Merge pull request #2190 from DebLanger/prreview

Fix documentation formatting issues

Author: JillGrant615

.openpublishing.redirection.defender-for-cloud.json

@@ -564,6 +564,11 @@
       "source_path_from_root": "/articles/defender-for-cloud/tutorial-enable-containers-arc.md",
       "redirect_url": "/azure/defender-for-cloud/defender-for-containers-arc-enable-portal",
       "redirect_document_id": false
+    },
+    {
+      "source_path_from_root": "/articles/defender-for-cloud/extract-resource-identifiers-support.md",
+      "redirect_url": "/azure/defender-for-cloud/defender-portal/integration-faq#extracting-identifiers-for-support-cases",
+      "redirect_document_id": false
     }
   ]
 }

articles/defender-for-cloud/TOC.yml

@@ -683,7 +683,6 @@
             href: deploy-vulnerability-assessment-byol-vm.md
           - name: Move to scanning with Defender Vulnerability Management
             displayName: qualys, rapid7, vulnerability, migrate, transition, Microsoft Defender Vulnerability Management, mdvm
-            href: transition-to-built-in.md
       - name: Machine secrets scanning
         items:
           - name: Overview

articles/defender-for-cloud/asset-inventory.md

@@ -199,7 +199,7 @@ This article describes how to use the unified cloud asset inventory in Microsoft
 
 The cloud asset inventory provides a unified, contextual view of cloud infrastructure across Azure, AWS, and GCP environments. It categorizes assets by workload, criticality, and coverage status while integrating health data, device actions, and risk signals into a single interface.
 
-:::image type="content" source="media/asset-inventory/cloud-infrastructure.png" alt-text="Screenshot of cloud asset inventory in the Defender portal" lightbox="media/asset-inventory/cloud-infrastructure.png":::
+:::image type="content" source="media/asset-inventory/cloud-infrastructure.png" alt-text="Screenshot of cloud asset inventory in the Defender portal." lightbox="media/asset-inventory/cloud-infrastructure.png":::
 
 ## Key capabilities
 

articles/defender-for-cloud/cloud-infrastructure-dashboard.md

@@ -1,6 +1,6 @@
 ---
 title: Cloud overview dashboard in Microsoft Defender for Cloud
-description: Learn how to use the Cloud overview dashboard to monitor security posture, threat protection, and exposure management across your multi-cloud environment.
+description: Learn how to use the Cloud overview dashboard to monitor security posture, threat protection, and exposure management across your multicloud environment.
 ms.topic: how-to
 ms.date: 11/10/2025
 ms.author: dlanger
@@ -49,7 +49,7 @@ At the top of the dashboard, you’ll find key filters:
 - **Environment Filter**: Pivot the dashboard by the cloud environment you want to view, such as Azure, AWS, GCP.
 - **Time Range**: Select 30 days, 3 months, or 6 months to view trends over time. This applies to all historical graphs and trend indicators.
 
-:::image type="content" source="media/defender-portal-dashboard/top-controls.png" alt-text="Screenshot of filters on cloud overview dashboard":::
+:::image type="content" source="media/defender-portal-dashboard/top-controls.png" alt-text="Screenshot of filters on cloud overview dashboard.":::
 
 ## Dashboard sections
 
@@ -66,7 +66,7 @@ This section gives you a quick snapshot of your current security status:
 
 In addition, all cloud and code environments that are currently connected to Defender for Cloud are presented.
 
-:::image type="content" source="media/defender-portal-dashboard/overview-highlights.png" alt-text="Screenshot of cloud overview dashboard highlights":::
+:::image type="content" source="media/defender-portal-dashboard/overview-highlights.png" alt-text="Screenshot of cloud overview dashboard highlights.":::
 
 ### Top Actions
 
@@ -76,19 +76,19 @@ This section helps you understand where to start and is designed to guide your n
 **High-Severity Incidents**: Investigate active alerts.
 **Attack Paths**: Understand potential lateral movement.
 
-:::image type="content" source="media/defender-portal-dashboard/top-actions.png" alt-text="Screenshot of cloud overview dashboard top actions":::
+:::image type="content" source="media/defender-portal-dashboard/top-actions.png" alt-text="Screenshot of cloud overview dashboard top actions.":::
 
 ### Trends over time
 
 Track how your security posture and threat detection evolve.
 
 **Security Posture**: View over time of the new Cloud Secure Score in addition to recommendations by severity.
 
-:::image type="content" source="media/defender-portal-dashboard/security-posture.png" alt-text="Screenshot of cloud overview dashboard security posture trends":::
+:::image type="content" source="media/defender-portal-dashboard/security-posture.png" alt-text="Screenshot of cloud overview dashboard security posture trends.":::
 
 **Threat Detection**: View alert trends by severity.
 
-:::image type="content" source="media/defender-portal-dashboard/threat-detection.png" alt-text="Screenshot of cloud overview dashboard threat detection trends":::
+:::image type="content" source="media/defender-portal-dashboard/threat-detection.png" alt-text="Screenshot of cloud overview dashboard threat detection trends.":::
 
 Each graph updates daily and reflects the selected time range. Hover over data points to see daily breakdowns.
 
@@ -107,7 +107,7 @@ Workloads include:
 
 Each tile acts as a mini dashboard, showing top issues, protection coverage, and links to detailed views. This helps teams focus on what matters most for each workload.
 
-:::image type="content" source="media/defender-portal-dashboard/workloads.png" alt-text="Screenshot of cloud overview dashboard workload insights" lightbox="media/defender-portal-dashboard/workloads.png":::
+:::image type="content" source="media/defender-portal-dashboard/workloads.png" alt-text="Screenshot of cloud overview dashboard workload insights." lightbox="media/defender-portal-dashboard/workloads.png":::
 
 ## Next steps
 

articles/defender-for-cloud/cloud-scopes-unified-rbac.md

@@ -83,10 +83,10 @@ Relationship to unified RBAC:
 
 Planning guidance:
 
-1. Start coarse (major org / region boundaries).
-1. Validate operational ownership and review cadence.
-1. Introduce finer scopes only when risk, confidentiality, or compliance requires it.
-1. Document purpose and owner for each scope to support lifecycle and audit.
+- Start coarse (major org / region boundaries).
+- Validate operational ownership and review cadence.
+- Introduce finer scopes only when risk, confidentiality, or compliance requires it.
+- Document purpose and owner for each scope to support lifecycle and audit.
 
 ## Prerequisites
 

articles/defender-for-cloud/concept-regulatory-compliance-standards.md

@@ -133,40 +133,40 @@ The following standards are available in Defender for Cloud:
 
 |Standards|Clouds|
 | -------- | -------- |
-|EU 2022 2555 (NIS2) 2022  |Azure, AWS, GCP|
-|EU General Data Protection Regulation (GDPR) 2016 679  |Azure, AWS, GCP|
-|NIST CSF v2.0  |Azure, AWS, GCP|
-|NIST 800 171 Rev3  |Azure, AWS, GCP|
-|NIST SP 800 53 R5.1.1  |Azure, AWS, GCP|
-|PCI DSS v4.0.1  |Azure, AWS, GCP|
-|CIS AWS Foundations v3.0.0  |AWS|
-|CIS Azure Foundations v2.1.0  |Azure|
-|CIS Controls v8.1  |Azure, AWS, GCP|
-|CIS GCP Foundations v3.0  |GCP|
+|EU 2022 2555 (NIS2) 2022  |Azure, AWS, GCP|
+|EU General Data Protection Regulation 2016 679  |Azure, AWS, GCP|
+|NIST CSF v2.0  |Azure, AWS, GCP|
+|NIST 800 171 Rev3  |Azure, AWS, GCP|
+|NIST SP 800 53 R5.1.1  |Azure, AWS, GCP|
+|PCI DSS v4.0.1  |Azure, AWS, GCP|
+|CIS AWS Foundations v3.0.0  |AWS|
+|CIS Azure Foundations v2.1.0  |Azure|
+|CIS Controls v8.1  |Azure, AWS, GCP|
+|CIS GCP Foundations v3.0  |GCP|
 |CIS Google Cloud Platform Foundation Benchmark|GCP|
 |CIS Azure Kubernetes Service (AKS) Benchmark|Azure|
 |CIS Amazon Elastic Kubernetes Service (EKS) Benchmark|AWS|
 |CIS Google Kubernetes Engine (GKE) Benchmark|GCP|
-|HITRUST CSF v11.3.0  |Azure, AWS, GCP|
-|SOC 2023  |Azure, AWS, GCP|
-|SWIFT Customer Security Controls Framework 2024  |Azure, AWS, GCP|
-|ISO IEC 27001:2022  |Azure, AWS, GCP|
-|ISO IEC 27002:2022  |Azure, AWS, GCP|
-|ISO IEC 27017:2015  |Azure, AWS, GCP|
-|Cybersecurity Maturity Model Certification (CMMC) Level 2 v2.0  |Azure, AWS, GCP|
-|AWS Well Architected Framework 2024  |AWS|
-|Canada Federal PBMM 3.2020  |Azure, AWS, GCP|
-|APRA CPS 234 2019  |Azure, AWS|
-|CSA Cloud Controls Matrix v4.0.12  |Azure, AWS, GCP|
-|Cyber Essentials v3.1  |Azure, AWS, GCP|
-|Criminal Justice Information Services Security Policy v5.9.5  |Azure, AWS, GCP|
-|FFIEC CAT 2017  |Azure, AWS, GCP|
-|Brazilian General Data Protection Law (LGPD) 2018  |Azure, AWS, GCP|
-|NZISM v3.7  |Azure, AWS, GCP|
-|Sarbanes Oxley Act 2022 (SOX)  |Azure, AWS, GCP|
-|NCSC Cyber Assurance Framework (CAF) v3.2  |Azure, AWS, GCP|
+|HITRUST CSF v11.3.0  |Azure, AWS, GCP|
+|SOC 2023  |Azure, AWS, GCP|
+|SWIFT Customer Security Controls Framework 2024  |Azure, AWS, GCP|
+|ISO IEC 27001:2022  |Azure, AWS, GCP|
+|ISO IEC 27002:2022  |Azure, AWS, GCP|
+|ISO IEC 27017:2015  |Azure, AWS, GCP|
+|Cybersecurity Maturity Model Certification (CMMC) Level 2 v2.0  |Azure, AWS, GCP|
+|AWS Well Architected Framework 2024  |AWS|
+|Canada Federal PBMM 3.2020  |Azure, AWS, GCP|
+|APRA CPS 234 2019  |Azure, AWS|
+|CSA Cloud Controls Matrix v4.0.12  |Azure, AWS, GCP|
+|Cyber Essentials v3.1  |Azure, AWS, GCP|
+|Criminal Justice Information Services Security Policy v5.9.5  |Azure, AWS, GCP|
+|FFIEC CAT 2017  |Azure, AWS, GCP|
+|Brazilian General Data Protection Law (LGPD) 2018  |Azure, AWS, GCP|
+|NZISM v3.7  |Azure, AWS, GCP|
+|Sarbanes Oxley Act 2022 (SOX)  |Azure, AWS, GCP|
+|NCSC Cyber Assurance Framework (CAF) v3.2  |Azure, AWS, GCP|
 |Australian Government ISM Protected|Azure|
-|FedRAMP ‘H’ & ‘M’|Azure|
+|FedRAMP 'H' & 'M'|Azure|
 |HIPAA|Azure|
 |RMIT Malaysia  |Azure|
 |SOC 2|Azure, GCP|
@@ -184,4 +184,4 @@ The following standards are available in Defender for Cloud:
 ## Related content
 
 - [Assign regulatory compliance standards](assign-regulatory-compliance-standards.md)
-- [Improve regulatory compliance](regulatory-compliance-dashboard.md)
+- [Improve regulatory compliance](regulatory-compliance-dashboard.md)

articles/defender-for-cloud/continuous-export-view-data.md

@@ -14,7 +14,7 @@ After you've set up continuous export of Microsoft Defender for Cloud security a
 
 ## Prerequisites
 
-- [Setup continuous export in the Azure portal](continuous-export.md) or [setup continuous export with Azure Policy](continuous-export-azure-policy.md) or [setup continuous export with REST API](continuous-export-rest-api.md).
+- [Set up continuous export in the Azure portal](continuous-export.md) or [set up continuous export with Azure Policy](continuous-export-azure-policy.md) or [set up continuous export with REST API](continuous-export-rest-api.md).
 
 ## View exported alerts and recommendations in Azure Monitor
 

articles/defender-for-cloud/defender-for-cloud-introduction.md

@@ -37,7 +37,7 @@ Defender for Cloud uses its broader Cloud Native Application Protection Platform
 
 In addition to its core CNAPP capabilities, Defender for Cloud delivers [AI security and AI threat protection](#ai-security-and-threat-protection) to safeguard generative AI workloads throughout their lifecycle. These features help you discover AI applications, identify vulnerabilities, reduce risks, and detect threats targeting your generative AI workloads.
 
-:::image type="content" source="media/defender-for-cloud-introduction/cloud-security-pillars.png" alt-text="Diagram showing the core functionality of Defender for Cloud":::
+:::image type="content" source="media/defender-for-cloud-introduction/cloud-security-pillars.png" alt-text="Diagram showing the core functionality of Defender for Cloud.":::
 
 > [!NOTE]
 > For pricing information, check out [the Defender for Cloud pricing page](https://azure.microsoft.com/pricing/details/defender-for-cloud/). You can also [estimate costs with the Defender for Cloud cost calculator](cost-calculator.md).
@@ -54,7 +54,7 @@ Defender for Cloud's available plans and their CNAPP benefits include:
 |--|--|--|
 | **Defender CSPM / Foundational CSPM** | Provides advanced security posture capabilities including agentless vulnerability scanning, data-aware security posture, the cloud security graph, and advanced threat hunting. | Check out the [differences between the CSPM plans](concept-cloud-security-posture-management.md#plan-availability). <br><br> [Enable the Defender CSPM plan](tutorial-enable-cspm-plan.md). |
 | **Defender for Servers** | Provides threat detection and advanced defenses for Windows and Linux machines that run in Azure, AWS, GCP, and on-premises environments. | [Plan your Defender for Servers deployment](plan-defender-for-servers.md) <br><br> Check out the [differences between the Defender for Servers plans](defender-for-servers-overview.md#defender-for-servers-plans) <br><br> [Deploy Defender for Servers](tutorial-enable-servers-plan.md) |
-| **Defender for Containers** | Provides environment hardening, vulnerability assessment, run time protection of Kubernetes nodes and clusters. | [Overview of Container security in Microsoft Defender for Containers](defender-for-containers-introduction.md) <br><br> [Defender for Containers architecture](defender-for-containers-architecture.md) <br><br> Protect your [Azure](tutorial-enable-containers-azure.md), [IaaS](tutorial-enable-containers-arc.md), [AWS](tutorial-enable-container-aws.md), and [GCP](tutorial-enable-container-gcp.md) containers with Defender for Containers |
+| **Defender for Containers** | Provides environment hardening, vulnerability assessment, run time protection of Kubernetes nodes and clusters. | [Overview of Container security in Microsoft Defender for Containers](defender-for-containers-introduction.md) <br><br> [Defender for Containers architecture](defender-for-containers-architecture.md) <br><br> Protect your [Azure](tutorial-enable-containers-azure.md), [IaaS](defender-for-containers-arc-enable-portal.md), [AWS](tutorial-enable-container-aws.md), and [GCP](tutorial-enable-container-gcp.md) containers with Defender for Containers |
 | **Defender for Resource Manager** | Detects unusual and potentially harmful activity by automatically monitoring the resource management operations. | [Overview of Microsoft Defender for Resource Manager](defender-for-resource-manager-introduction.md) <br><br> [Protect your resources with Defender for Resource Manager](tutorial-enable-resource-manager-plan.md) |
 | **Defender for Storage** | Protects against malware, storage specific threats, sensitive data leakage, and Shared Access Signature (SAS) token misuse. | [Overview of Microsoft Defender for Storage](defender-for-storage-introduction.md) <br><br> [Malware scanning](defender-for-storage-malware-scan.md) <br><br> [Detect threats to sensitive data](defender-for-storage-data-sensitivity.md) <br><br> [Deploy Microsoft Defender for Storage](tutorial-enable-storage-plan.md) |
 | **Defender for App Service** | Identifies attacks that target applications running over App Service. | [Overview of Defender for App Service to protect your Azure App Service web apps and APIs](defender-for-app-service-introduction.md) <br><br> [Protect your applications with Defender for App Service](tutorial-enable-app-service-plan.md) |

articles/defender-for-cloud/defender-for-storage-threats-alerts.md

@@ -36,7 +36,7 @@ In addition to security threats, configuration errors might inadvertently expose
 
 To minimize the risk of security breaches and configuration errors, security teams employ a combination of posture management tools and workload protection tools. These tools ensure Azure Storage stays secure by providing visibility into early signs of breaches. They help prevent attacks and maintain secure configurations.
 
-Microsoft security researchers analyzed the attack surface of storage services. The potential security risks are described in the [threat matrix for cloud-based storage services](https://www.microsoft.com/security/blog/2021/04/08/threat-matrix-for-storage/), which are based on the [MITRE ATT&CK® framework](https://attack.mitre.org/techniques/enterprise/), a knowledge base for the tactics and techniques employed in cyber-attacks.
+Microsoft security researchers analyzed the attack surface of storage services. The potential security risks are described in the [threat matrix for cloud-based storage services](https://www.microsoft.com/security/blog/2021/04/08/threat-matrix-for-storage/), which are based on the [MITRE ATT&CK® framework](https://attack.mitre.org/techniques/enterprise/), a knowledge base for the tactics and techniques employed in cyber-attacks.
 
 For a comparison between malware scanning and hash reputation analysis, see [Understanding the differences between these methods](defender-for-storage-introduction.md#understand-the-differences-between-malware-scanning-and-hash-reputation-analysis).
 
@@ -65,7 +65,7 @@ Security alerts include details of the suspicious activity, relevant investigati
 
 ## Accelerated threat detection with Storage aggregated logs
 
-Storage aggregated logs in Defender XDR's Avanced Hunting give security teams a powerful way to spot patterns and anomalies across large volumes of storage activity. Instead of analyzing raw events one by one, the new `CloudStorageAggregatedEvents` table delivers summarized insights, such as spikes in failed operations, unusual authentication types, or suspicious access from unexpected locations, helping teams quickly identify potential threats and prioritize investigations. This capability reduces noise, accelerates detection, and strengthens protection for cloud storage at scale. This capability is included only in the new Defender for Storage per-storage account plan. For the full schema and field details, see the [CloudStorageAggregatedEvents reference table.](/defender-xdr/advanced-hunting-cloudstorageaggregatedevents-table)
+Storage aggregated logs in Defender XDR's Advanced Hunting give security teams a powerful way to spot patterns and anomalies across large volumes of storage activity. Instead of analyzing raw events one by one, the new `CloudStorageAggregatedEvents` table delivers summarized insights, such as spikes in failed operations, unusual authentication types, or suspicious access from unexpected locations, helping teams quickly identify potential threats and prioritize investigations. This capability reduces noise, accelerates detection, and strengthens protection for cloud storage at scale. This capability is included only in the new Defender for Storage per-storage account plan. For the full schema and field details, see the [CloudStorageAggregatedEvents reference table.](/defender-xdr/advanced-hunting-cloudstorageaggregatedevents-table)
 
 ## Related content