diff --git a/rules/windows/builtin/system/win_sliver_service_installs.yml b/rules/windows/builtin/system/win_sliver_service_installs.yml
index 6b854753e..ece311e3d 100644
--- a/rules/windows/builtin/system/win_sliver_service_installs.yml
+++ b/rules/windows/builtin/system/win_sliver_service_installs.yml
@@ -10,8 +10,6 @@ date: 2022/08/25
 tags:
     - attack.execution
     - attack.privilege_escalation
-    - attack.lateral_movement
-    - attack.t1021.002
     - attack.t1543.003
     - attack.t1569.002
 logsource:
@@ -30,4 +28,4 @@ detection:
     condition: selection_id and 1 of selection_service*
 falsepositives:
     - Unknown
-level: high
\ No newline at end of file
+level: high