From 1da9d181340ad476488545e8fd5b485d1ebd7de8 Mon Sep 17 00:00:00 2001
From: andrea-youwakim <117778222+andrea-youwakim@users.noreply.github.com>
Date: Fri, 23 Jun 2023 11:34:10 -0600
Subject: [PATCH] fixing display name and runbook of rule (#831)

---
 rules/auth0_rules/auth0_post_login_action_flow.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rules/auth0_rules/auth0_post_login_action_flow.yml b/rules/auth0_rules/auth0_post_login_action_flow.yml
index 4ae296bc2..513d2939c 100644
--- a/rules/auth0_rules/auth0_post_login_action_flow.yml
+++ b/rules/auth0_rules/auth0_post_login_action_flow.yml
@@ -1,9 +1,9 @@
 AnalysisType: rule
 Description: An Auth0 User updated a post login action flow for your organization's tenant.
-DisplayName: "Auth0 MFA Risk Assessment Disabled"
+DisplayName: "Auth0 Post Login Action Flow Updated"
 Enabled: true
 Filename: auth0_post_login_action_flow.py
-Runbook: Assess if this was done by the user for a valid business reason. Be vigilant to re-enable this setting as it's in the best security interest for your organization's security posture.
+Runbook: Assess if this was done by the user for a valid business reason. Be sure to replace any steps that were removed without authorization. 
 Severity: Medium
 Tests:
     - ExpectedResult: false