items:
- name: Microsoft Defender for Identity Documentation
  href: index.yml
- name: Overview
  items:
  - name: What is Microsoft Defender for Identity
    href: what-is.md
  - name: What's new?
    href: whats-new.md
  - name: Deploy and monitor for Zero Trust
    href: zero-trust.md
  - name: Defender for Identity in the Microsoft Defender portal
    href: microsoft-365-security-center-mdi.md
  - name: Pilot Microsoft Defender XDR
    href: /defender-xdr/pilot-deploy-overview?toc=/defender-for-identity/toc.json&bc=/defender-for-identity/breadcrumb/toc.json
  - name: Defender for Identity for US Government
    href: us-govt-gcc-high.md
- name: Deploy
  items:
  - name: Plan and prepare
    items:
    - name: Roles and permissions
      href: role-groups.md
    - name: Capacity planning
      href: deploy/capacity-planning.md
  - name: Deploy a sensor
    items:
    - name: Deployment overview
      href: deploy/deploy-defender-identity.md
    - name: Deploy the Defender for Identity sensor v2.x
      items:
        - name: Prerequisites
          href: deploy/prerequisites-sensor-version-2.md
        - name: Multi-forest considerations
          href: deploy/multi-forest.md
        - name: Connect to the Defender for Identity service
          href: deploy/configure-proxy.md
        - name: Test connectivity settings
          href: deploy/test-connectivity.md
        - name: Download the Defender for Identity sensor
          href: deploy/download-sensor.md
        - name: Install the Defender for Identity sensor
          href: deploy/install-sensor.md
        - name: Configure the Defender for Identity sensor
          href: deploy/configure-sensor-settings.md
        - name: Configure sensors for AD FS, AD CS, and Entra Connect
          href: deploy/active-directory-federation-services.md
        - name: Configure a Directory Service account
          items:
          - name: Overview
            href: deploy/directory-service-accounts.md
            displayName: Directory Service Account, DSA
          - name: Configure a DSA with a gMSA
            href: deploy/create-directory-service-account-gmsa.md
        - name: Configure action accounts
          href: deploy/manage-action-accounts.md
        - name: Deploy a standalone sensor
          items:
          - name: Prerequisites for a standalone sensor
            href: deploy/prerequisites-standalone.md
          - name: Configure port mirroring
            href: deploy/configure-port-mirroring.md
            displayName: standalone
          - name: Configure Windows Event Forwarding
            href: deploy/configure-event-forwarding.md
            displayName: standalone
          - name: Listen for SIEM events
            href: deploy/configure-event-collection.md
            displayName: standalone
    - name: Deploy the Defender for Identity sensor v3.x
      items:
        - name: Prerequisites
          href: deploy/prerequisites-sensor-version-3.md
        - name: Activate the Defender for Identity sensor
          href: deploy/activate-sensor.md
    - name: Migrate from sensor v2 to sensor v3 (Preview)
      href: deploy/migrate-to-sensor-v3.md
    - name: Validate the sensor deployment
      href: deploy/test-sensor.md
  - name: Configure event collection
    items:
      - name: Event collection overview 
        href: deploy/event-collection-overview.md
      - name: Configure audit policies for Windows event logs
        href: deploy/configure-windows-event-collection.md
- name: Integrate with identity services
  items:
    - name: Microsoft Defender for Identity and CyberArk
      items:
        - name: Overview (Preview)
          href: defender-for-identity-cyber-ark-overview.md
        - name: Connect CyberArk to Microsoft Defender for Identity (Preview)
          href: connect-cyber-ark.md
    - name: Microsoft Defender for Identity and Okta
      items:
      - name: Overview
        href: okta-defender-for-identity-overview.md
      - name: Connect Okta to Microsoft Defender for Identity (Preview)
        href: okta-integration.md
    - name: Microsoft Defender for Identity and SailPoint 
      items:
      - name: Overview (Preview)
        href: sail-point-overview.md
      - name: Connect SailPoint to Microsoft Defender for Identity (Preview)
        href: connect-sail-point.md
    - name: Integrate Defender for Identity with PAM services
      href: integrate-microsoft-and-pam-services.md

- name: Discover
  items:
  - name: View the identity security dashboard
    href: dashboard.md
  - name: Identity security initiative (Preview)
    href: identity-security-initiative.md
  - name: Identity password protection
    href: password-protection.md
  - name: Active Directory domain security
    href: investigate-domain.md
  - name: View service accounts
    href: service-account-discovery.md
  - name: Security posture assessments
    items:
    - name: Overview
      href: security-assessment.md
    - name: Hybrid security-posture assessments
      href: security-posture-assessments/hybrid-security.md
    - name: Identity infrastructure security posture assessments
      href: security-posture-assessments/identity-infrastructure.md
    - name: Certificates security posture assessments
      href: security-posture-assessments/certificates.md
    - name: Group policy security posture assessments
      href: security-posture-assessments/group-policy.md
    - name: Accounts security posture assessments
      href: security-posture-assessments/accounts.md
    - name: Cloud identities security posture assessments
      href: security-posture-assessments/cloud-identities.md
- name: Detect
  items:
  - name: Security alerts overview
    href: alerts-overview.md
  - name: Classic alerts reference
    href: alerts-mdi-classic.md
  - name: Defender for Identity alerts in Defender format
    href: alerts-xdr.md
  - name: View and manage security alerts
    href: understanding-security-alerts.md
  - name: Monitored activities reference
    href: monitored-activities.md
  - name: Network Name Resolution (NNR)
    href: nnr-policy.md
- name: Investigate
  items:
  - name: View the identity inventory
    href: identity-inventory.md
  - name: Investigate a human identity
    href: /defender-xdr/investigate-users?toc=/defender-for-identity/toc.json&bc=/defender-for-identity/breadcrumb/toc.json
  - name: Investigate a non-human identity
    href: /defender-xdr/investigate-non-human-identities?toc=/defender-for-identity/toc.json&bc=/defender-for-identity/breadcrumb/toc.json
  - name: Investigate security alerts
    href: investigate-security-alerts.md
- name: Respond
  items:
  - name: Remediation actions
    href: remediation-actions.md
- name: Manage and configure
  items:
  - name: Manage your identities
    items:
    - name: Manage related identities and accounts
      href: manage-related-identities-accounts.md
    - name: Create custom account correlation rules
      href: custom-account-correlation-rules.md
  - name: View and manage health issues
    href: health-alerts.md
  - name: Best practices for security testing
    href: security-testing-best-practices.md
  - name: Defender for Identity reports
    href: reports.md
  - name: Settings
    items:
    - name: About page
      href: settings-about.md
    - name: Manage and update sensors
      href: sensor-settings.md
    - name: Uninstall a sensor
      href: uninstall-sensor.md
    - name: View and manage health issues
      href: health-alerts.md
    - name: Configure scoped access
      href: configure-scoped-access.md
    - name: VPN integration
      href: vpn-integration.md
    - name: Set entity tags
      href: entity-tags.md
    - name: Configure detection exclusions
      href: exclusions.md
    - name: Email and syslog notifications
      href: notifications.md
    - name: Adjust alert thresholds
      href: advanced-settings.md
      displayName: advanced settings
  - name: Troubleshooting
    items:
    - name: Troubleshooting known issues
      href: troubleshooting-known-issues.md
    - name: Troubleshoot using logs
      href: troubleshooting-using-logs.md
- name: Reference
  items:
  - name: Operations guide
    items:
    - name: Overview
      displayName: operations guide
      href: ops-guide/ops-guide.md
    - name: Daily activities
      href: ops-guide/ops-guide-daily.md
    - name: Weekly activities
      href: ops-guide/ops-guide-weekly.md
    - name: Monthly activities
      href: ops-guide/ops-guide-monthly.md
    - name: Quarterly / Ad-hoc activities
      href: ops-guide/ops-guide-quarterly.md
  - name: Frequently asked questions
    href: technical-faq.yml
  - name: SIEM log reference
    href: cef-format-sa.md
  - name: PowerShell
    href: /powershell/defenderforidentity/overview-defenderforidentity
  - name: Defender for Identity data security and privacy
    href: privacy-compliance.md
  - name: Security baseline
    href: /security/benchmark/azure/baselines/defender-for-identity-security-baseline?toc=/defender-for-identity/toc.json
  - name: What's new archive
    href: whats-new-archive.md
  - name: Migrate from Advanced Threat Analytics (ATA)
    href: migrate-from-ata-overview.md
- name: Microsoft Defender XDR Docs
  items:
  - name: Microsoft Defender XDR
    href: /microsoft-365/security/defender/
  - name: Microsoft Defender for Office 365
    href: /microsoft-365/security/office-365-security/
  - name: Microsoft Defender for Endpoint
    href: /microsoft-365/security/defender-endpoint/
  - name: Microsoft Defender for Cloud Apps
    href: /cloud-app-security/
  - name: Microsoft Defender Vulnerability Management
    href: /microsoft-365/security/defender-vulnerability-management/