diff --git a/rules/gcp_audit_rules/gcp_bigquery_large_scan.yml b/rules/gcp_audit_rules/gcp_bigquery_large_scan.yml
index 1734ebdd9..f29330f5f 100644
--- a/rules/gcp_audit_rules/gcp_bigquery_large_scan.yml
+++ b/rules/gcp_audit_rules/gcp_bigquery_large_scan.yml
@@ -3,9 +3,9 @@ Description: Detect any BigQuery query that is doing a very large scan (> 1 GB).
 DisplayName: "GCP BigQuery Large Scan"
 Enabled: true
 Filename: gcp_bigquery_large_scan.py
-Reference:
+Reference: https://cloud.google.com/bigquery/docs/running-queries
 Severity: Info
-Tests: https://cloud.google.com/bigquery/docs/running-queries
+Tests:
     - ExpectedResult: false
       Log:
         insertid: ABCDEFGHIJKL
diff --git a/rules/gcp_audit_rules/gcp_destructive_queries.yml b/rules/gcp_audit_rules/gcp_destructive_queries.yml
index aea28a201..811a45657 100644
--- a/rules/gcp_audit_rules/gcp_destructive_queries.yml
+++ b/rules/gcp_audit_rules/gcp_destructive_queries.yml
@@ -1,6 +1,6 @@
 AnalysisType: rule
 Description: Detect any destructive BigQuery queries or jobs such as update, delete, drop, alter or truncate.
-DisplayName: "'GCP Destructive Queries '"
+DisplayName: "GCP Destructive Queries"
 Enabled: true
 Filename: gcp_destructive_queries.py
 Reference: https://cloud.google.com/bigquery/docs/managing-tables
diff --git a/rules/gcp_audit_rules/gcp_unused_regions.yml b/rules/gcp_audit_rules/gcp_unused_regions.yml
index 654747d25..7d8eff7af 100644
--- a/rules/gcp_audit_rules/gcp_unused_regions.yml
+++ b/rules/gcp_audit_rules/gcp_unused_regions.yml
@@ -18,7 +18,7 @@ Severity: Medium
 Description: >
   Adversaries may create cloud instances in unused geographic service regions in order to evade detection.
 Runbook: Validate the user making the request and the resource created.
-Reference: https://attack.mitre.org/techniques/T1535/
+Reference: https://cloud.google.com/docs/geography-and-regions
 SummaryAttributes:
   - severity
   - p_any_ip_addresses