Merge pull request #6242 from Brenduns/9740726-link-security-tasks-to-defender-content

CP - 9740726 Tie Security tasks from Intune to Remediation tasks in MDE Security Center

Author: PRMerger-2

memdocs/intune/protect/atp-manage-vulnerabilities.md

@@ -2,12 +2,12 @@
 # required metadata
 
 title: Use Intune to remediate vulnerabilities found by Microsoft Defender for Endpoint
-description: See how to manage security tasks from  and Threat & vulnerability Management, part of Microsoft Defender for Endpoint from within the Intune console.
+description: See how to manage security tasks from and Threat & vulnerability Management, part of Microsoft Defender for Endpoint from within the Intune console.
 keywords:
 author: brenduns 
 ms.author: brenduns
 manager: dougeby
-ms.date: 05/01/2021
+ms.date: 11/30/2021
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -35,12 +35,12 @@ When you integrate Intune with Microsoft Defender for Endpoint, you can take adv
 
 ## How integration works
 
-After you connect Intune to Microsoft Defender for Endpoint, Defender for Endpoint receives threat and vulnerability details from managed devices. 
+After you connect Intune to Microsoft Defender for Endpoint, Defender for Endpoint receives threat and vulnerability details from managed devices.
 
-- Vulnerabilities that are discovered are not based on configurations from Intune. They are based on Microsoft Defender for Endpoint configurations and scan details.
-- Only issues that can be remediated by Intune are raised as security tasks for Intune.
+- Vulnerabilities that are discovered aren't based on configurations from Intune. They're based on Microsoft Defender for Endpoint configurations and scan details.
+- Not all issues that Defender for Endpoint flags for remediation support remediation through the creation of a security task for Intune.
 
-In the Microsoft Defender Security Center console, Defender for Endpoint security admins review data about endpoint vulnerabilities. The admins then use a single-click to create security tasks that flag the vulnerable devices for remediation. The security tasks are immediately passed to the Intune console where Intune admins can view them. The security task identifies the type of vulnerability, priority, status, and the steps to take to remediate the vulnerability. The Intune admin chooses to accept or reject the task.
+In the Microsoft Defender Security Center console, Defender for Endpoint security admins review data about endpoint vulnerabilities. The admins then use a few clicks to create security tasks that flag the vulnerable devices for remediation. The security tasks are immediately passed to the Microsoft Endpoint Manager admin center where Intune admins can view them. The security task identifies the type of vulnerability, priority, status, and the steps to take to remediate the vulnerability. The Intune admin chooses to accept or reject the task.
 
 When a task is accepted, the Intune admin then acts to remediate the vulnerability through Intune, using the guidance provided as part of the security task.
 
@@ -76,7 +76,7 @@ Following is an example workflow for an application. This same general workflow
 
   Because the media player in this example isn't a managed app, Intune can only provide text instructions. If the app was managed, Intune could provide instructions to download an updated version, and provide a link to open the deployment for the app so that the updated files can be added to the deployment.
 
-- After completing the remediation, the Intune admin opens the security task and selects **Complete Task**.  The remediation status is updated for Intune and in Defender for Endpoint, where security admins confirm the revised status for the vulnerability.
+- After completing the remediation, the Intune admin opens the security task and selects **Complete Task**. The remediation status is updated for Intune and in Defender for Endpoint, where security admins confirm the revised status for the vulnerability.
 
 ## Prerequisites  
 
@@ -87,18 +87,22 @@ Following is an example workflow for an application. This same general workflow
 
 **Intune configurations for Defender for Endpoint**:
 
-- Configure a service to service connection with Microsoft Defender for Endpoint.
+- Configure a service-to-service connection with Microsoft Defender for Endpoint.
 - Deploy a device configuration policy with a profile type of **Microsoft Defender for Endpoint (desktop devices running Windows 10 or later)** to devices that will have risk assessed by Defender for Endpoint.
 
   For information about how to set up Intune to work with Defender for Endpoint, see [Enforce compliance for Microsoft Defender for Endpoint with Conditional Access in Intune](advanced-threat-protection-configure.md#enable-microsoft-defender-for-endpoint-in-intune).
 
 ## Work with security tasks
 
+Before you can work with security tasks, they must be created from within the Defender Security Center. For information on using the Microsoft Defender Security Center to create security tasks, see [Remediate vulnerabilities with threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-remediation?view=o365-worldwide#request-remediation) in the Defender for Endpoint documentation.
+
+To manage security tasks:
+
 1. Sign in to the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
 
 2. Select **Endpoint security** > **Security tasks**.
 
-3. Select a task from the list to open a resource window that displays additional details for that security task.
+3. Select a task from the list to open a resource window that displays more details for that security task.
 
    While viewing the security task resource window, you can select additional links:
 
@@ -113,9 +117,9 @@ Following is an example workflow for an application. This same general workflow
 
    When it's possible to do so, the remediation instructions include links that open the relevant configuration objects in the Intune console.
 
-6. After completing the remediation steps, open the security task and select **Complete Task**.  This action updates the security task status in both Intune and Defender for Endpoint.
+6. After completing the remediation steps, open the security task and select **Complete Task**. This action updates the security task status in both Intune and Defender for Endpoint.
 
-After remediation is successful, the risk exposure score in Microsoft Defender for Endpoint can drop, based on new information from the remediated devices.
+After remediation is successful, the risk exposure score in Defender for Endpoint can drop, based on new information from the remediated devices.
 
 ## Next Steps