diff --git a/rules-threat-hunting/windows/process_creation/proc_creation_win_winscp_susp_cli.yml b/rules-threat-hunting/windows/process_creation/proc_creation_win_winscp_susp_cli.yml
index d762074d3eb..4bc740598b7 100644
--- a/rules-threat-hunting/windows/process_creation/proc_creation_win_winscp_susp_cli.yml
+++ b/rules-threat-hunting/windows/process_creation/proc_creation_win_winscp_susp_cli.yml
@@ -19,9 +19,9 @@ detection:
         - OriginalFileName: 'winscp.exe'
     selection_cmd:
         CommandLine|contains|windash: '-command'
-        CommandLine|contains|all: 
+        CommandLine|contains|all:
             - 'open '
-            - 'ftp://' #cover ftp and sftp
+            - 'ftp://' # cover ftp and sftp
     condition: all of selection_*
 falsepositives:
     - Unknown