diff --git a/core/mondoo-okta-security.mql.yaml b/core/mondoo-okta-security.mql.yaml
index 0b7bdeda..50066cc7 100644
--- a/core/mondoo-okta-security.mql.yaml
+++ b/core/mondoo-okta-security.mql.yaml
@@ -111,7 +111,7 @@ policies:
           # Limit the number of super admin roles
           - uid: mondoo-okta-security-limit-super-admins
           # Enable Okta ThreatInsight to block suspicious IP addresses
-          - uid: mondoo-okta-security-threatinsight-block-suspicous-ip-addresses
+          - uid: mondoo-okta-security-threatinsight-block-suspicious-ip-addresses
           # # Enable MFA for all users
           - uid: mondoo-okta-security-okta-mfa-access
           # Disable weaker MFA factors in factor enrollment policies
@@ -206,7 +206,7 @@ queries:
             4. From the list of administrator roles, assign a role other than super admin to the user.
             5. Select **Update Administrator**.
 
-  - uid: mondoo-okta-security-threatinsight-block-suspicous-ip-addresses
+  - uid: mondoo-okta-security-threatinsight-block-suspicious-ip-addresses
     title: Enable Okta ThreatInsight to block suspicious IP addresses
     impact: 100
     docs:
@@ -229,11 +229,11 @@ queries:
 
         Legitimate users within your org see no change in behavior. Clients connecting from blocked network zones see a 403 (access denied) error.
     variants:
-      - uid: mondoo-okta-security-threatinsight-block-suspicous-ip-addresses-terraform-hcl
-      - uid: mondoo-okta-security-threatinsight-block-suspicous-ip-addresses-terraform-plan
-      - uid: mondoo-okta-security-threatinsight-block-suspicous-ip-addresses-terraform-state
-      - uid: mondoo-okta-security-threatinsight-block-suspicous-ip-addresses-api
-  - uid: mondoo-okta-security-threatinsight-block-suspicous-ip-addresses-api
+      - uid: mondoo-okta-security-threatinsight-block-suspicious-ip-addresses-terraform-hcl
+      - uid: mondoo-okta-security-threatinsight-block-suspicious-ip-addresses-terraform-plan
+      - uid: mondoo-okta-security-threatinsight-block-suspicious-ip-addresses-terraform-state
+      - uid: mondoo-okta-security-threatinsight-block-suspicious-ip-addresses-api
+  - uid: mondoo-okta-security-threatinsight-block-suspicious-ip-addresses-api
     title: Enable Okta ThreatInsight to block suspicious IP addresses
     impact: 100
     filters: asset.platform == "okta-org"
@@ -268,7 +268,7 @@ queries:
             3. Select Tor anonymizer proxy for IP Type.
             4. Select Block access from IPs matching conditions listed in this zone.
             5. Select Save.
-  - uid: mondoo-okta-security-threatinsight-block-suspicous-ip-addresses-terraform-hcl
+  - uid: mondoo-okta-security-threatinsight-block-suspicious-ip-addresses-terraform-hcl
     title: Enable Okta ThreatInsight to block suspicious IP addresses
     impact: 100
     filters: asset.platform == "terraform-hcl" && terraform.providers.any( nameLabel == "okta" )
@@ -288,7 +288,7 @@ queries:
               proxies  = ["2.2.3.4/24", "3.3.4.5-3.3.4.15"]
             }
             ```
-  - uid: mondoo-okta-security-threatinsight-block-suspicous-ip-addresses-terraform-plan
+  - uid: mondoo-okta-security-threatinsight-block-suspicious-ip-addresses-terraform-plan
     title: Enable Okta ThreatInsight to block suspicious IP addresses
     impact: 100
     filters: asset.platform == "terraform-plan" && terraform.plan.resourceChanges.contains( providerName == /okta/ )
@@ -308,7 +308,7 @@ queries:
               proxies  = ["2.2.3.4/24", "3.3.4.5-3.3.4.15"]
             }
             ```
-  - uid: mondoo-okta-security-threatinsight-block-suspicous-ip-addresses-terraform-state
+  - uid: mondoo-okta-security-threatinsight-block-suspicious-ip-addresses-terraform-state
     title: Enable Okta ThreatInsight to block suspicious IP addresses
     impact: 100
     filters: asset.platform == "terraform-state" && terraform.state.resources.contains( type == /okta_network_zone/ )