Description updation across multiple rules (#1893)

Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>

rules/linux/execution_ssh_binary.toml

@@ -1,14 +1,15 @@
 [metadata]
 creation_date = "2022/03/10"
 maturity = "production"
-updated_date = "2022/03/17"
+updated_date = "2022/03/28"
 
 [rule]
 author = ["Elastic"]
 description = """
-Identifies Linux binary ssh abuse to break out from restricted environments by spawning an interactive system shell.This
-activity is not standard use with this binary for a user or system administrator and could potentially indicate
-malicious actor attempting to improve the capabilities or stability of their access.
+Identifies Linux binary ssh abuse to break out from restricted environments by spawning an interactive system shell.The
+ssh is a network protocol that gives users,particularly system administrators a secure way to access a computer over a
+network and the activity of spawning shell is not a standard use of this binary for a user or system administrator.It
+indicates a potentially malicious actor attempting to improve the capabilities or stability of their access.
 """
 from = "now-9m"
 index = ["logs-endpoint.events.*"]