:
+MS-CHAP and NTLMv1 are relevant to the SSO breakage after the Windows 11, version 22H2 update. To confirm if Credential Guard is blocking MS-CHAP or NTLMv1, open the Event Viewer (`eventvwr.exe`) and go to `Application and Services Logs\Microsoft\Windows\NTLM\Operational`. Check the following logs:
 
 :::row:::
   :::column span="1":::
@@ -187,14 +187,14 @@ MS-CHAP and NTLMv1 are relevant to the SSO breakage after the Windows 11, versio
 
 #### How to fix the issue
 
-We recommend moving away from MSCHAPv2-based connections, such as PEAP-MSCHAPv2 and EAP-MSCHAPv2, to certificate-based authentication, like PEAP-TLS or EAP-TLS. Windows Defender Credential Guard doesn't block certificate-based authentication.  
+We recommend moving away from MSCHAPv2-based connections, such as PEAP-MSCHAPv2 and EAP-MSCHAPv2, to certificate-based authentication, like PEAP-TLS or EAP-TLS. Credential Guard doesn't block certificate-based authentication.  
 
-For a more immediate, but less secure fix, [disable Windows Defender Credential Guard](configure.md#disable-windows-defender-credential-guard). Windows Defender Credential Guard doesn't have per-protocol or per-application policies, and it can either be turned on or off. If you disable Windows Defender Credential Guard, you leave stored domain credentials vulnerable to theft.
+For a more immediate, but less secure fix, [disable Credential Guard](configure.md#disable-windows-defender-credential-guard). Credential Guard doesn't have per-protocol or per-application policies, and it can either be turned on or off. If you disable Credential Guard, you leave stored domain credentials vulnerable to theft.
 
 > [!TIP]
-> To prevent default enablement, configure your devices [to disable Windows Defender Credential Guard](configure.md#disable-windows-defender-credential-guard) before updating to Windows 11, version 22H2. If the setting is not configured (which is the default state) and if the device is eligible, the device automatically enable Credential Guard after the update.
+> To prevent default enablement, configure your devices [to disable Credential Guard](configure.md#disable-windows-defender-credential-guard) before updating to Windows 11, version 22H2. If the setting is not configured (which is the default state) and if the device is eligible, the device automatically enable Credential Guard after the update.
 >
-> If Windows Defender Credential Guard is explicitly disabled, the device won't automatically enable Credential Guard after the update.  
+> If Credential Guard is explicitly disabled, the device won't automatically enable Credential Guard after the update.  
 
 ### Issues with third-party applications
 
@@ -204,34 +204,34 @@ The following issue affects MSCHAPv2:
 
 The following issue affects the Java GSS API. See the following Oracle bug database article:
 
-- [JDK-8161921: Windows Defender Credential Guard doesn't allow sharing of TGT with Java](http://bugs.java.com/bugdatabase/view_bug.do?bug_id=8161921)
+- [JDK-8161921: Credential Guard doesn't allow sharing of TGT with Java](http://bugs.java.com/bugdatabase/view_bug.do?bug_id=8161921)
 
-When Windows Defender Credential Guard is enabled on Windows, the Java GSS API doesn't authenticate. Windows Defender Credential Guard blocks specific application authentication capabilities and doesn't provide the TGT session key to applications, regardless of registry key settings. For more information, see [Application requirements](index.md#application-requirements).
+When Credential Guard is enabled on Windows, the Java GSS API doesn't authenticate. Credential Guard blocks specific application authentication capabilities and doesn't provide the TGT session key to applications, regardless of registry key settings. For more information, see [Application requirements](index.md#application-requirements).
 
 The following issue affects McAfee Application and Change Control (MACC):
 
-- [KB88869 Windows machines exhibit high CPU usage with McAfee Application and Change Control (MACC) installed when Windows Defender Credential Guard is enabled](https://kcm.trellix.com/corporate/index?page=content&id=KB88869) <sup>[Note 1](#bkmk_note1)</sup>
+- [KB88869 Windows machines exhibit high CPU usage with McAfee Application and Change Control (MACC) installed when Credential Guard is enabled](https://kcm.trellix.com/corporate/index?page=content&id=KB88869) <sup>[Note 1](#bkmk_note1)</sup>
 
 The following issue affects Citrix applications:
 
-- Windows machines exhibit high CPU usage with Citrix applications installed when Windows Defender Credential Guard is enabled. <sup>[Note 1](#bkmk_note1)</sup>
+- Windows machines exhibit high CPU usage with Citrix applications installed when Credential Guard is enabled. <sup>[Note 1](#bkmk_note1)</sup>
 
 <a name="bkmk_note1"></a>
 
 > [!NOTE]
-> Products that connect to Virtualization Based Security (VBS) protected processes can cause Windows Defender Credential Guard-enabled devices to exhibit high CPU usage. For technical and troubleshooting information, see [KB4032786 High CPU usage in the LSAISO process on Windows](/troubleshoot/windows-client/performance/lsaiso-process-high-cpu-usage).
+> Products that connect to Virtualization Based Security (VBS) protected processes can cause Credential Guard-enabled devices to exhibit high CPU usage. For technical and troubleshooting information, see [KB4032786 High CPU usage in the LSAISO process on Windows](/troubleshoot/windows-client/performance/lsaiso-process-high-cpu-usage).
 >
 > For more technical information on LSAISO.exe, see [Isolated User Mode (IUM) Processes](/windows/win32/procthread/isolated-user-mode--ium--processes).
 
 #### Vendor support
 
-The following products and services don't support Windows Defender Credential Guard :
+The following products and services don't support Credential Guard :
 
-- [Support for Hypervisor-Protected Code Integrity and Windows Defender Credential Guard on Windows with McAfee encryption products](https://kcm.trellix.com/corporate/index?page=content&id=KB86009KB86009)
-- [Check Point Endpoint Security Client support for Microsoft Windows Defender Credential Guard and Hypervisor-Protected Code Integrity features](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk113912)
+- [Support for Hypervisor-Protected Code Integrity and Credential Guard on Windows with McAfee encryption products](https://kcm.trellix.com/corporate/index?page=content&id=KB86009KB86009)
+- [Check Point Endpoint Security Client support for Microsoft Credential Guard and Hypervisor-Protected Code Integrity features](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk113912)
 - [*VMware Workstation and Device/Credential Guard aren't compatible* error in VMware Workstation on Windows 10 host (2146361)](https://kb.vmware.com/s/article/2146361)
-- [ThinkPad support for Hypervisor-Protected Code Integrity and Windows Defender Credential Guard in Microsoft Windows](https://support.lenovo.com/in/en/solutions/ht503039)
-- [Windows devices with Windows Defender Credential Guard and Symantec Endpoint Protection 12.1](https://www.symantec.com/connect/forums/windows-10-device-guard-credentials-guard-and-sep-121)
+- [ThinkPad support for Hypervisor-Protected Code Integrity and Credential Guard in Microsoft Windows](https://support.lenovo.com/in/en/solutions/ht503039)
+- [Windows devices with Credential Guard and Symantec Endpoint Protection 12.1](https://www.symantec.com/connect/forums/windows-10-device-guard-credentials-guard-and-sep-121)
 
 >[!IMPORTANT]
->This list isn't comprehensive. Check whether your product vendor, product version, or computer system supports Windows Defender Credential Guard on systems that run a specific version of Windows. Specific computer system models may be incompatible with Windows Defender Credential Guard.
+>This list isn't comprehensive. Check whether your product vendor, product version, or computer system supports Credential Guard on systems that run a specific version of Windows. Specific computer system models may be incompatible with Credential Guard.

windows/security/identity-protection/credential-guard/how-it-works.md

@@ -1,13 +1,13 @@
 ---
-ms.date: 08/14/2023
-title: How Windows Defender Credential Guard works
-description: Learn how Windows Defender Credential Guard uses virtualization to protect secrets, so that only privileged system software can access them.
+ms.date: 08/16/2023
+title: How Credential Guard works
+description: Learn how Credential Guard uses virtualization to protect secrets, so that only privileged system software can access them.
 ms.topic: conceptual
 ---
 
-# How Windows Defender Credential Guard works
+# How Credential Guard works
 
-Kerberos, NTLM, and Credential Manager isolate secrets by using Virtualization-based security (VBS). Previous versions of Windows stored secrets in its process memory, in the Local Security Authority (LSA) process `lsass.exe`. With Windows Defender Credential Guard enabled, the LSA process in the operating system talks to a component called the *isolated LSA process* that stores and protects those secrets, `LSAIso.exe`. Data stored by the isolated LSA process is protected using VBS and isn't accessible to the rest of the operating system. LSA uses remote procedure calls to communicate with the isolated LSA process.
+Kerberos, NTLM, and Credential Manager isolate secrets by using Virtualization-based security (VBS). Previous versions of Windows stored secrets in its process memory, in the Local Security Authority (LSA) process `lsass.exe`. With Credential Guard enabled, the LSA process in the operating system talks to a component called the *isolated LSA process* that stores and protects those secrets, `LSAIso.exe`. Data stored by the isolated LSA process is protected using VBS and isn't accessible to the rest of the operating system. LSA uses remote procedure calls to communicate with the isolated LSA process.
 
 For security reasons, the isolated LSA process doesn't host any device drivers. Instead, it only hosts a small subset of operating system binaries that are needed for security and nothing else. All the binaries are signed with a certificate that VBS trusts, and the signatures are validated before launching the file in the protected environment.
 
@@ -15,28 +15,28 @@ Here's a high-level overview on how the LSA is isolated by using Virtualization-
 
 :::image type="content" source="images/credguard.png" alt-text="Diagram of the Credential Guard architecture.":::
 
-## Windows Defender Credential Guard protection limits
+## Credential Guard protection limits
 
-Some ways to store credentials aren't protected by Windows Defender Credential Guard, including:
+Some ways to store credentials aren't protected by Credential Guard, including:
 
 - Software that manages credentials outside of Windows feature protection
 - Local accounts and Microsoft Accounts
-- Windows Defender Credential Guard doesn't protect the Active Directory database running on Windows Server domain controllers. It also doesn't protect credential input pipelines, such as Windows Server running Remote Desktop Gateway. If you're using a Windows Server OS as a client PC, it will get the same protection as it would when running a Windows client OS
+- Credential Guard doesn't protect the Active Directory database running on Windows Server domain controllers. It also doesn't protect credential input pipelines, such as Windows Server running Remote Desktop Gateway. If you're using a Windows Server OS as a client PC, it will get the same protection as it would when running a Windows client OS
 - Key loggers
 - Physical attacks
 - Doesn't prevent an attacker with malware on the PC from using the privileges associated with any credential. We recommend using dedicated PCs for high value accounts, such as IT Pros and users with access to high value assets in your organization
 - Third-party security packages
-- When Windows Defender Credential Guard is enabled, NTLMv1, MS-CHAPv2, Digest, and CredSSP can't use the signed-in credentials. Thus, single sign-on doesn't work with these protocols. However, applications can prompt for credentials or use credentials stored in the Windows Vault, which aren't protected by Windows Defender Credential Guard with any of these protocols
+- When Credential Guard is enabled, NTLMv1, MS-CHAPv2, Digest, and CredSSP can't use the signed-in credentials. Thus, single sign-on doesn't work with these protocols. However, applications can prompt for credentials or use credentials stored in the Windows Vault, which aren't protected by Credential Guard with any of these protocols
     > [!CAUTION]
     > It's recommended that valuable credentials, such as the sign-in credentials, aren't used with NTLMv1, MS-CHAPv2, Digest, or CredSSP protocols. If these protocols must be used by domain or Azure AD users, secondary credentials should be provisioned for these use cases.
 - Supplied credentials for NTLM authentication aren't protected. If a user is prompted for and enters credentials for NTLM authentication, these credentials are vulnerable to be read from LSASS memory. These same credentials are vulnerable to key loggers as well
 - Kerberos service tickets aren't protected by Credential Guard, but the Kerberos Ticket Granting Ticket (TGT) is protected
-- When Windows Defender Credential Guard is enabled, Kerberos doesn't allow *unconstrained Kerberos delegation* or *DES encryption*, not only for signed-in credentials, but also prompted or saved credentials
-- When Windows Defender Credential Guard is enabled on a VM, Windows Defender Credential Guard protects secrets from attacks inside the VM. However, it doesn't provide protection from privileged system attacks originating from the host
+- When Credential Guard is enabled, Kerberos doesn't allow *unconstrained Kerberos delegation* or *DES encryption*, not only for signed-in credentials, but also prompted or saved credentials
+- When Credential Guard is enabled on a VM, it protects secrets from attacks inside the VM. However, it doesn't provide protection from privileged system attacks originating from the host
 - Windows logon cached password verifiers (commonly called *cached credentials*) don't qualify as credentials because they can't be presented to another computer for authentication, and can only be used locally to verify credentials. They're stored in the registry on the local computer and provide validation for credentials when a domain-joined computer can't connect to AD DS during user logon. These *cached logons*, or more specifically, *cached domain account information*, can be managed using the security policy setting **Interactive logon: Number of previous logons to cache** if a domain controller isn't available
 
 ## Next steps
 
-- Learn [how to configure Windows Defender Credential Guard](configure.md)
-- Review the advice and sample code for making your environment more secure and robust with Windows Defender Credential Guard in the [Additional mitigations](additional-mitigations.md) article
-- Review [considerations and known issues when using Windows Defender Credential Guard](considerations-known-issues.md)
+- Learn [how to configure Credential Guard](configure.md)
+- Review the advice and sample code for making your environment more secure and robust with Credential Guard in the [Additional mitigations](additional-mitigations.md) article
+- Review [considerations and known issues when using Credential Guard](considerations-known-issues.md)

windows/security/identity-protection/credential-guard/index.md

@@ -1,6 +1,6 @@
 ---
-title: Windows Defender Credential Guard overview
-description: Learn about Windows Defender Credential Guard and how it isolates secrets so that only privileged system software can access them.
+title: Credential Guard overview
+description: Learn about Credential Guard and how it isolates secrets so that only privileged system software can access them.
 ms.date: 08/08/2023
 ms.topic: overview
 ms.collection: 
@@ -8,34 +8,34 @@ ms.collection:
   - tier1
 ---
 
-# Windows Defender Credential Guard overview
+# Credential Guard overview
 
-Windows Defender Credential Guard prevents credential theft attacks by protecting NTLM password hashes, Kerberos Ticket Granting Tickets (TGTs), and credentials stored by applications as domain credentials.
+Credential Guard prevents credential theft attacks by protecting NTLM password hashes, Kerberos Ticket Granting Tickets (TGTs), and credentials stored by applications as domain credentials.
 
-Windows Defender Credential Guard uses [Virtualization-based security (VBS)](/windows-hardware/design/device-experiences/oem-vbs) to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks like *pass the hash* and *pass the ticket*.
+Credential Guard uses [Virtualization-based security (VBS)](/windows-hardware/design/device-experiences/oem-vbs) to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks like *pass the hash* and *pass the ticket*.
 
-When enabled, Windows Defender Credential Guard provides the following benefits:
+When enabled, Credential Guard provides the following benefits:
 
 - **Hardware security**: NTLM, Kerberos, and Credential Manager take advantage of platform security features, including Secure Boot and virtualization, to protect credentials
 - **Virtualization-based security**: NTLM, Kerberos derived credentials and other secrets run in a protected environment that is isolated from the running operating system
 - **Protection against advanced persistent threats**: when credentials are protected using VBS, the credential theft attack techniques and tools used in many targeted attacks are blocked. Malware running in the operating system with administrative privileges can't extract secrets that are protected by VBS
 
 > [!NOTE]
-> While Windows Defender Credential Guard is a powerful mitigation, persistent threat attacks will likely shift to new attack techniques, and you should also incorporate other security strategies and architectures.
+> While Credential Guard is a powerful mitigation, persistent threat attacks will likely shift to new attack techniques, and you should also incorporate other security strategies and architectures.
 
 > [!IMPORTANT]
-> Starting in Windows 11, version 22H2, VBS and Windows Defender Credential Guard are enabled by default on all devices that meet the system requirements.\
+> Starting in Windows 11, version 22H2, VBS and Credential Guard are enabled by default on all devices that meet the system requirements.\
 > For information about known issues related to the default enablement of Credential Guard, see [Credential Guard: Known Issues](considerations-known-issues.md).
 
 ## System requirements
 
-For Windows Defender Credential Guard to provide protection, the devices must meet certain hardware, firmware, and software requirements.
+For Credential Guard to provide protection, the devices must meet certain hardware, firmware, and software requirements.
 
 Devices that meet more hardware and firmware qualifications than the minimum requirements, receive additional protections and are more hardened against certain threats.
 
 ### Hardware and software requirements
 
-Windows Defender Credential Guard requires the features:
+Credential Guard requires the features:
 
 - Virtualization-based security (VBS)
   >[!NOTE]
@@ -49,11 +49,11 @@ While not required, the following features are recommended to provide additional
 
 For detailed information on protections for improved security that are associated with hardware and firmware options, see [additional security qualifications](additional-mitigations.md#additional-security-qualifications).
 
-#### Windows Defender Credential Guard in virtual machines
+#### Credential Guard in virtual machines
 
 Credential Guard can protect secrets in Hyper-V virtual machines, just as it would on a physical machine. When Credential Guard is enabled on a VM, secrets are protected from attacks *inside* the VM. Credential Guard doesn't provide protection from privileged system attacks originating from the host.
 
-The requirements to run Windows Defender Credential Guard in Hyper-V virtual machines are:
+The requirements to run Credential Guard in Hyper-V virtual machines are:
 
 - The Hyper-V host must have an IOMMU
 - The Hyper-V virtual machine must be generation 2
@@ -65,16 +65,16 @@ The requirements to run Windows Defender Credential Guard in Hyper-V virtual mac
 
 ## Application requirements
 
-When Windows Defender Credential Guard is enabled, certain authentication capabilities are blocked. Applications that require such capabilities break. We refer to these requirements as *application requirements*.
+When Credential Guard is enabled, certain authentication capabilities are blocked. Applications that require such capabilities break. We refer to these requirements as *application requirements*.
 
 Applications should be tested prior to deployment to ensure compatibility with the reduced functionality.
 
 > [!WARNING]
-> Enabling Windows Defender Credential Guard on domain controllers isn't recommended.
-> Windows Defender Credential Guard doesn't provide any added security to domain controllers, and can cause application compatibility issues on domain controllers.
+> Enabling Credential Guard on domain controllers isn't recommended.
+> Credential Guard doesn't provide any added security to domain controllers, and can cause application compatibility issues on domain controllers.
 
 > [!NOTE]
-> Windows Defender Credential Guard doesn't provide protections for the Active Directory database or the Security Accounts Manager (SAM). The credentials protected by Kerberos and NTLM when Windows Defender Credential Guard is enabled are also in the Active Directory database (on domain controllers) and the SAM (for local accounts).
+> Credential Guard doesn't provide protections for the Active Directory database or the Security Accounts Manager (SAM). The credentials protected by Kerberos and NTLM when Credential Guard is enabled are also in the Active Directory database (on domain controllers) and the SAM (for local accounts).
 
 Applications break if they require:
 
@@ -89,13 +89,13 @@ Applications prompt and expose credentials to risk if they require:
 - Credential delegation
 - MS-CHAPv2
 
-Applications may cause performance issues when they attempt to hook the isolated Windows Defender Credential Guard process `LSAIso.exe`.
+Applications may cause performance issues when they attempt to hook the isolated Credential Guard process `LSAIso.exe`.
 
-Services or protocols that rely on Kerberos, such as file shares or remote desktop, continue to work and aren't affected by Windows Defender Credential Guard.
+Services or protocols that rely on Kerberos, such as file shares or remote desktop, continue to work and aren't affected by Credential Guard.
 
 ## Next steps
 
-- Learn [how Windows Defender Credential Guard works](how-it-works.md)
-- Learn [how to configure Windows Defender Credential Guard](configure.md)
-- Review the advices and sample code for making your environment more secure and robust with Windows Defender Credential Guard in the [Additional mitigations](additional-mitigations.md) article
-- Review [considerations and known issues when using Windows Defender Credential Guard](considerations-known-issues.md)
+- Learn [how Credential Guard works](how-it-works.md)
+- Learn [how to configure Credential Guard](configure.md)
+- Review the advices and sample code for making your environment more secure and robust with Credential Guard in the [Additional mitigations](additional-mitigations.md) article
+- Review [considerations and known issues when using Credential Guard](considerations-known-issues.md)

windows/security/identity-protection/hello-for-business/hello-deployment-guide.md

@@ -42,7 +42,7 @@ The trust model determines how you want users to authenticate to the on-premises
 - The certificate trust model also supports enterprises which are not ready to deploy Windows Server 2016 Domain Controllers.
 
 > [!Note]
-> RDP does not support authentication with Windows Hello for Business Key Trust or cloud Kerberos trust deployments as a supplied credential. RDP is only supported with certificate trust deployments as a supplied credential at this time. Windows Hello for Business Key Trust and cloud Kerberos trust can be used with [Windows Defender Remote Credential Guard](../remote-credential-guard.md).
+> RDP does not support authentication with Windows Hello for Business Key Trust or cloud Kerberos trust deployments as a supplied credential. RDP is only supported with certificate trust deployments as a supplied credential at this time. Windows Hello for Business Key Trust and cloud Kerberos trust can be used with [Remote Credential Guard](../remote-credential-guard.md).
 
 Following are the various deployment guides and models included in this topic:
 

windows/security/identity-protection/hello-for-business/hello-faq.yml

@@ -257,4 +257,4 @@ sections:
           In a hybrid deployment, a user's public key must sync from Azure AD to AD before it can be used to authenticate against a domain controller. This sync is handled by Azure AD Connect and will occur during a normal sync cycle.
       - question: Can I use Windows Hello for Business key trust and RDP?
         answer: |
-          Remote Desktop Protocol (RDP) doesn't currently support using key-based authentication and self-signed certificates as supplied credentials. However, you can deploy certificates in the key trust model to enable RDP. For more information, see [Deploying certificates to key trust users to enable RDP](hello-deployment-rdp-certs.md). In addition, Windows Hello for Business key trust can be also used with RDP with [Windows Defender Remote Credential Guard](../remote-credential-guard.md) without deploying certificates.
+          Remote Desktop Protocol (RDP) doesn't currently support using key-based authentication and self-signed certificates as supplied credentials. However, you can deploy certificates in the key trust model to enable RDP. For more information, see [Deploying certificates to key trust users to enable RDP](hello-deployment-rdp-certs.md). In addition, Windows Hello for Business key trust can be also used with RDP with [Remote Credential Guard](../remote-credential-guard.md) without deploying certificates.

windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md

@@ -14,7 +14,7 @@ ms.collection:
 - Hybrid and On-premises Windows Hello for Business deployments
 - Azure AD joined, Hybrid Azure AD joined, and Enterprise joined devices
 
-Windows Hello for Business supports using a certificate deployed to a Windows Hello for Business container as a supplied credential to establish a remote desktop connection to a server or another device. This feature takes advantage of the redirected smart card capabilities of the remote desktop protocol. Windows Hello for Business key trust can be used with [Windows Defender Remote Credential Guard](../remote-credential-guard.md) to establish a remote desktop protocol connection.
+Windows Hello for Business supports using a certificate deployed to a Windows Hello for Business container as a supplied credential to establish a remote desktop connection to a server or another device. This feature takes advantage of the redirected smart card capabilities of the remote desktop protocol. Windows Hello for Business key trust can be used with [Remote Credential Guard](../remote-credential-guard.md) to establish a remote desktop protocol connection.
 
 Microsoft continues to investigate supporting using keys trust for supplied credentials in a future release.
 

windows/security/identity-protection/hello-for-business/hello-planning-guide.md

@@ -88,7 +88,7 @@ The key trust type does not require issuing authentication certificates to end u
 The certificate trust type issues authentication certificates to end users.  Users authenticate using a certificate requested using a hardware-bound key created during the built-in provisioning experience.  Unlike key trust, certificate trust does not require Windows Server 2016 domain controllers (but still requires [Windows Server 2016 or later Active Directory schema](/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust#directories)).  Users can use their certificate to authenticate to any Windows Server 2008 R2, or later, domain controller.
 
 > [!NOTE]
-> RDP does not support authentication with Windows Hello for Business key trust deployments as a supplied credential. RDP is only supported with certificate trust deployments as a supplied credential at this time. Windows Hello for Business key trust can be used with [Windows Defender Remote Credential Guard](../remote-credential-guard.md).
+> RDP does not support authentication with Windows Hello for Business key trust deployments as a supplied credential. RDP is only supported with certificate trust deployments as a supplied credential at this time. Windows Hello for Business key trust can be used with [Remote Credential Guard](../remote-credential-guard.md).
 
 #### Device registration
 

windows/security/identity-protection/hello-for-business/index.md

@@ -91,7 +91,7 @@ For details, see [How Windows Hello for Business works](hello-how-it-works.md).
 
 Windows Hello for Business can use either keys (hardware or software) or certificates in hardware or software. Enterprises that have a public key infrastructure (PKI) for issuing and managing end user certificates can continue to use PKI in combination with Windows Hello for Business. Enterprises that don't use PKI or want to reduce the effort associated with managing user certificates can rely on key-based credentials for Windows Hello. This functionality still uses certificates on the domain controllers as a root of trust. Starting with Windows 10 version 21H2, there's a feature called cloud Kerberos trust for hybrid deployments, which uses Azure AD as the root of trust. cloud Kerberos trust uses key-based credentials for Windows Hello but doesn't require certificates on the domain controller.
 
-Windows Hello for Business with a key, including cloud Kerberos trust, doesn't support supplied credentials for RDP. RDP doesn't support authentication with a key or a self signed certificate. RDP with Windows Hello for Business is supported with certificate based deployments as a supplied credential. Windows Hello for Business with a key credential can be used with [Windows Defender Remote Credential Guard](../remote-credential-guard.md).
+Windows Hello for Business with a key, including cloud Kerberos trust, doesn't support supplied credentials for RDP. RDP doesn't support authentication with a key or a self signed certificate. RDP with Windows Hello for Business is supported with certificate based deployments as a supplied credential. Windows Hello for Business with a key credential can be used with [Remote Credential Guard](../remote-credential-guard.md).
 
 ## Learn more
 

windows/security/identity-protection/remote-credential-guard.md

@@ -1,6 +1,6 @@
 ---
-title: Protect Remote Desktop credentials with Windows Defender Remote Credential Guard 
-description: Windows Defender Remote Credential Guard helps to secure your Remote Desktop credentials by never sending them to the target device.
+title: Protect Remote Desktop credentials with Remote Credential Guard 
+description: Remote Credential Guard helps to secure your Remote Desktop credentials by never sending them to the target device.
 ms.collection: 
 - highpri
 - tier2
@@ -13,30 +13,30 @@ appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2019</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2016</a>
 ---
-# Protect Remote Desktop credentials with Windows Defender Remote Credential Guard
+# Protect Remote Desktop credentials with Remote Credential Guard
 
-Introduced in Windows 10, version 1607, Windows Defender Remote Credential Guard helps you protect your credentials over a Remote Desktop connection by redirecting Kerberos requests back to the device that's requesting the connection. It also provides single sign-on experiences for Remote Desktop sessions.
+Introduced in Windows 10, version 1607, Remote Credential Guard helps you protect your credentials over a Remote Desktop connection by redirecting Kerberos requests back to the device that's requesting the connection. It also provides single sign-on experiences for Remote Desktop sessions.
 
-Administrator credentials are highly privileged and must be protected. By using Windows Defender Remote Credential Guard to connect during Remote Desktop sessions, if the target device is compromised, your credentials are not exposed because both credential and credential derivatives are never passed over the network to the target device.
+Administrator credentials are highly privileged and must be protected. By using Remote Credential Guard to connect during Remote Desktop sessions, if the target device is compromised, your credentials are not exposed because both credential and credential derivatives are never passed over the network to the target device.
 
 > [!IMPORTANT]
 > For information on Remote Desktop connection scenarios involving helpdesk support, see [Remote Desktop connections and helpdesk support scenarios](#remote-desktop-connections-and-helpdesk-support-scenarios) in this article.
 
-## Comparing Windows Defender Remote Credential Guard with other Remote Desktop connection options
+## Comparing Remote Credential Guard with other Remote Desktop connection options
 
-The following diagram helps you to understand how a standard Remote Desktop session to a server without Windows Defender Remote Credential Guard works:
+The following diagram helps you to understand how a standard Remote Desktop session to a server without Remote Credential Guard works:
 
-![RDP connection to a server without Windows Defender Remote Credential Guard.png.](images/rdp-to-a-server-without-windows-defender-remote-credential-guard.png)
+![RDP connection to a server without Remote Credential Guard.png.](images/rdp-to-a-server-without-windows-defender-remote-credential-guard.png)
 
-The following diagram helps you to understand how Windows Defender Remote Credential Guard works, what it helps to protect against, and compares it with the [Restricted Admin mode](https://social.technet.microsoft.com/wiki/contents/articles/32905.how-to-enable-restricted-admin-mode-for-remote-desktop.aspx) option:
+The following diagram helps you to understand how Remote Credential Guard works, what it helps to protect against, and compares it with the [Restricted Admin mode](https://social.technet.microsoft.com/wiki/contents/articles/32905.how-to-enable-restricted-admin-mode-for-remote-desktop.aspx) option:
 
-![Windows Defender Remote Credential Guard.](images/windows-defender-remote-credential-guard-with-remote-admin-mode.png)
+![Remote Credential Guard.](images/windows-defender-remote-credential-guard-with-remote-admin-mode.png)
 
-As illustrated, Windows Defender Remote Credential Guard blocks NTLM (allowing only Kerberos), prevents Pass-the-Hash (PtH) attacks, and also prevents use of credentials after disconnection.
+As illustrated, Remote Credential Guard blocks NTLM (allowing only Kerberos), prevents Pass-the-Hash (PtH) attacks, and also prevents use of credentials after disconnection.
 
 Use the following table to compare different Remote Desktop connection security options:
 
-| Feature | Remote Desktop | Windows Defender Remote Credential Guard | Restricted Admin mode |
+| Feature | Remote Desktop | Remote Credential Guard | Restricted Admin mode |
 |--|--|--|--|
 | **Protection benefits** | Credentials on the server are not protected from Pass-the-Hash attacks. | User credentials remain on the client. An attacker can act on behalf of the user *only* when the session is ongoing | User logs on to the server as local administrator, so an attacker cannot act on behalf of the "domain user". Any attack is local to the server |
 | **Version support** | The remote computer can run any Windows operating system | Both the client and the remote computer must be running **at least Windows 10, version 1607, or Windows Server 2016**. | The remote computer must be running **at least patched Windows 7 or patched Windows Server 2008 R2**. <br /><br />For more information about patches (software updates) related to Restricted Admin mode, see [Microsoft Security Advisory 2871997](/security-updates/SecurityAdvisories/2016/2871997). |
@@ -52,7 +52,7 @@ and [How Kerberos works](/previous-versions/windows/it-pro/windows-2000-server/c
 
 ## Remote Desktop connections and helpdesk support scenarios
 
-For helpdesk support scenarios in which personnel require administrative access to provide remote assistance to computer users via Remote Desktop sessions, Microsoft recommends that Windows Defender Remote Credential Guard should not be used in that context. This is because if an RDP session is initiated to a compromised client that an attacker already controls, the attacker could use that open channel to create sessions on the user's behalf (without compromising credentials) to access any of the user's resources for a limited time (a few hours) after the session disconnects.
+For helpdesk support scenarios in which personnel require administrative access to provide remote assistance to computer users via Remote Desktop sessions, Microsoft recommends that Remote Credential Guard should not be used in that context. This is because if an RDP session is initiated to a compromised client that an attacker already controls, the attacker could use that open channel to create sessions on the user's behalf (without compromising credentials) to access any of the user's resources for a limited time (a few hours) after the session disconnects.
 
 Therefore, we recommend instead that you use the Restricted Admin mode option. For helpdesk support scenarios, RDP connections should only be initiated using the /RestrictedAdmin switch. This helps ensure that credentials and other user resources are not exposed to compromised remote hosts. For more information, see [Mitigating Pass-the-Hash and Other Credential Theft v2](https://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating-Pass-the-Hash-Attacks-and-Other-Credential-Theft-Version-2.pdf).
 
@@ -64,14 +64,14 @@ For further information on LAPS, see [Microsoft Security Advisory 3062591](https
 
 ## Remote Credential Guard requirements
 
-To use Windows Defender Remote Credential Guard, the Remote Desktop client and remote host must meet the following requirements:
+To use Remote Credential Guard, the Remote Desktop client and remote host must meet the following requirements:
 
 The Remote Desktop client device:
 
 - Must be running at least Windows 10, version 1703 to be able to supply credentials, which is sent to the remote device. This allows users to run as different users without having to send credentials to the remote machine
 - Must be running at least Windows 10, version 1607 or Windows Server 2016 to use the user's signed-in credentials. This requires the user's account be able to sign in to both the client device and the remote host
-- Must be running the Remote Desktop Classic Windows application. The Remote Desktop Universal Windows Platform application doesn't support Windows Defender Remote Credential Guard
-- Must use Kerberos authentication to connect to the remote host. If the client cannot connect to a domain controller, then RDP attempts to fall back to NTLM. Windows Defender Remote Credential Guard does not allow NTLM fallback because this would expose credentials to risk
+- Must be running the Remote Desktop Classic Windows application. The Remote Desktop Universal Windows Platform application doesn't support Remote Credential Guard
+- Must use Kerberos authentication to connect to the remote host. If the client cannot connect to a domain controller, then RDP attempts to fall back to NTLM. Remote Credential Guard does not allow NTLM fallback because this would expose credentials to risk
 
 The Remote Desktop remote host:
 
@@ -80,27 +80,27 @@ The Remote Desktop remote host:
 - Must allow the client's domain user to access Remote Desktop connections.
 - Must allow delegation of non-exportable credentials.
 
-There are no hardware requirements for Windows Defender Remote Credential Guard.
+There are no hardware requirements for Remote Credential Guard.
 
 > [!NOTE]
 > Remote Desktop client devices running earlier versions, at minimum Windows 10 version 1607, only support signed-in credentials, so the client device must also be joined to an Active Directory domain. Both Remote Desktop client and server must either be joined to the same domain, or the Remote Desktop server can be joined to a domain that has a trust relationship to the client device's domain.
 >
 > GPO [Remote host allows delegation of non-exportable credentials](/windows/client-management/mdm/policy-csp-credentialsdelegation) should be enabled for delegation of non-exportable credentials.
 
-- For Windows Defender Remote Credential Guard to be supported, the user must authenticate to the remote host using Kerberos authentication.
+- For Remote Credential Guard to be supported, the user must authenticate to the remote host using Kerberos authentication.
 - The remote host must be running at least Windows 10 version 1607, or Windows Server 2016.
-- The Remote Desktop classic Windows app is required. The Remote Desktop Universal Windows Platform app doesn't support Windows Defender Remote Credential Guard.
+- The Remote Desktop classic Windows app is required. The Remote Desktop Universal Windows Platform app doesn't support Remote Credential Guard.
 
-## Enable Windows Defender Remote Credential Guard
+## Enable Remote Credential Guard
 
-You must enable Restricted Admin or Windows Defender Remote Credential Guard on the remote host by using the Registry.
+You must enable Restricted Admin or Remote Credential Guard on the remote host by using the Registry.
 
 1. Open Registry Editor on the remote host
-1. Enable Restricted Admin and Windows Defender Remote Credential Guard:
+1. Enable Restricted Admin and Remote Credential Guard:
 
   - Go to `HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa`
   - Add a new DWORD value named **DisableRestrictedAdmin**
-  - To turn on Restricted Admin and Windows Defender Remote Credential Guard, set the value of this registry setting to 0
+  - To turn on Restricted Admin and Remote Credential Guard, set the value of this registry setting to 0
 
 1. Close Registry Editor
 
@@ -110,32 +110,32 @@ You can add this by running the following command from an elevated command promp
 reg.exe add HKLM\SYSTEM\CurrentControlSet\Control\Lsa /v DisableRestrictedAdmin /d 0 /t REG_DWORD
 ```
 
-## Using Windows Defender Remote Credential Guard
+## Using Remote Credential Guard
 
-Beginning with Windows 10 version 1703, you can enable Windows Defender Remote Credential Guard on the client device either by using Group Policy or by using a parameter with the Remote Desktop Connection.
+Beginning with Windows 10 version 1703, you can enable Remote Credential Guard on the client device either by using Group Policy or by using a parameter with the Remote Desktop Connection.
 
-### Turn on Windows Defender Remote Credential Guard by using Group Policy
+### Turn on Remote Credential Guard by using Group Policy
 
 1. From the Group Policy Management Console, go to **Computer Configuration** -> **Administrative Templates** -> **System** -> **Credentials Delegation**
 1. Double-click **Restrict delegation of credentials to remote servers**
-    ![Windows Defender Remote Credential Guard Group Policy.](images/remote-credential-guard-gp.png)
+    ![Remote Credential Guard Group Policy.](images/remote-credential-guard-gp.png)
 1. Under **Use the following restricted mode**:
-  - If you want to require either [Restricted Admin mode](https://social.technet.microsoft.com/wiki/contents/articles/32905.remote-desktop-services-enable-restricted-admin-mode.aspx) or Windows Defender Remote Credential Guard, choose **Restrict Credential Delegation**. In this configuration, Windows Defender Remote Credential Guard is preferred, but it will use Restricted Admin mode (if supported) when Windows Defender Remote Credential Guard cannot be used
+  - If you want to require either [Restricted Admin mode](https://social.technet.microsoft.com/wiki/contents/articles/32905.remote-desktop-services-enable-restricted-admin-mode.aspx) or Remote Credential Guard, choose **Restrict Credential Delegation**. In this configuration, Remote Credential Guard is preferred, but it will use Restricted Admin mode (if supported) when Remote Credential Guard cannot be used
 
      > [!NOTE]
-     > Neither Windows Defender Remote Credential Guard nor Restricted Admin mode will send credentials in clear text to the Remote Desktop server.
-     > When **Restrict Credential Delegation** is enabled, the /restrictedAdmin switch will be ignored. Windows will enforce the policy configuration instead and will use Windows Defender Remote Credential Guard.
+     > Neither Remote Credential Guard nor Restricted Admin mode will send credentials in clear text to the Remote Desktop server.
+     > When **Restrict Credential Delegation** is enabled, the /restrictedAdmin switch will be ignored. Windows will enforce the policy configuration instead and will use Remote Credential Guard.
 
-  - If you want to require Windows Defender Remote Credential Guard, choose **Require Remote Credential Guard**. With this setting, a Remote Desktop connection will succeed only if the remote computer meets the [requirements](#remote-credential-guard-requirements) listed earlier in this topic.
-  - If you  want to require Restricted Admin mode, choose **Require Restricted Admin**. For information about Restricted Admin mode, see the table in  [Comparing Windows Defender Remote Credential Guard with other Remote Desktop connection options](#comparing-windows-defender-remote-credential-guard-with-other-remote-desktop-connection-options), earlier in this topic.
+  - If you want to require Remote Credential Guard, choose **Require Remote Credential Guard**. With this setting, a Remote Desktop connection will succeed only if the remote computer meets the [requirements](#remote-credential-guard-requirements) listed earlier in this topic.
+  - If you  want to require Restricted Admin mode, choose **Require Restricted Admin**. For information about Restricted Admin mode, see the table in  [Comparing Remote Credential Guard with other Remote Desktop connection options](#comparing-windows-defender-remote-credential-guard-with-other-remote-desktop-connection-options), earlier in this topic.
 
 1. Click **OK**
 1. Close the Group Policy Management Console
 1. From a command prompt, run **gpupdate.exe /force** to ensure that the Group Policy object is applied
 
-### Use Windows Defender Remote Credential Guard with a parameter to Remote Desktop Connection
+### Use Remote Credential Guard with a parameter to Remote Desktop Connection
 
-If you don't use Group Policy in your organization, or if not all your remote hosts support Remote Credential Guard, you can add the remoteGuard parameter when you start Remote Desktop Connection to turn on Windows Defender Remote Credential Guard for that connection.
+If you don't use Group Policy in your organization, or if not all your remote hosts support Remote Credential Guard, you can add the remoteGuard parameter when you start Remote Desktop Connection to turn on Remote Credential Guard for that connection.
 
 ```cmd
 mstsc.exe /remoteGuard
@@ -144,10 +144,10 @@ mstsc.exe /remoteGuard
 > [!NOTE]
 > The user must be authorized to connect to the remote server using Remote Desktop Protocol, for example by being a member of the Remote Desktop Users local group on the remote computer.
 
-## Considerations when using Windows Defender Remote Credential Guard
+## Considerations when using Remote Credential Guard
 
-- Windows Defender Remote Credential Guard does not support compound authentication. For example, if you're trying to access a file server from a remote host that requires a device claim, access will be denied
-- Windows Defender Remote Credential Guard can be used only when connecting to a device that is joined to a Windows Server Active Directory domain, including AD domain-joined servers that run as Azure virtual machines (VMs). Windows Defender Remote Credential Guard cannot be used when connecting to remote devices joined to Azure Active Directory
+- Remote Credential Guard does not support compound authentication. For example, if you're trying to access a file server from a remote host that requires a device claim, access will be denied
+- Remote Credential Guard can be used only when connecting to a device that is joined to a Windows Server Active Directory domain, including AD domain-joined servers that run as Azure virtual machines (VMs). Remote Credential Guard cannot be used when connecting to remote devices joined to Azure Active Directory
 - Remote Desktop Credential Guard only works with the RDP protocol
 - No credentials are sent to the target device, but the target device still acquires Kerberos Service Tickets on its own
 - The server and client must authenticate using Kerberos

windows/security/identity-protection/toc.yml

@@ -33,9 +33,9 @@ items:
     - name: Access Control
       href: access-control/access-control.md
       displayName: ACL/SACL
-    - name: Windows Defender Credential Guard
+    - name: Credential Guard
       href: credential-guard/toc.yml
-    - name: Windows Defender Remote Credential Guard
+    - name: Remote Credential Guard
       href: remote-credential-guard.md
   - name: LSA Protection
     href: /windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection

windows/security/includes/sections/identity.md

@@ -24,5 +24,5 @@ ms.topic: include
 | **[Account Lockout Policy](/windows/security/threat-protection/security-policy-settings/account-lockout-policy)** | Account Lockout Policy settings control the response threshold for failed logon attempts and the actions to be taken after the threshold is reached. |
 | **[Enhanced phishing protection with SmartScreen](/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen)** | Users who are still using passwords can benefit from powerful credential protection. Microsoft Defender SmartScreen includes enhanced phishing protection to automatically detect when a user enters their Microsoft password into any app or website. Windows then identifies if the app or site is securely authenticating to Microsoft and warns if the credentials are at risk. Since users are alerted at the moment of potential credential theft, they can take preemptive action before their password is used against them or their organization. |
 | **[Access Control (ACL/SACL)](/windows/security/identity-protection/access-control/access-control)** | Access control in Windows ensures that shared resources are available to users and groups other than the resource's owner and are protected from unauthorized use. IT administrators can manage users', groups', and computers' access to objects and assets on a network or computer. After a user is authenticated, the Windows operating system implements the second phase of protecting resources by using built-in authorization and access control technologies to determine if an authenticated user has the correct permissions.<br><br>Access Control Lists (ACL) describe the permissions for a specific object and can also contain System Access Control Lists (SACL). SACLs provide a way to audit specific system level events, such as when a user attempt to access file system objects. These events are essential for tracking activity for objects that are sensitive or valuable and require extra monitoring. Being able to audit when a resource attempts to read or write part of the operating system is critical to understanding a potential attack. |
-| **[Windows Defender Credential Guard](/windows/security/identity-protection/credential-guard)** | Enabled by default in Windows 11 Enterprise, Windows Credential Guard uses hardware-backed, Virtualization-based security (VBS) to protect against credential theft. With Windows Credential Guard, the Local Security Authority (LSA) stores and protects secrets in an isolated environment that isn't accessible to the rest of the operating system. LSA uses remote procedure calls to communicate with the isolated LSA process. <br><br>By protecting the LSA process with Virtualization-based security, Windows Credential Guard shields systems from credential theft attack techniques like pass-the-hash or pass-the-ticket. It also helps prevent malware from accessing system secrets even if the process is running with admin privileges. |
-| **[Windows Defender Remote Credential Guard](/windows/security/identity-protection/remote-credential-guard)** | Window Defender Remote Credential Guard helps you protect your credentials over a Remote Desktop connection by redirecting the Kerberos requests back to the device that is requesting the connection. It also provides single sign-on experiences for Remote Desktop sessions. <br><br>Administrator credentials are highly privileged and must be protected. When you use Windows Defender Remote Credential Guard to connect during Remote Desktop sessions, your credential and credential derivatives are never passed over the network to the target device. If the target device is compromised, your credentials aren't exposed. |
+| **[Credential Guard](/windows/security/identity-protection/credential-guard)** | Enabled by default in Windows 11 Enterprise, Credential Guard uses hardware-backed, Virtualization-based security (VBS) to protect against credential theft. With Credential Guard, the Local Security Authority (LSA) stores and protects secrets in an isolated environment that isn't accessible to the rest of the operating system. LSA uses remote procedure calls to communicate with the isolated LSA process. <br><br>By protecting the LSA process with Virtualization-based security, Credential Guard shields systems from credential theft attack techniques like pass-the-hash or pass-the-ticket. It also helps prevent malware from accessing system secrets even if the process is running with admin privileges. |
+| **[Remote Credential Guard](/windows/security/identity-protection/remote-credential-guard)** | Window Defender Remote Credential Guard helps you protect your credentials over a Remote Desktop connection by redirecting the Kerberos requests back to the device that is requesting the connection. It also provides single sign-on experiences for Remote Desktop sessions. <br><br>Administrator credentials are highly privileged and must be protected. When you use Remote Credential Guard to connect during Remote Desktop sessions, your credential and credential derivatives are never passed over the network to the target device. If the target device is compromised, your credentials aren't exposed. |

windows/security/index.yml

@@ -74,7 +74,7 @@ productDirectory:
         - url: /windows/security/identity-protection/hello-for-business
           text: Windows Hello for Business
         - url: /windows/security/identity-protection/credential-guard/credential-guard
-          text: Windows Defender Credential Guard
+          text: Credential Guard
         - url: /windows-server/identity/laps/laps-overview
           text: Windows LAPS (Local Administrator Password Solution)
         - url: /windows/security/operating-system-security/virus-and-threat-protection/microsoft-defender-smartscreen/enhanced-phishing-protection

windows/security/introduction.md

@@ -45,7 +45,7 @@ In Windows 11, [Microsoft Defender Application Guard](/windows-hardware/design/d
 
 ### Secured identities
 
-Passwords have been an important part of digital security for a long time, and they're also a top target for cybercriminals. Windows 11 provides powerful protection against credential theft with chip-level hardware security. Credentials are protected by layers of hardware and software security such as [TPM 2.0](information-protection/tpm/trusted-platform-module-overview.md), [VBS](/windows-hardware/design/device-experiences/oem-vbs), and/or [Windows Defender Credential Guard](identity-protection/credential-guard/index.md), making it harder for attackers to steal credentials from a device. With [Windows Hello for Business](identity-protection/hello-for-business/index.md), users can quickly sign in with face, fingerprint, or PIN for passwordless protection. Windows 11 also supports [FIDO2 security keys](/azure/active-directory/authentication/howto-authentication-passwordless-security-key) for passwordless authentication.
+Passwords have been an important part of digital security for a long time, and they're also a top target for cybercriminals. Windows 11 provides powerful protection against credential theft with chip-level hardware security. Credentials are protected by layers of hardware and software security such as [TPM 2.0](information-protection/tpm/trusted-platform-module-overview.md), [VBS](/windows-hardware/design/device-experiences/oem-vbs), and/or [Credential Guard](identity-protection/credential-guard/index.md), making it harder for attackers to steal credentials from a device. With [Windows Hello for Business](identity-protection/hello-for-business/index.md), users can quickly sign in with face, fingerprint, or PIN for passwordless protection. Windows 11 also supports [FIDO2 security keys](/azure/active-directory/authentication/howto-authentication-passwordless-security-key) for passwordless authentication.
 
 ### Connecting to cloud services
 

windows/whats-new/ltsc/whats-new-windows-10-2019.md

@@ -208,14 +208,14 @@ Windows Hello for Business now supports FIDO 2.0 authentication for Azure AD Joi
 
 For more information, see: [Windows Hello and FIDO2 Security Keys enable secure and easy authentication for shared devices](https://blogs.windows.com/business/2018/04/17/windows-hello-fido2-security-keys/#OdKBg3pwJQcEKCbJ.97)
 
-#### Windows Defender Credential Guard
+#### Credential Guard
 
-Windows Defender Credential Guard is a security service in Windows 10 built to protect Active Directory (AD) domain credentials so that they can't be stolen or misused by malware on a user's machine. It's designed to protect against well-known threats such as Pass-the-Hash and credential harvesting.
+Credential Guard is a security service in Windows 10 built to protect Active Directory (AD) domain credentials so that they can't be stolen or misused by malware on a user's machine. It's designed to protect against well-known threats such as Pass-the-Hash and credential harvesting.
 
-Windows Defender Credential Guard has always been an optional feature, but Windows 10 in S mode turns on this functionality by default when the machine has been Azure Active Directory-joined. This feature provides an added level of security when connecting to domain resources not normally present on devices running Windows 10 in S mode.
+Credential Guard has always been an optional feature, but Windows 10 in S mode turns on this functionality by default when the machine has been Azure Active Directory-joined. This feature provides an added level of security when connecting to domain resources not normally present on devices running Windows 10 in S mode.
 
 > [!NOTE]
-> Windows Defender Credential Guard is available only to S mode devices or Enterprise and Education Editions.
+> Credential Guard is available only to S mode devices or Enterprise and Education Editions.
 
 For more information, see [Credential Guard Security Considerations](/windows/security/identity-protection/credential-guard/credential-guard-requirements#security-considerations).
 

windows/whats-new/ltsc/whats-new-windows-10-2021.md

@@ -149,9 +149,9 @@ Windows Hello enhancements include:
 
 ### Credential protection
 
-#### Windows Defender Credential Guard
+#### Credential Guard
 
-[Windows Defender Credential Guard](/windows/security/identity-protection/credential-guard/credential-guard) is now available for ARM64 devices, for extra protection against credential theft for enterprises deploying ARM64 devices in their organizations, such as Surface Pro X.
+[Credential Guard](/windows/security/identity-protection/credential-guard/credential-guard) is now available for ARM64 devices, for extra protection against credential theft for enterprises deploying ARM64 devices in their organizations, such as Surface Pro X.
 
 ### Privacy controls
 

windows/whats-new/whats-new-windows-10-version-1709.md

@@ -80,7 +80,7 @@ The AssignedAccess CSP has been expanded to make it easy for administrators to c
 ## Security
 
 >[!NOTE]
->Windows security features have been rebranded as Windows Defender security features, including Windows Defender Device Guard, Windows Defender Credential Guard, and Windows Defender Firewall.
+>Windows security features have been rebranded as Windows Defender security features, including Windows Defender Device Guard, Credential Guard, and Windows Defender Firewall.
 
 **Windows security baselines** have been updated for Windows 10. A [security baseline](/windows/device-security/windows-security-baselines) is a group of Microsoft-recommended configuration settings and explains their security impact. For more information, and to download the Policy Analyzer tool, see [Microsoft Security Compliance Toolkit 1.0](/windows/device-security/security-compliance-toolkit-10).
 

windows/whats-new/whats-new-windows-10-version-1809.md

@@ -141,11 +141,11 @@ You can add specific rules for a WSL process in Windows Defender Firewall, just
 
 We introduced new group policies and Modern Device Management settings to manage Microsoft Edge. The new policies include enabling and disabling full-screen mode, printing, favorites bar, and saving history; preventing certificate error overrides; configuring the Home button and startup options; setting the New Tab page and Home button URL, and managing extensions. Learn more about the [new Microsoft Edge policies](/microsoft-edge/deploy/change-history-for-microsoft-edge).
 
-### Windows Defender Credential Guard is supported by default on 10S devices that are Azure Active Directory-joined
+### Credential Guard is supported by default on 10S devices that are Azure Active Directory-joined
 
-Windows Defender Credential Guard is a security service in Windows 10 built to protect Active Directory (AD) domain credentials so that they can't be stolen or misused by malware on a user's machine. It's designed to protect against well-known threats such as Pass-the-Hash and credential harvesting.
+Credential Guard is a security service in Windows 10 built to protect Active Directory (AD) domain credentials so that they can't be stolen or misused by malware on a user's machine. It's designed to protect against well-known threats such as Pass-the-Hash and credential harvesting.
 
-Windows Defender Credential Guard has always been an optional feature, but Windows 10-S turns on this functionality by default when the machine has been Azure Active Directory-joined. This functionality provides an added level of security when connecting to domain resources not normally present on 10-S devices. Windows Defender Credential Guard is available only to S-Mode devices or Enterprise and Education Editions. 
+Credential Guard has always been an optional feature, but Windows 10-S turns on this functionality by default when the machine has been Azure Active Directory-joined. This functionality provides an added level of security when connecting to domain resources not normally present on 10-S devices. Credential Guard is available only to S-Mode devices or Enterprise and Education Editions. 
 
 ### Windows 10 Pro S Mode requires a network connection
 

windows/whats-new/whats-new-windows-10-version-1909.md

@@ -41,9 +41,9 @@ If you're using Windows Update for Business, you'll receive the Windows 10, vers
 
 ## Security
 
-### Windows Defender Credential Guard
+### Credential Guard
 
-[Windows Defender Credential Guard](/windows/security/identity-protection/credential-guard/credential-guard) is now available for ARM64 devices, for extra protection against credential theft for enterprises deploying ARM64 devices in their organizations, such as Surface Pro X.
+[Credential Guard](/windows/security/identity-protection/credential-guard/credential-guard) is now available for ARM64 devices, for extra protection against credential theft for enterprises deploying ARM64 devices in their organizations, such as Surface Pro X.
 
 ### Microsoft BitLocker
 

windows/whats-new/whats-new-windows-11-version-22H2.md

@@ -50,9 +50,9 @@ For more information, see [Smart App Control](/windows/security/threat-protectio
 
 ## Credential Guard
 <!--6289166-->
-Compatible Windows 11 Enterprise version 22H2 devices will have **Windows Defender Credential Guard** turned on by default. This changes the default state of the feature in Windows, though system administrators can still modify this enablement state.
+Compatible Windows 11 Enterprise version 22H2 devices will have **Credential Guard** turned on by default. This changes the default state of the feature in Windows, though system administrators can still modify this enablement state.
 
-For more information, see [Manage Windows Defender Credential Guard](/windows/security/identity-protection/credential-guard/credential-guard-manage).
+For more information, see [Manage Credential Guard](/windows/security/identity-protection/credential-guard/credential-guard-manage).
 
 ## Malicious and vulnerable driver blocking
 <!--6286432-->

windows/whats-new/windows-licensing.md

@@ -67,7 +67,7 @@ The following table describes the unique Windows Enterprise edition features:
 
 | OS-based feature | Description |
 |-|-|
-|**[Windows Defender Credential Guard][WIN-1]**|Protects against user credential harvesting and pass-the-hash attacks or pass the token attacks.|
+|**[Credential Guard][WIN-1]**|Protects against user credential harvesting and pass-the-hash attacks or pass the token attacks.|
 |**[Managed Microsoft Defender Application Guard (MDAG) for Microsoft Edge][WIN-11]**| Isolates enterprise-defined untrusted sites with virtualization-based security from Windows, protecting your organization while users browse the Internet.|
 |**[Modern BitLocker Management][WIN-2]** | Allows you to eliminate on-premises tools to monitor and support BitLocker recovery scenarios. |  
 |**[Personal Data Encryption][WIN-3]**|Encrypts individual's content using Windows Hello for Business to link the encryption keys to user credentials.|
@@ -141,7 +141,7 @@ The following table lists the Windows 11 Enterprise features and their Windows e
 
 | OS-based feature |Windows Pro|Windows Enterprise|
 |-|-|-|
-|**[Windows Defender Credential Guard][WIN-1]**|❌|Yes|
+|**[Credential Guard][WIN-1]**|❌|Yes|
 |**[Microsoft Defender Application Guard (MDAG) for Microsoft Edge][WIN-11]**|Yes|Yes|
 |**[Modern BitLocker Management][WIN-2]**|Yes|Yes|
 |**[Personal data encryption (PDE)][WIN-3]**|❌|Yes|