diff --git a/detections/application/windows_ad_self_dacl_assignment.yml b/detections/application/windows_ad_self_dacl_assignment.yml
index 803e5f1960..42e89868ff 100644
--- a/detections/application/windows_ad_self_dacl_assignment.yml
+++ b/detections/application/windows_ad_self_dacl_assignment.yml
@@ -36,7 +36,7 @@ how_to_implement: Ensure you are ingesting AD audit logs, see lantern doc in ref
 known_false_positives: Unknown
 references:
 - https://lantern.splunk.com/Security/Product_Tips/Enterprise_Security/Enabling_an_audit_trail_from_Active_Directory
- tags:
+tags:
   analytic_story:
     - Sneaky Active Directory Persistence Tricks
   asset_type: Endpoint