SAP risky configuration what's new and link

Author: limwainstein

articles/sentinel/whats-new.md

@@ -20,6 +20,7 @@ See these [important announcements](#announcements) about recent changes to feat
 ## March 2023
 
 - [Work with the Microsoft Sentinel solution for SAP® applications across multiple workspaces (Preview)](#work-with-the-microsoft-sentinel-solution-for-sap-applications-across-multiple-workspaces-preview)
+- [Protection against risky configuration of SAP security parameters]
 - [Stream log data from the Google Cloud Platform into Microsoft Sentinel (Preview)](#stream-log-data-from-the-google-cloud-platform-into-microsoft-sentinel-preview)
 - [Microsoft Defender Threat Intelligence data connector (Preview)](#microsoft-defender-threat-intelligence-data-connector-preview)
 - [Microsoft Defender Threat Intelligence solution (Preview)](#microsoft-defender-threat-intelligence-solution-preview)
@@ -29,6 +30,10 @@ See these [important announcements](#announcements) about recent changes to feat
 
 You can now [work with the Microsoft Sentinel solution for SAP® applications across multiple workspaces](sap/cross-workspace.md) in different scenarios. This feature allows improved flexibility for managed security service providers (MSSPs) or a global or federated SOC, data residency requirements, organizational hierarchy/IT design, and insufficient role-based access control (RBAC) in a single workspace. One common use case is the need for collaboration between the security operations center (SOC) and SAP teams in your organization. Read about [the scenarios that address this use case](sap/cross-workspace.md).
 
+### Protection against risky configuration of SAP security parameters
+
+To secure the SAP system, SAP has identified security-related parameters that need to be monitored for changes. With the ["Risky Configuration" analytics rule](sap/sap-solution-security-content.md#risky-configuration-of-security-parameters), the Microsoft Sentinel solution for SAP® applications tracks [over 52 security-related parameters](sap-risky-configuration-parameters.md) in the SAP system, and triggers an alert once these parameters are changed not according to the policy.  
+
 ### Stream log data from the Google Cloud Platform into Microsoft Sentinel (Preview)
 
 You can now [stream audit log data from the Google Cloud Platform (GCP) into Microsoft Sentinel](connect-google-cloud-platform.md) using the **GCP Pub/Sub Audit Logs** connector, based on our [Codeless Connector Platform](create-codeless-connector.md?tabs=deploy-via-arm-template%2Cconnect-via-the-azure-portal) (CCP). The new connector ingests logs from your GCP environment using the GCP [Pub/Sub capability](https://cloud.google.com/pubsub/docs/overview).