diff --git a/rules/windows/defense_evasion_potential_processherpaderping.toml b/rules/_deprecated/defense_evasion_potential_processherpaderping.toml
similarity index 87%
rename from rules/windows/defense_evasion_potential_processherpaderping.toml
rename to rules/_deprecated/defense_evasion_potential_processherpaderping.toml
index 025a5e6de..d65e12257 100644
--- a/rules/windows/defense_evasion_potential_processherpaderping.toml
+++ b/rules/_deprecated/defense_evasion_potential_processherpaderping.toml
@@ -1,10 +1,11 @@
 [metadata]
 creation_date = "2020/10/27"
+deprecation_date = "2023/12/15"
 integration = ["endpoint", "windows"]
-maturity = "production"
+maturity = "deprecated"
 min_stack_comments = "New fields added: required_fields, related_integrations, setup"
 min_stack_version = "8.3.0"
-updated_date = "2023/06/22"
+updated_date = "2023/12/15"
 
 [rule]
 author = ["Elastic"]
@@ -21,7 +22,13 @@ references = ["https://github.com/jxy-s/herpaderping"]
 risk_score = 73
 rule_id = "ccc55af4-9882-4c67-87b4-449a7ae8079c"
 severity = "high"
-tags = ["Domain: Endpoint", "OS: Windows", "Use Case: Threat Detection", "Tactic: Defense Evasion", "Data Source: Elastic Defend"]
+tags = [
+    "Domain: Endpoint",
+    "OS: Windows",
+    "Use Case: Threat Detection",
+    "Tactic: Defense Evasion",
+    "Data Source: Elastic Defend",
+]
 type = "eql"
 
 query = '''