sanity

batamig · batamig · commit 072551181543 · 2025-02-16T14:39:47.000+02:00
diff --git a/articles/sentinel/resources.md b/articles/sentinel/resources.md
@@ -31,9 +31,9 @@ The following table compares Microsoft Sentinel playbooks, workbooks, and notebo
 
 |Resource  |Persona  | Use and examples | Advantages  | Challenges |
 |---------|---------|---------|---------|---------|
-|**[Workbooks](monitor-your-data.md)**     |  <ul><li> SOC engineers</li><li>Analysts of all tiers</li></ul>          | <ul><li>Visualize and monitor data. For example, creating interactive reports and dashboards to analyze security data, such as to display trends and patterns in security alerts.</li></ul>          | <ul><li>Best for a high-level view of Microsoft Sentinel data </li><li>No coding knowledge required</li></ul>       | <ul><li>Can't integrate with external data </li></ul>    |
-|**[Notebooks](notebooks.md)**     |  <ul><li>Threat hunters and Tier-2/Tier-3 analysts</li><li>Incident investigators</li><li>Data scientists</li><li>Security researchers</li></ul>        |<ul><li>Perform advanced data analysis and investigations. </li><li>Data enrichment with TI, GeoIP lookups, and WhoIs lookups, and more </li><li> Investigation </li><li> Visualization </li><li> Hunting </li><li>Machine learning and big data analytics </li></ul> For example, analyzing large datasets to identify anomalies or potential threats.         | <ul><li>Best for complex chains of repeatable tasks </li><li>Ad-hoc, more procedural control</li><li>Easier to pivot with interactive functionality </li><li>Rich Python libraries for data manipulation and visualization </li><li>Machine learning and custom analysis </li><li>Easy to document and share analysis evidence </li></ul>        |   <ul><li> High learning curve and requires coding knowledge </li></ul>   |
-|**[Playbooks](automate-responses-with-playbooks.md)**     |  <ul><li>SOC engineers</li><li>Analysts of all tiers</li></ul>          |  Automation of simple, repeatable tasks:<ul><li>Ingesting external data </li><li>Data enrichment with TI, GeoIP lookups, and more </li><li> Investigation </li><li>Remediation </li></ul> For example, running preconfigured remediation actions to automatically isolate a compromised device.      |   <ul><li> Best for single, repeatable tasks </li><li>No coding knowledge required  </li></ul>      |    <ul><li>Not suitable for ad-hoc and complex chains of tasks </li><li>Not ideal for documenting and sharing evidence</li></ul>     | 
+|**[Workbooks](monitor-your-data.md)**     |  <ul><li> SOC engineers</li><li>Analysts of all tiers</li></ul>          | <ul><li>Visualize and monitor data. <br><br> For example, creating interactive reports and dashboards to analyze security data, such as to display trends and patterns in security alerts.</li></ul>          | <ul><li>Best for a high-level view of Microsoft Sentinel data </li><li>No coding knowledge required</li></ul>       | <ul><li>Can't integrate with external data </li></ul>    |
+|**[Notebooks](notebooks.md)**     |  <ul><li>Threat hunters and Tier-2/Tier-3 analysts</li><li>Incident investigators</li><li>Data scientists</li><li>Security researchers</li></ul>        |<ul><li>Perform advanced data analysis and investigations. </li><li>Data enrichment with TI, GeoIP lookups, and WhoIs lookups, and more </li><li> Investigation </li><li> Visualization </li><li> Hunting </li><li>Machine learning and big data analytics </li></ul> <br><br>For example, analyzing large datasets to identify anomalies or potential threats.         | <ul><li>Best for complex chains of repeatable tasks </li><li>Ad-hoc, more procedural control</li><li>Easier to pivot with interactive functionality </li><li>Rich Python libraries for data manipulation and visualization </li><li>Machine learning and custom analysis </li><li>Easy to document and share analysis evidence </li></ul>        |   <ul><li> High learning curve and requires coding knowledge </li></ul>   |
+|**[Playbooks](automate-responses-with-playbooks.md)**     |  <ul><li>SOC engineers</li><li>Analysts of all tiers</li></ul>          |  Automation of simple, repeatable tasks:<ul><li>Ingesting external data </li><li>Data enrichment with TI, GeoIP lookups, and more </li><li> Investigation </li><li>Remediation </li></ul> <br><br>For example, running preconfigured remediation actions to automatically isolate a compromised device.      |   <ul><li> Best for single, repeatable tasks </li><li>No coding knowledge required  </li></ul>      |    <ul><li>Not suitable for ad-hoc and complex chains of tasks </li><li>Not ideal for documenting and sharing evidence</li></ul>     | 
 
 ## Related content
 
