diff --git a/rules/windows/lateral_movement_dns_server_overflow.toml b/rules/windows/lateral_movement_dns_server_overflow.toml
index 87e6e186a..6762ff8d3 100644
--- a/rules/windows/lateral_movement_dns_server_overflow.toml
+++ b/rules/windows/lateral_movement_dns_server_overflow.toml
@@ -20,7 +20,7 @@ false_positives = [
 index = ["packetbeat-*", "filebeat-*"]
 language = "kuery"
 license = "Elastic License"
-name = "Abnormally Large DNS Request"
+name = "Abnormally Large DNS Response"
 note = """### Investigating Large DNS Responses
 Detection alerts from this rule indicate an attempt was made to exploit CVE-2020-1350 (SigRed) through the use of large DNS responses on a Windows DNS server. Here are some possible avenues of investigation:
 - Investigate any corresponding Intrusion Detection Signatures (IDS) alerts that can validate this detection alert.