Update security-incident-update.md

JarbasHorst · web-flow · commit d093e3d11876 · 2024-12-06T21:23:29.000+01:00
diff --git a/api-reference/v1.0/api/security-incident-update.md b/api-reference/v1.0/api/security-incident-update.md
@@ -44,19 +44,19 @@ PATCH /security/incidents/{incidentId}
 
 |Property|Type|Description|
 |:---|:---|:---|
-|assignedTo|String|Owner of the incident, or null if no owner is assigned. Free editable text.|
+|assignedTo|String|Owner of the incident, or `null` if no owner is assigned. Free editable text.|
 |classification|microsoft.graph.security.alertClassification|The specification for the incident. Possible values are: `unknown`, `falsePositive`, `truePositive`, `informationalExpectedActivity`, `unknownFutureValue`.|
 |customTags|String collection|Array of custom tags associated with an incident.|
+|description|String|Description of the incident.|
 |determination|microsoft.graph.security.alertDetermination|Specifies the determination of the incident. Possible values are: `unknown`, `apt`, `malware`, `securityPersonnel`, `securityTesting`, `unwantedSoftware`, `other`, `multiStagedAttack`, `compromisedAccount`, `phishing`, `maliciousUserActivity`, `notMalicious`, `notEnoughDataToValidate`, `confirmedUserActivity`, `lineOfBusinessApplication`, `unknownFutureValue`.|
+|displayName|String|The incident name.|
+|severity|microsoft.graph.security.alertSeverity|Indicates the possible impact on assets. The higher the severity, the bigger the impact. Typically, higher severity items require the most immediate attention. Possible values are: `unknown`, `informational`, `low`, `medium`, `high`, `unknownFutureValue`.|
 |status|microsoft.graph.security.incidentStatus|The status of the incident. Possible values are: `active`, `resolved`, `redirected`, `unknownFutureValue`.|
 |summary|String|The overview of an attack. When applicable, the summary contains details of what occurred, impacted assets, and the type of attack.|
-|displayName|String|The incident name.|
-|description|String|Description of the incident.|
-|severity|microsoft.graph.security.alertSeverity|	Indicates the possible impact on assets. The higher the severity, the bigger the impact. Typically higher severity items require the most immediate attention. Possible values are: `unknown`, `informational`, `low`, `medium`, `high`, `unknownFutureValue`.|
 
 ## Response
 
-If successful, this method returns a `200 OK` response code and an updated [incident](../resources/security-incident.md) object in the response body.
+If successful, this method returns a `200 OK` response code and an updated [microsoft.graph.security.incident](../resources/security-incident.md) object in the response body.
 
 ## Examples
 
