replace absolute links with relative links

ceperezb · ceperezb · commit beea8aabfe48 · 2026-02-16T00:27:01.000-05:00
diff --git a/learn-pr/wwl-sci/security-copilot-describe-agents/includes/2-describe-agents.md b/learn-pr/wwl-sci/security-copilot-describe-agents/includes/2-describe-agents.md
@@ -35,32 +35,32 @@ Security Copilot includes agents that are seamlessly integrated with Microsoft s
 
 #### Agents in the standalone experience
 
-- **[Threat Intelligence Briefing Agent](https://learn.microsoft.com/copilot/security/threat-intel-briefing-agent)**: Automatically curates relevant and timely threat intelligence based on an organization’s unique attributes and threat exposure.
+- **[Threat Intelligence Briefing Agent](/copilot/security/threat-intel-briefing-agent)**: Automatically curates relevant and timely threat intelligence based on an organization’s unique attributes and threat exposure.
 
 #### Agents embedded in Microsoft Entra
 
 - **[Conditional Access Optimization Agent](https://aka.ms/EntraAgent)**: Monitors for new users or apps not covered by existing policies, identifies necessary updates to close security gaps, and recommends quick fixes for identity teams to apply with a single click.
-- **[Access Review Agent](https://learn.microsoft.com/entra/id-governance/access-review-agent)**: Configured in Microsoft Entra and available in Microsoft Teams, the agent delivers insights and recommendations so reviewers can make fast, accurate access decisions through a simple conversation.
+- **[Access Review Agent](/entra/id-governance/access-review-agent)**: Configured in Microsoft Entra and available in Microsoft Teams, the agent delivers insights and recommendations so reviewers can make fast, accurate access decisions through a simple conversation.
 
 #### Agents embedded in Microsoft Defender
 
-- **[Phishing Triage Agent](https://learn.microsoft.com/defender-xdr/phishing-triage-agent)**: Helps security operations analysts triage and classify user-submitted phishing incidents autonomously, providing transparent rationale for classification verdicts in natural language.
-- **[Threat Intelligence Briefing Agent](https://learn.microsoft.com/defender-xdr/threat-intel-briefing-agent-defender)**: Also available in the Defender portal, this agent gathers and synthesizes threat intelligence data to deliver concise and actionable insights to security operations teams.
-- **[Threat Hunting Agent](https://learn.microsoft.com/defender-xdr/advanced-hunting-security-copilot-threat-hunting-agent)**: Enables threat hunting using natural language, generates KQL queries, interprets results, and guides analysts through full hunting sessions.
-- **[Dynamic Threat Detection Agent (preview)](https://learn.microsoft.com/defender-xdr/dynamic-threat-detection-agent)**: An always-on adaptive service that uncovers hidden threats across Defender and Microsoft Sentinel environments by correlating alerts, events, and threat intelligence.
+- **[Phishing Triage Agent](/defender-xdr/phishing-triage-agent)**: Helps security operations analysts triage and classify user-submitted phishing incidents autonomously, providing transparent rationale for classification verdicts in natural language.
+- **[Threat Intelligence Briefing Agent](/defender-xdr/threat-intel-briefing-agent-defender)**: Also available in the Defender portal, this agent gathers and synthesizes threat intelligence data to deliver concise and actionable insights to security operations teams.
+- **[Threat Hunting Agent](/defender-xdr/advanced-hunting-security-copilot-threat-hunting-agent)**: Enables threat hunting using natural language, generates KQL queries, interprets results, and guides analysts through full hunting sessions.
+- **[Dynamic Threat Detection Agent (preview)](/defender-xdr/dynamic-threat-detection-agent)**: An always-on adaptive service that uncovers hidden threats across Defender and Microsoft Sentinel environments by correlating alerts, events, and threat intelligence.
 
 #### Agents embedded in Microsoft Purview (preview)
 
-- **[Alert Triage Agent in Data Loss Prevention](https://learn.microsoft.com/purview/copilot-in-purview-agents)**: Evaluates DLP alerts based on sensitivity risk, exfiltration risk, and policy risk, then sorts them into prioritized categories.
-- **[Triage Agent in Insider Risk Management](https://learn.microsoft.com/purview/copilot-in-purview-agents)**: Evaluates IRM alerts based on user risk, file risk, and activity risk, then sorts them into prioritized categories.
-- **[Data Security Posture Management Agent](https://learn.microsoft.com/purview/copilot-in-purview-posture-agent-get-started)**: Helps identify and address data security posture risks by providing proactive insights and recommendations.
+- **[Alert Triage Agent in Data Loss Prevention](/purview/copilot-in-purview-agents)**: Evaluates DLP alerts based on sensitivity risk, exfiltration risk, and policy risk, then sorts them into prioritized categories.
+- **[Triage Agent in Insider Risk Management](/purview/copilot-in-purview-agents)**: Evaluates IRM alerts based on user risk, file risk, and activity risk, then sorts them into prioritized categories.
+- **[Data Security Posture Management Agent](/purview/copilot-in-purview-posture-agent-get-started)**: Helps identify and address data security posture risks by providing proactive insights and recommendations.
 
 #### Agents embedded in Microsoft Intune
 
-- **[Vulnerability Remediation Agent](https://learn.microsoft.com/intune/agents/vulnerability-remediation-agent)**: Uses Defender data to identify vulnerabilities on managed devices, prioritize remediation, and provide step-by-step guidance.
-- **[Change Review Agent](https://learn.microsoft.com/intune/agents/change-review-agent)**: Evaluates the effect of Multi Admin Approval requests in Intune and makes recommendations for actions to take.
-- **[Device Offboarding Agent](https://learn.microsoft.com/intune/agents/device-offboarding-agent)**: Identifies stale or misaligned devices across Intune and Microsoft Entra ID, providing actionable insights before offboarding.
-- **[Policy Configuration Agent](https://learn.microsoft.com/intune/agents/policy-configuration-agent)**: Converts plain-language documents and industry baselines into recommended Intune settings and policies.
+- **[Vulnerability Remediation Agent](/intune/agents/vulnerability-remediation-agent)**: Uses Defender data to identify vulnerabilities on managed devices, prioritize remediation, and provide step-by-step guidance.
+- **[Change Review Agent](/intune/agents/change-review-agent)**: Evaluates the effect of Multi Admin Approval requests in Intune and makes recommendations for actions to take.
+- **[Device Offboarding Agent](/intune/agents/device-offboarding-agent)**: Identifies stale or misaligned devices across Intune and Microsoft Entra ID, providing actionable insights before offboarding.
+- **[Policy Configuration Agent](/intune/agents/policy-configuration-agent)**: Converts plain-language documents and industry baselines into recommended Intune settings and policies.
 
 ### Partner agents
 
diff --git a/learn-pr/wwl-sci/security-copilot-describe-agents/includes/4-describe-conditional-access-optimization-agent.md b/learn-pr/wwl-sci/security-copilot-describe-agents/includes/4-describe-conditional-access-optimization-agent.md
@@ -29,7 +29,7 @@ The following agents are currently available for Microsoft Entra. Due to the fas
 
 #### Conditional Access Optimization Agent
 
-The [Conditional Access Optimization Agent](https://learn.microsoft.com/entra/security-copilot/conditional-access-agent-optimization) ensures comprehensive user protection by analyzing your Conditional Access policies and recommending improvements. The agent evaluates your current policy configuration against Microsoft best practices and Zero Trust principles.
+The [Conditional Access Optimization Agent](/entra/security-copilot/conditional-access-agent-optimization) ensures comprehensive user protection by analyzing your Conditional Access policies and recommending improvements. The agent evaluates your current policy configuration against Microsoft best practices and Zero Trust principles.
 
 | Attribute | Description |
 |-----------|-------------|
@@ -42,7 +42,7 @@ The [Conditional Access Optimization Agent](https://learn.microsoft.com/entra/se
 
 #### Access Review Agent
 
-The [Access Review Agent](https://learn.microsoft.com/entra/id-governance/access-review-agent) with Microsoft Entra ID Governance empowers reviewers to make fast and accurate access decisions. It delivers insights and recommendations so reviewers can complete their work through a simple conversation, right inside Microsoft Teams.
+The [Access Review Agent](/entra/id-governance/access-review-agent) with Microsoft Entra ID Governance empowers reviewers to make fast and accurate access decisions. It delivers insights and recommendations so reviewers can complete their work through a simple conversation, right inside Microsoft Teams.
 
 | Attribute | Description |
 |-----------|-------------|
@@ -55,7 +55,7 @@ The [Access Review Agent](https://learn.microsoft.com/entra/id-governance/access
 
 #### Identity Risk Management Agent (preview)
 
-The [Identity Risk Management Agent](https://learn.microsoft.com/entra/id-protection/identity-risk-management-agent-get-started) in Microsoft Entra ID Protection helps administrators investigate potential risks, learn about potential effects, and take decisive action to protect their organization’s critical assets.
+The [Identity Risk Management Agent](/entra/id-protection/identity-risk-management-agent-get-started) in Microsoft Entra ID Protection helps administrators investigate potential risks, learn about potential effects, and take decisive action to protect their organization's critical assets.
 
 | Attribute | Description |
 |-----------|-------------|
diff --git a/learn-pr/wwl-sci/security-copilot-describe-agents/includes/5-describe-phishing-triage-agent.md b/learn-pr/wwl-sci/security-copilot-describe-agents/includes/5-describe-phishing-triage-agent.md
@@ -13,7 +13,7 @@ The following Microsoft Security Copilot agents are available in the Microsoft D
 
 #### Phishing Triage Agent
 
-The [Phishing Triage Agent](https://learn.microsoft.com/defender-xdr/phishing-triage-agent) helps security operations analysts triage and classify user-submitted phishing incidents. The agent operates autonomously, provides a transparent rationale for its classification verdicts in natural language, and continuously learns and improves its accuracy based on feedback from analysts.
+The [Phishing Triage Agent](/defender-xdr/phishing-triage-agent) helps security operations analysts triage and classify user-submitted phishing incidents. The agent operates autonomously, provides a transparent rationale for its classification verdicts in natural language, and continuously learns and improves its accuracy based on feedback from analysts.
 
 | Attribute | Description |
 |-----------|-------------|
@@ -27,7 +27,7 @@ The [Phishing Triage Agent](https://learn.microsoft.com/defender-xdr/phishing-tr
 
 #### Threat Intelligence Briefing Agent
 
-The [Threat Intelligence Briefing Agent](https://learn.microsoft.com/defender-xdr/threat-intel-briefing-agent-defender) provides security operations teams with regular, customized threat intelligence briefings. The agent autonomously gathers and synthesizes relevant threat intelligence data from various sources, delivering concise and actionable insights to help analysts stay informed about emerging threats and trends.
+The [Threat Intelligence Briefing Agent](/defender-xdr/threat-intel-briefing-agent-defender) provides security operations teams with regular, customized threat intelligence briefings. The agent autonomously gathers and synthesizes relevant threat intelligence data from various sources, delivering concise and actionable insights to help analysts stay informed about emerging threats and trends.
 
 | Attribute | Description |
 |-----------|-------------|
@@ -41,9 +41,9 @@ The [Threat Intelligence Briefing Agent](https://learn.microsoft.com/defender-xd
 
 #### Threat Hunting Agent
 
-The [Threat Hunting Agent](https://learn.microsoft.com/defender-xdr/advanced-hunting-security-copilot-threat-hunting-agent) enables you to investigate threats using natural language from start to finish. It not only generates Kusto Query Language (KQL) queries but also interprets results, surfaces insights, and guides you through full hunting sessions. These capabilities empower you to hunt threats faster, more accurately, and with greater confidence.
+The [Threat Hunting Agent](/defender-xdr/advanced-hunting-security-copilot-threat-hunting-agent) enables you to investigate threats using natural language from start to finish. It not only generates Kusto Query Language (KQL) queries but also interprets results, surfaces insights, and guides you through full hunting sessions. These capabilities empower you to hunt threats faster, more accurately, and with greater confidence.
 
 #### Dynamic Threat Detection Agent
 
-The [Dynamic Threat Detection Agent](https://learn.microsoft.com/defender-xdr/dynamic-threat-detection-agent) in the Defender portal is an always-on, adaptive backend service that uncovers hidden threats across Defender and Microsoft Sentinel environments. It uses AI to identify gaps and uncover false negatives by correlating alerts, events, anomalies, and threat intelligence. When the agent identifies a gap, it generates a dynamic alert with the full context in the alert details, including natural language explanations, mapped MITRE ATT&CK techniques, and tailored remediation steps.
+The [Dynamic Threat Detection Agent](/defender-xdr/dynamic-threat-detection-agent) in the Defender portal is an always-on, adaptive backend service that uncovers hidden threats across Defender and Microsoft Sentinel environments. It uses AI to identify gaps and uncover false negatives by correlating alerts, events, anomalies, and threat intelligence. When the agent identifies a gap, it generates a dynamic alert with the full context in the alert details, including natural language explanations, mapped MITRE ATT&CK techniques, and tailored remediation steps.
 
diff --git a/learn-pr/wwl-sci/security-copilot-describe-agents/includes/5a-describe-purview-agents.md b/learn-pr/wwl-sci/security-copilot-describe-agents/includes/5a-describe-purview-agents.md
@@ -9,7 +9,7 @@ The following Microsoft Security Copilot agents are available in Microsoft Purvi
 
 #### Triage Agent in Insider Risk Management
 
-The [Triage Agent in Insider Risk Management](https://learn.microsoft.com/purview/copilot-in-purview-agents) helps security teams by evaluating alerts based on user risk, file risk, and activity risk. The agent then sorts the triaged alerts into categories that are presented in the insider risk management solution on the **Alerts** tab.
+The [Triage Agent in Insider Risk Management](/purview/copilot-in-purview-agents) helps security teams by evaluating alerts based on user risk, file risk, and activity risk. The agent then sorts the triaged alerts into categories that are presented in the insider risk management solution on the **Alerts** tab.
 
 | Attribute | Description |
 |-----------|-------------|
@@ -23,7 +23,7 @@ The [Triage Agent in Insider Risk Management](https://learn.microsoft.com/purvie
 
 #### Alert Triage Agent in Data Loss Prevention (preview)
 
-The [Alert Triage Agent in Data Loss Prevention](https://learn.microsoft.com/purview/copilot-in-purview-agents) helps security teams by evaluating alerts based on the sensitivity risk, exfiltration risk, and policy risk. The agent then sorts the triaged alerts into categories that are presented in the DLP solution on the **Alerts** page.
+The [Alert Triage Agent in Data Loss Prevention](/purview/copilot-in-purview-agents) helps security teams by evaluating alerts based on the sensitivity risk, exfiltration risk, and policy risk. The agent then sorts the triaged alerts into categories that are presented in the DLP solution on the **Alerts** page.
 
 | Attribute | Description |
 |-----------|-------------|
diff --git a/learn-pr/wwl-sci/security-copilot-describe-agents/includes/5c-describe-intune-agents.md b/learn-pr/wwl-sci/security-copilot-describe-agents/includes/5c-describe-intune-agents.md
@@ -9,7 +9,7 @@ The following Microsoft Security Copilot agents are available in Microsoft Intun
 
 #### Vulnerability Remediation Agent
 
-The [Vulnerability Remediation Agent](https://learn.microsoft.com/intune/agents/vulnerability-remediation-agent) uses data from Microsoft Defender Vulnerability Management to identify Common Vulnerabilities and Exposures (CVEs) on managed devices. The results are prioritized for remediation and include step-by-step instructions to guide you in using Intune to remediate the threat.
+The [Vulnerability Remediation Agent](/intune/agents/vulnerability-remediation-agent) uses data from Microsoft Defender Vulnerability Management to identify Common Vulnerabilities and Exposures (CVEs) on managed devices. The results are prioritized for remediation and include step-by-step instructions to guide you in using Intune to remediate the threat.
 
 | Attribute | Description |
 |-----------|-------------|
@@ -22,7 +22,7 @@ The [Vulnerability Remediation Agent](https://learn.microsoft.com/intune/agents/
 
 #### Change Review Agent
 
-The [Change Review Agent](https://learn.microsoft.com/intune/agents/change-review-agent) evaluates Multi Admin Approval requests for PowerShell scripts on Windows devices. It aggregates signals from Microsoft Defender Vulnerability Management, Microsoft Entra ID, and Microsoft Intune to provide risk-based recommendations and contextual insights that help administrators make informed decisions about whether to approve or deny requests.
+The [Change Review Agent](/intune/agents/change-review-agent) evaluates Multi Admin Approval requests for PowerShell scripts on Windows devices. It aggregates signals from Microsoft Defender Vulnerability Management, Microsoft Entra ID, and Microsoft Intune to provide risk-based recommendations and contextual insights that help administrators make informed decisions about whether to approve or deny requests.
 
 | Attribute | Description |
 |-----------|-------------|
@@ -35,7 +35,7 @@ The [Change Review Agent](https://learn.microsoft.com/intune/agents/change-revie
 
 #### Device Offboarding Agent
 
-The [Device Offboarding Agent](https://learn.microsoft.com/intune/agents/device-offboarding-agent) identifies stale or misaligned devices across Intune and Microsoft Entra ID. It provides actionable insights and requires admin approval before offboarding any devices. The agent complements existing Intune automation by surfacing insights and handling ambiguous cases where automated cleanup may not suffice.
+The [Device Offboarding Agent](/intune/agents/device-offboarding-agent) identifies stale or misaligned devices across Intune and Microsoft Entra ID. It provides actionable insights and requires admin approval before offboarding any devices. The agent complements existing Intune automation by surfacing insights and handling ambiguous cases where automated cleanup may not suffice.
 
 | Attribute | Description |
 |-----------|-------------|
@@ -48,7 +48,7 @@ The [Device Offboarding Agent](https://learn.microsoft.com/intune/agents/device-
 
 #### Policy Configuration Agent
 
-The [Policy Configuration Agent](https://learn.microsoft.com/intune/agents/policy-configuration-agent) converts plain-language documents and industry baselines into recommended Intune settings and policies. Admins can upload compliance standards or organizational security policies, and the agent identifies relevant Intune settings catalog settings, recommends values, and guides the creation of configuration profiles.
+The [Policy Configuration Agent](/intune/agents/policy-configuration-agent) converts plain-language documents and industry baselines into recommended Intune settings and policies. Admins can upload compliance standards or organizational security policies, and the agent identifies relevant Intune settings catalog settings, recommends values, and guides the creation of configuration profiles.
 
 | Attribute | Description |
 |-----------|-------------|
