Apply suggestions from code review

Co-authored-by: Amee Lepcha <[email protected]>

Author: himanshu219

docs/integrations/pci-compliance/opentelemetry/linux-opentelemetry.md

@@ -233,4 +233,4 @@ import CreateMonitors from '../../../reuse/apps/create-monitors.md';
 |:--|:--|:--|:--|
 | `PCI Linux - Excessive Failed Authentication` | This alert is triggered when multiple failed login attempts are detected over a 5-minute period, indicating potential brute force attempts and addressing PCI Requirement 10.2.4 for invalid logical access attempts. | Count > 5 | Count <= 5 |
 | `PCI Linux - Privileged User Account Changes` | This alert is triggered when privileged user accounts (UID < 1000 or root accounts) are created, deleted, or modified, addressing PCI Requirement 10.2.5 for changes to identification and authentication mechanisms. | Count > 0 | Count <= 0 |
-| `PCI Linux - Unauthorized Sudo Elevation` | This alert is triggered when unauthorized users attempt to use sudo, addressing PCI Requirement 7.2 for implementing an access control system for system components with multiple users. | Count > 2 | Count <= 2 |
+| `PCI Linux - Unauthorized Sudo Elevation` | This alert is triggered when unauthorized users attempt to use sudo, which addresses PCI Requirement 7.2 for implementing an access control system among system components with multiple users. | Count > 2 | Count <= 2 |

docs/integrations/pci-compliance/opentelemetry/windows-json-opentelemetry.md

@@ -275,8 +275,8 @@ import CreateMonitors from '../../../reuse/apps/create-monitors.md';
 
 | Name | Description | Alert Condition | Recover Condition |
 |:--|:--|:--|:--|
-| `Windows PCI - Critical Policy Changes` | This alert is triggered when modifications to security policies or audit policies are detected, indicating potential changes to the system's security posture. It supports PCI DSS Requirements 10.2.2 (Track changes to system-level objects) and 10.2.5.b (Track use of identification and authentication mechanisms). | Count >= 1 | Count < 1 |
+| `Windows PCI - Critical Policy Changes` | This alert is triggered when modifications to security policies or audit policies are detected, indicating potential changes to the system's security posture. It supports PCI DSS Requirements 10.2.2 (track changes to system-level objects) and 10.2.5.b (track use of identification and authentication mechanisms). | Count >= 1 | Count < 1 |
 | `Windows PCI - Excessive Failed Login Attempts` | This alert is triggered when authentication failures across Windows environments are detected and analyzed, examining mechanisms like local Windows authentication, Kerberos, and network logons. It correlates failure patterns with specific error codes to identify potential security threats such as password guessing, account enumeration, or attempts to access disabled accounts. This helps security teams differentiate between benign issues and malicious activities. | Count >= 5 | Count < 5 |
-| `Windows PCI - Failed Windows Updates` | This alert is triggered when Windows Update failures are detected, which could leave systems vulnerable to known exploits. It aligns with PCI DSS Requirement 6.2 for installing critical security patches within one month of release. | Count >= 3 | Count < 3 |
-| `Windows PCI - Security Audit Log Tampering` | This alert is triggered when attempts to clear or tamper with Windows security audit logs are detected, indicating potential attempts to hide malicious activities. It supports PCI DSS Requirements 10.2 (Implement automated audit trails) and 10.3 (Record audit trail entries). | Count >= 1 | Count < 1 |
+| `Windows PCI - Failed Windows Updates` | This alert is triggered when Windows update failures are detected, which could leave systems vulnerable to known exploits. It aligns with PCI DSS Requirement 6.2 for installing critical security patches within one month of release. | Count >= 3 | Count < 3 |
+| `Windows PCI - Security Audit Log Tampering` | This alert is triggered when attempts to clear or tamper with Windows security audit logs are detected, indicating potential attempts to hide malicious activities. It supports PCI DSS Requirements 10.2 (implement automated audit trails) and 10.3 (record audit trail entries). | Count >= 1 | Count < 1 |
 | `Windows PCI - User Account State Change` | This alert is triggered when critical user account state changes are detected, including account creation, deletion, enablement, and disablement, to comply with PCI DSS Requirement 8.1.3 for immediately revoking access for terminated users. | Count >= 1 | Count < 1 |