diff --git a/EDR_telem.json b/EDR_telem.json
index 22a12e4..71025aa 100644
--- a/EDR_telem.json
+++ b/EDR_telem.json
@@ -45,13 +45,13 @@
   },
   {
     "Telemetry Feature Category":null,
-    "Sub-Category":"Remote Thread Creation",
+    "Sub-Category":"Thread Creation",
     "CrowdStrike":"Yes",
     "Elastic":"Yes",
     "LimaCharlie":"Yes",
     "MDE":"Yes",
     "Sentinel One":"Yes",
-    "Sysmon":"Yes",
+    "Sysmon":"Partially",
     "WatchGuard":"Yes"
   },
   {