diff --git a/rules/windows/powershell/powershell_script/powershell_ps_directoryservices_accountmanagement.yml b/rules/windows/powershell/powershell_script/powershell_ps_directoryservices_accountmanagement.yml
index 8e9a65b61..6d4f23a3b 100644
--- a/rules/windows/powershell/powershell_script/powershell_ps_directoryservices_accountmanagement.yml
+++ b/rules/windows/powershell/powershell_script/powershell_ps_directoryservices_accountmanagement.yml
@@ -18,7 +18,7 @@ detection:
     condition: selection
 falsepositives:
     - legitimate administrative script
-level: high
+level: medium
 tags:
     - attack.persistence
-    - attack.t1136.002
\ No newline at end of file
+    - attack.t1136.002