Update command_and_control_suricata_elastic_defend_c2.toml

Samirbous · Samirbous · commit 3c718b566e0f · 2025-12-10T10:05:51.000Z
diff --git a/rules/cross-platform/command_and_control_suricata_elastic_defend_c2.toml b/rules/cross-platform/command_and_control_suricata_elastic_defend_c2.toml
@@ -14,7 +14,7 @@ from = "now-9m"
 index = ["logs-endpoint.events.network-*", "logs-panw.panos-*"]
 language = "eql"
 license = "Elastic License v2"
-name = "Suricata and Elastic Defend - Command and Control Correlation"
+name = "Suricata and Elastic Defend Network Correlation"
 references = [
     "https://attack.mitre.org/tactics/TA0011/",
     "https://www.elastic.co/docs/reference/integrations/panw",
@@ -49,7 +49,7 @@ sequence by source.port, source.ip, destination.ip with maxspan=1m
 '''
 note = """## Triage and analysis
 
-### Investigating Suricata and Elastic Defend - Command and Control Correlation
+### Investigating Suricata and Elastic Defend Network Correlation
 
 ### Possible investigation steps
 
