diff --git a/windows/builtin/susp_eventlog_cleared.yml b/windows/builtin/susp_eventlog_cleared.yml
index 42c65e1f9..6be4f95a8 100644
--- a/windows/builtin/susp_eventlog_cleared.yml
+++ b/windows/builtin/susp_eventlog_cleared.yml
@@ -1,5 +1,5 @@
 description: Eventlog Cleared
-comment: Some threat groups tend to delete the local 'Security'' Eventlog using certain utitlities
+comment: Some threat groups tend to delete the local 'Security' Eventlog using certain utitlities
 detection:
     selection:
         - EventLog: Security
@@ -10,4 +10,4 @@ detection:
 falsepositives:
     - Rollout of log collection agents (the setup routine often includes a reset of the local Eventlog)
     - System provisioning (system reset before the golden image creation)
-level: 70
\ No newline at end of file
+level: 70