From 2e8e932a61034299bf3fef30fd22385c3cd6d13b Mon Sep 17 00:00:00 2001
From: akozlovets098 <95437895+akozlovets098@users.noreply.github.com>
Date: Tue, 12 Dec 2023 12:42:16 +0200
Subject: [PATCH] Add references to rules (gsuite_reports_rules) (#1013)

---
 rules/gsuite_reports_rules/gsuite_drive_external_share.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/rules/gsuite_reports_rules/gsuite_drive_external_share.yml b/rules/gsuite_reports_rules/gsuite_drive_external_share.yml
index 4fd8368d8..39d87bdef 100644
--- a/rules/gsuite_reports_rules/gsuite_drive_external_share.yml
+++ b/rules/gsuite_reports_rules/gsuite_drive_external_share.yml
@@ -18,6 +18,7 @@ Description: An employee shared a sensitive file externally with another organiz
 Runbook: >
   Contact the employee who made the share and make sure they redact the access.
   If the share was legitimate, add to the EXCEPTION_PATTERNS in the detection.
+Reference: https://developers.google.com/admin-sdk/reports/v1/appendix/usage/user/drive#visibility-parameters
 Tests:
   -
     Name: Dangerous Share of Known Document with a Missing User