formatting

Author: claudiacodacy

docs/organizations/managing-security-and-risk.md

@@ -607,6 +607,7 @@ API targets optionally support **header-based authentication**. As you create a
 Our DAST API scanner performs active security testing by sending a large number of requests to your application. When using authenticated API scanning, this activity can be even more intensive, as ZAP explores and probes more of your API surface.
 
 Depending on how your target environment is configured, this may:
+
 - Trigger rate limiting or throttling
 - Appear as a high volume of traffic, similar to a load test
 - Lead to incomplete scan results if key endpoints are blocked or limited