Update mde-sap-custom-detection-rules.md

denisebmsft · denisebmsft · commit 06fddfadb85d · 2025-05-19T15:56:47.000-07:00
diff --git a/defender-endpoint/mde-sap-custom-detection-rules.md b/defender-endpoint/mde-sap-custom-detection-rules.md
@@ -78,7 +78,7 @@ The SAP BASIS Team and the Security team should codevelop the solution. The SAP
 
    ```
 
-6. The security team creates a rule to detect suspicious commands, specifying the action "Restrict app execution." Suspicious commands could include: 
+6. The security team creates a rule to detect suspicious commands, specifying the action, `Restrict app execution`. Suspicious commands could include: 
 
    - `ncat`
    - `netcat`
