Update sap-solution-security-content.md

Author: batamig

articles/sentinel/sap/sap-solution-security-content.md

@@ -94,7 +94,7 @@ For more information, see [Available watchlists](sap-solution-security-content.m
 | **SAP - Dialog logon attempt from a privileged user** | Identifies dialog sign-in attempts, with the **AUM** type, by privileged users in an SAP system. For more information, see the [SAPUsersGetPrivileged](sap-solution-function-reference.md#sapusersgetprivileged). | Attempt to sign in from the same IP to several systems or clients within the scheduled time interval<br><br>**Data sources**: SAPcon -  Audit Log | Impact, Lateral Movement |
 | **SAP - Brute force attacks** | Identifies brute force attacks on the SAP system using RFC logons | Attempt to sign in from the same IP to several systems/clients within the scheduled time interval using RFC<br><br>**Data sources**: SAPcon - Audit Log | Credential Access |
 | **SAP - Multiple Logons by IP** | Identifies the sign-in of several users from same IP address within a scheduled time interval.   <br><br>**Sub-use case**: [Persistency](#persistency) | Sign in using several users through the same IP address. <br><br>**Data sources**: SAPcon - Audit Log | Initial Access |
-| **SAP - Multiple Logons by User** <br>Supported only for the data connector agent. Not available with the agentless solution. | Identifies sign-ins of the same user from several terminals within scheduled time interval.  <br><br>Available only via the Audit SAL method, for SAP versions 7.5 and higher. | Sign in using the same user, using different IP addresses.   <br><br>**Data sources**: SAPcon - Audit Log | Pre-Attack, Credential Access, Initial Access, Collection <br><br>**Sub-use case**: [Persistency](#persistency) |
+| **SAP - Multiple Logons by User** <br>Supported only for the data connector agent. Not available with the [SAP agentless solution](deployment-overview.md#data-connector) (limited preview). | Identifies sign-ins of the same user from several terminals within scheduled time interval.  <br><br>Available only via the Audit SAL method, for SAP versions 7.5 and higher. | Sign in using the same user, using different IP addresses.   <br><br>**Data sources**: SAPcon - Audit Log | Pre-Attack, Credential Access, Initial Access, Collection <br><br>**Sub-use case**: [Persistency](#persistency) |
 | **SAP - Informational - Lifecycle - SAP Notes were implemented in system** | Identifies SAP Note implementation in the system. | Implement an SAP Note using SNOTE/TCI. <br><br>**Data sources**: SAPcon -  Change Requests | - |
 | **SAP - (Preview) AS JAVA - Sensitive Privileged User Signed In** | Identifies a sign-in from an unexpected network. <br><br>Maintain privileged users in the [SAP - Privileged Users](#users) watchlist. | Sign in to the backend system using privileged users. <br><br>**Data sources**: SAPJAVAFilesLog | Initial Access |
 | **SAP - (Preview) AS JAVA - Sign-In from Unexpected Network** | Identifies sign-ins from an unexpected network. <br><br>Maintain privileged users in the [SAP - Networks](#networks) watchlist. |  Sign in to the backend system from an IP address that isn't assigned to one of the networks in the SAP - Networks watchlist <br><br>**Data sources**: SAPJAVAFilesLog | Initial Access, Defense Evasion |