Update src/content/docs/reference-architecture/design-guides/zero-trust-for-saas.mdx

Co-authored-by: hyperlint-ai[bot] <154288675+hyperlint-ai[bot]@users.noreply.github.com>

Author: securitypedant

src/content/docs/reference-architecture/design-guides/zero-trust-for-saas.mdx

@@ -77,7 +77,7 @@ Note a section later in this document will cover how to gain visibility into, an
 
 One simple method for securing access to SaaS applications, is to only allow access from a specific set of IP addresses. This forces users to have to connect to, and have their traffic exit via a specific network and therefore ensure whatever access controls are in place on that network are applied to that traffic.
 
-Organizations that already use IP allow lists to secure access to SaaS applications can easily migrate to Cloudflare using [dedicated egress IPs](https://developers.cloudflare.com/cloudflare-one/policies/gateway/egress-policies/dedicated-egress-ips/). User traffic egresses from Cloudflare to the Internet and onto the SaaS application, sourced from a set of IP addresses unique to the organization. This approach supports various user scenarios:
+Organizations that already use IP allow lists to secure access to SaaS applications can easily migrate to Cloudflare using [dedicated egress IPs](/cloudflare-one/policies/gateway/egress-policies/dedicated-egress-ips/). User traffic egresses from Cloudflare to the Internet and onto the SaaS application, sourced from a set of IP addresses unique to the organization. This approach supports various user scenarios:
 - Hybrid employees: Connecting to Cloudflare using our Zero Trust client, [WARP](https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/).
 - Office-based users: Connecting to a local network which routes Internet bound traffic to Cloudflare through GRE or IPSec [Magic WAN tunnels](https://developers.cloudflare.com/magic-wan/).
 - Contractors and external users: Accessing SaaS applications via a [remote browser](https://developers.cloudflare.com/learning-paths/zero-trust-web-access/alternative-onramps/clientless-rbi/) hosted in a Cloudflare data center.