MicrosoftDocs · chrisda · Dec 3, 2020 · Dec 3, 2020
diff --git a/exchange/exchange-ps/exchange/Disable-SafeAttachmentRule.md b/exchange/exchange-ps/exchange/Disable-SafeAttachmentRule.md
@@ -30,7 +30,7 @@ Disable-SafeAttachmentRule [-Identity] <RuleIdParameter>
 ```
 
 ## DESCRIPTION
-Safe Attachments is a feature in Advanced Threat Protection that opens email attachments in a special hypervisor environment to detect malicious activity. For more information, see [Safe Attachments in Office 365 ATP](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-safe-attachments).
+Safe Attachments is a feature in Microsoft Defender for Office 365 that opens email attachments in a special hypervisor environment to detect malicious activity. For more information, see [Safe Attachments in Defender for Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-safe-attachments).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 

diff --git a/exchange/exchange-ps/exchange/Disable-SafeLinksRule.md b/exchange/exchange-ps/exchange/Disable-SafeLinksRule.md
@@ -30,7 +30,7 @@ Disable-SafeLinksRule [-Identity] <RuleIdParameter>
 ```
 
 ## DESCRIPTION
-Safe Links is a feature in Advanced Threat Protection that checks links in email messages to see if they lead to malicious web sites. When a user clicks a link in a message, the URL is temporarily rewritten and checked against a list of known, malicious web sites. Safe Links includes the URL trace reporting feature to help determine who has clicked through to a malicious web site.
+Safe Links is a feature in Microsoft Defender for Office 365 that checks links in email messages to see if they lead to malicious web sites. When a user clicks a link in a message, the URL is temporarily rewritten and checked against a list of known, malicious web sites. Safe Links includes the URL trace reporting feature to help determine who has clicked through to a malicious web site.
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 

diff --git a/exchange/exchange-ps/exchange/Enable-SafeAttachmentRule.md b/exchange/exchange-ps/exchange/Enable-SafeAttachmentRule.md
@@ -30,7 +30,7 @@ Enable-SafeAttachmentRule [-Identity] <RuleIdParameter>
 ```
 
 ## DESCRIPTION
-Safe Attachments is a feature in Advanced Threat Protection that opens email attachments in a special hypervisor environment to detect malicious activity. For more information, see [Safe Attachments in Office 365 ATP](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-safe-attachments).
+Safe Attachments is a feature in Microsoft Defender for Office 365 that opens email attachments in a special hypervisor environment to detect malicious activity. For more information, see [Safe Attachments in Defender for Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-safe-attachments).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 

diff --git a/exchange/exchange-ps/exchange/Enable-SafeLinksRule.md b/exchange/exchange-ps/exchange/Enable-SafeLinksRule.md
@@ -30,7 +30,7 @@ Enable-SafeLinksRule [-Identity] <RuleIdParameter>
 ```
 
 ## DESCRIPTION
-Safe Links is a feature in Advanced Threat Protection that checks links in email messages to see if they lead to malicious web sites. When a user clicks a link in a message, the URL is temporarily rewritten and checked against a list of known, malicious web sites. Safe Links includes the URL trace reporting feature to help determine who has clicked through to a malicious web site.
+Safe Links is a feature in Microsoft Defender for Office 365 that checks links in email messages to see if they lead to malicious web sites. When a user clicks a link in a message, the URL is temporarily rewritten and checked against a list of known, malicious web sites. Safe Links includes the URL trace reporting feature to help determine who has clicked through to a malicious web site.
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 

diff --git a/exchange/exchange-ps/exchange/Export-QuarantineMessage.md b/exchange/exchange-ps/exchange/Export-QuarantineMessage.md
@@ -16,7 +16,7 @@ This cmdlet is available only in the cloud-based service.
 
 Use the Export-QuarantineMessage cmdlet to export quarantined messages and files from your cloud-based organization. Messages are exported to .eml message files so you can open them in Outlook.
 
-For files that are protected by Office 365 Advanced Threat Protection in SharePoint Online, OneDrive for Business and Microsoft Teams, the files are exported in Base64 format.
+For files that were quarantined by Safe Attachments for SharePoint, OneDrive, and Microsoft Teams, the files are exported in Base64 format.
 
 **Note**: We recommend that you use the Exchange Online PowerShell V2 module to connect to Exchange Online PowerShell. For instructions, see [Connect to Exchange Online PowerShell](https://docs.microsoft.com/powershell/exchange/connect-to-exchange-online-powershell).
 

diff --git a/exchange/exchange-ps/exchange/Get-ATPTotalTrafficReport.md b/exchange/exchange-ps/exchange/Get-ATPTotalTrafficReport.md
@@ -14,7 +14,7 @@ ms.reviewer:
 ## SYNOPSIS
 This cmdlet is available only in the cloud-based service.
 
-Use the Get-ATPTotalTrafficReport to view details about message traffic in your organization.
+Use the Get-ATPTotalTrafficReport to view details about message traffic in your Microsoft Defender for Office 365 organization.
 
 **Note**: We recommend that you use the Exchange Online PowerShell V2 module to connect to Exchange Online PowerShell. For instructions, see [Connect to Exchange Online PowerShell](https://docs.microsoft.com/powershell/exchange/connect-to-exchange-online-powershell).
 

diff --git a/exchange/exchange-ps/exchange/Get-AdvancedThreatProtectionDocumentDetail.md b/exchange/exchange-ps/exchange/Get-AdvancedThreatProtectionDocumentDetail.md
@@ -12,7 +12,9 @@ ms.reviewer:
 # Get-AdvancedThreatProtectionDocumentDetail
 
 ## SYNOPSIS
-This cmdlet is available only in the cloud-based service. Use the Get-AdvancedThreatProtectionDocumentDetailReport cmdlet to view the results of Office 365 Advanced Threat Protection (ATP) actions for files in SharePoint Online, OneDrive for Business and Microsoft Teams in your cloud-based organization.
+This cmdlet is available only in the cloud-based service.
+
+Use the Get-AdvancedThreatProtectionDocumentDetailReport cmdlet to view the detailed results of Safe Attachments for SharePoint, OneDrive, and Microsoft Teams in your Microsoft Defender for Office 365 organization.
 
 **Note**: We recommend that you use the Exchange Online PowerShell V2 module to connect to Exchange Online PowerShell. For instructions, see [Connect to Exchange Online PowerShell](https://docs.microsoft.com/powershell/exchange/connect-to-exchange-online-powershell).
 
@@ -47,7 +49,7 @@ For the reporting period and organization you specify, the cmdlet returns the fo
 - Timestamp
 - Workload
 
-For more information about this feature, see [ATP for SharePoint, OneDrive, and Microsoft Teams](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams).
+For more information about this feature, see [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 
@@ -58,7 +60,7 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 Get-AdvancedThreatProtectionDocumentDetail -Organization contoso.com -StartDate "4/26/2016" -EndDate "4/28/2016" | Format-Table
 ```
 
-This example returns the detailed report of ATP detections during the specified date range.
+This example returns the detailed report of detections during the specified date range.
 
 ## PARAMETERS
 

diff --git a/exchange/exchange-ps/exchange/Get-AdvancedThreatProtectionDocumentReport.md b/exchange/exchange-ps/exchange/Get-AdvancedThreatProtectionDocumentReport.md
@@ -14,7 +14,7 @@ ms.reviewer:
 ## SYNOPSIS
 This cmdlet is available only in the cloud-based service.
 
-Use the Get-AdvancedThreatProtectionDocumentReport cmdlet to view the results of Office 365 Advanced Threat Protection (ATP) actions for files in SharePoint Online, OneDrive for Business and Microsoft Teams in your cloud-based organization.
+Use the Get-AdvancedThreatProtectionDocumentReport cmdlet to view the results of Safe Attachments for SharePoint, OneDrive, and Microsoft Teams in your Microsoft Defender for Office 365 organization.
 
 **Note**: We recommend that you use the Exchange Online PowerShell V2 module to connect to Exchange Online PowerShell. For instructions, see [Connect to Exchange Online PowerShell](https://docs.microsoft.com/powershell/exchange/connect-to-exchange-online-powershell).
 
@@ -38,7 +38,7 @@ Get-AdvancedThreatProtectionDocumentReport
 ```
 
 ## DESCRIPTION
-For more information about this feature, see [ATP for SharePoint, OneDrive, and Microsoft Teams](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams).
+For more information about this feature, see [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams).
 
 For the reporting period and organization you specify, the cmdlet returns the following information:
 
@@ -58,7 +58,7 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 Get-AdvancedThreatProtectionTrafficReport -Organization contoso.com -StartDate "4/26/2018" -EndDate "4/28/2018" | Format-Table
 ```
 
-This example returns the aggregated report of ATP detections for the specified organization during the specified date range.
+This example returns the aggregated report of detections for the specified organization during the specified date range.
 
 ## PARAMETERS
 

diff --git a/exchange/exchange-ps/exchange/Get-AdvancedThreatProtectionTrafficReport.md b/exchange/exchange-ps/exchange/Get-AdvancedThreatProtectionTrafficReport.md
@@ -40,9 +40,9 @@ Get-AdvancedThreatProtectionTrafficReport [-Action <MultiValuedProperty>]
 ```
 
 ## DESCRIPTION
-Safe Attachments is a feature in Advanced Threat Protection that opens email attachments in a special hypervisor environment to detect malicious activity.
+Safe Attachments is a feature in Microsoft Defender for Office 365 that opens email attachments in a special hypervisor environment to detect malicious activity.
 
-Safe Links is a feature in Advanced Threat Protection that checks links in email messages to see if they lead to malicious web sites. When a user clicks a link in a message, the URL is temporarily rewritten and checked against a list of known, malicious web sites. Safe Links includes the URL trace reporting feature to help determine who has clicked through to a malicious web site.
+Safe Links is a feature in Microsoft Defender for Office 365 that checks links in email messages to see if they lead to malicious web sites. When a user clicks a link in a message, the URL is temporarily rewritten and checked against a list of known, malicious web sites. Safe Links includes the URL trace reporting feature to help determine who has clicked through to a malicious web site.
 
 For the reporting period you specify, the cmdlet returns the following information:
 

diff --git a/exchange/exchange-ps/exchange/Get-AntiPhishPolicy.md b/exchange/exchange-ps/exchange/Get-AntiPhishPolicy.md
@@ -79,7 +79,7 @@ The Advanced switch filters the properties that are returned to the advanced set
 
 You don't need to specify a value with this switch.
 
-Advanced settings are only available in ATP anti-phishing policies.
+Advanced settings are only available in anti-phishing policies in Microsoft Defender for Office 365.
 
 ```yaml
 Type: SwitchParameter
@@ -119,7 +119,7 @@ The Impersonation switch filters the properties that are returned to the imperso
 
 You don't need to specify a value with this switch.
 
-Impersonation settings are only available in ATP anti-phishing policies.
+Impersonation settings are only available in anti-phishing policies in Microsoft Defender for Office 365.
 
 ```yaml
 Type: SwitchParameter

diff --git a/exchange/exchange-ps/exchange/Get-AtpPolicyForO365.md b/exchange/exchange-ps/exchange/Get-AtpPolicyForO365.md
@@ -14,11 +14,11 @@ ms.reviewer:
 ## SYNOPSIS
 This cmdlet is available only in the cloud-based service.
 
-Use the Get-AtpPolicyForO365 cmdlet to view the Advanced Threat Protection (ATP) policy in Office 365. The ATP policy enables the following protections:
+Use the Get-AtpPolicyForO365 cmdlet to view the settings for the following features in Microsoft Defender for Office 365:
 
-- Safe Links for Office 365 ProPlus desktop clients and Office Mobile apps.
-- Safe Documents: Before a user is allowed to trust a file open in Office 365 ProPlus, the file will be verified by Microsoft Defender ATP.
-- ATP to protect files in SharePoint Online, OneDrive for Business and Microsoft Teams.
+- Safe Links protection for supported Office 365 apps.
+- Safe Documents: Uses Microsoft Defender for Endpoint to scan documents and files that are opened in Protected View in Microsoft 365 apps for enterprise.
+- Safe Attachments for SharePoint, OneDrive, and Microsoft Teams.
 
 **Note**: We recommend that you use the Exchange Online PowerShell V2 module to connect to Exchange Online PowerShell. For instructions, see [Connect to Exchange Online PowerShell](https://docs.microsoft.com/powershell/exchange/connect-to-exchange-online-powershell).
 
@@ -32,9 +32,11 @@ Get-AtpPolicyForO365 [[-Identity] <AtpPolicyForO365IdParameter>]
 ```
 
 ## DESCRIPTION
-Safe Links is a feature in Advanced Threat Protection that checks links in email messages to see if they lead to malicious web sites. For more information, see [Office 365 ATP Safe Links](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-safe-links).
+Safe Links protection for Office 365 apps checks links in Office documents, not links in email messages. For more information, see [Safe Links settings for Office 365 apps](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-safe-links#safe-links-settings-for-office-365-apps).
 
-ATP can also protect files in SharePoint Online, OneDrive for Business and Microsoft Teams by preventing users from opening and downloading files that are identified as malicious. For more information, see [ATP for SharePoint, OneDrive, and Microsoft Teams](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams).
+Safe Documents scans documents and files that are opened in Protected View. For more information, see [Safe Documents in Microsoft 365 E5](https://docs.microsoft.com/microsoft-365/security/office-365-security/safe-docs).
+
+Safe Attachments for SharePoint, OneDrive, and Microsoft Teams prevents users from opening and downloading files that are identified as malicious. For more information, see [Safe Attachments for SharePoint, OneDrive, and Microsoft Teams](https://docs.microsoft.com/microsoft-365/security/office-365-security/atp-for-spo-odb-and-teams).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 
@@ -45,12 +47,12 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 Get-AtpPolicyForO365
 ```
 
-This example returns detailed information about the ATP policy named Default
+This example returns detailed information about the default policy.
 
 ## PARAMETERS
 
 ### -Identity
-The Identity parameter specifies the ATP policy that you want to modify. There's only one policy named Default.
+The Identity parameter specifies the policy that you want to modify. There's only one policy named Default.
 
 ```yaml
 Type: AtpPolicyForO365IdParameter