diff --git a/defender-endpoint/aggregated-reporting.md b/defender-endpoint/aggregated-reporting.md
index e2e0ae2054..b9fa4b0ac2 100644
--- a/defender-endpoint/aggregated-reporting.md
+++ b/defender-endpoint/aggregated-reporting.md
@@ -61,9 +61,9 @@ Aggregated reporting supports the following event types:
 > [!div class="mx-tdBreakAll"]
 > |Action type|Advanced hunting table|Device timeline presentation|Properties|
 > |:---|:---|:-------|:-------------------------------|
-> |FileCreatedAggregatedReport|DeviceFileEvents|{ProcessName} created {Occurrences} {FilePath} files|1. File path </br> 2. Process name </br> 3. Process name|
->|FileRenamedAggregatedReport|DeviceFileEvents|{ProcessName} renamed {Occurrences} {FilePath} files|1. File path </br> 2. Process name </br> 3. Process name|
-> |FileModifiedAggregatedReport|DeviceFileEvents|{ProcessName} modified {Occurrences} {FilePath} files|1. File path </br> 2. Process name </br> 3. Process name|
+> |FileCreatedAggregatedReport|DeviceFileEvents|{ProcessName} created {Occurrences} {FilePath} files|1. File path </br> 2. File extension </br> 3. Process name|
+>|FileRenamedAggregatedReport|DeviceFileEvents|{ProcessName} renamed {Occurrences} {FilePath} files|1. File path </br> 2. File extension </br> 3. Process name|
+> |FileModifiedAggregatedReport|DeviceFileEvents|{ProcessName} modified {Occurrences} {FilePath} files|1. File path </br> 2. File extension </br> 3. Process name|
 > |ProcessCreatedAggregatedReport|DeviceProcessEvents|{InitiatingProcessName} created {Occurrences} {ProcessName} processes|1. Initiating process command line </br> 2. Initiating process SHA1 </br> 3. Initiating process file path </br> 4. Process command line </br> 5. Process SHA1 </br> 6. Folder path|
 > |ConnectionSuccessAggregatedReport|DeviceNetworkEvents|{InitiatingProcessName} established {Occurrences} connections with {RemoteIP}:{RemotePort}|1. Initiating process name </br> 2. Source IP </br> 3. Remote IP </br> 4. Remote port|
 > |ConnectionFailedAggregatedReport|DeviceNetworkEvents|{InitiatingProcessName} failed to establish {Occurrences} connections with {RemoteIP:RemotePort}|1. Initiating process name </br> 2. Source IP </br> 3. Remote IP </br> 4. Remote port|
@@ -92,7 +92,7 @@ You can use the following KQL queries to gather specific information using aggre
 
 The following query highlights noisy process activity, which can be correlated with malicious signals.
 
-```KQL
+```Kusto
 DeviceProcessEvents
 | where Timestamp > ago(1h)
 | where ActionType == "ProcessCreatedAggregatedReport"
@@ -105,7 +105,7 @@ DeviceProcessEvents
 
 The following query identifies repeated sign-in attempt failures.
 
-```KQL
+```Kusto
 DeviceLogonEvents
 | where Timestamp > ago(30d)
 | where ActionType == "LogonFailedAggregatedReport"
@@ -119,7 +119,7 @@ DeviceLogonEvents
 
 The following query identifies suspicious RDP connections, which might indicate malicious activity.
 
-```KQL
+```Kusto
 DeviceNetworkEvents
 | where Timestamp > ago(1d)
 | where ActionType endswith "AggregatedReport"
diff --git a/defender-endpoint/mac-device-control-faq.md b/defender-endpoint/mac-device-control-faq.md
index 910648aad3..edf7e1c0ff 100644
--- a/defender-endpoint/mac-device-control-faq.md
+++ b/defender-endpoint/mac-device-control-faq.md
@@ -2,8 +2,9 @@
 title: macOS Device control policies frequently asked questions (FAQ)
 description: Get answers to common questions about device control policies using JAMF or Intune.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
@@ -39,7 +40,7 @@ Answer: Run _mdatp device-control policy preferences list_ to see all the iOS po
 
 :::image type="content" source="media/macos-device-control-faq-enabled-default-enforcement.png" alt-text="Shows how to run mdatp device-control policy preferences list to see if a device is Device Control enabled. " lightbox="media/macos-device-control-faq-enabled-default-enforcement.png":::
 
-### How do I know whether the policy has been delivered to the client machine?
+### How do I know if the policy is delivered to the client machine?
 
 Answer: Run _mdatp device-control policy rules list_ to see all the iOS policies on this machine:
 
diff --git a/defender-endpoint/mac-device-control-intune.md b/defender-endpoint/mac-device-control-intune.md
index 41104b88e7..6d87c43074 100644
--- a/defender-endpoint/mac-device-control-intune.md
+++ b/defender-endpoint/mac-device-control-intune.md
@@ -2,8 +2,9 @@
 title: Deploy and manage Device Control using Intune 
 description: Learn how to deploy and manage device control policies using Intune.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
@@ -44,7 +45,7 @@ Before you get started with Removable Storage Access Control, you must confirm y
 Now, you have `groups`, `rules`, and `settings`, replace the mobileconfig file with those values and put it under the Device Control node. Here's the demo file: [mdatp-devicecontrol/demo.mobileconfig at main - microsoft/mdatp-devicecontrol (github.com)](https://github.com/microsoft/mdatp-devicecontrol/blob/main/macOS/mobileconfig/demo.mobileconfig). Make sure validate your policy with the JSON schema and make sure your policy format is correct: [mdatp-devicecontrol/device_control_policy_schema.json at main - microsoft/mdatp-devicecontrol (github.com)](https://github.com/microsoft/mdatp-devicecontrol/blob/main/macOS/policy/device_control_policy_schema.json).
 
 > [!NOTE]
-> See [Device Control for macOS](mac-device-control-overview.md) for information about settings, rules and groups.
+> See [Device Control for macOS](mac-device-control-overview.md) for information about settings, rules, and groups.
 
 ### Deploy the mobileconfig file using Intune
 
diff --git a/defender-endpoint/mac-device-control-jamf.md b/defender-endpoint/mac-device-control-jamf.md
index 45fdb6f6ec..8c5aa2b27e 100644
--- a/defender-endpoint/mac-device-control-jamf.md
+++ b/defender-endpoint/mac-device-control-jamf.md
@@ -2,8 +2,9 @@
 title: Deploy and manage device control using JAMF 
 description: Learn how to use device control policies using JAMF.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
@@ -42,27 +43,27 @@ Before you get started with Removable Storage Access Control, you must confirm y
 
 ### Step 1: Create policy JSON
 
-Now, you have 'groups' and 'rules' and 'settings', combine 'settings' and 'groups' and rules into one JSON, here is the demo file: [https://github.com/microsoft/mdatp-devicecontrol/blob/main/macOS/policy/samples/deny_removable_media_except_kingston.json](https://github.com/microsoft/mdatp-devicecontrol/blob/main/macOS/policy/samples/deny_removable_media_except_kingston.json). Make sure to validate your policy with the JSON schema so your policy format is correct: [https://github.com/microsoft/mdatp-devicecontrol/blob/main/macOS/policy/device_control_policy_schema.json](https://github.com/microsoft/mdatp-devicecontrol/blob/main/macOS/policy/device_control_policy_schema.json).
+Now, you have 'groups' and 'rules' and 'settings', combine 'settings' and 'groups' and rules into one JSON, here's the demo file: [https://github.com/microsoft/mdatp-devicecontrol/blob/main/macOS/policy/samples/deny_removable_media_except_kingston.json](https://github.com/microsoft/mdatp-devicecontrol/blob/main/macOS/policy/samples/deny_removable_media_except_kingston.json). Make sure to validate your policy with the JSON schema so your policy format is correct: [https://github.com/microsoft/mdatp-devicecontrol/blob/main/macOS/policy/device_control_policy_schema.json](https://github.com/microsoft/mdatp-devicecontrol/blob/main/macOS/policy/device_control_policy_schema.json).
 
-See [Device Control for macOS](mac-device-control-overview.md) for information about settings, rules and groups.
+See [Device Control for macOS](mac-device-control-overview.md) for information about settings, rules, and groups.
 
 ### Step 2: Update MDE Preferences Schema
 
-The [MDE Preferences schema](https://github.com/microsoft/mdatp-xplat/blob/master/macos/schema/schema.json) has been updated to include the new `deviceControl/policy` key. The existing MDE Preferences configuration profile should be updated to use the new schema file's content.
+The [MDE Preferences schema](https://github.com/microsoft/mdatp-xplat/blob/master/macos/schema/schema.json) is updated to include the new `deviceControl/policy` key. The existing MDE Preferences configuration profile should be updated to use the new schema file's content.
 
 :::image type="content" source="media/macos-device-control-jamf-mde-preferences-schema.png" alt-text="Shows where to edit the Microsoft Defender for Endpoint Preferences Schema to update." lightbox="media/macos-device-control-jamf-mde-preferences-schema.png":::
 
 ### Step 3: Add Device Control Policy to MDE Preferences
 
-A new 'Device Control' property will now be available to add to the UX.  
+A new 'Device Control' property is now available to add to the UX.  
 
 1. Select the topmost **Add/Remove properties** button, then select **Device Control** and press **Apply**.
 
 :::image type="content" source="media/macos-device-control-jamf-device-control-property.png" alt-text="Shows how to add Device Control in Microsoft Defender for Endpoint" lightbox="media/macos-device-control-jamf-device-control-property.png":::
 
-2. Next, scroll down until you see the **Device Control** property (it will be the bottommost entry), and select **Add/Remove properties** directly underneath it.
+2. Next, scroll down until you see the **Device Control** property (it's the bottommost entry), and select **Add/Remove properties** directly underneath it.
 
-3. Select **Device Control Policy**, and then click **Apply**.  
+3. Select **Device Control Policy**, and then select **Apply**.  
 
 :::image type="content" source="media/macos-device-control-jamf-device-control-add-remove-property.png" alt-text="Shows how to apply Device Control Policy in Microsoft Defender for Endpoint." lightbox="media/macos-device-control-jamf-device-control-add-remove-property.png":::
 
diff --git a/defender-endpoint/mac-device-control-manual.md b/defender-endpoint/mac-device-control-manual.md
index f943626a0a..875e139d24 100644
--- a/defender-endpoint/mac-device-control-manual.md
+++ b/defender-endpoint/mac-device-control-manual.md
@@ -2,8 +2,9 @@
 title: Deploy and manage device control manually
 description: Learn how to use device control policies manually.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-device-control-overview.md b/defender-endpoint/mac-device-control-overview.md
index b0b3645d89..b06388ed12 100644
--- a/defender-endpoint/mac-device-control-overview.md
+++ b/defender-endpoint/mac-device-control-overview.md
@@ -2,8 +2,9 @@
 title: Device control for macOS
 description: Learn how to configure Microsoft Defender for Endpoint on Mac to reduce threats from removable storage such as USB devices.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
@@ -51,7 +52,7 @@ Microsoft Defender for Endpoint Device Control feature enables you to:
 
 - Microsoft Defender for Endpoint entitlement (can be trial)
 - Minimum OS version: macOS 11 or higher
-- Deploy Full Disk Access: you may already have previously created and deployed this [https://github.com/microsoft/mdatp-xplat/blob/master/macos/mobileconfig/profiles/fulldisk.mobileconfig](https://github.com/microsoft/mdatp-xplat/blob/master/macos/mobileconfig/profiles/fulldisk.mobileconfig) for other MDE features. You need to grant Full Disk Access permission for a new application: `com.microsoft.dlp.daemon`.
+- Deploy Full Disk Access: you might have created and deployed this [https://github.com/microsoft/mdatp-xplat/blob/master/macos/mobileconfig/profiles/fulldisk.mobileconfig](https://github.com/microsoft/mdatp-xplat/blob/master/macos/mobileconfig/profiles/fulldisk.mobileconfig) for other MDE features. You need to grant Full Disk Access permission for a new application: `com.microsoft.dlp.daemon`.
 - Enable Device Control on the MDE Preference setting:
 
   - Data Loss Prevention (DLP)/Features/
@@ -89,7 +90,7 @@ Example 2: [demo.mobileconfig](https://github.com/microsoft/mdatp-devicecontrol/
 
 ## Understanding policies
 
-Policies determine the behavior of device control for macOS.  The policy is targeted via Intune or JAMF to a collection of machines or users.  
+Policies determine the behavior of device control for macOS. The policy is targeted via Intune or JAMF to a collection of machines or users.  
 
 The Device Control for macOS policy includes settings, groups, and rules:
 
@@ -111,9 +112,9 @@ The Device Control for macOS policy includes settings, groups, and rules:
 
 Device control for macOS has similar capabilities to Device control for Windows, but macOS and Windows provide different underlying capabilities to manage devices, so there are some important differences:
 
-- macOS doesn't have a centralized Device Manager or view of devices. Access is granted/denied to applications that interact with devices.  This is why on macOS there are a richer set of [access types](#access-types).  For example on a ```portableDevice``` device control for macOS can deny or allow ```download_photos_from_device```.
-- To stay consistent with Windows, there are ```generic_read```,```generic_write``` and ```generic_execute``` access types.  Policies with generic access types don't need to be changed if/when additional specific access types are added in the future.  The best practice is to use generic access types unless there's a specific need to deny/allow a more specific operation.
-- Creating a ```deny``` policy using generic access types is the best way to attempt to completely block all operations for that type of device (e.g. Android phones), but there may still be gaps if the operation is performed using an application that isn't supported by macOS device control.     
+- macOS doesn't have a centralized Device Manager or view of devices. Access is granted/denied to applications that interact with devices. This is why on macOS there are a richer set of [access types](#access-types). For example of a ```portableDevice``` device control for macOS can deny or allow ```download_photos_from_device```.
+- To stay consistent with Windows, there are ```generic_read```,```generic_write``` ,and ```generic_execute``` access types. Policies with generic access types don't need to be changed if/when more specific access types are added in the future. The best practice is to use generic access types unless there's a specific need to deny/allow a more specific operation.
+- Creating a ```deny``` policy using generic access types is the best way to attempt to completely block all operations for that type of device (for example, Android phones), but there might still be gaps if the operation is performed using an application that isn't supported by macOS device control.     
 
 
 ### Settings
@@ -122,7 +123,7 @@ Here are the properties you can use when you create the groups, rules, and setti
 
 | Property name | Description | Options |
 |:---|:---|:---|
-| features | Feature specific configurations | You can set `disable` to false or true for following features: <br/>- `removableMedia`<br/>- `appleDevice`<br/>- `portableDevice`, including camera or PTP media<br/>- `bluetoothDevice`<br/><br/>The default is `true`, so if you don't configure this value, it will not apply even if you create a custom policy for `removableMedia`, because it's disabled by default. |
+| features | Feature specific configurations | You can set `disable` to false or true for following features: <br/>- `removableMedia`<br/>- `appleDevice`<br/>- `portableDevice`, including camera or PTP media<br/>- `bluetoothDevice`<br/><br/>The default is `true`, so if you don't configure this value, it won't apply even if you create a custom policy for `removableMedia`, because it's disabled by default. |
 | global | Set default enforcement  | You can set `defaultEnforcement` to<br/>- `allow` (_default_)<br/>- `deny` |
 | ux | You can set a hyperlink on notification. | `navigationTarget: string`. Example: `"http://www.microsoft.com"` |
 
@@ -167,8 +168,8 @@ Query type 2 is as follows:
 | clause $type | value | Description |
 |:---|:---|:---|
 | `primaryId` | One of: <br>- `apple_devices`<br>- `removable_media_devices` <br>- `portable_devices` <br>- `bluetooth_devices` | |
-| `vendorId` | 4 digit hexadecimal string | Matches a device's vendor ID |
-| `productId` | 4 digit hexadecimal string | Matches a device's product ID |
+| `vendorId` | Four digit hexadecimal string | Matches a device's vendor ID |
+| `productId` | Four digit hexadecimal string | Matches a device's product ID |
 | `serialNumber` | string | Matches a device's serial number. Doesn't match if the device doesn't have a serial number. |
 | `encryption` | apfs | Match if a device is apfs-encrypted. |
 | `groupId` | UUID string | Match if a device is a member of another group. The value represents the UUID of the group to match against. <br> The group must be defined within the policy prior to the clause. |
@@ -179,8 +180,8 @@ Query type 2 is as follows:
 |:---|:---|:---|
 | `id` | GUID, a unique ID, represents the rule and will be used in the policy. | New-Guid (Microsoft.PowerShell.Utility) - PowerShell <br> uuidgen |
 | `name` | String, the name of the policy and will display on the toast based on the policy setting. | |
-| `includeGroups` | The group(s) that the policy will be applied to. If multiple groups are specified, the policy applies to any media in all those groups. If not specified, the rule applies to all devices. | The **id** value inside the group must be used in this instance. If multiple groups are in the `includeGroups`, it's _AND_. <br/> `"includeGroups": ["3f082cd3-f701-4c21-9a6a-ed115c28e217"]` |
-| `excludeGroups` | The group(s) that the policy doesn't apply to. | The **id** value inside the group must be used in this instance. If multiple groups are in the excludeGroups, it's _OR_. |
+| `includeGroups` | The groups that the policy will be applied to. If multiple groups are specified, the policy applies to any media in all those groups. If not specified, the rule applies to all devices. | The **id** value inside the group must be used in this instance. If multiple groups are in the `includeGroups`, it's _AND_. <br/> `"includeGroups": ["3f082cd3-f701-4c21-9a6a-ed115c28e217"]` |
+| `excludeGroups` | The groups that the policy doesn't apply to. | The **id** value inside the group must be used in this instance. If multiple groups are in the excludeGroups, it's _OR_. |
 | `entries` | One rule can have multiple entries; each entry with a unique GUID tells Device Control one restriction.| See entry properties table later in this article to get the details. |
 
 The following table lists the properties you can use in your entry:
@@ -189,7 +190,7 @@ The following table lists the properties you can use in your entry:
 |:---|:---|:---|
 | `$type` | | Includes: <br/>- `removableMedia`<br/>- `appleDevice`<br/>- `PortableDevice`<br/>- `bluetoothDevice`<br/>- `generic` |
 | enforcement | | - `$type`:<br/>- `allow`<br/>- `deny`<br/>- `auditAllow`<br/>- `auditDeny`<br/><br/>**When $type allow is selected, options value supports:** <br/>- `disable_audit_allow`<br/> Even if **Allow** happens and the **auditAllow** is setting configured, the system won't send event.<br/><br/>**When $type deny is selected, options value supports:** <br/>`disable_audit_deny`<br/>Even if **Block** happens and the **auditDeny** is setting configured, the system won't show notification or send event.<br/><br/>**When $type auditAllow is selected, options value supports:** <br/>`send_event`<br/><br/>**When $type auditDeny is selected, options value supports:** <br/>`send_event`<br/>`show_notification` |
-| `access`| |Specify one or more access rights for this rule. These may include either device specific granular permissions, or broader generic permissions. See table below for more details on the valid access types for a given entry $type. |
+| `access`| |Specify one or more access rights for this rule. These might include either device specific granular permissions, or broader generic permissions. See table below for more details on the valid access types for a given entry $type. |
 | `id`| UUID| |
 
 The following table lists the properties you can use in entry:
@@ -220,7 +221,7 @@ The following table lists the properties you can use in entry:
 | **appleDevice** | backup_device | generic_read | |
 | appleDevice | update_device | generic_write | |
 | appleDevice | download_photos_from_device | generic_read | download photo from the specific iOS device to local machine |
-| appleDevice | download_files_from_device | generic_read | download file(s) from the specific iOS device to local machine |
+| appleDevice | download_files_from_device | generic_read | download files from the specific iOS device to local machine |
 | appleDevice | sync_content_to_device | generic_write | sync content from local machine to specific iOS device |
 | **portableDevice**| download_files_from_device | generic_read | |
 | portableDevice | send_files_to_device | generic_write | |
@@ -258,7 +259,7 @@ v2_full_disk_access                         : "approved"
 - `active` - feature version, you should see ["v2"]. (Device Control is enabled, but not configured.)
     - [] - Device Control isn't configured on this machine.
     - ["v1"] - You are on a preview version of Device Control. Migrate to version 2 using this guide. v1 is considered obsolete and not described in this documentation.
-    - ["v1","v2"] - You have both v1 and v2 enabled. Offboard from v1.
+    - ["v1,""v2"] - You have both v1 and v2 enabled. Offboard from v1.
 - `v1_configured` - v1 configuration is applied
 - `v1_enforcement_level` - when v1 is enabled
 - `v2_configured` - v2 configuration is applied
@@ -268,7 +269,7 @@ v2_full_disk_access                         : "approved"
 
 ## Reporting
 
-You are able to see the policy event on Advanced hunting and Device Control report. For more information, see [Protect your organization's data with Device Control](device-control-report.md).
+You're able to see the policy event on Advanced hunting and Device Control report. For more information, see [Protect your organization's data with Device Control](device-control-report.md).
 
 ## Scenarios
 
@@ -472,10 +473,10 @@ In this case, only have one access rule policy, but if you have multiple, make s
 ## Known Issues
 
 > [!WARNING]
-> Device Control on macOS restricts Android devices that are connected using PTP mode **only**.  Device control does not restrict other modes such as File Transfer, USB Tethering and MIDI.
+> Device Control on macOS restricts Android devices that are connected using PTP mode **only**.  Device control doesn't restrict other modes such as File Transfer, USB Tethering, and MIDI.
 
 > [!WARNING]
-> Device Control on macOS does not prevent software developed on XCode from being transferred to an external device.
+> Device Control on macOS doesn't prevent software developed on XCode from being transferred to an external device.
 
 
 
diff --git a/defender-endpoint/mac-exclusions.md b/defender-endpoint/mac-exclusions.md
index 0b9d371d34..7a2acf133b 100644
--- a/defender-endpoint/mac-exclusions.md
+++ b/defender-endpoint/mac-exclusions.md
@@ -2,8 +2,9 @@
 title: Configure and validate exclusions for Microsoft Defender for Endpoint on Mac
 description: Provide and validate exclusions for Microsoft Defender for Endpoint on Mac. Exclusions can be set for files, folders, and processes.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
@@ -40,7 +41,7 @@ Exclusions can be useful to avoid incorrect detections on files or software that
 To narrow down which process and/or path and/or extension you need to exclude, use [real-time-protection-statistics](mac-support-perf.md).
 
 > [!WARNING]
-> Defining exclusions lowers the protection offered by Defender for Endpoint on Mac. You should always evaluate the risks that are associated with implementing exclusions, and you should only exclude files that you are confident are not malicious.
+> Defining exclusions lowers the protection offered by Defender for Endpoint on Mac. You should always evaluate the risks that are associated with implementing exclusions, and you should only exclude files that you're confident aren't malicious.
 
 ## Supported exclusion types
 
@@ -61,9 +62,9 @@ File, folder, and process exclusions support the following wildcards:
 |?|Matches any single character|`file?.log` includes `file1.log` and `file2.log`, but not `file123.log`|
 
 > [!NOTE]
-> When using the * wildcard at the end of the path, it will match all files and subdirectories under the parent of the wildcard.
+> Using the * wildcard at the end of the path, it matches all files and subdirectories under the parent of the wildcard.
 >
-> The product attempts to resolve firmlinks when evaluating exclusions. Firmlink resolution does not work when the exclusion contains wildcards or the target file (on the `Data` volume) does not exist.
+> The product attempts to resolve firm links when evaluating exclusions. Firm link resolution doesn't work when the exclusion contains wildcards or the target file (on the `Data` volume) doesn't exist.
 
 ## Best practices for adding antimalware exclusions for Microsoft Defender for Endpoint on macOS.
 
@@ -73,7 +74,7 @@ File, folder, and process exclusions support the following wildcards:
 
    *except for apps that the ISV stated that there's no other tweaking that could be done to prevent the false positive or higher cpu utilization from occurring.
 
-1. Avoid migrating non-Microsoft antimalware exclusions since they may no longer be applicable nor applicable to Microsoft Defender for Endpoint on macOS.
+1. Avoid migrating non-Microsoft antimalware exclusions since they might no longer be applicable nor applicable to Microsoft Defender for Endpoint on macOS.
 
 1. Order of exclusions to consider top (more secure) to bottom (least secure):
 
diff --git a/defender-endpoint/mac-install-jamfpro-login.md b/defender-endpoint/mac-install-jamfpro-login.md
index 33f274d72d..859515bdbe 100644
--- a/defender-endpoint/mac-install-jamfpro-login.md
+++ b/defender-endpoint/mac-install-jamfpro-login.md
@@ -2,8 +2,9 @@
 title: Sign in to Jamf Pro
 description: Sign in to Jamf Pro.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-install-manually.md b/defender-endpoint/mac-install-manually.md
index 8afc82d63c..b74c3abe60 100644
--- a/defender-endpoint/mac-install-manually.md
+++ b/defender-endpoint/mac-install-manually.md
@@ -2,8 +2,9 @@
 title: Manual deployment for Microsoft Defender for Endpoint on macOS
 description: Install Microsoft Defender for Endpoint on macOS manually, from the command line.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
@@ -98,13 +99,13 @@ To complete this process, you must have admin privileges on the device.
 
     :::image type="content" source="media/installation-type.png" alt-text="Screenshot that shows the final installation step.":::
 
-7. Click **Install**.
+7. Select **Install**.
 
 8. Enter the password, when prompted.
 
     :::image type="content" source="media/password-2g.png" alt-text="Screenshot that shows the password dialog box.":::
 
-9. Click **Install Software**.
+9. Select **Install Software**.
 
 10. At the end of the installation process, for macOS Big Sur (11.0) or latest version, you're prompted to approve the system extensions used by the product. Select **Open Security Preferences**.
 
@@ -131,37 +132,37 @@ To complete this process, you must have admin privileges on the device.
 The macOS Catalina (10.15) and newer versions require full disk access to be granted to **Microsoft Defender for Endpoint** in order to be able to protect and monitor.
 
 > [!NOTE]
-> Full disk access grant to **Microsoft Defender for Endpoint** is a new requirement for all the third-party software by Apple for files and folders containing personal data.
+> Full disk access grant to **Microsoft Defender for Endpoint** is a new requirement for non-Microsoft software by Apple for files and folders containing personal data.
 
 To grant full disk access:
 
-1. Open **System Preferences** \> **Security & Privacy** \> **Privacy** \> **Full Disk Access**. Click the lock icon to make changes (bottom of the dialog box).
+1. Open **System Preferences** \> **Security & Privacy** \> **Privacy** \> **Full Disk Access**. Select the lock icon to make changes (bottom of the dialog box).
 
-1. Grant **Full Disk Access** permission to **Microsoft Defender** and **Microsoft Defenders Endpoint Security Extension**.
+2. Grant **Full Disk Access** permission to **Microsoft Defender** and **Microsoft Defenders Endpoint Security Extension**.
 
    :::image type="content" source="media/full-disk-access-security-privacy.png" alt-text="The screenshot shows the full disk access's security and privacy.":::
 
-1. Select **General** \> **Restart** for the new system extensions to take effect.
+3. Select **General** \> **Restart** for the new system extensions to take effect.
 
    :::image type="content" source="media/restart-fulldisk.png" alt-text="Screenshot that allows you to restart the system for new system extensions to be enabled.":::
 
-1. Enable *Potentially Unwanted Application* (PUA) in block mode.
+4. Enable *Potentially Unwanted Application* (PUA) in block mode.
 
    To enable PUA, refer [configure PUA protection](mac-pua.md).
 
-1. Enable *Network Protection*.
+5. Enable *Network Protection*.
 
    To enable *Network protection*, refer [manual deployment](network-protection-macos.md).
 
-1. Enable *Device Control*.
+6. Enable *Device Control*.
 
    To enable *Device Control*, refer [device control for macOS](mac-device-control-overview.md).
 
-1. Enable *Tamper Protection* in block mode.
+7. Enable *Tamper Protection* in block mode.
 
-   To enable *Tamper Protection*, refer [Protect MacOS security settings with tamper protection](tamperprotection-macos.md).
+   To enable *Tamper Protection*, refer [Protect macOS security settings with tamper protection](tamperprotection-macos.md).
 
-1. If you have the *Microsoft Purview – Endpoint data loss prevention license*,  you can review [Get started with Microsoft Purview - Endpoint data loss prevention](/purview/endpoint-dlp-getting-started).
+8. If you have the *Microsoft Purview – Endpoint data loss prevention license*,  you can review [Get started with Microsoft Purview - Endpoint data loss prevention](/purview/endpoint-dlp-getting-started).
 
 ## Background execution
 
@@ -170,17 +171,17 @@ macOS will pop a prompt up, telling the user that Microsoft Defender can run in
 
 :::image type="content" source="media/background-items-notification.png" alt-text="Screenshot that shows background items notification":::
 
-You can view applications permitted to run in background in System Settings => Login Items => Allow in the Background at any time:
+You can view applications permitted to run in background in System Settings => sign in Items => Allow in the Background at any time:
 
 :::image type="content" source="media/background-items.png" alt-text="Screenshot that shows background items":::
 
-Make sure all Microsoft Defender and Microsoft Corporation items are enabled. If they are disabled then macOS will not start Microsoft Defender after a machine restart.
+Make sure all Microsoft Defender and Microsoft Corporation items are enabled. If they are disabled, then macOS won't start Microsoft Defender after a machine restart.
 
 ## Bluetooth permissions
 
 Starting with macOS 14, a user must explicitly allow an application to access Bluetooth.
 macOS will pop a prompt up, telling the user that Microsoft Defender can access Bluetooth (applies only if you use Bluetooth based policies for Device Control).
-Click Allow to grant Microsoft Defender to access Bluetooth.
+Select Allow to grant Microsoft Defender to access Bluetooth.
 
 :::image type="content" source="media/macos-defender-bluetooth.png" alt-text="Screenshot that shows Bluetooth access request":::
 
@@ -190,11 +191,11 @@ You can confirm that permissions are granted in System Settings => Privacy Setti
 
 ## Onboarding Package
 
-Once you have installed the MDE on macOS client, you must now onboard the package, which registers to your Microsoft Defender for Endpoint tenant and licenses it.
+Once you install the MDE on macOS client, you must now onboard the package, which registers to your Microsoft Defender for Endpoint tenant and licenses it.
 
-1. Verify if MDE on macOS has already been onboarded.
+1. Verify if MDE on macOS is onboard.
 
-   Copy *wdav.pkg* and *MicrosoftDefenderATPOnboardingMacOs.sh* to the device where you have deployed Microsoft Defender for Endpoint on macOS.
+   Copy *wdav.pkg* and *MicrosoftDefenderATPOnboardingMacOs.sh* to the device where you deployed Microsoft Defender for Endpoint on macOS.
 
    The client device isn't associated with *org_id*. The *org_id* attribute is blank.
 
@@ -256,7 +257,7 @@ See [Uninstalling](mac-resources.md#uninstalling) for details on how to remove M
 > [!TIP]
 >
 > - Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: [Microsoft Defender for Endpoint Tech Community](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/bd-p/MicrosoftDefenderATP).
-> - If you have any feedback that you will like to share, submit it by opening Microsoft Defender Endpoint on Mac on your device and navigate to **Help** \> **Send feedback**.
+> - If you have any feedback that you'll like to share, submit it by opening Microsoft Defender Endpoint on Mac on your device and navigate to **Help** \> **Send feedback**.
 
 ## Recommended content
 
diff --git a/defender-endpoint/mac-install-with-intune.md b/defender-endpoint/mac-install-with-intune.md
index b88efb1ee0..4f566bc46f 100644
--- a/defender-endpoint/mac-install-with-intune.md
+++ b/defender-endpoint/mac-install-with-intune.md
@@ -2,10 +2,10 @@
 title: Intune-based deployment for Microsoft Defender for Endpoint on Mac
 description: Install Microsoft Defender for Endpoint on Mac, using Microsoft Intune.
 ms.service: defender-endpoint
-author: denisebmsft
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
 manager: deniseb
-ms.reviewer: yongrhee
+ms.reviewer: joshbregman
 ms.localizationpriority: medium
 audience: ITPro
 ms.collection:
@@ -104,7 +104,7 @@ As part of the Endpoint Detection and Response capabilities, Microsoft Defender
 Download [netfilter.mobileconfig](https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/macos/mobileconfig/profiles/netfilter.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles).
 
 > [!IMPORTANT]
-> Only one `.mobileconfig` (plist) for Network Filter is supported.  Adding multiple Network Filters leads to network connectivity issues on Mac. This issue is not specific to Defender for Endpoint on macOS.
+> Only one `.mobileconfig` (plist) for Network Filter is supported. Adding multiple Network Filters leads to network connectivity issues on Mac. This issue isn't specific to Defender for Endpoint on macOS.
 
 To configure your network filter:
 
@@ -133,7 +133,7 @@ To configure your network filter:
 ### Step 3: Full Disk Access
 
 > [!NOTE]
-> Starting with macOS Catalina (10.15) or newer, in order to provide privacy for the end-users, it created the **FDA** (Full Disk Access). Enabling **TCC** (Transparency, Consent & Control) through a Mobile Device Management solution such as [Intune](mac-install-with-intune.md), will eliminate the risk of Defender for Endpoint losing **Full Disk Access** Authorization to function properly.
+> With macOS Catalina (10.15) or newer, in order to provide privacy for the end-users, it created the **FDA** (Full Disk Access). Enabling **TCC** (Transparency, Consent & Control) through a Mobile Device Management solution such as [Intune](mac-install-with-intune.md), eliminates the risk of Defender for Endpoint losing **Full Disk Access** Authorization to function properly.
 >
 > This configuration profile grants Full Disk Access to Microsoft Defender for Endpoint. If you previously configured Microsoft Defender for Endpoint through Intune, we recommend you update the deployment with this configuration profile.
 
@@ -143,31 +143,31 @@ To configure Full Disk Access:
 
 1. In the Intune admin center, under **Configuration profiles**, select **Create Profile**.
 
-1. Under **Platform**, select **macOS**.
+2. Under **Platform**, select **macOS**.
 
-1. Under **Profile type**, select **Templates**.
+3. Under **Profile type**, select **Templates**.
 
-1. Under **Template name**, select **Custom**, and then select **Create**.
+4. Under **Template name**, select **Custom**, and then select **Create**.
 
-1. On the **Basics** tab, **Name** the profile. For example, `FullDiskAccess-prod-macOS-Default-MDE`. Then select **Next**.
+5. On the **Basics** tab, **Name** the profile. For example, `FullDiskAccess-prod-macOS-Default-MDE`. Then select **Next**.
 
-1. On the **Configuration settings** tab, enter a **Custom configuration profile** name. For example, `FullDiskAccess-prod-macOS-Default-MDE`.
+6. On the **Configuration settings** tab, enter a **Custom configuration profile** name. For example, `FullDiskAccess-prod-macOS-Default-MDE`.
 
-1. Choose a **Deployment channel** and then select **Next**.
+7. Choose a **Deployment channel** and then select **Next**.
 
-1. Select a **Configuration profile file**.
+8. Select a **Configuration profile file**.
 
-1. On the **Assignments** tab, assign the profile to a group where the macOS devices and/or users are located, or **All Users** and **All devices**.
+9. On the **Assignments** tab, assign the profile to a group where the macOS devices and/or users are located, or **All Users** and **All devices**.
 
-1. Review the configuration profile. Select **Create**.
+10. Review the configuration profile. Select **Create**.
 
 > [!NOTE]
-> Full Disk Access granted through Apple MDM Configuration Profile is not reflected in **System Settings > Privacy & Security > Full Disk Access**.
+> Full Disk Access granted through Apple MDM Configuration Profile isn't reflected in **System Settings > Privacy & Security > Full Disk Access**.
 
 ### Step 4: Background services
 
 > [!CAUTION]
-> macOS 13 (Ventura) contains new privacy enhancements. Beginning with this version, by default, applications cannot run in background without explicit consent. Microsoft Defender for Endpoint must run its daemon process in background. This configuration profile grants Background Service permissions to Microsoft Defender for Endpoint. If you previously configured Microsoft Defender for Endpoint through Microsoft Intune, we recommend you update the deployment with this configuration profile.
+> macOS 13 (Ventura) contains new privacy enhancements. Beginning with this version, by default, applications can't run in background without explicit consent. Microsoft Defender for Endpoint must run its daemon process in background. This configuration profile grants Background Service permission to Microsoft Defender for Endpoint. If you previously configured Microsoft Defender for Endpoint through Microsoft Intune, we recommend you update the deployment with this configuration profile.
 
 Download [background_services.mobileconfig](https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/macos/mobileconfig/profiles/background_services.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles).
 
@@ -260,12 +260,12 @@ Download [accessibility.mobileconfig](https://raw.githubusercontent.com/microsof
 ### Step 7: Bluetooth permissions
 
 > [!CAUTION]
-> macOS 14 (Sonoma) contains new privacy enhancements. Beginning with this version, by default, applications cannot access Bluetooth without explicit consent. Microsoft Defender for Endpoint uses it if you configure Bluetooth policies for Device Control.
+> macOS 14 (Sonoma) contains new privacy enhancements. Beginning with this version, by default, applications can't access Bluetooth without explicit consent. Microsoft Defender for Endpoint uses it if you configure Bluetooth policies for Device Control.
 
 Download [bluetooth.mobileconfig](https://raw.githubusercontent.com/microsoft/mdatp-xplat/refs/heads/master/macos/mobileconfig/profiles/bluetooth.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles) and use the same workflow as in [Step 6: Accessibility settings](#step-6-accessibility-settings) to enable Bluetooth access.
 
 > [!NOTE]
-> Bluetooth granted through Apple MDM Configuration Profile is not reflected in System Settings => Privacy & Security => Bluetooth.
+> Bluetooth granted through Apple MDM Configuration Profile isn't reflected in System Settings => Privacy & Security => Bluetooth.
 
 ### Step 8: Microsoft AutoUpdate
 
@@ -280,29 +280,29 @@ For more information, see [Deploy updates for Microsoft Defender for Endpoint on
 Download [com.microsoft.autoupdate2.mobileconfig](https://raw.githubusercontent.com/microsoft/mdatp-xplat/refs/heads/master/macos/settings/microsoft_auto_update/com.microsoft.autoupdate2.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles).
 
 > [!NOTE]
-> The sample `com.microsoft.autoupdate2.mobileconfig` from the GitHub repository has it set to Current Channel (Production).
+> The sample `com.microsoft.autoupdate2.mobileconfig` from the GitHub repository is set to Current Channel (Production).
 
 1. Under **Configuration profiles**, select **Create Profile**.
 
-1. Under **Platform**, select **macOS**.
+2. Under **Platform**, select **macOS**.
 
-1. Under **Profile type**, select **Templates**.
+3. Under **Profile type**, select **Templates**.
 
-1. Under **Template name**, select **Custom**.
+4. Under **Template name**, select **Custom**.
 
-1. Select **Create**.
+5. Select **Create**.
 
-1. On the **Basics** tab, **Name** the profile. For example, `Autoupdate-prod-macOS-Default-MDE`. Then select **Next**.
+6. On the **Basics** tab, **Name** the profile. For example, `Autoupdate-prod-macOS-Default-MDE`. Then select **Next**.
 
-1. On the **Configuration settings** tab, enter a **Custom configuration profile** name. For example, `com.microsoft.autoupdate2.mobileconfig`.
+7. On the **Configuration settings** tab, enter a **Custom configuration profile** name. For example, `com.microsoft.autoupdate2.mobileconfig`.
 
-1. Choose a **Deployment channel** and select **Next**.
+8. Choose a **Deployment channel** and select **Next**.
 
-1. Select a **Configuration profile file**.
+9. Select a **Configuration profile file**.
 
-1. On the **Assignments** tab, assign the profile to a group where the macOS devices and/or users are located, or **All Users** and **All devices**.
+10. On the **Assignments** tab, assign the profile to a group where the macOS devices and/or users are located, or **All Users** and **All devices**.
 
-1. Review the configuration profile. Select **Create**.
+11. Review the configuration profile. Select **Create**.
 
 ### Step 9: Microsoft Defender for Endpoint configuration settings
 
@@ -391,7 +391,7 @@ A standard [Company Portal installation](/mem/intune/user-help/enroll-your-devic
 
 1. Confirm device management.
 
-   :::image type="content" source="../defender-endpoint/media/mdatp-3-confirmdevicemgmt.png" alt-text="Screenshot that shows the Confirm device management page." lightbox="../defender-endpoint/media/mdatp-3-confirmdevicemgmt.png":::
+   :::image type="content" source="../defender-endpoint/media/mdatp-3-confirmdevicemgmt.png" alt-text="Screenshot that shows the Confirmed device management page." lightbox="../defender-endpoint/media/mdatp-3-confirmdevicemgmt.png":::
 
    Select **Open System Preferences**, locate **Management Profile** on the list, and select **Approve...**. Your Management Profile would be displayed as **Verified**:
 
@@ -399,7 +399,7 @@ A standard [Company Portal installation](/mem/intune/user-help/enroll-your-devic
 
 2. Select **Continue** and complete the enrollment.
 
-   You may now enroll more devices. You can also enroll them later, after finishing the provisioning system configuration and application packages.
+   You might now enroll more devices. You can also enroll them later, after finishing the provisioning system configuration and application packages.
 
 3. In Intune, open **Manage** \> **Devices** \> **All devices**. Here you can see your device among the listed:
 
@@ -496,7 +496,7 @@ To deploy the onboarding package:
 
 1. Select **Create**.
 
-   :::image type="content" source="../defender-endpoint/media/mdatp-6-systemconfigurationprofiles-1.png" alt-text="Screenshot that shows the deploy onboarding package." lightbox="../defender-endpoint/media/mdatp-6-systemconfigurationprofiles-1.png":::
+   :::image type="content" source="../defender-endpoint/media/mdatp-6-systemconfigurationprofiles-1.png" alt-text="Screenshot that shows the deployed onboarding package." lightbox="../defender-endpoint/media/mdatp-6-systemconfigurationprofiles-1.png":::
 
 1. On the **Basics** tab, **Name** the profile. For example, `Onboarding-prod-macOS-Default-MDE`. Select **Next**.
 
diff --git a/defender-endpoint/mac-install-with-jamf.md b/defender-endpoint/mac-install-with-jamf.md
index 93b8c0901e..4866cb8119 100644
--- a/defender-endpoint/mac-install-with-jamf.md
+++ b/defender-endpoint/mac-install-with-jamf.md
@@ -2,8 +2,9 @@
 title: Deploying Microsoft Defender for Endpoint on macOS with Jamf Pro
 description: Deploying Microsoft Defender for Endpoint on macOS with Jamf Pro
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
@@ -33,9 +34,9 @@ Learn how to deploy Microsoft Defender for Endpoint on macOS with Jamf Pro.
 
 [!INCLUDE [Microsoft Defender for Endpoint third-party tool support](../includes/support.md)]
 
-This is a multi-step process. You'll need to complete all of the following steps:
+This is a multi-step process. You need to complete all of the following steps:
 
-- [Login to the Jamf Portal](mac-install-jamfpro-login.md)
+- [Sign in to the Jamf Portal](mac-install-jamfpro-login.md)
 - [Setup the Microsoft Defender for Endpoint on macOS device groups in Jamf Pro](mac-jamfpro-device-groups.md)
 - [Setup the Microsoft Defender for Endpoint on macOS policies in Jamf Pro](mac-jamfpro-policies.md)
 - [Enroll the Microsoft Defender for Endpoint on macOS devices into Jamf Pro](mac-jamfpro-enroll-devices.md)
diff --git a/defender-endpoint/mac-install-with-other-mdm.md b/defender-endpoint/mac-install-with-other-mdm.md
index f69e278d12..14fcbd6834 100644
--- a/defender-endpoint/mac-install-with-other-mdm.md
+++ b/defender-endpoint/mac-install-with-other-mdm.md
@@ -2,9 +2,9 @@
 title: Deployment with a different Mobile Device Management (MDM) system for Microsoft Defender for Endpoint on Mac
 description: Install Microsoft Defender for Endpoint on Mac on other management solutions.
 ms.service: defender-endpoint
-ms.reviewer: mavel
-author: YongRhee-MSFT
-ms.author: yongrhee
+ms.reviewer: joshbregman
+author: emmwalshh
+ms.author: ewalsh
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
@@ -38,7 +38,7 @@ Before you get started, see [the main Microsoft Defender for Endpoint on macOS p
 ## Approach
 
 > [!CAUTION]
-> Currently, Microsoft officially supports only Intune and JAMF for the deployment and management of Microsoft Defender for Endpoint on macOS. Microsoft makes no warranties, express or implied, with respect to the information provided below.
+> Currently, Microsoft officially supports only Intune and JAMF for the deployment and management of Microsoft Defender for Endpoint on macOS. Microsoft makes no warranties, express or implied, with respect to the information provided.
 
 If your organization uses a Mobile Device Management (MDM) solution that isn't officially supported, this doesn't mean you're unable to deploy or run Microsoft Defender for Endpoint on macOS.
 
@@ -48,12 +48,12 @@ Microsoft Defender for Endpoint on macOS doesn't depend on any vendor-specific f
 - Deploy macOS system configuration profiles to managed devices.
 - Run an arbitrary admin-configured tool/script on managed devices.
 
-Most modern MDM solutions include these features, however, they may call them differently.
+Most modern MDM solutions include these features, however, they might call them differently.
 
 You can deploy Defender for Endpoint without the last requirement from the preceding list, however:
 
-- You won't be able to collect status in a centralized way.
-- If you decide to uninstall Defender for Endpoint, you'll need to log on to the client device locally as an administrator.
+- You might not be able to collect status in a centralized way.
+- If you decide to uninstall Defender for Endpoint, you need to sign in the client device locally as an administrator.
 
 ## Deployment
 
@@ -74,18 +74,18 @@ In order to deploy the package to your enterprise, use the instructions associat
 
 Set up [a system configuration profile](mac-install-with-jamf.md). 
 
-Your MDM solution may call it something like "Custom Settings Profile", as Microsoft Defender for Endpoint on macOS isn't part of macOS.
+Your MDM solution might call it something like "Custom Settings Profile," as Microsoft Defender for Endpoint on macOS isn't part of macOS.
 
 Use the property list, jamf/WindowsDefenderATPOnboarding.plist, which can be extracted from an onboarding package downloaded from [Microsoft Defender portal](mac-install-with-jamf.md).
-Your system may support an arbitrary property list in XML format. You can upload the jamf/WindowsDefenderATPOnboarding.plist file as-is in that case.
-Alternatively, it may require you to convert the property list to a different format first.
+Your system might support an arbitrary property list in XML format. You can upload the jamf/WindowsDefenderATPOnboarding.plist file as-is in that case.
+Alternatively, it might require you to convert the property list to a different format first.
 
 Typically, your custom profile has an ID, name, or domain attribute. You must use exactly "com.microsoft.wdav.atp" for this value.
 MDM uses it to deploy the settings file to **/Library/Managed Preferences/com.microsoft.wdav.atp.plist** on a client device, and Defender for Endpoint uses this file for loading the onboarding information.
 
 ### System configuration profiles
 
-macOS requires that a user manually and explicitly approves certain functions that an application uses, for example system extensions, running in background, sending notifications, full disk access etc. Microsoft Defender for Endpoint relies on these functions, and can't properly function until all these consents are received from a user.
+macOS requires that a user manually and explicitly approves certain functions that an application uses, for example system extensions, running in background, sending notifications, full disk access, etc. Microsoft Defender for Endpoint relies on these functions, and can't properly function until all these consents are received from a user.
 
 To grant consent automatically on a user's behalf, an administrator pushes system policies through their MDM system. This is what we strongly recommend doing, instead of relying on manual approvals from end users.
 
@@ -99,8 +99,8 @@ To set up profiles:
 2) For all profiles from [https://github.com/microsoft/mdatp-xplat](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles), download a mobileconfig file and import it.
 3) Assign proper scope for each created configuration profile.
 
-Note that Apple regularly creates new types of payloads with new versions of an OS.
-You'll need to visit the above mentioned page, and publish new profiles once they became available.
+Apple regularly creates new types of payloads with new versions of an OS.
+You need to visit the above mentioned page, and publish new profiles once they became available.
 We post notifications to our [What's New page](mac-whatsnew.md) once we make changes like that.
 
 ### Defender for Endpoint configuration settings
@@ -118,7 +118,7 @@ If you don't see it, then refer to your MDM documentation for troubleshooting ti
 Microsoft Defender for Endpoint reads `/Library/Managed Preferences/com.microsoft.wdav.plist` and `/Library/Managed Preferences/com.microsoft.wdav.ext.plist` files.
 It uses only those two files for managed settings.
 
-If you can't see those files, but you verified that the profiles were delivered (see the previous section), then it means that your profiles are misconfigured. Either you made this configuration profile "User Level" instead of "Computer Level", or you used a different Preference Domain instead of those that Microsoft Defender for Endpoint expects ("com.microsoft.wdav" and "com.microsoft.wdav.ext").
+If you can't see those files, but you verified that the profiles were delivered (see the previous section), then it means that your profiles are misconfigured. Either you made this configuration profile "User Level" instead of "Computer Level," or you used a different Preference Domain instead of those that Microsoft Defender for Endpoint expects ("com.microsoft.wdav" and "com.microsoft.wdav.ext").
 
 Refer to your MDM documentation for how to set up application configuration profiles.
 
@@ -164,14 +164,14 @@ plutil -p "/Library/Managed\ Preferences/com.microsoft.wdav.plist"
 
 You can use the documented [Configuration profile structure](mac-preferences.md) as a guideline.
 
-This article explains that "antivirusEngine", "edr", "tamperProtection" are settings at the top level of the configuration file. And, for example, "scanHistoryMaximumItems" are at the second level and are of integer type.
+This article explains that "antivirusEngine," "edr," "tamperProtection" are settings at the top level of the configuration file. And, for example, "scanHistoryMaximumItems" are at the second level and are of integer type.
 
-You should see this information in the output of the previous command. If you found out that "antivirusEngine" is nested under some other setting - then the profile is misconfigured. If you can see "antivirusengine" instead of "antivirusEngine", the name is misspelled and the whole subtree of settings are ignored. If `"scanHistoryMaximumItems" => "10000"`, the wrong type is used and the setting will be ignored.
+You should see this information in the output of the previous command. If "antivirusEngine" is nested under some other setting - then the profile is misconfigured. If you can see "antivirus engine" instead of "antivirusEngine," the name is misspelled and the whole subtree of settings are ignored. If `"scanHistoryMaximumItems" => "10000"`, the wrong type is used to and the setting is ignored.
 
 ## Check that all profiles are deployed
 
-You can download and run [analyze_profiles.py](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mdm). This script will collect and analyze all profiles deployed to a machine and warn you about missed ones.
-Note that it can miss some errors, and it isn't aware of some design decisions that system administrators are making deliberately. Use this script for guidance, but always investigate if you see something marked as an error. For example, the onboarding guide tells you to deploy a configuration profile for onboarding blob. Yet, some organizations decide to run the manual onboarding script instead. analyze_profile.py warns you about the missed profile. You can either decide to onboard via configuration profile, or disregard the warning altogether.
+You can download and run [analyze_profiles.py](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mdm). This script collects and analyzes all profiles deployed to a machine and warn you about missed ones.
+It can miss some errors, and it isn't aware of some design decisions that system administrators are making deliberately. Use this script for guidance, but always investigate if you see something marked as an error. For example, the onboarding guide tells you to deploy a configuration profile for onboarding blob. Yet, some organizations decide to run the manual onboarding script instead. analyze_profile.py warns you about the missed profile. You can either decide to onboard via configuration profile, or disregard the warning altogether.
 
 ## Check installation status
 
diff --git a/defender-endpoint/mac-jamfpro-device-groups.md b/defender-endpoint/mac-jamfpro-device-groups.md
index 8796766d82..0d9ac150f3 100644
--- a/defender-endpoint/mac-jamfpro-device-groups.md
+++ b/defender-endpoint/mac-jamfpro-device-groups.md
@@ -2,8 +2,9 @@
 title: Set up device groups in Jamf Pro
 description: Learn how to set up device groups in Jamf Pro for Microsoft Defender for Endpoint on macOS
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
@@ -43,12 +44,12 @@ Set up the device groups similar to Group policy  organizational unite (OUs), Mi
 
    :::image type="content" source="media/jamfpro-machine-group.png" alt-text="The Jamf Pro2 page" lightbox="media/jamfpro-machine-group.png":::
 
-4. Now you will see the **Contoso's Machine Group** under **Static Computer Groups**.
+4. Now you see the **Contoso's Machine Group** under **Static Computer Groups**.
 
    :::image type="content" source="media/contoso-machine-group.png" alt-text="The Jamf Pro3 page" lightbox="media/contoso-machine-group.png":::
 
 > [!NOTE]
-> You are not required to use static groups. It is often more convenient and flexible to use e.g. [JAMF Pro's smart groups](https://docs.jamf.com/10.40.0/jamf-pro/documentation/Smart_Groups.html) instead.
+> You aren't required to use static groups. It's often more convenient and flexible to use, for example, [JAMF Pro's smart groups](https://docs.jamf.com/10.40.0/jamf-pro/documentation/Smart_Groups.html) instead.
 
 ## Next step
 - [Set up Microsoft Defender for Endpoint on macOS policies in Jamf Pro](mac-jamfpro-policies.md)
diff --git a/defender-endpoint/mac-jamfpro-enroll-devices.md b/defender-endpoint/mac-jamfpro-enroll-devices.md
index 7435060604..19ff6f4d23 100644
--- a/defender-endpoint/mac-jamfpro-enroll-devices.md
+++ b/defender-endpoint/mac-jamfpro-enroll-devices.md
@@ -2,8 +2,9 @@
 title: Enroll Microsoft Defender for Endpoint on macOS devices into Jamf Pro
 description: Enroll Microsoft Defender for Endpoint on macOS devices into Jamf Pro
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-jamfpro-policies.md b/defender-endpoint/mac-jamfpro-policies.md
index 997686bc72..6220936246 100644
--- a/defender-endpoint/mac-jamfpro-policies.md
+++ b/defender-endpoint/mac-jamfpro-policies.md
@@ -2,10 +2,10 @@
 title: Set up the Microsoft Defender for Endpoint on macOS policies in Jamf Pro
 description: Learn how to set up the Microsoft Defender for Endpoint on macOS policies in Jamf Pro.
 ms.service: defender-endpoint
-author: denisebmsft
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
 manager: deniseb
-ms.reviewer: yongrhee
+ms.reviewer: joshbregman
 ms.localizationpriority: medium
 audience: ITPro
 ms.collection: 
diff --git a/defender-endpoint/mac-preferences.md b/defender-endpoint/mac-preferences.md
index 412de76032..359afed0b2 100644
--- a/defender-endpoint/mac-preferences.md
+++ b/defender-endpoint/mac-preferences.md
@@ -2,10 +2,10 @@
 title: Set preferences for Microsoft Defender for Endpoint on Mac
 description: Configure Microsoft Defender for Endpoint on Mac in enterprise organizations.
 ms.service: defender-endpoint
-author: denisebmsft
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
 manager: deniseb
-ms.reviewer: yongrhee
+ms.reviewer: joshbregman
 ms.localizationpriority: medium
 audience: ITPro
 ms.collection: 
diff --git a/defender-endpoint/mac-privacy.md b/defender-endpoint/mac-privacy.md
index 17f0d4d7d7..0c47713640 100644
--- a/defender-endpoint/mac-privacy.md
+++ b/defender-endpoint/mac-privacy.md
@@ -2,8 +2,9 @@
 title: Privacy for Microsoft Defender for Endpoint on Mac
 description: Privacy controls, how to configure policy settings that impact privacy and information about the diagnostic data collected in Microsoft Defender for Endpoint on Mac.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-pua.md b/defender-endpoint/mac-pua.md
index 4d1d28ac37..35927fb5ec 100644
--- a/defender-endpoint/mac-pua.md
+++ b/defender-endpoint/mac-pua.md
@@ -2,8 +2,9 @@
 title: Detect and block potentially unwanted applications with Microsoft Defender for Endpoint on Mac
 description: Detect and block Potentially Unwanted Applications (PUA) using Microsoft Defender for Endpoint on macOS.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-resources.md b/defender-endpoint/mac-resources.md
index 2a4ff16f35..d4b6cc82de 100644
--- a/defender-endpoint/mac-resources.md
+++ b/defender-endpoint/mac-resources.md
@@ -2,8 +2,9 @@
 title: Resources for Microsoft Defender for Endpoint on Mac
 description: Resources for Microsoft Defender for Endpoint on Mac, including how to uninstall it, how to collect diagnostic logs, CLI commands, and known issues with the product.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-schedule-scan.md b/defender-endpoint/mac-schedule-scan.md
index b400c21cbb..9919e67a8c 100644
--- a/defender-endpoint/mac-schedule-scan.md
+++ b/defender-endpoint/mac-schedule-scan.md
@@ -2,10 +2,10 @@
 title: How to schedule scans with Microsoft Defender for Endpoint on macOS
 description: Learn how to schedule an automatic scanning time for Microsoft Defender for Endpoint in macOS to better protect your organization's assets.
 ms.service: defender-endpoint
-author: denisebmsft
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
-ms.reviewer: yonghree
 ms.localizationpriority: medium
 ms.date: 10/23/2024
 audience: ITPro
diff --git a/defender-endpoint/mac-support-install.md b/defender-endpoint/mac-support-install.md
index a9b1b1e8e8..9b374157aa 100644
--- a/defender-endpoint/mac-support-install.md
+++ b/defender-endpoint/mac-support-install.md
@@ -2,8 +2,9 @@
 title: Troubleshoot installation issues for Microsoft Defender for Endpoint on Mac
 description: Troubleshoot installation issues in Microsoft Defender for Endpoint on Mac.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-support-license.md b/defender-endpoint/mac-support-license.md
index be278d5199..e6197c0e9a 100644
--- a/defender-endpoint/mac-support-license.md
+++ b/defender-endpoint/mac-support-license.md
@@ -2,8 +2,9 @@
 title: Troubleshoot license issues for Microsoft Defender for Endpoint on Mac
 description: Troubleshoot license issues in Microsoft Defender for Endpoint on Mac.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-support-perf-overview.md b/defender-endpoint/mac-support-perf-overview.md
index a8de6a8fec..fde720b40e 100644
--- a/defender-endpoint/mac-support-perf-overview.md
+++ b/defender-endpoint/mac-support-perf-overview.md
@@ -1,8 +1,9 @@
 ---
 title: Overview for how to troubleshoot performance issues for Microsoft Defender for Endpoint on macOS
 description: Troubleshoot performance issues overview for Microsoft Defender for Endpoint on macOS.
-author: YongRhee-MSFT 
-ms.author: yongrhee 
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 ms.service: defender-endpoint
 ms.topic: overview
 ms.localizationpriority: medium
@@ -26,16 +27,16 @@ This article provides general guidelines to identify performance issues related
 Depending on the applications that you're running and your device characteristics, you might experience suboptimal performance when running Microsoft Defender for Endpoint on macOS. In particular, applications or system processes that access many resources over a short timespan can lead to performance issues in Microsoft Defender for Endpoint on macOS.
 
 > [!TIP]
-> As a general best practice, it is recommended to [update the Microsoft Defender for Endpoint agent to latest available version](/defender-endpoint/mac-whatsnew) and confirming that the issue still persists before investigating further.
+> As a general best practice, it's recommended to [update the Microsoft Defender for Endpoint agent to latest available version](/defender-endpoint/mac-whatsnew) and confirming that the issue still persists before investigating further.
 
 > [!CAUTION]
-> Running other third-party endpoint protection products alongside Microsoft Defender for Endpoint on MacOS is likely to lead to performance problems and unpredictable side effects. If non-Microsoft endpoint protection is an absolute requirement in your environment, you can configure Microsoft Defender Antivirus to run in **[Passive mode](mac-preferences.md)**. After you configure Passive mode, you can use Defender for Endpoint on Mac EDR functionality.
+> Running other non-Microsoft endpoint protection products alongside Microsoft Defender for Endpoint on macOS is likely to lead to performance problems and unpredictable side effects. If non-Microsoft endpoint protection is an absolute requirement in your environment, you can configure Microsoft Defender Antivirus to run in **[Passive mode](mac-preferences.md)**. After you configure Passive mode, you can use Defender for Endpoint on Mac EDR functionality.
 
 > [!WARNING]
-> Before starting, make sure that other security products are not currently running on the device. Multiple security products might conflict and impact system performance.
+> Before starting, make sure that other security products aren't currently running on the device. Multiple security products might conflict and affect system performance.
 
 > [!TIP]
-> If you're running other third-party security products, make sure that the Microsoft Defender for Endpoint on macOS processes and paths are excluded from that 3rd party security product and that security product is excluded from Microsoft Defender for Endpoint on macOS.  And vice-versa.
+> If you're running other non-Microsoft security products, make sure that the Microsoft Defender for Endpoint on macOS processes and paths are excluded from that non-Microsoft security product and that security product is excluded from Microsoft Defender for Endpoint on macOS. And vice-versa.
 When troubleshooting performance issues for Microsoft Defender for Endpoint on macOS, you should review the **Activity Monitor** or run **top** to see which of the three (3) processes is leading the high cpu utilization
 
 |Daemon name|Component|Troubleshooting guide|
@@ -44,5 +45,5 @@ When troubleshooting performance issues for Microsoft Defender for Endpoint on m
 |wdavdaemon_unprivileged| Antimalware (AV, EPP)|Review [Troubleshoot performance issues for Microsoft Defender for Endpoint on macOS](mac-support-perf.md).|
 |wdavdaemon_enterprise| Endpoint Detection and Response (EDR)|Open a [Microsoft support case](contact-support.md).|
 
-Additionally, gather [Defender for Endpoint Client Analyzer](run-analyzer-macos-linux.md) files while the issue occurs. This will be used by the support team to investigate the issue. 
+Additionally, gather [Defender for Endpoint Client Analyzer](run-analyzer-macos-linux.md) files while the issue occurs. This is used by the support team to investigate the issue. 
 
diff --git a/defender-endpoint/mac-support-perf.md b/defender-endpoint/mac-support-perf.md
index 90559f02a1..5d2483f6cf 100644
--- a/defender-endpoint/mac-support-perf.md
+++ b/defender-endpoint/mac-support-perf.md
@@ -2,8 +2,9 @@
 title: Troubleshoot performance issues for Microsoft Defender for Endpoint on macOS
 description: Troubleshoot performance issues in Microsoft Defender for Endpoint on macOS.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
@@ -34,7 +35,7 @@ This article provides some general steps that can be used to narrow down perform
 Depending on the applications that you're running and your device characteristics, you might experience suboptimal performance when running Microsoft Defender for Endpoint on macOS. In particular, applications or system processes that access many resources over a short timespan can lead to performance issues in Defender for Endpoint on macOS.
 
 > [!WARNING]
-> Before you perform the procedures described in this article, make sure that other security products are not currently running on the device. Multiple security products can conflict and impact the host performance.
+> Before you perform the procedures described in this article, make sure that other security products aren't currently running on the device. Multiple security products can conflict and affect the host performance.
 
 ## Troubleshoot performance issues using real-time protection statistics
 
@@ -47,10 +48,10 @@ Real-time protection (RTP) is a feature of Defender for Endpoint on macOS that c
 Prerequisites:
 
 - Microsoft Defender for Endpoint version (Platform Update) 100.90.70 or newer
-- If you have [Tamper protection](tamperprotection-macos.md) turned on in block mode, use [Troubleshooting mode](mac-troubleshoot-mode.md) to capture real-time-protection-statistics. Otherwise, you will get null results. 
+- If you have [Tamper protection](tamperprotection-macos.md) turned on in block mode, use [Troubleshooting mode](mac-troubleshoot-mode.md) to capture real-time-protection-statistics. Otherwise, you'll get null results. 
 
 > [!TIP]
-> As a general best practice, it is recommended to update the [Microsoft Defender for Endpoint agent to latest available version](linux-whatsnew.md) and confirming that the issue still persists before investigating further.
+> As a general best practice, it's recommended to update the [Microsoft Defender for Endpoint agent to latest available version](linux-whatsnew.md) and confirming that the issue still persists before investigating further.
 
 To troubleshoot and mitigate performance issues, follow these steps:
 
@@ -98,7 +99,7 @@ To troubleshoot and mitigate performance issues, follow these steps:
    ```
    
    > [!NOTE]
-   > Using `--output json` (note the double dash) ensures that the output format is ready for parsing. The output of this command will show all processes and their associated scan activity. 
+   > Using `--output json` (note the double dash) ensures that the output format is ready for parsing. The output of this command shows all processes and their associated scan activity. 
 6. On your Mac system, download the sample Python parser `high_cpu_parser.py` using the command:
 
       ```bash
@@ -148,7 +149,7 @@ To troubleshoot and mitigate performance issues, follow these steps:
 8. To improve the performance of Defender for Endpoint on Mac, locate the one with the highest number under the **Total files scanned** row, and then add an exclusion for it. For more information, see [Configure and validate exclusions for Defender for Endpoint on macOS](mac-exclusions.md).
 
    > [!NOTE]
-   > The application stores statistics in memory and only keeps track of file activity since it was started and real-time protection was enabled. Processes that were launched before or during periods when real time protection was off are not counted. Additionally, only events which triggered scans are counted.
+   > The application stores statistics in memory and only keeps track of file activity since it was started and real-time protection was enabled. Processes that were launched before or during periods when real time protection was off aren't counted. Additionally, only events which triggered scans are counted.
 
 9. Configure Microsoft Defender for Endpoint on macOS with exclusions for the processes or disk locations that contribute to the performance issues and re-enable real-time protection. 
 
@@ -161,4 +162,4 @@ The Microsoft Defender for Endpoint Client Analyzer (MDECA) can collect traces,
 To run the client analyzer for troubleshooting performance issues, see [Run the client analyzer on macOS and Linux](run-analyzer-macos-linux.md).
 
 > [!NOTE]
-> The Microsoft Defender for Endpoint Client Analyzer tool is regularly used by Microsoft Customer Support Services (CSS) to collect information such as (but not limited    to) IP addresses, PC names that will help troubleshoot issues you may be experiencing with Microsoft Defender for Endpoint. For more information about our privacy statement, see [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement).
+> The Microsoft Defender for Endpoint Client Analyzer tool is regularly used by Microsoft Customer Support Services (CSS) to collect information such as (but not limited    to) IP addresses, PC names that help troubleshoot issues you might be experiencing with Microsoft Defender for Endpoint. For more information about our privacy statement, see [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement).
diff --git a/defender-endpoint/mac-support-sys-ext.md b/defender-endpoint/mac-support-sys-ext.md
index 2b1f97256c..86fa70a210 100644
--- a/defender-endpoint/mac-support-sys-ext.md
+++ b/defender-endpoint/mac-support-sys-ext.md
@@ -2,8 +2,9 @@
 title: Troubleshoot system extension issues for Microsoft Defender for Endpoint on macOS
 description: Troubleshoot system extension issues in Microsoft Defender for Endpoint on macOS.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalsh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-sysext-policies.md b/defender-endpoint/mac-sysext-policies.md
index a45707f6c9..d347e86404 100644
--- a/defender-endpoint/mac-sysext-policies.md
+++ b/defender-endpoint/mac-sysext-policies.md
@@ -3,8 +3,9 @@ title: New configuration profiles for macOS Big Sur and newer versions of macOS
 description: This topic describes the changes that are must be made in order to benefit from the system extensions, which are a replacement for kernel extensions on macOS Big Sur and newer versions of macOS.
 search.appverid: met150
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-troubleshoot-mode.md b/defender-endpoint/mac-troubleshoot-mode.md
index 8e0e6fe3b7..e397998748 100644
--- a/defender-endpoint/mac-troubleshoot-mode.md
+++ b/defender-endpoint/mac-troubleshoot-mode.md
@@ -2,8 +2,9 @@
 title: Troubleshooting mode in Microsoft Defender for Endpoint on macOS
 description: This article describes how to enable the troubleshooting mode in Microsoft Defender for Endpoint on macOS.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-troubleshoot-netext-mde.md b/defender-endpoint/mac-troubleshoot-netext-mde.md
index 22aad570c9..ac27abb21c 100644
--- a/defender-endpoint/mac-troubleshoot-netext-mde.md
+++ b/defender-endpoint/mac-troubleshoot-netext-mde.md
@@ -2,10 +2,10 @@
 title: Troubleshoot Network Extension issues in Microsoft Defender for Endpoint on Mac
 description: Learn how to troubleshoot issues with the network extension (NetExt) that's installed as part of Microsoft Defender for Endpoint on macOS.
 ms.service: defender-endpoint
-author: denisebmsft
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
 manager: deniseb
-ms.reviewer: yongrhee
+ms.reviewer: joshbregman
 ms.localizationpriority: medium
 audience: ITPro
 ms.collection:
diff --git a/defender-endpoint/mac-updates.md b/defender-endpoint/mac-updates.md
index 75b6b7c293..94e919a54f 100644
--- a/defender-endpoint/mac-updates.md
+++ b/defender-endpoint/mac-updates.md
@@ -2,8 +2,9 @@
 title: Deploy updates for Microsoft Defender for Endpoint on Mac
 description: Control updates for Microsoft Defender for Endpoint on Mac in enterprise environments.
 ms.service: defender-endpoint
-author: YongRhee-MSFT
-ms.author: yongrhee
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 audience: ITPro
diff --git a/defender-endpoint/mac-whatsnew.md b/defender-endpoint/mac-whatsnew.md
index bad135f605..b54a00412f 100644
--- a/defender-endpoint/mac-whatsnew.md
+++ b/defender-endpoint/mac-whatsnew.md
@@ -2,8 +2,9 @@
 title: What's new in Microsoft Defender for Endpoint on Mac
 description: Learn about the major changes for previous versions of Microsoft Defender for Endpoint on Mac.
 ms.service: defender-endpoint
-author: deniseb
-ms.author: deniseb
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 manager: deniseb
 ms.localizationpriority: medium
 ms.date: 01/24/2025
@@ -15,7 +16,6 @@ ms.collection:
 ms.topic: reference
 ms.subservice: macos
 search.appverid: met150
-ms.reviewer: mavel
 ---
 
 # What's new in Microsoft Defender for Endpoint on Mac
diff --git a/defender-endpoint/manage-sys-extensions-using-jamf.md b/defender-endpoint/manage-sys-extensions-using-jamf.md
index ea74e7c3c8..fd14402f71 100644
--- a/defender-endpoint/manage-sys-extensions-using-jamf.md
+++ b/defender-endpoint/manage-sys-extensions-using-jamf.md
@@ -2,8 +2,9 @@
 title: Manage system extensions using Jamf
 description: Manage system extensions using Jamf for Microsoft Defender for Endpoint to work properly on macOS.
 ms.service: defender-endpoint
-ms.author: deniseb
-author: denisebmsft
+ms.author: ewalsh
+author: emmwalshh
+ms.reviewer: joshbregman
 ms.localizationpriority: medium
 manager: deniseb
 audience: ITPro
diff --git a/defender-endpoint/microsoft-defender-endpoint-mac.md b/defender-endpoint/microsoft-defender-endpoint-mac.md
index 702b4ca1fc..3c0da149fa 100644
--- a/defender-endpoint/microsoft-defender-endpoint-mac.md
+++ b/defender-endpoint/microsoft-defender-endpoint-mac.md
@@ -1,10 +1,10 @@
 ---
 title: Microsoft Defender for Endpoint on Mac
-ms.reviewer: yongrhee, pahuijbr
+ms.reviewer: joshbregman
 description: Learn how to install, configure, update, and use Microsoft Defender for Endpoint on Mac.
 ms.service: defender-endpoint
-ms.author: deniseb
-author: denisebmsft
+author: emmwalshh
+ms.author: ewalsh
 ms.localizationpriority: medium
 manager: deniseb
 audience: ITPro
@@ -31,10 +31,10 @@ ms.date: 10/15/2024
 
 > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
-This topic describes how to install, configure, update, and use Defender for Endpoint on Mac.
+This article describes how to install, configure, update, and use Defender for Endpoint on Mac.
 
 > [!CAUTION]
-> Running other third-party endpoint protection products alongside Microsoft Defender for Endpoint on Mac is likely to lead to performance problems and unpredictable side effects. If non-Microsoft endpoint protection is an absolute requirement in your environment, you can still safely take advantage of Defender for Endpoint on Mac EDR functionality after configuring the antivirus functionality to run in [Passive mode](mac-preferences.md#enforcement-level-for-antivirus-engine).
+> Running other non-Microsoft endpoint protection products alongside Microsoft Defender for Endpoint on Mac is likely to lead to performance problems and unpredictable side effects. If non-Microsoft endpoint protection is an absolute requirement in your environment, you can still safely take advantage of Defender for Endpoint on Mac EDR functionality after configuring the antivirus functionality to run in [Passive mode](mac-preferences.md#enforcement-level-for-antivirus-engine).
 
 ## What's new in the latest release
 
@@ -53,7 +53,7 @@ To get the latest features, including preview capabilities (such as endpoint det
 
 - A Defender for Endpoint subscription and access to the Microsoft Defender portal
 - Beginner-level experience in macOS and BASH scripting
-- Administrative privileges on the device (in case of manual deployment)
+- Administrative privileges on the device (in manual deployment)
 
 ### Installation instructions
 
@@ -80,7 +80,7 @@ These four most recent major releases of macOS are supported.
 - Beta versions of macOS aren't supported.
 
 > [!IMPORTANT]
-> On macOS 11 (Big Sur) and later, Microsoft Defender for Endpoint requires additional configuration profiles. If you are an existing customer upgrading from earlier versions of macOS, make sure to deploy the additional configuration profiles listed on [New configuration profiles for macOS Big Sur and newer versions of macOS](mac-sysext-policies.md) and detailed in [installation instructions](#installation-instructions).
+> On macOS 11 (Large Sur) and later, Microsoft Defender for Endpoint requires more configuration profiles. If you're an existing customer upgrading from earlier versions of macOS, make sure to deploy the extra configuration profiles listed on [New configuration profiles for macOS Big Sur and newer versions of macOS](mac-sysext-policies.md) and detailed in [installation instructions](#installation-instructions).
 
 After you've enabled the service, you might need to configure your network or firewall to allow outbound connections between it and your endpoints.
 
@@ -98,8 +98,8 @@ Microsoft Defender for Endpoint on Mac requires one of the following Microsoft V
 - Microsoft Defender for Endpoint P1 (included in [Microsoft 365 E3](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-plan-1-now-included-in-m365-e3/ba-p/3060639))
 
 > [!NOTE]
-> Eligible licensed users may use Microsoft Defender for Endpoint on up to five concurrent devices.
-> Microsoft Defender for Endpoint is also available for purchase from a Cloud Solution Provider (CSP). When purchased via a CSP, it does not require Microsoft Volume Licensing offers listed.
+> Eligible licensed users might use Microsoft Defender for Endpoint on up to five concurrent devices.
+> Microsoft Defender for Endpoint is also available for purchase from a Cloud Solution Provider (CSP). When purchased via a CSP, it doesn't require Microsoft Volume Licensing offers listed.
 
 ### Configuring Exclusions
 
@@ -118,8 +118,8 @@ Microsoft Defender for Endpoint can connect through a proxy server by using the
 If a proxy or firewall is blocking anonymous traffic, make sure that anonymous traffic is permitted in the previously listed URLs.
 
 > [!WARNING]
-> Authenticated proxies are not supported. Ensure that only PAC, WPAD, or a static proxy is being used.
-> SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Microsoft Defender for Endpoint on macOS to the relevant URLs without interception. Adding your interception certificate to the global store will not allow for interception.
+> Authenticated proxies aren't supported. Ensure that only PAC, WPAD, or a static proxy is being used.
+> SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Microsoft Defender for Endpoint on macOS to the relevant URLs without interception. Adding your interception certificate to the global store won't allow for interception.
 
 #### Test network connectivity
 
@@ -156,11 +156,11 @@ Guidance for how to configure the product in enterprise environments is availabl
 
 ## macOS kernel and system extensions
 
-Starting with macOS 11 (Big Sur), Microsoft Defender for Endpoint has been fully migrated from kernel extension to system extensions. 
+Starting with macOS 11 (Significant Sur), Microsoft Defender for Endpoint has been fully migrated from kernel extension to system extensions. 
 
 ## Resources
 
-- For more information about logging, uninstalling, or other topics, see [Resources for Microsoft Defender for Endpoint on Mac](mac-resources.md).
+- For more information about logging, uninstalling, or other articles, see [Resources for Microsoft Defender for Endpoint on Mac](mac-resources.md).
 - [Privacy for Microsoft Defender for Endpoint on Mac](mac-privacy.md).
 - [Turn on Network protection for macOS](network-protection-macos.md)
 
diff --git a/defender-endpoint/run-analyzer-macos.md b/defender-endpoint/run-analyzer-macos.md
index 1a6c3384e2..7d67f5a60c 100644
--- a/defender-endpoint/run-analyzer-macos.md
+++ b/defender-endpoint/run-analyzer-macos.md
@@ -1,10 +1,10 @@
 ---
 title: Run the client analyzer on macOS
 description: Learn how to use the Defender for Endpoint Client Analyzer on Mac to identify health or performance issue causes.
-author: denisebmsft
-ms.author: deniseb
-manager: deniseb
-ms.reviewer: yongrhee
+ms.author: ewalsh
+author: emmwalshh
+manager: ewalsh
+ms.reviewer: joshbregman
 ms.service: defender-endpoint
 ms.subservice: macos
 ms.localizationpriority: medium
diff --git a/defender-endpoint/troubleshoot-cloud-connect-mdemac.md b/defender-endpoint/troubleshoot-cloud-connect-mdemac.md
index 32af7dc69e..431f41500d 100644
--- a/defender-endpoint/troubleshoot-cloud-connect-mdemac.md
+++ b/defender-endpoint/troubleshoot-cloud-connect-mdemac.md
@@ -1,9 +1,10 @@
 ---
 title: Troubleshoot cloud connectivity issues for Microsoft Defender for Endpoint on macOS
-description: This topic describes how to troubleshoot cloud connectivity issues for Microsoft Defender for Endpoint on macOS
+description: This article describes how to troubleshoot cloud connectivity issues for Microsoft Defender for Endpoint on macOS
 ms.service: defender-endpoint
-ms.author: deniseb
-author: denisebmsft
+author: emmwalshh
+ms.author: ewalsh
+ms.reviewer: joshbregman
 ms.localizationpriority: medium
 manager: deniseb
 audience: ITPro
@@ -29,7 +30,7 @@ ms.date: 03/25/2021
 **Platform**
 macOS
 
-This topic describes how to Troubleshoot cloud connectivity issues for Microsoft Defender for Endpoint on macOS.
+This article describes how to Troubleshoot cloud connectivity issues for Microsoft Defender for Endpoint on macOS.
 
 ## Run the connectivity test
 To test if Defender for Endpoint on Mac can communicate to the cloud with the current network settings, run a connectivity test from the command line:
@@ -38,7 +39,7 @@ To test if Defender for Endpoint on Mac can communicate to the cloud with the cu
 mdatp connectivity test
 ```
 
-expected output:
+Expected output:
 ```Bash
 Testing connection with https://cdn.x.cp.wd.microsoft.com/ping ... [OK]
 Testing connection with https://eu-cdn.x.cp.wd.microsoft.com/ping ... [OK]
@@ -56,18 +57,18 @@ Testing connection with https://uk-v20.events.data.microsoft.com/ping ... [OK]
 Testing connection with https://v20.events.data.microsoft.com/ping ... [OK]
 ```
 
-If the connectivity test fails, check if the device has Internet access and if [any of the endpoints required by the product](microsoft-defender-endpoint-mac.md#network-connections) are blocked by a proxy or firewall.
+If the connectivity test fails, check if the device has Internet access and if [any of the endpoints required by the product](microsoft-defender-endpoint-mac.md#network-connections) is blocked by a proxy or firewall.
 
-Failures with curl error 35 or 60 indicate certificate pinning rejection, which indicates a potential issue with SSL or HTTPS inspection. See instructions below regarding SSL inspection configuration.
+Failures with curl error 35 or 60 indicate certificate pinning rejection, which indicates a potential issue with SSL or HTTPS inspection. See instructions regarding SSL inspection configuration.
 
 ## Troubleshooting steps for environments without proxy or with Proxy autoconfig (PAC) or with Web Proxy Autodiscovery Protocol (WPAD)
-Use the following procedure to test that a connection is not blocked in an environment without a proxy or with Proxy autoconfig (PAC) or with Web Proxy Autodiscovery Protocol (WPAD).
+Use the following procedure to test that a connection isn't blocked in an environment without a proxy or with Proxy autoconfig (PAC) or with Web Proxy Autodiscovery Protocol (WPAD).
 
 If a proxy or firewall is blocking anonymous traffic, make sure that anonymous traffic is permitted in the previously listed URLs.
 
 > [!WARNING]
-> Authenticated proxies are not supported. Ensure that only PAC, WPAD, or a static proxy is being used. SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Microsoft Defender for Endpoint on macOS to the relevant URLs without interception. Adding your interception certificate to the global store will not allow for interception.
-To test that a connection is not blocked:
+> Authenticated proxies aren't supported. Ensure that only PAC, WPAD, or a static proxy is being used. SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Microsoft Defender for Endpoint on macOS to the relevant URLs without interception. Adding your interception certificate to the global store won't allow for interception.
+To test that a connection isn't blocked:
 In a browser such as Microsoft Edge for Mac or Safari open https://x.cp.wd.microsoft.com/api/report and https://cdn.x.cp.wd.microsoft.com/ping.
 
 Optionally, in Terminal, run the following command:
diff --git a/defender-xdr/mto-requirements.md b/defender-xdr/mto-requirements.md
index 01cb68d361..2809a9a203 100644
--- a/defender-xdr/mto-requirements.md
+++ b/defender-xdr/mto-requirements.md
@@ -8,15 +8,15 @@ ms.localizationpriority: medium
 manager: dansimp
 audience: ITPro
 ms.collection: 
-  - m365-security
-  - highpri
-  - tier1
-  - usx-security
+- m365-security
+- highpri
+- tier1
+- usx-security
 ms.topic: conceptual
-ms.date: 08/19/2024
+ms.date: 01/29/2025
 appliesto:
-  - Microsoft Defender XDR
-  - Microsoft Sentinel in the Microsoft Defender portal
+- Microsoft Defender XDR
+- Microsoft Sentinel in the Microsoft Defender portal
 ---
 
 # Set up Microsoft Defender multitenant management
@@ -81,8 +81,8 @@ The first time you use Microsoft Defender multitenant management, you need setup
 
 3. Choose the tenants you want to manage and select **Add**
 
->[!Note]
-> The Microsoft Defender multitenant view currently has a limit of 50 target tenants.
+> [!Note]
+> The Microsoft Defender multitenant view currently has a limit of 100 target tenants.
 
 The features available in multitenant management now appear on the navigation bar and you're ready to view and manage security data across all your tenants.