Update command_and_control_socks_fortigate_endpoint.toml

Author: Samirbous

rules/cross-platform/command_and_control_socks_fortigate_endpoint.toml

@@ -17,7 +17,11 @@ index = ["logs-endpoint.events.network-default*", "logs-fortinet_fortigate.log-d
 language = "eql"
 license = "Elastic License v2"
 name = "SOCKS Traffic from an Unusual Process"
-references = ["https://attack.mitre.org/techniques/T1090/"]
+references = [
+    "https://attack.mitre.org/techniques/T1090/",
+    "https://www.elastic.co/docs/reference/integrations/fortinet_fortigate",
+    "https://www.elastic.co/docs/reference/integrations/endpoint"
+]
 risk_score = 43
 rule_id = "6926b708-7964-425f-bed8-6e006379df08"
 severity = "medium"
@@ -29,7 +33,7 @@ tags = [
     "Use Case: Threat Detection",
     "Tactic: Command and Control",
     "Data Source: Elastic Defend",
-    "Data Source: Fortigate",
+    "Data Source: Fortinet FortiGate Firewall Logs",
     "Resources: Investigation Guide",
 ]
 type = "eql"