whats new uefi, toc rename uefi, add epss filtering in portal

Author: karengu0

articles/firmware-analysis/release-notes.md

@@ -64,7 +64,7 @@ into your RSS feed reader.
     The following UEFI related analysis results are available in Preview and might have limited coverage:
 
     - SBOM: detection of OpenSSL component, version detection, and CVE association when version is detected
-    - CVE / Weakness: derived from detected SBOM components
+    - CVE Weaknesses: derived from detected SBOM components
     - Binary hardening: detection of NX/DEP supported for UEFI firmware. You may see other results from non-UEFI executables if they are intermixed with the UEFI image in the binary.
     - Extractor paths for UEFI firmware now include the UEFI module name, in addition to GUID based identifiers, to improve clarity when reviewing results.
 

articles/firmware-analysis/toc.yml

@@ -33,8 +33,8 @@
     href: firmware-analysis-rbac.md
   - name: Understanding and prioritizing weaknesses data in firmware analysis
     href: understanding-weaknesses-data.md
-  - name: Unified Extensible Firmware Interface firmware analysis capabilities
-    href: unified-extensible-firmware-interface-analysis.md
+  - name: UEFI firmware analysis capabilities
+    href: UEFI-firmware-analysis.md
 - name: How-to guides
   items:
   - name: Automate firmware analysis using service principals

articles/firmware-analysis/understanding-weaknesses-data.md

@@ -82,8 +82,11 @@ Firmware analysis might include EPSS data, which estimates the likelihood that a
 Two related values might appear:
 * EPSS score – an estimated likelihood of exploitation based on observed trends across the vulnerability ecosystem 
 * EPSS percentile – how that probability compares relative to other vulnerabilities
+
 These values provide comparative risk context but don't guarantee exploitation.
 
+To filter by EPSS in the Azure Portal, specify the EPSS score in a decimal form (for example, for an EPSS score of `>50%`, filter for `>0.5`).
+
 Percentile rankings are often more operationally useful, as they show how a CVE ranks relative to the broader vulnerability ecosystem.
 
 > [!NOTE]
@@ -154,6 +157,9 @@ Effective prioritization requires more than severity scoring. The following stru
 
     EPSS adds probabilistic context to prioritization decisions.
 
+    > [!NOTE]
+    > To filter by EPSS in the Azure Portal, specify the EPSS score in a decimal form (for example, for an EPSS score of `>50%`, filter for `>0.5`).
+
 4. Review attack vector and exposure
 
     From the CVSS vector, consider: