From 2aaaeed7c3bcb0db1dbaf33c56071af7149c76e3 Mon Sep 17 00:00:00 2001
From: frack113 <62423083+frack113@users.noreply.github.com>
Date: Fri, 1 Jul 2022 14:32:09 +0200
Subject: [PATCH] Update azure_legacy_authentication_protocols.yml

---
 rules/cloud/azure/azure_legacy_authentication_protocols.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/cloud/azure/azure_legacy_authentication_protocols.yml b/rules/cloud/azure/azure_legacy_authentication_protocols.yml
index 0b53a8d19..b60a4d854 100644
--- a/rules/cloud/azure/azure_legacy_authentication_protocols.yml
+++ b/rules/cloud/azure/azure_legacy_authentication_protocols.yml
@@ -1,4 +1,4 @@
-title: Use of legacy authentication protocols
+title: Use of Legacy Authentication Protocols
 id: 60f6535a-760f-42a9-be3f-c9a0a025906e
 description: Alert on when legecy authentication has been used on an account
 author: Yochana Henderson, '@Yochana-H'
@@ -13,10 +13,10 @@ detection:
         - Activity Details: Sign-ins
         - Client App: Other client, IMAP, POP3, MAPI, SMTP, Exchange ActiveSync, Exchange Web Services
     condition: selection
-    level: high
 falsepositives:
     - User has been put in acception group so they can use legacy authentication
 status: experimental
+level: high
 tags:
     - attack.credential_access
     - attack.t1552