diff --git a/atomics/T1552.004/T1552.004.yaml b/atomics/T1552.004/T1552.004.yaml
index 91df1ceb..8e5dab70 100644
--- a/atomics/T1552.004/T1552.004.yaml
+++ b/atomics/T1552.004/T1552.004.yaml
@@ -32,7 +32,6 @@ atomic_tests:
   executor:
     command: |
       find #{search_path} -name id_rsa >> #{output_file}
-      find #{search_path} -name id_dsa >> #{output_file}
     cleanup_command: |
       rm #{output_file}
     name: sh
@@ -55,7 +54,6 @@ atomic_tests:
     command: |
       mkdir #{output_folder}
       find #{search_path} -name id_rsa -exec cp --parents {} #{output_folder} \;
-      find #{search_path} -name id_dsa -exec cp --parents {} #{output_folder} \;
     cleanup_command: |
       rm #{output_folder}
     name: sh
@@ -79,8 +77,29 @@ atomic_tests:
     command: |
       mkdir #{output_folder}
       find #{search_path} -name id_rsa -exec rsync -R {} #{output_folder} \;
-      find #{search_path} -name id_dsa -exec rsync -R {} #{output_folder} \;
     cleanup_command: |
       rm -rf #{output_folder}
     name: sh
-    
\ No newline at end of file
+- name: Copy the users GnuPG directory with rsync
+  auto_generated_guid: 
+  description: |
+    Copy the users GnuPG (.gnupg) directory on a Mac or Linux system to a staging folder using the `rsync` command.
+  supported_platforms:
+  - macos
+  - linux
+  input_arguments:
+    search_path:
+      description: Path where to start searching from
+      type: path
+      default: ~/
+    output_folder:
+      description: Output folder containing a copy of the .gnupg directory
+      type: path
+      default: /tmp/GnuPG
+  executor:
+    command: |
+      mkdir #{output_folder}
+      find #{search_path} -type d -name '.gnupg' -exec rsync -R {} #{output_folder} \;
+    cleanup_command: |
+      rm -rf #{output_folder}
+    name: sh