The following rules have been removed from their associated rule packs due to high alert volume across the Google SecOps customer base

## Change The following rules have been removed from their associated rule packs due to high alert volume across the Google SecOps customer base * GCP Workspace Data Exfil Drive: * Suspicious Workspace Actions Observed after a Successful Suspicious Login * GCP Suspicious Infrastructure Change: * Replacement of Existing Compute Machine Image * Replacement of Existing Compute Disk * GCP Cloud SQL Ransom: * Base64 Encoded Cloud SQL Command * CIDR SCC Persistence: * SCC: Persistence: New API Method * SCC: Persistence: IAM Anomalous Grant * SCC: Persistence: GCE Admin Added SSH Key * CIDR SCC Malware: * SCC: Added Library Loaded * SCC: Added Binary Executed * CIDR SCC Cloud IDS Low: * SCC: Cloud IDS: Low Threat Finding * CIDR SCC Cloud Armor Medium: * SCC: Cloud Armor: Medium - Increasing Deny Ratio * SCC: Cloud Armor: Medium - Allowed Traffic Spike * Azure Identity: * Azure External User Invitation * Azure Defender for Cloud Windows and Linux VM: * Azure Defender for Cloud: Anonymous IP access * AWS GuardDuty Discovery: * AWS GuardDuty: Recon:EC2/PortProbeUnprotectedPort