Update README.md

Author: mjmelone

Training/TrackingTheAdversary/README.md

@@ -6,24 +6,24 @@ This webcast is designed to take you from newbie to ninja on advanced hunting in
 
 ---
 
-# Episode 1: KQL Fundamentals
+## Episode 1: KQL Fundamentals
 
 In the first episode, we will cover the basics of advanced hunting capabilities in Microsoft Threat Protection (MTP). Learn about available advanced hunting data and basic KQL syntax and operators. The best part?  No slides!
 
 ---
 
-# Episode 2: Joins
+## Episode 2: Joins
 
 In episode 2, we will continue learning about data in advanced hunting and how to join tables together. Learn about inner, outer, unique, and semi joins, as well as the nuances of the default Kusto innerunique join. Make Edgar F. Codd proud!
 
 ---
 
-# Episode 3: Summarizing, pivoting, and visualizing Data
+## Episode 3: Summarizing, pivoting, and visualizing Data
 
 Now that we’re able to filter, manipulate, and join data, it’s time to start summarizing, quantifying, pivoting, and visualizing. In this episode, we will cover the summarize operator and some of the various calculations you can perform while diving into additional tables within MTP. We will turn our datasets into charts that can help improve analysis.
 
 ---
 
-# Episode 4: Let’s hunt! Applying KQL to incident tracking
+## Episode 4: Let’s hunt! Applying KQL to incident tracking
 
 Time to track some attacker activity! In this episode, we will use our improved understanding of KQL and advanced hunting in Microsoft Threat Protection to track an attack. Learn some of the tips and tricks used in the field to track attacker activity, including the ABCs of cybersecurity and how to apply them to incident response.