The rule 'Wiz Rotate Service Account Secret' is designed to detect the rotation of secrets associated with service accounts. The rotation of these secrets is a critical security practice that helps to protect sensitive information and reduce the risk of unauthorized access. This rule monitors logs for the action 'RotateServiceAccountSecret' and checks if the secret rotation was executed successfully or not. If the rotation action occurs without prior documentation or planning, it can trigger alerts, suggesting that users verify the legitimacy of the action. The rule also includes provisions to manage the frequency of triggering events through deduplication within a 60-minute period, preventing multiple alerts for the same rotation event. The severity of this rule is classified as medium, indicating it requires attention but does not represent an immediate threat. The rule references a related document from Wiz regarding Kubernetes secrets, enhancing its contextual accuracy and relevance.