diff --git a/detection-rules/impersonation_sharepoint_fake_file_share.yml b/detection-rules/impersonation_sharepoint_fake_file_share.yml
index 3f82d30d02f..38fc54b8235 100644
--- a/detection-rules/impersonation_sharepoint_fake_file_share.yml
+++ b/detection-rules/impersonation_sharepoint_fake_file_share.yml
@@ -5,6 +5,8 @@ type: "rule"
 severity: "medium"
 source: |
   type.inbound
+
+  and false
   
   // Sharepoint body content looks like this
   and (
diff --git a/detection-rules/link_microsoft_low_reputation.yml b/detection-rules/link_microsoft_low_reputation.yml
index 67b83e08151..2cef393e0ec 100644
--- a/detection-rules/link_microsoft_low_reputation.yml
+++ b/detection-rules/link_microsoft_low_reputation.yml
@@ -5,6 +5,7 @@ severity: "medium"
 source: |
  type.inbound
  and 0 < length(body.links) < 50
+ // change to trigger ci
  // suspicious link 
  and any(body.links,
          (