From 9e5a0a903c99cd8f5880a2f3ee23e2d44b57f59b Mon Sep 17 00:00:00 2001
From: Kamran Saifullah - Frog Man <16836050+deFr0ggy@users.noreply.github.com>
Date: Mon, 20 Nov 2023 01:45:58 -0800
Subject: [PATCH] Added

---
 .../net_connection_win_devtunnel_data_exfil.yml                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/network_connection/net_connection_win_devtunnel_data_exfil.yml b/rules/windows/network_connection/net_connection_win_devtunnel_data_exfil.yml
index bfa5621e834..17f1411ada9 100644
--- a/rules/windows/network_connection/net_connection_win_devtunnel_data_exfil.yml
+++ b/rules/windows/network_connection/net_connection_win_devtunnel_data_exfil.yml
@@ -25,5 +25,5 @@ detection:
             - '.rel.tunnels.api.visualstudio.com'
     condition: selection
 falsepositives:
-    - Legitimate use of ngrok domains
+    - Legitimate use of DevTunnels/Forwarded Ports domains
 level: high
\ No newline at end of file