elastic
diff --git a/‎html/branches.yaml
+2-2 b/‎html/branches.yaml
+2-2
diff --git a/‎html/en/security/8.13/a-scheduled-task-was-updated.html
+3-3 b/‎html/en/security/8.13/a-scheduled-task-was-updated.html
+3-3
diff --git a/‎html/en/security/8.13/abnormal-process-id-or-lock-file-created.html
+3-3 b/‎html/en/security/8.13/abnormal-process-id-or-lock-file-created.html
+3-3
diff --git a/‎html/en/security/8.13/abnormally-large-dns-response.html
+2-2 b/‎html/en/security/8.13/abnormally-large-dns-response.html
+2-2
diff --git a/‎html/en/security/8.13/accepted-default-telnet-port-connection.html
+1-1 b/‎html/en/security/8.13/accepted-default-telnet-port-connection.html
+1-1
diff --git a/‎html/en/security/8.13/access-of-stored-browser-credentials.html
+2-2 b/‎html/en/security/8.13/access-of-stored-browser-credentials.html
+2-2
diff --git a/‎html/en/security/8.13/access-to-a-sensitive-ldap-attribute.html
+2-2 b/‎html/en/security/8.13/access-to-a-sensitive-ldap-attribute.html
+2-2
diff --git a/‎html/en/security/8.13/access-to-keychain-credentials-directories.html
+2-2 b/‎html/en/security/8.13/access-to-keychain-credentials-directories.html
+2-2
diff --git a/‎html/en/security/8.13/accessing-outlook-data-files.html
+1-1 b/‎html/en/security/8.13/accessing-outlook-data-files.html
+1-1
diff --git a/‎html/en/security/8.13/account-configured-with-never-expiring-password.html
+2-2 b/‎html/en/security/8.13/account-configured-with-never-expiring-password.html
+2-2
diff --git a/‎html/en/security/8.13/account-discovery-command-via-system-account.html
+3-3 b/‎html/en/security/8.13/account-discovery-command-via-system-account.html
+3-3
@@ -7743,7 +7743,7 @@ kibana:
   link-check-kibana/packages/kbn-doc-links/src/get_doc_links.ts/8.7: 1ef406535eec5cf8d8e5daa13078fd8088981129
   link-check-kibana/packages/kbn-doc-links/src/get_doc_links.ts/8.8: d6e2f1a2f7ea63982d037a589c930db77b32e3db
   link-check-kibana/packages/kbn-doc-links/src/get_doc_links.ts/8.9: 3d21f90217ee79ce0abdd7455a3f85cbd6caf393
-  link-check-kibana/packages/kbn-doc-links/src/get_doc_links.ts/main: 0c0cf0a8e0e9dde31f9c9872cde328984065dfc8
+  link-check-kibana/packages/kbn-doc-links/src/get_doc_links.ts/main: 4982ead45caf23f8e9063b55bc5df46d881dfcf6
   link-check-kibana/src/core/public/doc_links/doc_links_service.ts/7.13: 31f366f46a7afb1eccef6f5c0e66d78f59dc4c23
   link-check-kibana/src/core/public/doc_links/doc_links_service.ts/7.14: 92e0f9d9b53a5465cd29895e00c770946718583a
   link-check-kibana/src/core/public/doc_links/doc_links_service.ts/7.15: 051a78852f52d43bcb7d8d943b369b9098eada85
@@ -8063,7 +8063,7 @@ security-docs:
   Elastic Security/docs/8.10: b05cf284208a70c7fe4b116ef8f6dd1e8edb4596
   Elastic Security/docs/8.11: f7af769a8d6b88ceb78090615cabce97ea55c02a
   Elastic Security/docs/8.12: daa11363cce04dc48b8b666eecde6a8ab5715a6b
-  Elastic Security/docs/8.13: abea2a415e8c5e993c497bb96add82f96f9e3b05
+  Elastic Security/docs/8.13: ac9595cd96bc4d00d1027aba3a63a7cf27fec031
   Elastic Security/docs/8.14: 75725d3e2357c28f259b996701b6fa396c9834b3
   Elastic Security/docs/8.2: 208edbfcc412504c88a3342a669f337a843d4dc0
   Elastic Security/docs/8.3: 61162a2f80b0b0616a20cd0a8d22d02702885f82
 
@@ -9,7 +9,7 @@
 <link rel="home" href="index.html" title="Elastic Security Solution [8.13]"/>
 <link rel="up" href="prebuilt-rules.html" title="Prebuilt rule reference"/>
 <link rel="prev" href="a-scheduled-task-was-created.html" title="A scheduled task was created"/>
-<link rel="next" href="aws-cloudtrail-log-created.html" title="AWS CloudTrail Log Created"/>
+<link rel="next" href="aws-bedrock-detected-multiple-attempts-to-use-denied-models-by-a-single-user.html" title="AWS Bedrock Detected Multiple Attempts to use Denied Models by a Single User"/>
 <meta class="elastic" name="product_version" content="8.13"/>
 <meta class="elastic" name="product_name" content="Security"/>
 <meta class="elastic" name="website_area" content="documentation"/>
@@ -113,7 +113,7 @@
 <a href="a-scheduled-task-was-created.html">« A scheduled task was created</a>
 </span>
 <span class="next">
-<a href="aws-cloudtrail-log-created.html">AWS CloudTrail Log Created »</a>
+<a href="aws-bedrock-detected-multiple-attempts-to-use-denied-models-by-a-single-user.html">AWS Bedrock Detected Multiple Attempts to use Denied Models by a Single User »</a>
 </span>
 </div>
 <div class="section">
@@ -263,7 +263,7 @@ <h3 class="title"><a id="_rule_query_2"></a>Rule query<a class="edit_me" rel="no
 <a href="a-scheduled-task-was-created.html">« A scheduled task was created</a>
 </span>
 <span class="next">
-<a href="aws-cloudtrail-log-created.html">AWS CloudTrail Log Created »</a>
+<a href="aws-bedrock-detected-multiple-attempts-to-use-denied-models-by-a-single-user.html">AWS Bedrock Detected Multiple Attempts to use Denied Models by a Single User »</a>
 </span>
 </div>
 </div>
 
@@ -196,7 +196,7 @@ <h2 class="title"><a id="abnormal-process-id-or-lock-file-created"></a>Abnormal
 <p><span class="strong strong"><strong>Rule license</strong></span>: Elastic License v2</p>
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_investigation_guide_55"></a>Investigation guide<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/abnormal-process-id-or-lock-file-created.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_investigation_guide_56"></a>Investigation guide<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/abnormal-process-id-or-lock-file-created.asciidoc">edit</a></h3>
 </div></div></div>
 <p><span class="strong strong"><strong>Triage and analysis</strong></span></p>
 <p><span class="strong strong"><strong>Investigating Abnormal Process ID or Lock File Created</strong></span></p>
@@ -285,7 +285,7 @@ <h3 class="title"><a id="_investigation_guide_55"></a>Investigation guide<a clas
 
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_setup_56"></a>Setup<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/abnormal-process-id-or-lock-file-created.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_setup_59"></a>Setup<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/abnormal-process-id-or-lock-file-created.asciidoc">edit</a></h3>
 </div></div></div>
 <p><span class="strong strong"><strong>Setup</strong></span></p>
 <p>This rule requires data coming in from Elastic Defend.</p>
@@ -343,7 +343,7 @@ <h3 class="title"><a id="_setup_56"></a>Setup<a class="edit_me" rel="nofollow" t
 
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_rule_query_58"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/abnormal-process-id-or-lock-file-created.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_rule_query_62"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/abnormal-process-id-or-lock-file-created.asciidoc">edit</a></h3>
 </div></div></div>
 <div class="pre_wrapper lang-js">
 <div class="console_code_copy" title="Copy to clipboard"></div>
 
@@ -187,7 +187,7 @@ <h2 class="title"><a id="abnormally-large-dns-response"></a>Abnormally Large DNS
 <p><span class="strong strong"><strong>Rule license</strong></span>: Elastic License v2</p>
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_investigation_guide_56"></a>Investigation guide<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/abnormally-large-dns-response.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_investigation_guide_57"></a>Investigation guide<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/abnormally-large-dns-response.asciidoc">edit</a></h3>
 </div></div></div>
 <p><span class="strong strong"><strong>Triage and analysis</strong></span></p>
 <p><span class="strong strong"><strong>Investigating Abnormally Large DNS Response</strong></span></p>
@@ -258,7 +258,7 @@ <h3 class="title"><a id="_investigation_guide_56"></a>Investigation guide<a clas
 
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_rule_query_59"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/abnormally-large-dns-response.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_rule_query_63"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/abnormally-large-dns-response.asciidoc">edit</a></h3>
 </div></div></div>
 <div class="pre_wrapper lang-js">
 <div class="console_code_copy" title="Copy to clipboard"></div>
 
@@ -177,7 +177,7 @@ <h2 class="title"><a id="accepted-default-telnet-port-connection"></a>Accepted D
 <p><span class="strong strong"><strong>Rule license</strong></span>: Elastic License v2</p>
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_rule_query_60"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/accepted-default-telnet-port-connection.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_rule_query_64"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/accepted-default-telnet-port-connection.asciidoc">edit</a></h3>
 </div></div></div>
 <div class="pre_wrapper lang-js">
 <div class="console_code_copy" title="Copy to clipboard"></div>
 
@@ -175,7 +175,7 @@ <h2 class="title"><a id="access-of-stored-browser-credentials"></a>Access of Sto
 <p><span class="strong strong"><strong>Rule license</strong></span>: Elastic License v2</p>
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_setup_57"></a>Setup<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-of-stored-browser-credentials.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_setup_60"></a>Setup<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-of-stored-browser-credentials.asciidoc">edit</a></h3>
 </div></div></div>
 <p><span class="strong strong"><strong>Setup</strong></span></p>
 <p>This rule requires data coming in from Elastic Defend.</p>
@@ -233,7 +233,7 @@ <h3 class="title"><a id="_setup_57"></a>Setup<a class="edit_me" rel="nofollow" t
 
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_rule_query_61"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-of-stored-browser-credentials.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_rule_query_65"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-of-stored-browser-credentials.asciidoc">edit</a></h3>
 </div></div></div>
 <div class="pre_wrapper lang-js">
 <div class="console_code_copy" title="Copy to clipboard"></div>
 
@@ -193,7 +193,7 @@ <h2 class="title"><a id="access-to-a-sensitive-ldap-attribute"></a>Access to a S
 <p><span class="strong strong"><strong>Rule license</strong></span>: Elastic License v2</p>
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_setup_59"></a>Setup<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-to-a-sensitive-ldap-attribute.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_setup_62"></a>Setup<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-to-a-sensitive-ldap-attribute.asciidoc">edit</a></h3>
 </div></div></div>
 <p><span class="strong strong"><strong>Setup</strong></span></p>
 <p>The <em>Audit Directory Service Access</em> logging policy must be configured for (Success, Failure).
@@ -210,7 +210,7 @@ <h3 class="title"><a id="_setup_59"></a>Setup<a class="edit_me" rel="nofollow" t
 
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_rule_query_63"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-to-a-sensitive-ldap-attribute.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_rule_query_67"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-to-a-sensitive-ldap-attribute.asciidoc">edit</a></h3>
 </div></div></div>
 <div class="pre_wrapper lang-js">
 <div class="console_code_copy" title="Copy to clipboard"></div>
 
@@ -178,7 +178,7 @@ <h2 class="title"><a id="access-to-keychain-credentials-directories"></a>Access
 <p><span class="strong strong"><strong>Rule license</strong></span>: Elastic License v2</p>
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_setup_58"></a>Setup<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-to-keychain-credentials-directories.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_setup_61"></a>Setup<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-to-keychain-credentials-directories.asciidoc">edit</a></h3>
 </div></div></div>
 <p><span class="strong strong"><strong>Setup</strong></span></p>
 <p>This rule requires data coming in from Elastic Defend.</p>
@@ -236,7 +236,7 @@ <h3 class="title"><a id="_setup_58"></a>Setup<a class="edit_me" rel="nofollow" t
 
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_rule_query_62"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-to-keychain-credentials-directories.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_rule_query_66"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/access-to-keychain-credentials-directories.asciidoc">edit</a></h3>
 </div></div></div>
 <div class="pre_wrapper lang-js">
 <div class="console_code_copy" title="Copy to clipboard"></div>
 
@@ -171,7 +171,7 @@ <h2 class="title"><a id="accessing-outlook-data-files"></a>Accessing Outlook Dat
 <p><span class="strong strong"><strong>Rule license</strong></span>: Elastic License v2</p>
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_rule_query_64"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/accessing-outlook-data-files.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_rule_query_68"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/accessing-outlook-data-files.asciidoc">edit</a></h3>
 </div></div></div>
 <div class="pre_wrapper lang-js">
 <div class="console_code_copy" title="Copy to clipboard"></div>
 
@@ -190,7 +190,7 @@ <h2 class="title"><a id="account-configured-with-never-expiring-password"></a>Ac
 <p><span class="strong strong"><strong>Rule license</strong></span>: Elastic License v2</p>
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_investigation_guide_57"></a>Investigation guide<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/account-configured-with-never-expiring-password.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_investigation_guide_58"></a>Investigation guide<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/account-configured-with-never-expiring-password.asciidoc">edit</a></h3>
 </div></div></div>
 <p><span class="strong strong"><strong>Triage and analysis</strong></span></p>
 <p><span class="strong strong"><strong>Investigating Account Configured with Never-Expiring Password</strong></span></p>
@@ -257,7 +257,7 @@ <h3 class="title"><a id="_investigation_guide_57"></a>Investigation guide<a clas
 
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_rule_query_65"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/account-configured-with-never-expiring-password.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_rule_query_69"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/account-configured-with-never-expiring-password.asciidoc">edit</a></h3>
 </div></div></div>
 <div class="pre_wrapper lang-js">
 <div class="console_code_copy" title="Copy to clipboard"></div>
 
@@ -183,7 +183,7 @@ <h2 class="title"><a id="account-discovery-command-via-system-account"></a>Accou
 <p><span class="strong strong"><strong>Rule license</strong></span>: Elastic License v2</p>
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_investigation_guide_58"></a>Investigation guide<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/account-discovery-command-via-system-account.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_investigation_guide_59"></a>Investigation guide<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/account-discovery-command-via-system-account.asciidoc">edit</a></h3>
 </div></div></div>
 <p><span class="strong strong"><strong>Triage and analysis</strong></span></p>
 <p><span class="strong strong"><strong>Investigating Account Discovery Command via SYSTEM Account</strong></span></p>
@@ -244,7 +244,7 @@ <h3 class="title"><a id="_investigation_guide_58"></a>Investigation guide<a clas
 
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_setup_60"></a>Setup<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/account-discovery-command-via-system-account.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_setup_63"></a>Setup<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/account-discovery-command-via-system-account.asciidoc">edit</a></h3>
 </div></div></div>
 <p><span class="strong strong"><strong>Setup</strong></span></p>
 <p>If enabling an EQL rule on a non-elastic-agent index (such as beats) for versions &lt;8.2,
@@ -256,7 +256,7 @@ <h3 class="title"><a id="_setup_60"></a>Setup<a class="edit_me" rel="nofollow" t
 
 <div class="section">
 <div class="titlepage"><div><div>
-<h3 class="title"><a id="_rule_query_66"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/account-discovery-command-via-system-account.asciidoc">edit</a></h3>
+<h3 class="title"><a id="_rule_query_70"></a>Rule query<a class="edit_me" rel="nofollow" title="Edit this page on GitHub" href="https://github.com/elastic/security-docs/edit/8.13/docs/detections/prebuilt-rules/rule-details/account-discovery-command-via-system-account.asciidoc">edit</a></h3>
 </div></div></div>
 <div class="pre_wrapper lang-js">
 <div class="console_code_copy" title="Copy to clipboard"></div>