Update PulseConnectSecureVPN-PasswordSpray.yaml

Updating the name and description of the query.
2020-09-17 11:30:07 -07:00 · 2020-09-17 11:30:07 -07:00 · 62d305b6cd
--- a/Detections/PulseConnectSecure/PulseConnectSecureVPN-PasswordSpray.yaml
+++ b/Detections/PulseConnectSecure/PulseConnectSecureVPN-PasswordSpray.yaml
@ -1,8 +1,7 @@
 id: 1fa1528e-f746-4794-8a41-14827f4cb798
-name: PulseConnectSecure - Potential Password Spray Attempts
+name: PulseConnectSecure - Large Number of Distinct Failed User Logins
 description: |
-  'This query identifies evidence of potential password spray activity against the Pulse Secure VPN server, 
-   by looking for failures from multiple accounts, originating from the same host within a time window'
+  'This query identifies evidence of failed login attempts from a large number of distinct users on a Pulse Connect Secure VPN server'
 severity: Medium
 requiredDataConnectors:
  - connectorId: PulseConnectSecure