changed files by pdets auto publish service, publishid[86a4a0a1-de3c-4ca9-9177-ad27b453e18e] and do [publish].

Author: wwlpublish

learn-pr/wwl-azure/secure-sap-microsoft-cloud/includes/3-microsoft-security-copilot-rise.md

@@ -9,7 +9,7 @@ Security Copilot capabilities can be accessed through a standalone experience an
 - Plugins from Microsoft and third-party security products are a means to extend and integrate services with Security Copilot. Plugins bring more context from event logs, alerts, incidents, and policies from both Microsoft security products and supported third-party solutions such as ServiceNow.
 - Security Copilot also has access to threat intelligence and authoritative content through plugins. Plugins can search across Microsoft Defender Threat Intelligence articles and intel profiles, Microsoft Defender XDR threat analytics reports, and vulnerability disclosure publications, among others.
 
-:::image type="content" source="../media/security-copilot-diagram.png" alt-text="Diagram showing how Security Copilot works with other products.":::
+:::image type="content" source="../media/security-copilot-diagram.png" alt-text="Diagram showing how Security Copilot works with other products." lightbox="../media/security-copilot-diagram.png":::
 
 Here's an explanation of how Security Copilot works:
 
@@ -20,10 +20,10 @@ Here's an explanation of how Security Copilot works:
 
 Security Copilot can be used with any data source that Defender XDR and Microsoft Sentinel support, including SAP RISE/ECS. Below shows the stand-alone experience.
 
-:::image type="content" source="../media/sap-rise-security-copilot.png" alt-text="Screenshot of Security Copilot experience with SAP RISE/ECS incidents.":::
+:::image type="content" source="../media/sap-rise-security-copilot.png" alt-text="Screenshot of Security Copilot experience with SAP RISE/ECS incidents." lightbox="../media/sap-rise-security-copilot.png":::
 
 In addition to that the Security Copilot experience is embedded on the Defender XDR portal. Next to an AI-generated summary, recommendations, and remediation like password reset for SAP are provided out-of-the-box. Learn more about automatic SAP attack disruption [here](/azure/sentinel/sap/deployment-attack-disrupt).
 
-:::image type="content" source="../media/sap-rise-security-copilot-defender-portal.png" alt-text="Screenshot of embedded Security Copilot experience in Defender with SAP RISE/ECS incidents.":::
+:::image type="content" source="../media/sap-rise-security-copilot-defender-portal.png" alt-text="Screenshot of embedded Security Copilot experience in Defender with SAP RISE/ECS incidents." lightbox="../media/sap-rise-security-copilot-defender-portal.png":::
 
 

learn-pr/wwl-azure/secure-sap-microsoft-cloud/includes/4-microsoft-sentinel-security-rise.md

@@ -4,12 +4,12 @@ The SAP RISE certified Microsoft Sentinel solution for SAP applications allows y
 
 The solution allows you to gain visibility to user activities on SAP RISE/ECS and the SAP business logic layers and apply Microsoft Sentinel’s built-in content.
 -	Use a single console to monitor all your enterprise estate including SAP instances in SAP RISE/ECS on Azure and other clouds, SAP Azure native, and on-premises estate.
-- Detect and automatically respond to threats: Detect suspicious activity including privilege escalation, unauthorized changes, sensitive transactions, data exfiltration and more with out-of-the-box detection capabilities.
-- Correlate SAP activity with other signals: More accurately detect SAP threats by cross-correlating across endpoints, Microsoft Entra data and more.
-- Customize based on your needs - build your own detections to monitor sensitive transactions and other business risks.
-- Visualize the data with [built-in workbooks](/azure/sentinel/sap/sap-audit-log-workbook).
+-	Detect and automatically respond to threats: Detect suspicious activity including privilege escalation, unauthorized changes, sensitive transactions, data exfiltration and more with out-of-the-box detection capabilities.
+-	Correlate SAP activity with other signals: More accurately detect SAP threats by cross-correlating across endpoints, Microsoft Entra data and more.
+-	Customize based on your needs - build your own detections to monitor sensitive transactions and other business risks.
+-	Visualize the data with [built-in workbooks](/azure/sentinel/sap/sap-audit-log-workbook).
 
-:::image type="content" source="../media/sap-rise-sentinel.png" alt-text="Diagram that shows how to connect Microsoft Sentinel with SAP RISE/ECS.":::
+:::image type="content" source="../media/sap-rise-sentinel.png" alt-text="Diagram that shows how to connect Microsoft Sentinel with SAP RISE/ECS." lightbox="../media/sap-rise-sentinel.png":::
 This diagram shows an example of Microsoft Sentinel connected through an intermediary VM or container to SAP managed SAP system. The intermediary VM or container runs in customer's own subscription with configured SAP data connector agent. Connection to SAP Business Technology Platform (BTP) uses SAP's public APIs for the Audit Log Management Service.
 
 For SAP RISE/ECS, the Microsoft Sentinel solution must be deployed in customer's Azure subscription. All parts of the Microsoft Sentinel solution are managed by customer and not by SAP. Private network connectivity from customer's vnet is needed to reach the SAP landscapes managed by SAP RISE/ECS. Typically, this connection is over the established vnet peering or through alternatives described in this document.

learn-pr/wwl-azure/secure-sap-microsoft-cloud/includes/5-sentinel-solution-sap-business-technology-platform-overview.md

@@ -6,7 +6,7 @@ The Microsoft Sentinel solution for SAP BTP monitors and protects your SAP Busin
 
 The following image illustrates how Microsoft Sentinel retrieves the complete BTP's audit log information. The Microsoft Sentinel solution for SAP BTP provides built-in analytics rules and detections for selected scenarios, which you can extend to cover more of the audit log information and events.
 
-:::image type="content" source="../media/sap-business-technology-platform-solution-overview.png" alt-text="Diagram that shows an SAP BTP landscape integrated with Microsoft Sentinel.":::
+:::image type="content" source="../media/sap-business-technology-platform-solution-overview.png" alt-text="Diagram that shows an SAP BTP landscape integrated with Microsoft Sentinel." lightbox="../media/sap-business-technology-platform-solution-overview.png":::
 
 
 ## Why it's important to monitor BTP activity

learn-pr/wwl-azure/secure-sap-microsoft-cloud/includes/6-automatic-response-sentinel-capability.md

@@ -4,7 +4,7 @@ Use prebuilt playbooks for security, orchestration, automation, and response cap
 
 For more information on Microsoft Sentinel and SOAR for SAP, see the blog series [From zero to hero security coverage with Microsoft Sentinel for your critical SAP security signals](https://blogs.sap.com/2023/05/22/from-zero-to-hero-security-coverage-with-microsoft-sentinel-for-your-critical-sap-security-signals-blog-series/).
 
-:::image type="content" source="../media/sap-rise-sentinel-adaptive-card.png" alt-text="Screenshot of using Microsoft Sentinel SOAR capability with SAP RISE/ECS.":::
+:::image type="content" source="../media/sap-rise-sentinel-adaptive-card.png" alt-text="Screenshot of using Microsoft Sentinel SOAR capability with SAP RISE/ECS." lightbox="../media/sap-rise-sentinel-adaptive-card.png":::
 
 This image shows an SAP incident detected by Microsoft Sentinel offering the option to block the suspicious user on the SAP ERP, SAP Business Technology Platform, or Microsoft Entra ID.