From 3d3efcd3db0a75009b65dcecf71ed9688ae72f1c Mon Sep 17 00:00:00 2001
From: "uncleP@sk" <paskin.mailbox@gmail.com>
Date: Tue, 13 Oct 2020 16:24:52 +0300
Subject: [PATCH] title changed

---
 .../windows/process_creation/win_susp_use_of_sqltoolsps_bin.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/process_creation/win_susp_use_of_sqltoolsps_bin.yml b/rules/windows/process_creation/win_susp_use_of_sqltoolsps_bin.yml
index d8d56114a..01c2d5200 100644
--- a/rules/windows/process_creation/win_susp_use_of_sqltoolsps_bin.yml
+++ b/rules/windows/process_creation/win_susp_use_of_sqltoolsps_bin.yml
@@ -1,4 +1,4 @@
-title: Detection of PowerShell Execution via SQL client tools
+title: SQL Client Tools PowerShell Session Detection
 id: a746c9b8-a2fb-4ee5-a428-92bee9e99060 
 status: experimental
 description: PowerShell execution through builtin SQL Server Management Studio "SQLToolsPS.exe" binary. Microsoft PS logging like