diff --git a/rules/windows/sysmon/sysmon_susp_cmd_http_appdata.yml b/rules/windows/sysmon/sysmon_susp_cmd_http_appdata.yml
index 02372bcb..ca528325 100644
--- a/rules/windows/sysmon/sysmon_susp_cmd_http_appdata.yml
+++ b/rules/windows/sysmon/sysmon_susp_cmd_http_appdata.yml
@@ -1,4 +1,4 @@
-title: Command Line Executaion with suspicious URL and AppData Strings
+title: Command Line Execution with suspicious URL and AppData Strings
 status: experimental
 description: Detects a suspicious command line execution that includes an URL and AppData string in the command line parameters as used by several droppers (js/vbs > powershell)
 reference: