Reorganize security content

.openpublishing.redirection.json

@@ -1,5 +1,95 @@
 {
   "redirections": [
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/preventing-script-injection",
+      "source_path": "reference/docs-conceptual/dev-cross-plat/security/preventing-script-injection.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/securing-restricted-sessions",
+      "source_path": "reference/docs-conceptual/dev-cross-plat/security/securing-restricted-sessions.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/application-control",
+      "source_path": "reference/docs-conceptual/learn/application-control.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/ps-remoting-second-hop",
+      "source_path": "reference/docs-conceptual/learn/remoting/PS-remoting-second-hop.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/running-remote-commands",
+      "source_path": "reference/docs-conceptual/learn/remoting/Running-Remote-Commands.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/ssh-remoting-in-powershell",
+      "source_path": "reference/docs-conceptual/learn/remoting/SSH-Remoting-in-PowerShell.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/wsman-remoting-in-powershell",
+      "source_path": "reference/docs-conceptual/learn/remoting/WSMan-Remoting-in-PowerShell.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/winrm-security",
+      "source_path": "reference/docs-conceptual/learn/remoting/WinRMSecurity.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/jea/audit-and-report",
+      "source_path": "reference/docs-conceptual/learn/remoting/jea/audit-and-report.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/jea/overview",
+      "source_path": "reference/docs-conceptual/learn/remoting/jea/overview.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/jea/prerequisites",
+      "source_path": "reference/docs-conceptual/learn/remoting/jea/prerequisites.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/jea/register-jea",
+      "source_path": "reference/docs-conceptual/learn/remoting/jea/register-jea.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/jea/role-capabilities",
+      "source_path": "reference/docs-conceptual/learn/remoting/jea/role-capabilities.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/jea/security-considerations",
+      "source_path": "reference/docs-conceptual/learn/remoting/jea/security-considerations.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/jea/session-configurations",
+      "source_path": "reference/docs-conceptual/learn/remoting/jea/session-configurations.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/jea/using-jea",
+      "source_path": "reference/docs-conceptual/learn/remoting/jea/using-jea.md"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/remoting/powershell-remoting-faq",
+      "source_path": "reference/docs-conceptual/learn/remoting/powershell-remoting-faq.yml"
+    },
+    {
+      "redirect_document_id": true,
+      "redirect_url": "/powershell/scripting/security/security-features",
+      "source_path": "reference/docs-conceptual/learn/security-features.md"
+    },
     {
       "redirect_document_id": true,
       "redirect_url": "/powershell/scripting/what-is-windows-powershell",
@@ -31,18 +121,18 @@
       "source_path": "reference/docs-conceptual/learn/tutorials/01-discover-powershell.md"
     },
     {
-      "redirect_document_id": true,
-      "redirect_url": "/powershell/scripting/learn/remoting/wsman-remoting-in-powershell",
+      "redirect_document_id": false,
+      "redirect_url": "/powershell/scripting/security/remoting/wsman-remoting-in-powershell",
       "source_path": "reference/docs-conceptual/learn/remoting/wsman-remoting-in-powershell-core.md"
     },
     {
-      "redirect_document_id": true,
-      "redirect_url": "/powershell/scripting/learn/remoting/ssh-remoting-in-powershell",
+      "redirect_document_id": false,
+      "redirect_url": "/powershell/scripting/security/remoting/ssh-remoting-in-powershell",
       "source_path": "reference/docs-conceptual/learn/remoting/ssh-remoting-in-powershell-core.md"
     },
     {
       "redirect_document_id": false,
-      "redirect_url": "/powershell/scripting/learn/remoting/wsman-remoting-in-powershell",
+      "redirect_url": "/powershell/scripting/security/remoting/wsman-remoting-in-powershell",
       "source_path": "reference/docs-conceptual/learn/remoting/wsman-unsupported-for-nonwindows.md"
     },
     {

reference/docs-conceptual/learn/ps101/08-powershell-remoting.md

@@ -380,10 +380,9 @@ multiple commands against the same remote computer.
 - [PowerShell Remoting FAQ][PowerShell Remoting FAQ]
 
 <!-- link references -->
-[PowerShell Remoting FAQ]: ../remoting/powershell-remoting-faq.yml
+[PowerShell Remoting FAQ]: ../../security/remoting/powershell-remoting-faq.yml
 [about_Remote]: /powershell/module/microsoft.powershell.core/about/about_remote
 [about_Remote_Output]: /powershell/module/microsoft.powershell.core/about/about_remote_output
 [about_Remote_Requirements]: /powershell/module/microsoft.powershell.core/about/about_remote_requirements
 [about_Remote_Troubleshooting]: /powershell/module/microsoft.powershell.core/about/about_remote_troubleshooting
 [about_Remote_Variables]: /powershell/module/microsoft.powershell.core/about/about_remote_variables
-[Breaking changes in PowerShell 6.0]: /powershell/scripting/whats-new/breaking-changes-ps6#remove--protocol-from--computer-cmdlets-5277

reference/docs-conceptual/security/overview.yml

@@ -0,0 +1,98 @@
+### YamlMime:Landing
+title: PowerShell Security
+summary: Learn about PowerShell's best practices and features for security.
+
+metadata:
+  title: PowerShell Security
+  description: Learn about PowerShell's best practices and features for security.
+  ms.topic: landing-page
+  ms.date: 03/28/2024
+
+# linkListType: architecture | concept | deploy | download | get-started |
+#               how-to-guide | tutorial | overview | quickstart | reference |
+#               sample | tutorial | video | whats-new
+
+landingContent:
+  # Card
+  - title: Security features
+    linkLists:
+      - linkListType: overview
+        links:
+          - text: PowerShell security features
+            url: security-features.md
+          - text: Using Windows Defender Application Control
+            url: application-control.md
+      - linkListType: how-to-guide
+        links:
+          - text: Preventing script injection attacks
+            url: preventing-script-injection.md
+          - text: Securing a restricted PowerShell remoting session
+            url: securing-restricted-sessions.md
+
+  # Card
+  - title: PowerShell remoting
+    linkLists:
+      - linkListType: concept
+        links:
+          - text: Running remove commands
+            url: remoting/running-remote-commands.md
+          - text: Using WS-Management (WSMan) Remoting in PowerShell
+            url: remoting/wsman-remoting-in-powershell.md
+          - text: Security Considerations for PowerShell Remoting using WinRM
+            url: remoting/winrm-security.md
+          - text: PowerShell Remoting FAQ
+            url: remoting/powershell-remoting-faq.yml
+      - linkListType: how-to-guide
+        links:
+          - text: Making the second hop in PowerShell Remoting
+            url: remoting/ps-remoting-second-hop.md
+          - text: PowerShell remoting over SSH
+            url: remoting/ssh-remoting-in-powershell.md
+
+  # Card
+  - title: Just Enough Administration (JEA)
+    linkLists:
+      - linkListType: concept
+        links:
+          - text: Overview
+            url: remoting/jea/overview.md
+          - text: Prerequisites
+            url: remoting/jea/prerequisites.md
+          - text: JEA Role Capabilities
+            url: remoting/jea/role-capabilities.md
+          - text: Session configurations
+            url: remoting/jea/session-configurations.md
+          - text: Security considerations
+            url: remoting/jea/security-considerations.md
+      - linkListType: how-to-guide
+        links:
+          - text: Registering JEA Configurations
+            url: remoting/jea/register-jea.md
+          - text: Using JEA
+            url: remoting/jea/using-jea.md
+          - text: Auditing and Reporting on JEA
+            url: remoting/jea/audit-and-report.md
+
+  # Card
+  - title: Managing secrets
+    linkLists:
+      - linkListType: concept
+        links:
+          - text: Overview of the SecretManagement and SecretStore modules
+            url: /powershell/utility-modules/secretmanagement/overview
+          - text: Understanding the security features of SecretManagement and SecretStore
+            url: /powershell/utility-modules/secretmanagement/security-concepts
+      - linkListType: how-to-guide
+        links:
+          - text: Managing a SecretStore vault
+            url: /powershell/utility-modules/secretmanagement/how-to/manage-secretstore
+          - text: Use the SecretStore in automation
+            url: /powershell/utility-modules/secretmanagement/how-to/using-secrets-in-automation
+          - text: Use Azure Key Vault in automation
+            url: /powershell/utility-modules/secretmanagement/how-to/using-azure-keyvault
+      - linkListType: reference
+        links:
+          - text: Microsoft.PowerShell.SecretManagement module
+            url: /powershell/module/microsoft.powershell.secretmanagement
+          - text: Microsoft.PowerShell.SecretStore module
+            url: /powershell/module/microsoft.powershell.secretstore

reference/docs-conceptual/learn/remoting/PS-remoting-second-hop.md → reference/docs-conceptual/security/remoting/PS-remoting-second-hop.md

@@ -352,6 +352,6 @@ Invoke-Command -ComputerName ServerB -Credential $cred -ScriptBlock {
 [17]: https://www.itprotoday.com/windows-server/how-windows-server-2012-eases-pain-kerberos-constrained-delegation-part-2
 [18]: https://www.microsoft.com/download/details.aspx?id=36036
 [19]: https://www.powershellmagazine.com/2014/03/06/accidental-sabotage-beware-of-credssp
-[20]: WinRMSecurity.md
+[20]: winrm-security.md
 [MS-ADA2]: /openspecs/windows_protocols/ms-ada2/cea4ac11-a4b2-4f2d-84cc-aebb4a4ad405
 [MS-SFU]: /openspecs/windows_protocols/ms-sfu/bde93b0e-f3c9-4ddf-9f44-e1453be7af5a

reference/docs-conceptual/learn/remoting/Running-Remote-Commands.md → reference/docs-conceptual/security/remoting/Running-Remote-Commands.md

@@ -185,8 +185,8 @@ For help with remoting errors, see [about_Remote_Troubleshooting][05].
 [06]: /powershell/module/microsoft.wsman.management/about/about_ws-management_cmdlets
 [07]: /powershell/module/microsoft.wsman.management/about/about_wsman_provider
 [08]: powershell-remoting-faq.yml
-[09]: SSH-Remoting-in-PowerShell-Core.md
-[10]: WSMan-Remoting-in-PowerShell-Core.md
+[09]: ssh-remoting-in-powershell.md
+[10]: wsman-remoting-in-powershell.md
 [11]: xref:Microsoft.PowerShell.Core.Enter-PSSession
 [12]: xref:Microsoft.PowerShell.Core.Exit-PSSession
 [13]: xref:Microsoft.PowerShell.Core.Invoke-Command

reference/docs-conceptual/dev-cross-plat/security/securing-restricted-sessions.md → reference/docs-conceptual/security/securing-restricted-sessions.md

@@ -95,6 +95,6 @@ By default, the PowerShell debugger runs code in `FullLanguage` mode. Set the
 For more information, see [UseFullLanguageModeInDebugger][02].
 
 <!-- link references -->
-[01]: ../../learn/remoting/jea/overview.md
+[01]: remoting/jea/overview.md
 [02]: /dotnet/api/system.management.automation.sessionstate.usefulllanguagemodeindebugger?#system-management-automation-sessionstate-usefulllanguagemodeindebugger
 [03]: /powershell/module/microsoft.powershell.core/about/about_language_modes

reference/docs-conceptual/toc.yml

@@ -198,44 +198,6 @@ items:
                 href: samples/multiple-selection-list-boxes.md
               - name: Selecting items from a list box
                 href: samples/selecting-items-from-a-list-box.md
-      - name: PowerShell remoting
-        items:
-          - name: Just Enough Administration (JEA)
-            items:
-              - name: Overview
-                href: learn/remoting/jea/overview.md
-              - name: Prerequisites
-                href: learn/remoting/jea/prerequisites.md
-              - name: Role Capabilities
-                href: learn/remoting/jea/role-capabilities.md
-              - name: Session Configurations
-                href: learn/remoting/jea/session-configurations.md
-              - name: Registering JEA
-                href: learn/remoting/jea/register-jea.md
-              - name: Using JEA
-                href: learn/remoting/jea/using-jea.md
-              - name: Security Considerations
-                href: learn/remoting/jea/security-considerations.md
-              - name: Audit and Report on JEA
-                href: learn/remoting/jea/audit-and-report.md
-          - name: Running remote commands
-            href: learn/remoting/running-remote-commands.md
-          - name: PowerShell remoting over SSH
-            href: learn/remoting/ssh-remoting-in-powershell.md
-          - name: WS-Management (WSMan) remoting in PowerShell
-            href: learn/remoting/wsman-remoting-in-powershell.md
-          - name: WinRM Security
-            href: learn/remoting/winrmsecurity.md
-          - name: Making the second hop in PowerShell Remoting
-            href: learn/remoting/ps-remoting-second-hop.md
-          - name: PowerShell Remoting FAQ
-            href: learn/remoting/powershell-remoting-faq.yml
-      - name: PowerShell security
-        items:
-          - name: PowerShell security features
-            href: learn/security-features.md
-          - name: Using Application Control
-            href: learn/application-control.md
       - name: Using Experimental Features
         href: learn/experimental-features.md
       - name: Compatibility aliases
@@ -331,6 +293,50 @@ items:
         href: windows-powershell/starting-windows-powershell.md
       - name: Windows Management Framework (WMF)
         href: windows-powershell/wmf-overview.md
+  - name: Security
+    items:
+      - name: Overview
+        href: security/overview.yml
+      - name: PowerShell security features
+        href: security/security-features.md
+      - name: Using Application Control
+        href: security/application-control.md
+      - name: Preventing script injection attacks
+        href: security/preventing-script-injection.md
+      - name: Securing a restricted PowerShell remoting session
+        href: security/securing-restricted-sessions.md
+      - name: PowerShell remoting
+        items:
+          - name: Just Enough Administration (JEA)
+            items:
+              - name: Overview
+                href: security/remoting/jea/overview.md
+              - name: Prerequisites
+                href: security/remoting/jea/prerequisites.md
+              - name: Role Capabilities
+                href: security/remoting/jea/role-capabilities.md
+              - name: Session Configurations
+                href: security/remoting/jea/session-configurations.md
+              - name: Registering JEA
+                href: security/remoting/jea/register-jea.md
+              - name: Using JEA
+                href: security/remoting/jea/using-jea.md
+              - name: Security Considerations
+                href: security/remoting/jea/security-considerations.md
+              - name: Audit and Report on JEA
+                href: security/remoting/jea/audit-and-report.md
+          - name: Running remote commands
+            href: security/remoting/running-remote-commands.md
+          - name: PowerShell remoting over SSH
+            href: security/remoting/ssh-remoting-in-powershell.md
+          - name: WS-Management (WSMan) remoting in PowerShell
+            href: security/remoting/wsman-remoting-in-powershell.md
+          - name: WinRM Security
+            href: security/remoting/winrm-security.md
+          - name: Making the second hop in PowerShell Remoting
+            href: security/remoting/ps-remoting-second-hop.md
+          - name: PowerShell Remoting FAQ
+            href: security/remoting/powershell-remoting-faq.yml
   - name: Desired State Configuration (DSC)
     href: dsc/overview.md
   - name: PowerShell Gallery
@@ -375,12 +381,6 @@ items:
             href: dev-cross-plat/performance/script-authoring-considerations.md
           - name: Module performance considerations
             href: dev-cross-plat/performance/module-authoring-considerations.md
-      - name: Security considerations
-        items:
-          - name: Preventing script injection attacks
-            href: dev-cross-plat/security/preventing-script-injection.md
-          - name: Securing a restricted PowerShell remoting session
-            href: dev-cross-plat/security/securing-restricted-sessions.md
       - name: Developing modern modules
         items:
           - name: Writing portable modules

reference/docs-conceptual/whats-new/What-s-New-in-PowerShell-74.md

@@ -215,7 +215,7 @@ For more information about the Experimental Features, see [Using Experimental Fe
 <!-- end of content -->
 <!-- reference links -->
 [01]: ../install/installing-powershell-on-windows.md
-[02]: ../learn/application-control.md#wdac-policy-auditing
+[02]: ../security/application-control.md#wdac-policy-auditing
 [03]: ../learn/experimental-features.md
 [04]: ../learn/experimental-features.md#pscommandnotfoundsuggestion
 [05]: ../learn/experimental-features.md#pscommandwithargs