Merge branch 'public' into patch-7

MicrosoftDocs · Nov 21, 2024 · 9475527 · 9475527
2 parents 209372c + 67b877e
commit 9475527
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 13 deletions.
diff --git a/defender-endpoint/evaluate-exploit-protection.md b/defender-endpoint/evaluate-exploit-protection.md
@@ -118,13 +118,13 @@ The following table lists specific products that have compatibility issues with
 
 ## Enable exploit protection system settings for testing
 
-These Exploit Protection system settings are enabled by default on Windows 10 and later, Windows Server 2019 and later, and on Windows Server version 1803 core edition and later.
+These Exploit Protection system settings are enabled by default except for the Mandatory Address Space Layout Randomization (ASLR) on Windows 10 and later, Windows Server 2019 and later, and on Windows Server version 1803 core edition and later.
 
 | System settings | Setting |
 | -------- | -------- |
 | Control flow guard (CFG) | Use default (On) |
 | Data Execution Prevention (DEP) | Use default (On) |
-| Force randomization for images (Mandatory ASRL) | Use default (On) |
+| Force randomization for images (Mandatory ASRL) | Use default (Off) |
 | Randomize memory allocations (Bottom-up ASRL) | Use default (On) |
 | High-entropy ASRL | Use default (On) |
 | Validate exception chains (SEHOP) | Use default (On) |
@@ -136,7 +136,7 @@ The xml sample is available below
 <MitigationPolicy>
   <SystemConfig>
     <DEP Enable="true" EmulateAtlThunks="false" />
-    <ASLR ForceRelocateImages="true" RequireInfo="false" BottomUp="true" HighEntropy="true" />
+    <ASLR ForceRelocateImages="false" RequireInfo="false" BottomUp="true" HighEntropy="true" />
     <ControlFlowGuard Enable="true" SuppressExports="false" />
     <SEHOP Enable="true" TelemetryOnly="false" />
     <Heap TerminateOnError="true" />

diff --git a/defender-xdr/microsoft-365-defender.md b/defender-xdr/microsoft-365-defender.md
@@ -43,6 +43,9 @@ Microsoft Defender XDR helps security teams protect and detect their organizatio
 
 With the integrated Microsoft Defender XDR solution, security professionals can stitch together the threat signals that each of these products receive and determine the full scope and impact of the threat; how it entered the environment, what it's affected, and how it's currently impacting the organization. Microsoft Defender XDR takes automatic action to prevent or stop the attack and self-heal affected mailboxes, endpoints, and user identities.
 
+> [!NOTE]
+> Microsoft Defender XDR correlates signals from Microsoft security products that you have licensed and provisioned access to.
+
 <a name='microsoft-365-defender-protection'></a>
 
 ## Microsoft Defender XDR protection

diff --git a/defender-xdr/prerequisites.md b/defender-xdr/prerequisites.md
@@ -17,20 +17,21 @@ search.appverid:
   - MOE150
   - MET150
 ms.date: 07/18/2024
+appliesto:
+- Microsoft Defender XDR
 ---
 
 # Microsoft Defender XDR prerequisites
 
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/microsoft-defender.md)]
 
-
-**Applies to:**
-- Microsoft Defender XDR
-
 Learn about licensing and other requirements for provisioning and using [Microsoft Defender XDR](microsoft-365-defender.md).
 
 ## Licensing requirements
-Any of these licenses gives you access to Microsoft Defender XDR features via the Microsoft Defender portal without additional cost:
+
+Microsoft Defender XDR natively correlates Microsoft security products' signals, providing security operations teams a single pane of glass to detect, investigate, respond, and protect your assets. These signals are dependent on the license that you have and the access provisioned to you.
+
+Any of the these licenses gives you access to Microsoft Defender XDR features via the Microsoft Defender portal without additional cost:
 
 - Microsoft 365 E5 or A5
 - Microsoft 365 E3 with the Microsoft 365 E5 Security add-on
@@ -65,10 +66,8 @@ Go to Microsoft 365 admin center ([admin.microsoft.com](https://admin.microsoft.
 
 You must at least be a **security administrator** in Microsoft Entra ID to turn on Microsoft Defender XDR. For the list of roles required to use Microsoft Defender XDR and information on how access to data is regulated, read about [managing access to Microsoft Defender XDR](m365d-permissions.md).
 
->[!IMPORTANT]
->Microsoft recommends that you use roles with the fewest permissions. Using lower permissioned accounts helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
-
-
+> [!IMPORTANT]
+> Microsoft recommends that you use roles with the fewest permissions. Using lower permissioned accounts helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use an existing role.
 
 ## Browser requirements
 
@@ -86,10 +85,10 @@ Currently, the Microsoft Defender for Office 365 integration into the unified Mi
 - Sweden
 - Singapore
 
-
 ## Related articles
 
 - [Microsoft Defender XDR overview](microsoft-365-defender.md)
 - [Turn on Microsoft Defender XDR](m365d-enable.md)
 - [Manage access and permissions](m365d-permissions.md)
+
 [!INCLUDE [Microsoft Defender XDR rebranding](../includes/defender-m3d-techcommunity.md)]