diff --git a/CERT-XLM/machinetag.json b/CERT-XLM/machinetag.json
index 206a212..4c74989 100755
--- a/CERT-XLM/machinetag.json
+++ b/CERT-XLM/machinetag.json
@@ -1,5 +1,5 @@
 {
-  "version": 1,
+  "version": 2,
   "namespace": "CERT-XLM",
   "description": "CERT-XLM Security Incident Classification.",
   "values": [
@@ -104,7 +104,7 @@
       ]
     },
     {
-      "predicate": "intrusions",
+      "predicate": "intrusion",
       "entry": [
         {
           "value": "privileged-account-compromise",
@@ -286,8 +286,8 @@
       "description": "Vulnerable"
     },
     {
-      "value": "comformity",
-      "expanded": "Comformity",
+      "value": "conformity",
+      "expanded": "Conformity",
       "description": "This group is for catching breach about controls given by the company or externals entities."
     },
     {
diff --git a/cssa/machinetag.json b/cssa/machinetag.json
index d3d29e6..eb1a425 100644
--- a/cssa/machinetag.json
+++ b/cssa/machinetag.json
@@ -1,7 +1,7 @@
 {
   "namespace": "cssa",
   "description": "The CSSA agreed sharing taxonomy.",
-  "version": 3,
+  "version": 4,
   "predicates": [
     {
       "value": "sharing-class",
@@ -10,6 +10,11 @@
     {
       "value": "origin",
       "expanded": "Origin"
+    },
+    {
+      "value": "analyse",
+      "expanded": "Please analyse sample",
+      "colour": "#fab74d"
     }
   ],
   "values": [
diff --git a/misp/machinetag.json b/misp/machinetag.json
index 75c112a..e3e5f43 100755
--- a/misp/machinetag.json
+++ b/misp/machinetag.json
@@ -70,26 +70,6 @@
         }
       ]
     },
-    {
-      "predicate": "automation-level",
-      "entry": [
-        {
-          "expanded": "Generated automatically without human verification",
-          "value": "unsupervised",
-          "numerical_value": 100
-        },
-        {
-          "expanded": "Generated automatically but verified by a human",
-          "value": "reviewed",
-          "numerical_value": 50
-        },
-        {
-          "expanded": "Output of human analysis",
-          "value": "manual",
-          "numerical_value": 0
-        }
-      ]
-    },
     {
       "predicate": "threat-level",
       "entry": [
@@ -119,6 +99,26 @@
         }
       ]
     },
+    {
+      "predicate": "automation-level",
+      "entry": [
+        {
+          "expanded": "Generated automatically without human verification",
+          "value": "unsupervised",
+          "numerical_value": 100
+        },
+        {
+          "expanded": "Generated automatically but verified by a human",
+          "value": "reviewed",
+          "numerical_value": 50
+        },
+        {
+          "expanded": "Output of human analysis",
+          "value": "manual",
+          "numerical_value": 0
+        }
+      ]
+    },
     {
       "predicate": "tool",
       "entry": [
diff --git a/pentest/machinetag.json b/pentest/machinetag.json
index ecf4d2f..702ce6f 100644
--- a/pentest/machinetag.json
+++ b/pentest/machinetag.json
@@ -1,5 +1,5 @@
 {
-  "version": 1,
+  "version": 2,
   "namespace": "pentest",
   "description": "pentest classification.",
   "values": [
@@ -220,7 +220,7 @@
       "description": "Automated tool that perform network checks"
     },
     {
-      "value": "exploit ",
+      "value": "exploit",
       "expanded": "Exploit",
       "description": "Exploitation of a vulnerability"
     },