diff --git a/events/findings/detection_finding.json b/events/findings/detection_finding.json
index e51bf5711..420ac6d4e 100644
--- a/events/findings/detection_finding.json
+++ b/events/findings/detection_finding.json
@@ -2,10 +2,16 @@
   "uid": 4,
   "caption": "Detection Finding",
   "category": "findings",
-  "description": "A Detection Finding describes detections or alerts generated by security products using correlation engines, detection engines or other methodologies.",
+  "description": "A Detection Finding describes detections or alerts generated by security products using correlation engines, detection engines or other methodologies. Note: if the product is a security control, the <code>security_control</code> profile should be applied and its <code>attacks</code> information should be duplicated into the <code>finding_info</code> object.",
   "extends": "finding",
   "name": "detection_finding",
+  "profiles": [
+    "security_control"
+  ],
   "attributes": {
+    "$include": [
+      "profiles/security_control.json"
+    ],
     "evidences": {
       "group": "primary",
       "requirement": "recommended"
@@ -22,10 +28,6 @@
       "group": "context",
       "requirement": "optional"
     },
-    "malware": {
-      "group": "context",
-      "requirement": "optional"
-    },
     "remediation": {
       "group": "context",
       "requirement": "optional"