Merge pull request #236393 from dotanpatrich/patch-15

prmerger-automator[bot] · web-flow · commit 74aff5e04439 · 2023-05-01T09:06:27.000Z
fix row split for API alerts in table
diff --git a/articles/defender-for-cloud/alerts-reference.md b/articles/defender-for-cloud/alerts-reference.md
@@ -755,8 +755,7 @@ VM_VbScriptHttpObjectAllocation| VBScript HTTP object allocation detected | High
 **(Preview) Previously unseen parameter used in an API call**<br/> (API_UnseenParam) | A single IP was observed accessing one of the API endpoints using a previously unseen or out-of-bounds parameter in the request. Based on historical traffic patterns from the last 30 days, Defender for APIs learns a set of expected parameters associated with calls to an endpoint. The alert was triggered because an IP recently accessed an endpoint using a previously unseen parameter. | Impact | Medium
 **(Preview) Access from a Tor exit node to an API endpoint**<br/> (API_AccessFromTorExitNode) | An IP address from the Tor network accessed one of your API endpoints. Tor is a network that allows people to access the Internet while keeping their real IP hidden. Though there are legitimate uses, it is frequently used by attackers to hide their identity when they target people's systems online. | Pre-attack | Medium
 **(Preview) API Endpoint access from suspicious IP**<br/> (API_AccessFromSuspiciousIP) | An IP address accessing one of your API endpoints was identified by Microsoft Threat Intelligence as having a high probability of being a threat. While observing malicious Internet traffic, this IP came up as involved in attacking other online targets.  | Pre-attack | High
-**(Preview) Suspicious User Agent detected**<br/> (API_AccessFromSuspiciousUserAgent) | 
-The user agent of a request accessing one of your API endpoints contained anomalous values indicative of an attempt at remote code execution. This does not mean that any of your API endpoints have been breached, but it does suggest that an attempted attack is underway. | Execution | Medium
+**(Preview) Suspicious User Agent detected**<br/> (API_AccessFromSuspiciousUserAgent) | The user agent of a request accessing one of your API endpoints contained anomalous values indicative of an attempt at remote code execution. This does not mean that any of your API endpoints have been breached, but it does suggest that an attempted attack is underway. | Execution | Medium
 
 ## Next steps
 
