From 35df535b481875ff49addde39a88a3af4c806cf7 Mon Sep 17 00:00:00 2001
From: Xorlent <94985297+Xorlent@users.noreply.github.com>
Date: Tue, 19 Dec 2023 16:08:06 -0800
Subject: [PATCH] Update README.md

---
 README.md | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 106ea4f..127571d 100644
--- a/README.md
+++ b/README.md
@@ -6,11 +6,12 @@ CrowdStrike Falcon® Contain GUI for more powerful and rapid host containment
   Falcon®'s host contain action is powerful, but very limited within the Falcon® console.  This tool utilizes the CrowdStrike API to issue host containment actions based on hostname wildcards, IP ranges, defined host groups in Falcon®, or user-specified agent IDs (AID).  This tool can be useful for security operations teams needing to quickly contain groups of machines to prevent widespread infection and/or encryption of systems.
 
 ## Requirements
-  1. CrowdStrike Falcon® API Client ID and Secret with query and contain/uncontain rights (Scope: hosts, read + write)
-  2. The Falcon® API endpoint URL for your tenant
-  3. A GUI (non-Server Core) Windows install that can run PowerShell.  No additional PowerShell modules or libraries are required.
-  4. FalconContain.ps1 from this repository  
-  5. Familiarity with the Falcon® Query Lancuage (FQL) if you intend to contain/uncontain hosts in this manner
+  1. CrowdStrike Falcon® API Client ID and Secret with query and contain/uncontain rights
+     - Scope: Hosts, Rights: read + write
+  3. The Falcon® API endpoint URL for your tenant
+  4. A GUI (non-Server Core) Windows install that can run PowerShell.  No additional PowerShell modules or libraries are required.
+  5. FalconContain.ps1 from this repository  
+  6. Familiarity with the Falcon® Query Lancuage (FQL) if you intend to contain/uncontain hosts in this manner
 
 ### List of Falcon® API endpoints as of May 2023  
   - **US-1:**	api.crowdstrike.com (default)