Update articles/sentinel/iot-advanced-threat-monitoring.md

Co-authored-by: Batami Gold <[email protected]>

Author: yoninalmsft

articles/sentinel/iot-advanced-threat-monitoring.md

@@ -78,7 +78,10 @@ The following table describes the out-of-the-box analytics rules provided in the
 | **Unauthorized remote access to the network**    | Unauthorized remote access to the network can compromise the target device. <br><br> This means that if another device on the network is compromised, the target devices can be accessed remotely, increasing the attack surface.         |
 | **No traffic on Sensor Detected**    | A sensor that no longer detects network traffic indicates that the system may be insecure.         |
 
-### Alternate options for triggering incidents from Defender for IoT data
+    > [!TIP]
+    > You can also manually create and manage analytics rules in the Microsoft Sentinel **Analytics > Active rules** page. For example, you might use this option to use the out-of-the box analytics rules as templates for customized rules, or to configure analytics rules for scenarios not yet covered by the solution. 
+    >
+    > For more information, see [Detect threats out-of-the-box](detect-threats-built-in.md).
 
 The following alternative options are available for you to ensure that incidents are triggered for Defender for IoT data in Microsoft Sentinel: