diff --git a/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/query.rego b/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/query.rego
index 52586e85f73..9c312229f34 100644
--- a/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/query.rego
+++ b/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/query.rego
@@ -7,7 +7,7 @@ CxPolicy[result] {
 	app := input.document[i].resource.azurerm_app_service[name]
 
 	is_number(app.site_config.min_tls_version)
-	app.site_config.min_tls_version != 1.2
+	app.site_config.min_tls_version != 1.3
 
 	result := {
 		"documentId": input.document[i].id,
@@ -15,12 +15,12 @@ CxPolicy[result] {
 		"resourceName": tf_lib.get_resource_name(app, name),
 		"searchKey": sprintf("azurerm_app_service[%s].site_config.min_tls_version", [name]),
 		"issueType": "IncorrectValue",
-		"keyExpectedValue": sprintf("'azurerm_app_service[%s].site_config.min_tls_version' should be set to '1.2'", [name]),
-		"keyActualValue": sprintf("'azurerm_app_service[%s].site_config.min_tls_version' is not set to '1.2'", [name]),
+		"keyExpectedValue": sprintf("'azurerm_app_service[%s].site_config.min_tls_version' should be set to '1.3'", [name]),
+		"keyActualValue": sprintf("'azurerm_app_service[%s].site_config.min_tls_version' is not set to '1.3'", [name]),
 		"searchLine": common_lib.build_search_line(["resource", "azurerm_app_service", name, "site_config", "min_tls_version"], []),
 		"remediation": json.marshal({
 			"before": sprintf("%.1f", [app.site_config.min_tls_version]),
-			"after": "1.2"
+			"after": "1.3"
 		}),
 		"remediationType": "replacement",
 	}
@@ -30,7 +30,7 @@ CxPolicy[result] {
 	app := input.document[i].resource.azurerm_app_service[name]
 
 	not is_number(app.site_config.min_tls_version)
-	app.site_config.min_tls_version != "1.2"
+	app.site_config.min_tls_version != "1.3"
 
 	result := {
 		"documentId": input.document[i].id,
@@ -38,12 +38,12 @@ CxPolicy[result] {
 		"resourceName": tf_lib.get_resource_name(app, name),
 		"searchKey": sprintf("azurerm_app_service[%s].site_config.min_tls_version", [name]),
 		"issueType": "IncorrectValue",
-		"keyExpectedValue": sprintf("'azurerm_app_service[%s].site_config.min_tls_version' should be set to '1.2'", [name]),
-		"keyActualValue": sprintf("'azurerm_app_service[%s].site_config.min_tls_version' is not set to '1.2'", [name]),
+		"keyExpectedValue": sprintf("'azurerm_app_service[%s].site_config.min_tls_version' should be set to '1.3'", [name]),
+		"keyActualValue": sprintf("'azurerm_app_service[%s].site_config.min_tls_version' is not set to '1.3'", [name]),
 		"searchLine": common_lib.build_search_line(["resource", "azurerm_app_service", name, "site_config", "min_tls_version"], []),
 		"remediation": json.marshal({
 			"before": sprintf("%s", [app.site_config.min_tls_version]),
-			"after": "1.2"
+			"after": "1.3"
 		}),
 		"remediationType": "replacement",
 	}
diff --git a/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/negative1.tf b/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/negative1.tf
index ca1680a6135..c882887f3fa 100644
--- a/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/negative1.tf
+++ b/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/negative1.tf
@@ -7,6 +7,6 @@ resource "azurerm_app_service" "negative1" {
   site_config {
     dotnet_framework_version = "v4.0"
     scm_type                 = "LocalGit"
-    min_tls_version = 1.2
+    min_tls_version = 1.3
   }
 }
diff --git a/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/positive2.tf b/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/positive2.tf
new file mode 100644
index 00000000000..8e07d103e9d
--- /dev/null
+++ b/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/positive2.tf
@@ -0,0 +1,12 @@
+resource "azurerm_app_service" "positive2" {
+  name                = "example-app-service"
+  location            = azurerm_resource_group.example.location
+  resource_group_name = azurerm_resource_group.example.name
+  app_service_plan_id = azurerm_app_service_plan.example.id
+
+  site_config {
+    dotnet_framework_version = "v4.0"
+    scm_type                 = "LocalGit"
+    min_tls_version = 1.2
+  }
+}
diff --git a/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/positive_expected_result.json b/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/positive_expected_result.json
index 7142ab2e113..6debd505d34 100644
--- a/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/positive_expected_result.json
+++ b/assets/queries/terraform/azure/app_service_not_using_latest_tls_encryption_version/test/positive_expected_result.json
@@ -4,5 +4,11 @@
     "severity": "MEDIUM",
     "line": 10,
     "fileName": "positive1.tf"
+  },
+  {
+    "queryName": "App Service Not Using Latest TLS Encryption Version",
+    "severity": "MEDIUM",
+    "line": 10,
+    "fileName": "positive2.tf"
   }
 ]
\ No newline at end of file