diff --git a/rules/cross-platform/execution_python_script_in_cmdline.toml b/rules/cross-platform/execution_python_script_in_cmdline.toml
index 525da55ce..153f7aebd 100644
--- a/rules/cross-platform/execution_python_script_in_cmdline.toml
+++ b/rules/cross-platform/execution_python_script_in_cmdline.toml
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2021/01/13"
 maturity = "development"
-updated_date = "2022/03/31"
+updated_date = "2022/08/24"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/integrations/o365/impact_microsoft_365_mass_download_by_a_single_user.toml b/rules/integrations/o365/impact_microsoft_365_mass_download_by_a_single_user.toml
index c3e5d09d6..4e4ca912f 100644
--- a/rules/integrations/o365/impact_microsoft_365_mass_download_by_a_single_user.toml
+++ b/rules/integrations/o365/impact_microsoft_365_mass_download_by_a_single_user.toml
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2021/07/15"
 maturity = "development"
-updated_date = "2021/10/13"
+updated_date = "2022/08/24"
 integration = "o365"
 
 [rule]
diff --git a/rules/integrations/o365/initial_access_microsoft_365_impossible_travel_activity.toml b/rules/integrations/o365/initial_access_microsoft_365_impossible_travel_activity.toml
index 7a1d2a093..8c65fa571 100644
--- a/rules/integrations/o365/initial_access_microsoft_365_impossible_travel_activity.toml
+++ b/rules/integrations/o365/initial_access_microsoft_365_impossible_travel_activity.toml
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2021/07/15"
 maturity = "development"
-updated_date = "2021/10/05"
+updated_date = "2022/08/24"
 integration = "o365"
 
 [rule]
diff --git a/rules/windows/defense_evasion_msbuild_beacon_sequence.toml b/rules/windows/defense_evasion_msbuild_beacon_sequence.toml
index c10dcf45a..6359cd910 100644
--- a/rules/windows/defense_evasion_msbuild_beacon_sequence.toml
+++ b/rules/windows/defense_evasion_msbuild_beacon_sequence.toml
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2020/09/02"
 maturity = "development"
-updated_date = "2022/08/17"
+updated_date = "2022/08/24"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/windows/defense_evasion_msxsl_beacon.toml b/rules/windows/defense_evasion_msxsl_beacon.toml
index f6109ebb4..26fa968a2 100644
--- a/rules/windows/defense_evasion_msxsl_beacon.toml
+++ b/rules/windows/defense_evasion_msxsl_beacon.toml
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2020/09/02"
 maturity = "development"
-updated_date = "2022/08/17"
+updated_date = "2022/08/24"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/windows/execution_downloaded_shortcut_files.toml b/rules/windows/execution_downloaded_shortcut_files.toml
index 819406f15..7409b4e05 100644
--- a/rules/windows/execution_downloaded_shortcut_files.toml
+++ b/rules/windows/execution_downloaded_shortcut_files.toml
@@ -2,7 +2,7 @@
 creation_date = "2020/09/02"
 maturity = "development"
 query_schema_validation = false
-updated_date = "2021/09/23"
+updated_date = "2022/08/24"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/windows/execution_downloaded_url_file.toml b/rules/windows/execution_downloaded_url_file.toml
index ae04debda..89ee324fc 100644
--- a/rules/windows/execution_downloaded_url_file.toml
+++ b/rules/windows/execution_downloaded_url_file.toml
@@ -2,7 +2,7 @@
 creation_date = "2020/09/02"
 maturity = "development"
 query_schema_validation = false
-updated_date = "2022/08/17"
+updated_date = "2022/08/24"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/windows/persistence_user_account_creation_event_logs.toml b/rules/windows/persistence_user_account_creation_event_logs.toml
index 96c0218b4..6dd409978 100644
--- a/rules/windows/persistence_user_account_creation_event_logs.toml
+++ b/rules/windows/persistence_user_account_creation_event_logs.toml
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2021/01/04"
 maturity = "development"
-updated_date = "2022/04/13"
+updated_date = "2022/08/24"
 
 [rule]
 author = ["Skoetting"]
diff --git a/rules/windows/privilege_escalation_uac_sdclt.toml b/rules/windows/privilege_escalation_uac_sdclt.toml
index bc9b37269..a872c120c 100644
--- a/rules/windows/privilege_escalation_uac_sdclt.toml
+++ b/rules/windows/privilege_escalation_uac_sdclt.toml
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2020/09/02"
 maturity = "development"
-updated_date = "2021/08/03"
+updated_date = "2022/08/24"
 
 [rule]
 author = ["Elastic"]
diff --git a/rules/windows/privilege_escalation_wpad_exploitation.toml b/rules/windows/privilege_escalation_wpad_exploitation.toml
index 6d1ee32d2..cdbcb473a 100644
--- a/rules/windows/privilege_escalation_wpad_exploitation.toml
+++ b/rules/windows/privilege_escalation_wpad_exploitation.toml
@@ -1,7 +1,7 @@
 [metadata]
 creation_date = "2020/09/02"
 maturity = "development"
-updated_date = "2021/10/13"
+updated_date = "2022/08/24"
 
 [rule]
 author = ["Elastic"]