diff --git a/rules/cloud/azure/azure_legacy_authentication_protocols.yml b/rules/cloud/azure/azure_legacy_authentication_protocols.yml
index 0b53a8d19..b60a4d854 100644
--- a/rules/cloud/azure/azure_legacy_authentication_protocols.yml
+++ b/rules/cloud/azure/azure_legacy_authentication_protocols.yml
@@ -1,4 +1,4 @@
-title: Use of legacy authentication protocols
+title: Use of Legacy Authentication Protocols
 id: 60f6535a-760f-42a9-be3f-c9a0a025906e
 description: Alert on when legecy authentication has been used on an account
 author: Yochana Henderson, '@Yochana-H'
@@ -13,10 +13,10 @@ detection:
         - Activity Details: Sign-ins
         - Client App: Other client, IMAP, POP3, MAPI, SMTP, Exchange ActiveSync, Exchange Web Services
     condition: selection
-    level: high
 falsepositives:
     - User has been put in acception group so they can use legacy authentication
 status: experimental
+level: high
 tags:
     - attack.credential_access
     - attack.t1552