Fix markdown formatting issues

Author: padmagit77

ATADocs/whats-new-version-1.7.md

@@ -41,41 +41,41 @@ The update to ATA 1.7 provides improvements in the following areas:
 ### New & updated detections
 
 
-- **Reconnaissance using Directory Services Enumeration**
+- **Reconnaissance using Directory Services Enumeration**: 
 As part of the reconnaissance phase, attackers gather information about the entities in the network using different methods. Directory services enumeration using the SAM-R protocol enables attackers to obtain the list of users and groups in a domain and understand the interaction between the different entities. 
 
-- **Pass-the-Hash Enhancements**
+- **Pass-the-Hash Enhancements**: 
 To enhance Pass-the-Hash detection, we added additional behavioral models for the authentication patterns of entities. These models enable ATA to correlate entity behavior with suspicious NTLM authentications, and differentiate real Pass-the-Hash attacks from the behavior of false positive scenarios.
 
-- **Pass-the-Ticket Enhancements**
+- **Pass-the-Ticket Enhancements**:
 To successfully detect advanced attacks in general and Pass-the-Ticket in particular, the correlation between an IP address and the computer account must be accurate. This is a challenge in environments where IP addresses change rapidly by design (for example Wi-Fi networks and multiple virtual machines sharing the same host). To overcome this challenge and improve the accuracy of the Pass-the-Ticket detection, ATA’s Network Name Resolution (NNR) mechanism was improved significantly to reduce false-positives.
 
-- **Abnormal Behavior Enhancements**
+- **Abnormal Behavior Enhancements**:
 In ATA 1.7, NTLM authentication data was added as a data source for the abnormal behavior detections, providing the algorithms with broader coverage of entity behavior in the network. 
 
-- **Unusual Protocol Implementation Enhancements**
+- **Unusual Protocol Implementation Enhancements**:
 ATA now detects unusual protocol implementation in the Kerberos protocol, along with additional anomalies in the NTLM protocol. Specifically, these new anomalies for Kerberos are commonly used in Over-pass-the-Hash attacks.
 
 
 ### Infrastructure
 
-- **Role based access control**
+- **Role based access control**:
 Role-Based Access Control (RBAC) capability. ATA 1.7 includes three roles: ATA Administrator, ATA Analyst and ATA Executive.
 
-- **Support for Windows Server 2016 and Windows Server Core**
+- **Support for Windows Server 2016 and Windows Server Core**:
 ATA 1.7 supports the deployment of Lightweight Gateways on domain controllers running Windows Server 2008 R2 SP1 (not including Server Core), Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 (including Core but not Nano). Additionally, this release supports Windows Server 2016 both for the ATA Center and ATA Gateway components.
 
 ### User Experience
-- **Configuration Experience**
+- **Configuration Experience**:
 In this release, the ATA configuration experience was redesigned for a better user experience and to better support of environments with multiple ATA Gateways. This release also introduces the ATA Gateway update page for simpler, better management of automatic updates for the various Gateways.
 
 ## Known issues
 The following known issues exist in this version.
 
 ### Gateway automatic update may fail
-**Symptoms:** In environments with slow WAN links, the ATA Gateway update may reach the timeout for the update (100 seconds) and fail to complete successfully.
+**Symptoms**: In environments with slow WAN links, the ATA Gateway update may reach the timeout for the update (100 seconds) and fail to complete successfully.
 In the ATA Console, the ATA Gateway will have the status of "Updating (downloading package)" for a long amount of time and it eventually fails.
-**Workaround:** To work around this issue, download the latest ATA Gateway package from the ATA Console, and update the ATA Gateway manually.
+**Workaround**: To work around this issue, download the latest ATA Gateway package from the ATA Console, and update the ATA Gateway manually.
 
 > [!IMPORTANT]
 >  Automatic certificate renewal for the certificates used by ATA is not supported. The use of these certificates may cause ATA to stop functioning when the certificate is automatically renewed. 
@@ -120,8 +120,8 @@ When trying to export suspicious activity details to an Excel file, the operatio
 *Error [BsonClassMapSerializer`1] System.FormatException: An error occurred while deserializing the Activity property of class Microsoft.Tri.Common.Data.NetworkActivities.SuspiciousActivityActivity: Element 'ResourceIdentifier' does not match any field or property of class Microsoft.Tri.Common.Data.EventActivities.NtlmEvent. ---> System.FormatException: Element 'ResourceIdentifier' does not match any field or property of class Microsoft.Tri.Common.Data.EventActivities.NtlmEvent.*
 
 To resolve this issue, from an elevated command prompt, browse to the following location: **%ProgramFiles%\Microsoft Advanced Threat Analytics\Center\MongoDB\bin** and run the following commands:
-1. `Mongo.exe ATA` (ATA must be capitalized)
-2. `db.SuspiciousActivityActivity.update({ "Activity._t": "NtlmEvent" },{$unset: {"Activity.ResourceIdentifier": ""}}, {multi: true});`
+- `Mongo.exe ATA` (ATA must be capitalized)
+- `db.SuspiciousActivityActivity.update({ "Activity._t": "NtlmEvent" },{$unset: {"Activity.ResourceIdentifier": ""}}, {multi: true});`
 
 ## Minor changes