Merge pull request #21762 from MicrosoftDocs/main

Publish main to live, Tuesday 10:30AM PDT, 8/8

Author: Stacyrch140

microsoft-365/admin/manage/manage-feedback-ms-org.md

@@ -78,9 +78,9 @@ Your devices must be on a minimum build number to use these policies. See the ta
 |Allow users to access feedback portal|On|Manage user access to the feedback portal where users can follow-up on their feedback and participate in community feedback.|
 |Allow users to submit feedback to Microsoft|On|Controls feedback entry points across applications.|
 |Allow users to receive and respond to in-product surveys from Microsoft|On|Controls survey prompts within product.|
-|Allow users to include screenshots and attachments when they submit feedback to Microsoft|Off|Allows users to choose relevant files, screen recordings and screenshots to help Microsoft better understand and troubleshoot their feedback.|
-|Allow Microsoft to follow up on feedback submitted by users|Off|Determines if user can share contact info with feedback/survey for followup by Microsoft. Also allows users to get notified of feedback status changes. Users can manage communications settings in the feedback portal.|
-|Allow users to include log files and content samples when feedback is submitted to Microsoft|Off|Allows users to include Microsoft generated files such as additional log files and content samples when relevant to feedback they are submitting. Examples may include [Microsoft 365 Copilot](https://blogs.microsoft.com/blog/2023/03/16/introducing-microsoft-365-copilot-your-copilot-for-work/) prompt and response interactions.|
+|Allow users to include screenshots and attachments when they submit feedback to Microsoft|On|Allows users to choose relevant files, screen recordings and screenshots to help Microsoft better understand and troubleshoot their feedback.|
+|Allow Microsoft to follow up on feedback submitted by users|On|Determines if user can share contact info with feedback/survey for followup by Microsoft. Also allows users to get notified of feedback status changes. Users can manage communications settings in the feedback portal.|
+|Allow users to include log files and content samples when feedback is submitted to Microsoft|On|Allows users to include Microsoft generated files such as additional log files and content samples when relevant to feedback they are submitting. Examples may include [Microsoft 365 Copilot](https://blogs.microsoft.com/blog/2023/03/16/introducing-microsoft-365-copilot-your-copilot-for-work/) prompt and response interactions.|
 
 > [!NOTE]
 > The **Allow users to access the feedback portal** policy is a cloud policy. This policy isn't defined in ADMX and doesn't have a corresponding registry key available to set the policy. You should create a cloud policy to enforce it. This is a cloud policy because the feedback portal is a web application that makes a call to the cloud policy service, which is also a web application, requesting the policies for the person who signs in. If this policy is configured, the feedback portal will receive the configured policy value in the response from the cloud policy service.

microsoft-365/admin/manage/manage-feedback-product-insights.md

@@ -137,9 +137,9 @@ Verbatim Recall- 94%
 
 Charts are filtered by the NPS rating as follows:
 
-- Detractors are unhappy customers who are unlikely to recommend your product or service.
-- Passives are customers that are satisfied with the service but not enough to recommend your product or service.
-- Promoters- Happy customers that are loyal, enthusiastic and are likely to recommend your product or service.
+- Detractors are unhappy customers who are unlikely to recommend your product or service. For example, 1-3 on the 5 point scale.
+- Passives are customers that are satisfied with the service but not enough to recommend your product or service. For example, 4 on the 5 point scale.
+- Promoters- Happy customers that are loyal, enthusiastic and are likely to recommend your product or service. For example, 5 on the 5 point scale.
 
 :::image type="content" source="../../media/how-likely-recommend.png" alt-text="Screenshot: Chart showing how likely are you to recommend an app to a friend or colleague" lightbox="../../media/how-likely-recommend.png":::
 

microsoft-365/commerce/subscriptions/cancel-your-subscription.md

@@ -31,7 +31,7 @@ ms.date: 08/07/2023
 
 Check out all of our small business content on [Small business help & learning](https://go.microsoft.com/fwlink/?linkid=2224585).
 
-This article only applies to canceling **Dynamics 365**, **Intune**, **Power Platform**, **Windows 365**, and **Microsoft 365 for business** subscriptions. If you have an Azure subscription, see [Cancel your Azure subscription](/azure/cost-management-billing/manage/cancel-azure-subscription). If you have Microsoft 365 Family or Personal, see [Cancel a Microsoft 365 subscription](https://support.microsoft.com/office/cancel-a-microsoft-365-subscription-46e2634c-c64b-4c65-94b9-2cc9c960e91b?OCID=M365_DocsCancel_Link).
+This article only applies to canceling **Dynamics 365**, **Intune**, **Power Platform**, **Windows 365**, **Microsoft Defender for Business**, and **Microsoft 365 for business** subscriptions. If you have an Azure subscription, see [Cancel your Azure subscription](/azure/cost-management-billing/manage/cancel-azure-subscription). If you have Microsoft 365 Family or Personal, see [Cancel a Microsoft 365 subscription](https://support.microsoft.com/office/cancel-a-microsoft-365-subscription-46e2634c-c64b-4c65-94b9-2cc9c960e91b?OCID=M365_DocsCancel_Link).
 
 > [!WARNING]
 > Before you cancel a subscription, make sure your users [save their data](#save-your-data).

microsoft-365/security/defender-business/mdb-onboard-devices.md

@@ -10,8 +10,8 @@ ms.topic: overview
 ms.service: microsoft-365-security
 ms.subservice: mdb
 ms.localizationpriority: medium
-ms.date: 07/19/2023
-ms.reviewer: efratka, nehabha
+ms.date: 08/08/2023
+ms.reviewer: efratka, nehabha, muktaagarwal
 f1.keywords: NOCSH 
 ms.collection: 
  - SMB
@@ -53,6 +53,7 @@ Onboard your business devices to protect them right away. You can choose from se
 > 
 > For more information, see [Microsoft Defender for Business requirements](mdb-requirements.md).
 > 
+
 Choose one of the following options to onboard Windows client devices to Defender for Business:
 
 - [Local script](#local-script-for-windows-10-and-11) (for onboarding devices manually in the Microsoft 365 Defender portal)
@@ -61,7 +62,7 @@ Choose one of the following options to onboard Windows client devices to Defende
 
 ### Local script for Windows 10 and 11
 
-You can use a local script to onboard Windows client devices. When you run the onboarding script on a device, it creates a trust with Azure Active Directory, if that trust doesn't already exist; enrolls the device in Microsoft Intune, if it isn't already enrolled; and then onboards the device to Defender for Business. If you're not currently using Intune, the local script method is the recommended onboarding method for Defender for Business customers.
+You can use a local script to onboard Windows client devices. When you run the onboarding script on a device, it creates a trust with Azure Active Directory (if that trust doesn't already exist), enrolls the device in Microsoft Intune (if it isn't already enrolled), and then onboards the device to Defender for Business. If you're not currently using Intune, the local script method is the recommended onboarding method for Defender for Business customers.
 
 > [!TIP]
 > We recommend that you onboard up to 10 devices at a time when you use the local script method.
@@ -159,7 +160,7 @@ Choose one of the following options to onboard Mac:
 
 ### Local script for Mac
 
-When you run the local script on Mac, it creates a trust with Azure Active Directory if that trust doesn't already exist. It enrolls the Mac in Microsoft Intune if it isn't already enrolled, and then onboards the Mac to Defender for Business. We recommend that you onboard up to 10 devices at a time using this method.
+When you run the local script on Mac, it creates a trust with Azure Active Directory (if that trust doesn't already exist), enrolls the Mac in Microsoft Intune (if it isn't already enrolled), and then onboards the Mac to Defender for Business. We recommend that you onboard up to 10 devices at a time using this method.
 
 1. Go to the Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)), and sign in.
 
@@ -177,7 +178,7 @@ When you run the local script on Mac, it creates a trust with Azure Active Direc
 
 8. Select **Continue**, agree with the license terms, and then enter your password when prompted.
 
-9. You're prompted to allow installation of a driver from Microsoft (either "System Extension Blocked" or "Installation is on hold", or both). You must allow the driver installation: Select **Open Security Preferences** or **Open System Preferences** > **Security & Privacy**, and then select **Allow**.
+9. You're prompted to allow installation of a driver from Microsoft (either *System Extension Blocked* or *Installation is on hold*, or both). You must allow the driver installation. Select **Open Security Preferences** or **Open System Preferences** > **Security & Privacy**, and then select **Allow**.
 
 10. Use the following Bash command to run the onboarding package:
 
@@ -245,12 +246,12 @@ You can use the following methods to onboard mobile devices, such as Android and
 
 > [!IMPORTANT]
 > Make sure that all of the following requirements are met before onboarding mobile devices:
-> 1. Defender for Business has finished provisioning. In the [Microsoft 365 Defender portal](https://security.microsoft.com), go to **Assets** > **Devices**.<br/>- If you see a message that says, "Hang on! We're preparing new spaces for your data and connecting them," it means that Defender for Business hasn't finished provisioning. This process is happening now, and can take up to 24 hours to complete. <br/>- If you see a list of devices, or you're prompted to onboard devices, it means Defender for Business provisioning has completed. 
+> 1. Defender for Business has finished provisioning. In the [Microsoft 365 Defender portal](https://security.microsoft.com), go to **Assets** > **Devices**.<br/>- If you see a message that says, "Hang on! We're preparing new spaces for your data and connecting them," then Defender for Business hasn't finished provisioning. This process is happening now, and it can take up to 24 hours to complete. <br/>- If you see a list of devices, or you're prompted to onboard devices, it means Defender for Business provisioning has completed. 
 > 2. Users have downloaded the Microsoft Authenticator app on their device, and have registered their device using their work or school account for Microsoft 365.
 
 | Device | Procedure |
 |:---|:---|
-| Android | 1. On the device, go to the Google Play store.<br/><br/>2. If you haven't already done so, download and install the Microsoft Authenticator app. Sign in, and register your device in the Microsoft Authenticator app. <br/><br/>3. In the Google Play store, search for the Microsoft Defender app. <br/><br/>4. On the app page, scroll down and select **Join the beta** > **Join**.<br/><br/>5. Wait for the process to complete. It might take a few hours for the process of joining the beta program to complete.  You'll see text that says, "Joining the beta..."<br/><br/>6. After you've enrolled into the beta, verify that the beta version of the app looks like `1.0.xxxx.0201`, and then install the app.<br/><br/>7. Open the app, sign in, and complete the onboarding process. |
+| Android | 1. On the device, go to the Google Play store.<br/><br/>2. If you haven't already done so, download and install the Microsoft Authenticator app. Sign in, and register your device in the Microsoft Authenticator app. <br/><br/>3. In the Google Play store, search for the Microsoft Defender app, and install it. <br/><br/>4. Open the Microsoft Defender app, sign in, and complete the onboarding process. |
 | iOS | 1. On the device, go to the Apple App Store. <br/><br/>2. If you haven't already done so, download and install the Microsoft Authenticator app. Sign in, and register your device in the Microsoft Authenticator app.<br/><br/>3. In the Apple App Store, search for the Microsoft Defender app.<br/><br/>4. Sign in and install the app. <br/><br/>5. Agree to the terms of use to continue. <br/><br/>6. Allow the Microsoft Defender app to set up a VPN connection and add VPN configurations. <br/><br/>7. Choose whether to allow notifications (such as alerts).  |
 
 > [!TIP]
@@ -266,6 +267,7 @@ If your subscription includes Microsoft Intune, you can use it to onboard mobile
 After a device is enrolled in Intune, you can add it to a device group. [Learn more about device groups in Defender for Business](mdb-create-edit-device-groups.md).
 
 
+
 ## [**Servers**](#tab/Servers)
 
 ## Servers
@@ -352,6 +354,7 @@ You can use the following methods to onboard an instance of Linux Server to Defe
 > [!NOTE]
 > Onboarding an instance of Linux Server to Defender for Business is the same as onboarding to [Microsoft Defender for Endpoint on Linux](../defender-endpoint/microsoft-defender-endpoint-linux.md).
 
+
 ---
 
 ## View a list of onboarded devices
@@ -377,3 +380,4 @@ After you've onboarded a device, you can run a quick phishing test to make sure
 
 - If you have other devices to onboard, select the tab for those devices ([Windows 10 and 11, Mac, Servers, or Mobile devices](#what-to-do)), and follow the guidance on that tab.
 - If you're done onboarding devices, proceed to [Step 6: Configure your security settings and policies in Defender for Business](mdb-configure-security-settings.md).
+

microsoft-365/security/defender-endpoint/advanced-features.md

@@ -43,9 +43,6 @@ Use the following advanced features to get better protected from potentially mal
 
 ## Live response
 
-> [!NOTE]
-> Live response requires **Automated investigation** to be turned on before you can enable it in the advanced settings section in the Microsoft Defender for Endpoint portal.
-
 Turn on this feature so that users with the appropriate permissions can start a live response session on devices.
 
 For more information about role assignments, see [Create and manage roles](user-roles.md).

microsoft-365/security/defender-endpoint/respond-file-alerts.md

@@ -1,11 +1,7 @@
 ---
 title: Take response actions on a file in Microsoft Defender for Endpoint
 description: Take response actions on file-related alerts by stopping and quarantining a file or blocking a file and checking activity details.
-keywords: respond, stop and quarantine, block file, deep analysis
 ms.service: microsoft-365-security
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
 ms.author: diannegali
 author: diannegali
 ms.localizationpriority: medium
@@ -17,7 +13,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: mde
 search.appverid: met150
-ms.date: 07/10/2023
+ms.date: 08/07/2023
 ---
 
 # Take response actions on a file
@@ -155,7 +151,13 @@ The **Download file** button can have the following states:
 
 - **Disabled** - If the button is grayed out or disabled during an active collection attempt, you may not have appropriate RBAC permissions to collect files.
 
-  The following permissions are required: 
+  The following permissions are required:
+
+  For Microsoft 365 Defender Unified role-based access control (RBAC):
+
+     - Add file collection permission in Microsoft 365 Defender Unified (RBAC)
+ 
+  For Microsoft Defender for Endpoint role-based access control (RBAC):
 
     For Portable Executable file (.exe, .sys, .dll, and others)
     - Global admin or Advanced live response or Alerts 

microsoft-365/security/defender/before-you-begin-defender-experts.md

@@ -20,7 +20,7 @@ ms.collection:
   - tier1
 ms.topic: conceptual
 search.appverid: met150
-ms.date: 07/26/2022
+ms.date: 08/08/2023
 ---
 
 # Before you begin using Defender Experts for Hunting
@@ -43,6 +43,11 @@ Defender Experts for Hunting customers are assigned two Ask Defender Experts (Ex
 
 For more information about Microsoft's commercial licensing terms, visit [this page](https://www.microsoft.com/licensing/terms/productoffering/Microsoft365/MCA).
 
+### Server coverage
+
+Defender Experts for XDR also covers servers—whether on premises or on a hyperscale cloud service provider—that have Defender for Endpoint deployed on them with a Microsoft Defender for Server license. For Defender Experts coverage, a server is considered as a user account for billing. The service doesn’t cover Microsoft Defender for Cloud.
+[Learn more about specific hardware and software requirements](/microsoft-365/security/defender-endpoint/minimum-requirements).
+
 ### Access requirements
 
 Anyone from your organization can complete the customer interest form for Microsoft Defender Experts for Hunting service, however, you need to work with your Commercial Executive to transact the SKU. You might need certain roles and permissions to fully access the service capabilities. Refer to [Custom roles in role-based access control for Microsoft 365 Defender](custom-roles.md) for details.

microsoft-365/security/defender/before-you-begin-xdr.md

@@ -19,7 +19,7 @@ ms.collection:
   - tier1
 ms.topic: conceptual
 search.appverid: met150
-ms.date: 11/17/2022
+ms.date: 08/08/2023
 ---
 
 # Before you begin
@@ -44,6 +44,13 @@ Aside from the requirements stated previously, to get Defender Experts for XDR c
 
 Defender Experts for XDR is a managed extended detection and response (XDR) service. To get native XDR coverage, we recommend deploying the full Microsoft 365 Defender suite.
 
+### Server coverage
+
+Defender Experts for XDR also covers servers—whether on premises or on a hyperscale cloud service provider—that have Defender for Endpoint deployed on them with a Microsoft Defender for Server license. For Defender Experts coverage, a server is considered as a user account for billing. The service doesn’t cover Microsoft Defender for Cloud.
+[Learn more about specific hardware and software requirements](/microsoft-365/security/defender-endpoint/minimum-requirements).
+
+### Ask Defender Experts
+
 As part of the service's built-in [Microsoft Defender Experts for Hunting](defender-experts-for-hunting.md), you're also assigned two **Ask Defender Experts** credits on the first of each month, which you may use to submit questions. You can still submit inquiries beyond the initial number of allocated credits. Unused credits expire 90 days from date of assignment or at the end of the subscription term, whichever is shortest.
 
 [Learn more about Microsoft's commercial licensing terms](https://www.microsoft.com/licensing/terms/productoffering/Microsoft365/MCA).

microsoft-365/security/defender/defender-experts-for-hunting.md

@@ -19,7 +19,7 @@ ms.collection:
   - tier1
 ms.topic: conceptual
 search.appverid: met150
-ms.date: 05/05/2022
+ms.date: 08/08/2023
 ---
 
 # Microsoft Defender Experts for Hunting

microsoft-365/security/defender/dex-xdr-overview.md

@@ -19,7 +19,7 @@ ms.collection:
   - tier1
 ms.topic: conceptual
 search.appverid: met150
-ms.date: 05/29/2023
+ms.date: 08/08/2023
 ---
 
 # Microsoft Defender Experts for XDR