Merge pull request #1 from martinalang/onboarding

Naming update: Microsoft Defender for Cloud

Onboarding/Misc/Inventory.md

@@ -1,17 +1,17 @@
 # Inventory (for reporting purposes)
 
-Most enterprise customers today have deployed Azure Security Center at least to some extent in their organizations. In this case, they can use [Azure Resource Graph](https://docs.microsoft.com/en-us/azure/governance/resource-graph/) queries to get an overview of their current security state and answer the following questions:
+Most enterprise customers today have deployed Microsoft Defender for Cloud at least to some extent in their organizations. In this case, they can use [Azure Resource Graph](https://docs.microsoft.com/en-us/azure/governance/resource-graph/) queries to get an overview of their current security state and answer the following questions:
 1.	How many subscriptions do I have?
-2.	How many of these subscriptions have been onboarded to ASC?
-3.	How many of these subscriptions have not yet been onboarded to ASC?
-4.	Which subscriptions have not yet been onboarded to ASC?
-5.	Which subscriptions are using ASC with Azure Defender fully enabled?
-6.	Which subscriptions are using ASC without Azure Defender fully enabled?
-7.	What is the coverage (On | On (partial) | Off) for Azure Defender across all of my subscriptions?
-8.	Which Azure Defender plans (Azure Defender for VMs, Azure Defender for KeyVaults, etc.) are enabled across all of my subscriptions?  
+2.	How many of these subscriptions have been onboarded to MDC?
+3.	How many of these subscriptions have not yet been onboarded to MDC?
+4.	Which subscriptions have not yet been onboarded to MDC?
+5.	Which subscriptions are using MDC with Microsoft Defender for Cloud fully enabled?
+6.	Which subscriptions are using MDC without Microsoft Defender for Cloud fully enabled?
+7.	What is the coverage (On | On (partial) | Off) for Microsoft Defender for Cloud across all of my subscriptions?
+8.	Which Microsoft Defender plans (Microsoft Defender for VMs, Microsoft Defender for KeyVaults, etc.) are enabled across all of my subscriptions?  
 
-The matching Azure Resource Graph queries can be found [here](https://github.com/Azure/Azure-Security-Center/tree/master/Kusto/Azure%20Resource%20Graph/Starter%20Kit%20-%20ASC%20Pricing).
+The matching Azure Resource Graph queries can be found [here](https://github.com/Azure/Microsoft-Defender-for-Cloud/tree/main/Kusto/Azure%20Resource%20Graph/Starter%20Kit%20-%20ASC%20Pricing).
 
 In order to run these Azure Resource Graph queries, we recommend that customers have at least *Security Admin* and *Reader* permissions on the appropriate management group level. For further details, refer to [Step #2 in Module 2 - Roles and permissions](./Modules/2-Roles-and-Permissions.md#step-2---assign-the-necessary-rbac-permissions-to-the-central-security-team).
 
-Running these queries is an optional step, but it helps to compare the customers current security state to the security state after rolling out and governing ASC centrally, and it may be useful for reporting progress to management.
+Running these queries is an optional step, but it helps to compare the customers current security state to the security state after rolling out and governing MDC centrally, and it may be useful for reporting progress to management.

Onboarding/Misc/Next-Steps.md

@@ -1,17 +1,17 @@
 # Next steps
 
-After successfully onboarding all enterprise subscriptions and customizing ASC to their needs, the customer’s central security team should regularly monitor the ASC Secure Score and see it as a key performance indicator for their security posture.
+After successfully onboarding all enterprise subscriptions and customizing MDC to their needs, the customer’s central security team should regularly monitor the MDC Secure Score and see it as a key performance indicator for their security posture.
 
-The following articles can help customers to establish a routine in regularly checking ASC recommendations and alerts:
+The following articles can help customers to establish a routine in regularly checking MDC recommendations and alerts:
 *	[Monitor the security health of your Azure resources](https://docs.microsoft.com/en-us/azure/security-center/security-center-monitoring)
-*	[Manage security recommendations in Security Center](https://docs.microsoft.com/en-us/azure/security-center/security-center-recommendations)
+*	[Manage security recommendations in Microsoft Defender for Cloud](https://docs.microsoft.com/en-us/azure/security-center/review-security-recommendations)
 *	[Learn how to remediate recommendations](https://docs.microsoft.com/en-us/azure/security-center/security-center-remediate-recommendations)
-*	[Manage and respond to security alerts in Azure Security Center](https://docs.microsoft.com/en-us/azure/security-center/security-center-managing-and-responding-alerts)
+*	[Manage and respond to security alerts in Microsoft Defender for Cloud](https://docs.microsoft.com/en-us/azure/security-center/security-center-managing-and-responding-alerts)
 *	[Prevent misconfigurations with Enforce/Deny](https://docs.microsoft.com/en-us/azure/security-center/prevent-misconfigurations)
 *	[Deliver a Secure Score weekly briefing](https://techcommunity.microsoft.com/t5/azure-security-center/deliver-a-security-score-weekly-briefing/ba-p/1411515)
 
 
 <br />
 
-### &#8680; For some hands-on experience, we recommend to take one of our ASC Labs: [Azure Security Center Labs](https://github.com/Azure/Azure-Security-Center/tree/master/Labs)
+### &#8680; For some hands-on experience, we recommend to take one of our MDC Labs: [Microsoft Defender for Cloud Labs](https://github.com/Azure/Microsoft-Defender-for-Cloud/tree/main/Labs)
 

Onboarding/Modules/1-Prerequisites.md

@@ -2,7 +2,7 @@
 
 ## Step #0 – Ensure the basic environment setup and knowledge are in place
 
-To follow the implementation steps in this document, it is necessary that customers have a solid understanding of Azure Security Center (ASC) and its basic functionality and features. They should also be familiar with the governance and automation options in Azure to successfully deploy ASC in their organization. We therefore assume that customers are familiar with the following concepts:
+To follow the implementation steps in this document, it is necessary that customers have a solid understanding of Microsoft Defender for Cloud (MDC) and its basic functionality and features. They should also be familiar with the governance and automation options in Azure to successfully deploy MDC in their organization. We therefore assume that customers are familiar with the following concepts:
 
 * The customer understands the shared responsibility model and the threat landscape in the cloud.
     * [Shared responsibility in the cloud](https://docs.microsoft.com/en-us/azure/security/fundamentals/shared-responsibility)
@@ -14,21 +14,21 @@ To follow the implementation steps in this document, it is necessary that custom
     *	[Management group and subscription organization](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/enterprise-scale/management-group-and-subscription-organization)
     *	[Governance guide for complex enterprises](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/govern/guides/complex/)
     *	[Organize and manage multiple Azure subscriptions](https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/organize-subscriptions)
-*	The customer has a basic understanding of Azure Security Center and its functionalities.
-    *	[What is Azure Security Center?](https://docs.microsoft.com/en-us/azure/security-center/security-center-introduction)
-    *	[Azure Security Center’s overview page](https://docs.microsoft.com/en-us/azure/security-center/overview-page)
+*	The customer has a basic understanding of Microsoft Defender for Cloud and its functionalities.
+    *	[What is Microsoft Defender for Cloud?](https://docs.microsoft.com/en-us/azure/security-center/security-center-introduction)
+    *	[Microsoft Defender for Cloud’s overview page](https://docs.microsoft.com/en-us/azure/security-center/overview-page)
     *	[Security recommendations](https://docs.microsoft.com/en-us/azure/security-center/recommendations-reference)
-    *	[Introduction to Azure Defender](https://docs.microsoft.com/en-us/azure/security-center/azure-defender)
+    *	[Introduction to Microsoft Defender for Cloud](https://docs.microsoft.com/en-us/azure/security-center/defender-for-cloud-introduction)
     *	[Working with security policies](https://docs.microsoft.com/en-us/azure/security-center/tutorial-security-policy)
-*	The organization understands the different roles that are available within Azure Security Center and RBAC (Role-based access control) in general.
-    *	[Permissions in Azure Security Center](https://docs.microsoft.com/en-us/azure/security-center/security-center-permissions)
+*	The organization understands the different roles that are available within Microsoft Defender for Cloud and RBAC (Role-based access control) in general.
+    *	[Permissions in Microsoft Defender for Cloud](https://docs.microsoft.com/en-us/azure/security-center/security-center-permissions)
     *	[What is Azure RBAC?](https://docs.microsoft.com/en-us/azure/role-based-access-control/overview)
     *	[Azure built-in roles](https://docs.microsoft.com/en-us/azure/role-based-access-control/built-in-roles)
 *	The customer knows how to use a Log Analytics workspace and has decided on a Log Analytics workspace design (centralized or distributed).
-    *	[Best practices for designing an Azure Sentinel or Azure Security Center Log Analytics workspace](https://techcommunity.microsoft.com/t5/azure-sentinel/best-practices-for-designing-an-azure-sentinel-or-azure-security/ba-p/832574)
+    *	[Best practices for designing an Microsoft Sentinel or Microsoft Defender for Cloud Log Analytics workspace](https://techcommunity.microsoft.com/t5/azure-sentinel/best-practices-for-designing-an-azure-sentinel-or-azure-security/ba-p/832574)
     *	[Design a workspace deployment](https://docs.microsoft.com/en-us/azure/azure-monitor/platform/design-logs-deployment#important-considerations-for-an-access-control-strategy)
-*	The customer understands ASC pricing, Azure Monitor pricing, and Azure bandwidth costs.
-    *	[ASC Pricing](https://azure.microsoft.com/en-us/pricing/details/security-center/)
+*	The customer understands MDC pricing, Azure Monitor pricing, and Azure bandwidth costs.
+    *	[MDC Pricing](https://azure.microsoft.com/en-us/pricing/details/azure-defender/)
     *	[Azure Monitor Pricing](https://azure.microsoft.com/en-us/pricing/details/monitor/)
     *	[Azure Bandwidth Pricing](https://azure.microsoft.com/en-us/pricing/details/bandwidth/)
 *	The customer has a solid understanding of Azure Policy and other Azure Governance constructs like Azure Blueprints and Azure Resource Graph.

Onboarding/Modules/2-Roles-and-Permissions.md

@@ -1,7 +1,7 @@
 # Module 2 - Roles & Permissions
 
 ## Step #1 - Create a central team that will be responsible for tracking and/or enforcing security on your Azure environment
-To manage Azure Security Center organization-wide, it is necessary that customers have named a team who is responsible for monitoring and governing their Azure environment from a security perspective.  
+To manage Microsoft Defender for Cloud organization-wide, it is necessary that customers have named a team who is responsible for monitoring and governing their Azure environment from a security perspective.  
 Depending on the responsibility model in the organization, we most commonly see one of the following two options how a central security team operates within an organization.
 
 ### Option A - Security controls are deployed  by a central team
@@ -40,7 +40,7 @@ Customers need to make sure that the central security team has been assigned the
 
 | Action |	RBAC Role	| Option A) | Option B)
 | --- | :---: | :---: | :---:
-Need to view configurations, update the security policy, and dismiss recommendations and alerts in Security Center.	| **Security Admin** on Root MG*	|	✓ |	✓
+Need to view configurations, update the security policy, and dismiss recommendations and alerts in Microsoft Defender for Cloud.	| **Security Admin** on Root MG*	|	✓ |	✓
 Need to have read and write access to Azure resources for remediation (this includes assigning the appropriate permission to the managed identity used by a deployIfNotExists or modify policy)	| **Contributor** on Root MG*	|	✓ |	✕
 Need to have read only access to Azure resources for investigation. (This does not include read access to secrets or data plane details)	| **Reader** on Root MG*	|	✕ |	✓
 > *Depending on the customer’s management group structure, an assignment lower in the management group hierarchy may be more appropriate.*