From e6296147339990306444d289197dd17a29a3f7ec Mon Sep 17 00:00:00 2001
From: DulceMV <DulceMV@users.noreply.github.com>
Date: Mon, 13 Feb 2017 14:43:12 +1100
Subject: [PATCH] Update
 threat-indicator-concepts-windows-defender-advanced-threat-protection.md

---
 ...ator-concepts-windows-defender-advanced-threat-protection.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/keep-secure/threat-indicator-concepts-windows-defender-advanced-threat-protection.md b/windows/keep-secure/threat-indicator-concepts-windows-defender-advanced-threat-protection.md
index 00f784de2b..b7e0fe2900 100644
--- a/windows/keep-secure/threat-indicator-concepts-windows-defender-advanced-threat-protection.md
+++ b/windows/keep-secure/threat-indicator-concepts-windows-defender-advanced-threat-protection.md
@@ -41,7 +41,7 @@ In the context of Windows Defender ATP, alert definitions are containers for IOC
 Each IOC defines the concrete detection logic based on its type and value as well as its action, which determines how it is matched. It is bound to a specific alert definition that defines how a detection is displayed as an alert on the Windows Defender ATP console.
 
 Here is an example of an IOC:
-  - Type: SHA-1
+  - Type: Sha1
   - Value:  92cfceb39d57d914ed8b14d0e37643de0797ae56
   - Action: Equals