From da578a8bb0719263b412bda5ea15cbd88ef4bf4c Mon Sep 17 00:00:00 2001
From: Vasilisa-L <72190607+Vasilisa-L@users.noreply.github.com>
Date: Wed, 7 Oct 2020 12:30:57 +0300
Subject: [PATCH] Update win_susp_winrm_execution.yml

---
 rules/windows/process_creation/win_susp_winrm_execution.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/rules/windows/process_creation/win_susp_winrm_execution.yml b/rules/windows/process_creation/win_susp_winrm_execution.yml
index 7ec2eb9ca..218390dee 100644
--- a/rules/windows/process_creation/win_susp_winrm_execution.yml
+++ b/rules/windows/process_creation/win_susp_winrm_execution.yml
@@ -23,4 +23,5 @@ detection:
     condition: selection
 level: medium
 falsepositives:
-    - Legitimate use for administartive purposes. Unlikely
\ No newline at end of file
+    - Legitimate use for administartive purposes. Unlikely
+