diff --git a/.index.json b/.index.json
index c394bd4b21f..eed25d702f3 100644
--- a/.index.json
+++ b/.index.json
@@ -17778,21 +17778,31 @@
   },
   "pserranoa/openvpn-bf": {
    "path": "scenarios/pserranoa/openvpn-bf.yml",
-   "version": "0.1",
+   "version": "0.2",
    "versions": {
     "0.1": {
      "digest": "22a4026f3fd636871afb2c2e7498cfe81be354f77aa9e2a175f299e6a2998952",
      "deprecated": false
+    },
+    "0.2": {
+     "digest": "52ace71c20c05736950b5f90c4cc4b763d221c52b9b418b954d3fc03604ce9a4",
+     "deprecated": false
     }
    },
    "long_description": "IyBEZXNjcmlwdGlvbgoKLSAzIGZhaWxlZCBhdXRoZW50aWNhdGlvbiBhdHRlbXB0cyB3aXRoaW4gMSBtaW51dGUgbGVha3NwZWVkLg==",
-   "content": "IyBvcGVudnBuIGJydXRlZm9yY2UgZGV0ZWN0aW9uIC8gYXV0aF9mYWlsZWQKdHlwZTogbGVha3kKbmFtZTogcHNlcnJhbm9hL29wZW52cG4tYmYKZGVzY3JpcHRpb246ICJEZXRlY3Qgb3BlbnZwbiBicnV0ZWZvcmNlIgpmaWx0ZXI6ICJldnQuTWV0YS5zZXJ2aWNlID09ICdvcGVudnBuJyAmJiBldnQuTWV0YS5sb2dfdHlwZSA9PSAnYXV0aF9mYWlsZWQnIgpsZWFrc3BlZWQ6ICIxbSIKYmxhY2tob2xlOiA1bQpjYXBhY2l0eTogMwpncm91cGJ5OiBldnQuTWV0YS5zb3VyY2VfaXAKcmVwcm9jZXNzOiB0cnVlCmxhYmVsczoKIHNlcnZpY2U6IG9wZW52cG4KIHR5cGU6IGF1dGhfZmFpbGVkCiByZW1lZGlhdGlvbjogdHJ1ZQ==",
+   "content": "IyBvcGVudnBuIGJydXRlZm9yY2UgZGV0ZWN0aW9uIC8gYXV0aF9mYWlsZWQKdHlwZTogbGVha3kKbmFtZTogcHNlcnJhbm9hL29wZW52cG4tYmYKZGVzY3JpcHRpb246ICJEZXRlY3Qgb3BlbnZwbiBicnV0ZWZvcmNlIgpmaWx0ZXI6ICJldnQuTWV0YS5zZXJ2aWNlID09ICdvcGVudnBuJyAmJiBldnQuTWV0YS5sb2dfdHlwZSA9PSAnYXV0aF9mYWlsZWQnIgpsZWFrc3BlZWQ6ICIxbSIKYmxhY2tob2xlOiA1bQpjYXBhY2l0eTogMwpncm91cGJ5OiBldnQuTWV0YS5zb3VyY2VfaXAKcmVwcm9jZXNzOiB0cnVlCmxhYmVsczoKIHNlcnZpY2U6IG9wZW52cG4KIHJlbWVkaWF0aW9uOiB0cnVlCiBjb25maWRlbmNlOiAzCiBzcG9vZmFibGU6IDAKIGNsYXNzaWZpY2F0aW9uOgogICAtIGF0dGFjay5UMTExMAogbGFiZWw6ICJPcGVuVlBOIEJydXRlZm9yY2UiCiBiZWhhdmlvdXI6ICJnZW5lcmljOmJydXRlZm9yY2UiCg==",
    "description": "Detect openvpn bruteforce",
    "author": "pserranoa",
    "labels": {
+    "behaviour": "generic:bruteforce",
+    "classification": [
+     "attack.T1110"
+    ],
+    "confidence": 3,
+    "label": "OpenVPN Bruteforce",
     "remediation": true,
     "service": "openvpn",
-    "type": "auth_failed"
+    "spoofable": 0
    }
   },
   "schiz0phr3ne/prowlarr-bf": {
diff --git a/scenarios/pserranoa/openvpn-bf.yml b/scenarios/pserranoa/openvpn-bf.yml
index f03d6b27f2c..4eda6fced7d 100644
--- a/scenarios/pserranoa/openvpn-bf.yml
+++ b/scenarios/pserranoa/openvpn-bf.yml
@@ -10,5 +10,10 @@ groupby: evt.Meta.source_ip
 reprocess: true
 labels:
  service: openvpn
- type: auth_failed
- remediation: true
\ No newline at end of file
+ remediation: true
+ confidence: 3
+ spoofable: 0
+ classification:
+   - attack.T1110
+ label: "OpenVPN Bruteforce"
+ behaviour: "generic:bruteforce"