Merge pull request #2520 from MicrosoftDocs/main

Auto Publish – main to live - 2026-02-16 12:00 UTC

Author: learn-build-service-prod[bot]

articles/defender-for-cloud/data-ingestion-benefit.md

@@ -51,7 +51,6 @@ The following subset of  [security data types](/azure/azure-monitor/reference/ta
 - [Update](/azure/azure-monitor/reference/tables/update) and [UpdateSummary](/azure/azure-monitor/reference/tables/updatesummary) when the Update Management solution isn't running in the workspace or solution targeting is enabled.
 - [MDCFileIntegrityMonitoringEvents](/azure/azure-monitor/reference/tables/mdcfileintegritymonitoringevents)
 - [WindowsEvent](/azure/azure-monitor/reference/tables/windowsevent?branch=main)
-- [LinuxAuditLog](/azure/azure-monitor/reference/tables/linuxauditlog)
 
 > [!NOTE]
 > Although `WindowsEvent` is listed, only security events from the `Microsoft-SecurityEvent` stream that go to the `SecurityEvent` table qualify for the 500 MB/day allowance. Application, System, or other event log channels are not covered and are billed as regular ingestion.

articles/defender-for-cloud/release-notes.md

@@ -2,7 +2,7 @@
 title: What's new in Microsoft Defender for Cloud features
 description: What's new and updated in Microsoft Defender for Cloud features
 ms.topic: overview
-ms.date: 02/10/2026
+ms.date: 02/15/2026
 ---
 
 # What's new in Defender for Cloud features
@@ -29,15 +29,15 @@ This article summarizes what's new in Microsoft Defender for Cloud. It includes
 
 ## February 2026
 
-|Date| Category|Update|
+| Date | Category | Update |
 | -------- | -------- | -------- |
 |February 10, 2026| Preview | [Database-level recommendations experience for SQL Vulnerability Assessment findings (Preview)](#database-level-recommendations-experience-for-sql-vulnerability-assessment-preview) |
 |February 10, 2026| GA | [Scanning support for Minimus and Photon OS container images](#scanning-support-for-minimus-and-photon-os-container-images) |
 |February 9, 2026| GA | [Simulate alerts for SQL servers on machines](#simulate-alerts-for-sql-servers-on-machines) |
 |February 2, 2026| GA | [Updated CIEM recommendation logic](#updated-ciem-recommendation-logic) |
 |February 2, 2026| Preview | [Threat protection for AI agents (Preview)](#threat-protection-for-ai-agentspreview) |
 
-## Database-level recommendations experience for SQL Vulnerability Assessment (Preview)
+### Database-level recommendations experience for SQL Vulnerability Assessment (Preview)
 
 February 10, 2026
 
@@ -63,13 +63,13 @@ The SQL [vulnerability assessment rules reference](sql-azure-vulnerability-asses
 
 The existing server-level (aggregated) experience remains available during preview.
 
-## Scanning support for Minimus and Photon OS container images
+### Scanning support for Minimus and Photon OS container images
 
 February 10, 2026
 
 Microsoft Defender for Cloud's vulnerability scanner, powered by Microsoft Defender Vulnerability Management, is extending its scanning coverage to Minimus and Photon OS container images, and identify vulnerabilities in Minimus Images and Photos OS to validate that they're shipping the most secure builds possible.  As additional image types are being scanned, your bill might increase. For all supported distributions, see [Registries and images support for vulnerability assessment](support-matrix-defender-for-containers.md#registries-and-images-support-for-vulnerability-assessment).
 
-## Simulate alerts for SQL servers on machines
+### Simulate alerts for SQL servers on machines
 
 February 9, 2026
 
@@ -121,7 +121,7 @@ Learn more about [Threat Protection for AI Agents with Microsoft Defender for Cl
 | -------- | -------- | -------- |
 |January 8, 2026| Preview | [Microsoft Security Private Link (Preview)](#microsoft-security-private-link-preview) |
 
-## Microsoft Security Private Link (Preview)
+### Microsoft Security Private Link (Preview)
 
 January 8, 2026