From 90e1797619acb7efe28b69128ad5d7fb58f59ad6 Mon Sep 17 00:00:00 2001 From: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com> Date: Thu, 1 May 2025 14:22:22 +0100 Subject: [PATCH] Fix typo on Endpoint protection rules page (#6804) (cherry picked from commit 2e1f1c04f90ee81d0e0578c0542be6b4b3100c36) --- .../admin/endpoint-protection-rules.asciidoc | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/management/admin/endpoint-protection-rules.asciidoc b/docs/management/admin/endpoint-protection-rules.asciidoc index 12a125df8b..e84204d3eb 100644 --- a/docs/management/admin/endpoint-protection-rules.asciidoc +++ b/docs/management/admin/endpoint-protection-rules.asciidoc @@ -24,14 +24,14 @@ NOTE: When you install Elastic prebuilt rules, the {elastic-defend} is enabled b The following endpoint protection rules give you more granular control over how you handle the generated alerts. These rules are tailored for each of {elastic-defend}'s endpoint protection features—malware, ransomware, memory threats, and malicious behavior. Enabling these rules allows you to configure more specific actions based on the protection feature and whether the malicious activity was prevented or detected. -* Behavior - Detected - Elastic Defend -* Behavior - Prevented - Endpoint Defend -* Malicious File - Detected - Elastic Defend -* Malicious File - Prevented - Elastic Defend -* Memory Signature - Detected - Elastic Defend -* Memory Signature - Prevented - Elastic Defend -* Ransomware - Detected - Elastic Defend -* Ransomware - Prevented - Elastic Defend +* Behavior - Detected - {elastic-defend} +* Behavior - Prevented - {elastic-defend} +* Malicious File - Detected - {elastic-defend} +* Malicious File - Prevented - {elastic-defend} +* Memory Signature - Detected - {elastic-defend} +* Memory Signature - Prevented - {elastic-defend} +* Ransomware - Detected - {elastic-defend} +* Ransomware - Prevented - {elastic-defend} NOTE: If you choose to use the feature-specific protection rules, we recommend that you disable the Endpoint Security rule, as using both will result in duplicate alerts.