diff --git a/rules/linux/command_and_control_connection_attempt_by_non_ssh_root_session.toml b/rules/linux/command_and_control_connection_attempt_by_non_ssh_root_session.toml
index 0003bfc0a..e67c2cf3e 100644
--- a/rules/linux/command_and_control_connection_attempt_by_non_ssh_root_session.toml
+++ b/rules/linux/command_and_control_connection_attempt_by_non_ssh_root_session.toml
@@ -20,7 +20,7 @@ from = "now-9m"
 index = ["logs-endpoint.events.*"]
 language = "eql"
 license = "Elastic License v2"
-name = "Suspicious Outbound Network Connection Sequence by Root"
+name = "Suspicious Network Connection Attempt by Root"
 note = """## Triage and analysis
 ### Investigating Connection Attempt by Non-SSH Root Session
 Detection alerts from this rule indicate a strange or abnormal outbound connection attempt by a privileged process.  Here are some possible avenues of investigation: