Update mde-sap-custom-detection-rules.md

Author: denisebmsft

defender-endpoint/mde-sap-custom-detection-rules.md

@@ -51,7 +51,7 @@ The SAP BASIS Team and the security team should codevelop the solution. The SAP
 
 4. The SAP BASIS team briefs the security team on any "allowed" utilities, such as `BRTOOLS` (for Oracle customers), `AzCopy` (if used) or other specific utilities for printing or archiving.
 
-5. The security team works with the SAP BASIS team to query SAPXPG commands and parameters. An example query to detect or block `wget` (which can be used to download malicious payloads) is as follows:
+5. The security team works with the SAP BASIS team to query SAPXPG commands and parameters. An example query to detect `wget` (which can be used to download malicious payloads) is as follows:
 
    ```kusto
 
@@ -102,4 +102,4 @@ The SAP BASIS Team and the security team should codevelop the solution. The SAP
 
 - To learn more about advanced hunting, see [Proactively hunt for threats with advanced hunting in Microsoft Defender](/defender-xdr/advanced-hunting-overview).
 
-- To learn more about custom rules, see [Create custom detection rules](/defender-xdr/custom-detection-rules#2-create-new-rule-and-provide-alert-details).
+- To learn more about custom rules, see [Create custom detection rules](/defender-xdr/custom-detection-rules#2-create-new-rule-and-provide-alert-details).