Merge PR #5022 from @jaegeral - Fix some typos in rules metadata

chore: fix some typos in the title and description of some rules
SigmaHQ · Sep 22, 2024 · 9db7e07 · 9db7e07
1 parent 23c4c0b
commit 9db7e07
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/rules/windows/builtin/security/win_security_windows_defender_exclusions_write_access.yml b/rules/windows/builtin/security/win_security_windows_defender_exclusions_write_access.yml
@@ -1,4 +1,4 @@
-title: Windows Defender Exclusion Reigstry Key - Write Access Requested
+title: Windows Defender Exclusion Registry Key - Write Access Requested
 id: e9c8808f-4cfb-4ba9-97d4-e5f3beaa244d
 related:
     - id: 46a68649-f218-4f86-aea1-16a759d81820

diff --git a/rules/windows/builtin/windefend/win_defender_real_time_protection_disabled.yml b/rules/windows/builtin/windefend/win_defender_real_time_protection_disabled.yml
@@ -5,7 +5,7 @@ related:
       type: obsolete
 status: stable
 description: |
-    Detects disabling of Windows Defender Real-time Protection. As this event doesn't contain a lot of information on who initaited this action you might want to reduce it to a "medium" level if this occurs too many times in your environment
+    Detects disabling of Windows Defender Real-time Protection. As this event doesn't contain a lot of information on who initiated this action you might want to reduce it to a "medium" level if this occurs too many times in your environment
 references:
     - https://learn.microsoft.com/en-us/defender-endpoint/troubleshoot-microsoft-defender-antivirus?view=o365-worldwide#event-id-5001
     - https://github.com/redcanaryco/atomic-red-team/blob/f339e7da7d05f6057fdfcdd3742bfcf365fee2a9/atomics/T1562.001/T1562.001.md

diff --git a/rules/windows/powershell/powershell_classic/posh_pc_renamed_powershell.yml b/rules/windows/powershell/powershell_classic/posh_pc_renamed_powershell.yml
@@ -16,7 +16,7 @@ logsource:
 detection:
     selection:
         Data|contains: 'HostName=ConsoleHost'
-    # Note: Powershell Logging Data is localized. Meaning that "HostApplication" field will be translated to a different field on a non english layout. This rule doesn't take this into account due to the sheer ammount of possibilities. It's up to the user to add these cases.
+    # Note: Powershell Logging Data is localized. Meaning that "HostApplication" field will be translated to a different field on a non english layout. This rule doesn't take this into account due to the sheer amount of possibilities. It's up to the user to add these cases.
     filter_main_ps:
         Data|contains:
             - 'HostApplication=powershell'