Update internal_horizontal_port_scan_nmap_top_20.yml

Chatted with detection author about this update.
Changed risk_object from dest_zone to dest_ports to be more in line with other horizontal scanning detection AND give more meaningful risk object (dest_zone is less meaningful, even if populated)

Author: pyth0n1c

detections/network/internal_horizontal_port_scan_nmap_top_20.yml

@@ -52,7 +52,7 @@ rba:
   message: $src_ip$ has scanned for ports $dest_ports$ across $totalDestIPCount$ destination
     IPs
   risk_objects:
-  - field: dest_zone
+  - field: dest_ports
     type: system
     score: 72
   threat_objects: