Update ATPDocs/unmonitored-entra-connect-servers.md

Co-authored-by: Elazar Krieger <[email protected]>

Author: DeCohen

ATPDocs/unmonitored-entra-connect-servers.md

@@ -20,7 +20,7 @@ Unmonitored Microsoft Entra Connect servers (formerly Azure AD Connect) represen
 
 If an attacker compromises a Microsoft Entra Connect server, they can inject shadow admins, manipulate group memberships, or sync malicious changes into the cloud—all without triggering traditional alerts.
 
-Because these servers operate at the intersection of on-premises and cloud identity, they're a prime target for privilege escalation and stealthy persistence. Without monitoring, such attacks can go undetected. Deploying Microsoft Defender for Identity version 2.0 sensors on Microsoft Entra Connect servers is critical. This helps detect suspicious activity in real time, protect the integrity of your hybrid identity bridge, and prevent full-domain compromise from a single point of failure.
+These servers operate at the intersection of on-premises and cloud identity, making them a prime target for privilege escalation and stealthy persistence. Without monitoring, such attacks can go undetected. Deploying Microsoft Defender for Identity version 2.0 sensors on Microsoft Entra Connect servers is critical. These sensors help detect suspicious activity in real time, protect the integrity of your hybrid identity bridge, and prevent full-domain compromise from a single point of failure.
 
 > [!NOTE]
 > This security assessment is only available if Microsoft Defender for Endpoint has detected eligible Microsoft Entra Connect servers in the environment.