fix antimalware to antimalware except for where it matches UI

ElazarK · ElazarK · commit dc5d5db74d40 · 2026-02-22T15:02:39.000+02:00
diff --git a/articles/defender-for-cloud/anti-malware.md b/articles/defender-for-cloud/anti-malware.md
@@ -1,26 +1,26 @@
 ---
-title: Antimalware detection and blocking
-description: Learn how to configure Container runtime Antimalware detection and blocking to block or alert on malware in Azure, AWS, and GCP environments.
+title: Anti-malware detection and blocking
+description: Learn how to configure Container runtime anti-malware detection and blocking to block or alert on malware in Azure, Amazon Web Service (AWS), and Google Cloud Project (GCP) environments.
 #customer intent: As a security admin, I want to configure container runtime antimalware policies so that I can detect and prevent malware in my containerized workloads.
 author: ElazarK
 ms.author: elkrieger
 ms.date: 02/22/2026
 ms.topic: how-to
 ---
 
-# Antimalware detection and blocking
+# Anti-malware detection and blocking
 
-Container runtime antimalware detects and blocks malware when a container runs an executable that the system identifies as malicious software.
+Container runtime anti-malware detects and blocks malware when a container runs an executable that the system identifies as malicious software.
 
 This feature sends alerts when it identifies malware and lets you block malware.  
 
-You can define antimalware policies that set conditions for alerts and blocking. These policies help you distinguish legitimate activity from potential threats.
+You can define anti-malware policies that set conditions for alerts and blocking. These policies help you distinguish legitimate activity from potential threats.
 
-Container runtime antimalware detection and blocking is part of the Defender for Containers plan. This feature is available for Azure Kubernetes Service (AKS), Amazon Elastic Kubernetes Service (EKS), and Google Kubernetes Engine (GKE).
+Container runtime anti-malware detection and blocking is part of the Defender for Containers plan. This feature is available for Azure Kubernetes Service (AKS), Amazon Elastic Kubernetes Service (EKS), and Google Kubernetes Engine (GKE).
 
 ## Prerequisites
 
-- To use container runtime antimalware detection and blocking, you need to run the Defender for Container sensor, which is available for the AWS, GCP, and AKS clouds. Currently, this feature is in preview and is only supported for:
+- To use container runtime anti-malware detection and blocking, you need to run the Defender for Container sensor, which is available for the AWS, GCP, and AKS clouds. Currently, this feature is in preview and is only supported for:
     - **AKS**: Helm provisioning with sensor version **0.10.2**.
     - **Multicloud**: Helm provisioning with sensor version **0.10.2** or the ARC extension using `release-train=preview`, with the command `--configuration-settings collectors.antimalwareCollector.enable='true`.
 
@@ -32,54 +32,54 @@ Container runtime antimalware detection and blocking is part of the Defender for
     
 - You must enable the Defender for Container sensor on the subscriptions and connectors. 
 
-- To create and modify antimalware policies, you need Security Admin or higher permissions on the tenant. To view antimalware policies, you need Security Reader or higher permissions on the tenant. 
+- To create and modify anti-malware policies, you need Security Admin or higher permissions on the tenant. To view anti-malware policies, you need Security Reader or higher permissions on the tenant. 
 
 - In addition to the [core sensor memory and CPU requirements](/azure/defender-for-cloud/defender-for-containers-architecture?tabs=defender-for-container-arch-aks#defender-sensor-component-details), you need:    
   
     | Component | Request | Limit |
     |--|--|--|
-    | CPU | 50m | 300m |
+    | CPU | 50 m | 300 m |
     | Memory | 128Mi | 500Mi |
 
-Learn more about [antimalware detection and blocking availability](support-matrix-defender-for-containers.md#runtime-protection-features).
+Learn more about [anti-malware detection and blocking availability](support-matrix-defender-for-containers.md#runtime-protection-features).
 
 ### Components
 
-The following components are part of antimalware detection and blocking: 
+The following components are part of anti-malware detection and blocking: 
 
 - An enhanced sensor that detects and prevents malware.
 
-- Antimalware policy configuration options.
+- Anti-malware policy configuration options.
 
-- Antimalware alerts.
+- Anti-malware alerts.
 
-## Enable antimalware detection and blocking
+## Enable anti-malware detection and blocking
 
-Antimalware isn't enabled by default because it consumes extra cluster resources.
+Anti-malware isn't enabled by default because it consumes extra cluster resources.
 
-To install the sensor with antimalware enabled, follow the instructions to [install Defender for Containers sensor by using Helm](deploy-helm.md) and include the `--antimalware` flag.
+To install the sensor with anti-malware enabled, follow the instructions to [install Defender for Containers sensor by using Helm](deploy-helm.md) and include the `--antimalware` flag.
 
-## Add antimalware rules
+## Add anti-malware rules
 
-When you install the sensor with antimalware enabled, it configures three antimalware rules by default. These rules include: 
+When you install the sensor with anti-malware enabled, it configures three anti-malware rules by default. These rules include: 
 
 - `Malware alert on binaries not originated from original image`: a suggested rule for situations where the system detects a drifted binary.
 - `Default antimalware workload rule`.
 - `Default anitmalware host rule`.
 
-The two default antimalware rules (workload and host) apply to every potential situation if no other rule matches first. You can only modify the default rule's actions and set it to alert, block, or ignore.  
+The two default anti-malware rules (workload and host) apply to every potential situation if no other rule matches first. You can only modify the default rule's actions and set it to alert, block, or ignore.  
 
-You can create new antimalware rules to define when alerts should be generated, blocked, or ignored. Each rule can define the conditions for generating alerts. This structure allows you to tailor the system to your specific needs and reduce false positives. You can create exclusions by setting higher priority rules for specific scopes or clusters, images, pods, Kubernetes labels, or namespaces. 
+You can create new anti-malware rules to define when alerts should be generated, blocked, or ignored. Each rule can define the conditions for generating alerts. This structure allows you to tailor the system to your specific needs and reduce false positives. You can create exclusions by setting higher priority rules for specific scopes or clusters, images, pods, Kubernetes labels, or namespaces. 
 
 1. Sign in to the [Azure portal](https://portal.azure.com/).
 
-1. Go to **Defender for Cloud** > **Environment ettings**.
+1. Go to **Defender for Cloud** > **Environment settings**.
 
 1. Select **Security rules**. 
 
-    :::image type="content" source="media/anti-malware/alert-on-malware-rule-screen.png" alt-text="Screenshot of Microsoft Defender for Cloud showing the antimalware policy page with three rules: Alert on Malware, Default for workload, and Default for host." lightbox="media/anti-malware/alert-on-malware-rule-screen.png":::
+    :::image type="content" source="media/anti-malware/alert-on-malware-rule-screen.png" alt-text="Screenshot of Microsoft Defender for Cloud showing the anti-malware policy page with three rules: Alert on Malware, Default for workload, and Default for host." lightbox="media/anti-malware/alert-on-malware-rule-screen.png":::
 
-1.  Select **Antiwalware** > **+ Add rule**. 
+1.  Select **Antimalware** > **+ Add rule**. 
 
     :::image type="content" source="media/anti-malware/configure-new-rule-screen.png" alt-text="Screenshot of the Add Rule side panel showing fields for rule name, conditions, and actions with options to alert, block, or ignore." lightbox="media/anti-malware/configure-new-rule-screen.png":::
 
@@ -108,11 +108,11 @@ You can create new antimalware rules to define when alerts should be generated
 
 After 30 minutes, the sensors on the protected clusters are updated with the new rule.
 
-## Manage antimalware rules
+## Manage anti-malware rules
 
-Based on the alerts you receive and review, you might need to adjust the rules in the antimalware policy. This adjustment might include refining conditions, adding rules, or removing rules that generate many false positives. The goal is to balance security needs with operational efficiency by using effective antimalware policies and rules.
+Based on the alerts, you receive and review, you might need to adjust the rules in the anti-malware policy. This adjustment might include refining conditions, adding rules, or removing rules that generate many false positives. The goal is to balance security needs with operational efficiency by using effective anti-malware policies and rules.
 
-Effective antimalware detection relies on your active role in configuring, monitoring, and adjusting policies for your environment.
+Effective anti-malware detection relies on your active role in configuring, monitoring, and adjusting policies for your environment.
 
 You can arrange rules by priority by selecting the up or down arrow. The rule with the highest priority (the lowest number) runs first. If a rule matches, the rule action runs and the evaluation ends. If no rule matches, the system evaluates the next rule. If no rule matches, the system applies the default rules.
 
