diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md
index de8736b0ff..70648b8b39 100644
--- a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md
+++ b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-best-practices-windows-defender-advanced-threat-protection.md
@@ -75,7 +75,7 @@ ProcessCreationEvents
 | where ProcessCommandLine == "net stop MpsSvc"
 | limit 10
 
-// Better query - filters on filename, does case-insnsitive matches
+// Better query - filters on filename, does case-insensitive matches
 ProcessCreationEvents
 | where FileName in~ ("net.exe", "net1.exe") and ProcessCommandLine contains "stop" and ProcessCommandLine contains "MpsSvc"