Merge pull request #267916 from yelevin/patch-3

URL detonation - screenshot feature was disabled. #115122

Author: Stacyrch140

articles/sentinel/investigate-with-ueba.md

@@ -112,7 +112,7 @@ The **IdentityInfo** table synchronizes with your Microsoft Entra workspace to c
 
 ## Identify password spray and spear phishing attempts
 
-Without multi-factor authentication (MFA) enabled, user credentials are vulnerable to attackers looking to compromise attacks with [password spraying](https://www.microsoft.com/security/blog/2020/04/23/protecting-organization-password-spray-attacks/) or [spear phishing](https://www.microsoft.com/security/blog/2019/12/02/spear-phishing-campaigns-sharper-than-you-think/) attempts.
+Without multifactor authentication (MFA) enabled, user credentials are vulnerable to attackers looking to compromise attacks with [password spraying](https://www.microsoft.com/security/blog/2020/04/23/protecting-organization-password-spray-attacks/) or [spear phishing](https://www.microsoft.com/security/blog/2019/12/02/spear-phishing-campaigns-sharper-than-you-think/) attempts.
 
 ### Investigate a password spray incident with UEBA insights
 
@@ -140,7 +140,6 @@ The Investigation graph includes a node for the detonated URL, as well as the fo
 
 - **DetonationVerdict**. The high-level, Boolean determination from detonation. For example, **Bad** means that the side was classified as hosting malware or phishing content.
 - **DetonationFinalURL**. The final, observed landing page URL, after all redirects from the original URL.
-- **DetonationScreenshot**. A screenshot of what the page looked like at the time that the alert was triggered. Select the screenshot to enlarge.
 
 For example: