diff --git a/rules/windows/builtin/win_external_device.yml b/rules/windows/builtin/win_external_device.yml
index 2ddd7bc23..927efa231 100644
--- a/rules/windows/builtin/win_external_device.yml
+++ b/rules/windows/builtin/win_external_device.yml
@@ -1,9 +1,10 @@
-title: External Disk Drive or USB Storage Device
+title: External Disk Drive Or USB Storage Device
 id: f69a87ea-955e-4fb4-adb2-bb9fd6685632
-description: Detects external diskdrives or plugged in USB devices
+description: Detects external diskdrives or plugged in USB devices , EventID 6416 on windows 10 or later
 status: experimental
 author: Keith Wright
 date: 2019/11/20
+modified: 2021/07/06
 tags:
     - attack.t1091
     - attack.t1200
@@ -16,7 +17,7 @@ detection:
     selection:
         EventID: 
             - 6416
-        DeviceClassName: 'DiskDrive'  
+        ClassName: 'DiskDrive'  
     selection2:
         DeviceDescription: 'USB Mass Storage Device'
     condition: selection or selection2