From c4d25b1d2469f5c6cd980948b4faf80366e4fa1e Mon Sep 17 00:00:00 2001
From: Erick Cheng <19863605+ec4n6@users.noreply.github.com>
Date: Tue, 2 Nov 2021 16:34:42 +0100
Subject: [PATCH] Fix remove scp and add curl

Signed-off-by: Erick Cheng <19863605+ec4n6@users.noreply.github.com>
---
 rules/falco_rules.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/falco_rules.yaml b/rules/falco_rules.yaml
index 7fa83a33..93d50ac2 100644
--- a/rules/falco_rules.yaml
+++ b/rules/falco_rules.yaml
@@ -2676,7 +2676,7 @@
   tags: [file, mitre_persistence]
 
 - list: remote_file_copy_binaries
-  items: [rsync, scp, sftp, dcp, wget, scp]
+  items: [rsync, scp, sftp, dcp, wget, curl]
 
 - macro: remote_file_copy_procs
   condition: (proc.name in (remote_file_copy_binaries))