diff --git a/docs/edr-install-config/install-elastic-defend.mdx b/docs/edr-install-config/install-elastic-defend.mdx
index b512634223..6c8a150a96 100644
--- a/docs/edr-install-config/install-elastic-defend.mdx
+++ b/docs/edr-install-config/install-elastic-defend.mdx
@@ -2,7 +2,7 @@
id: serverlessSecurityInstallDefend
slug: /serverless/security/install-edr
title: Install and configure the ((elastic-defend)) integration
-# description: Description to be written
+description: Learn how to install and configure ((elastic-defend)).
tags: [ 'serverless', 'security', 'how-to' ]
status: rough content
---
@@ -19,9 +19,9 @@ Like other Elastic integrations, ((elastic-defend)) is integrated into the ((age
* ((fleet)) is required for ((elastic-defend)).
-* To configure the ((elastic-defend)) integration on the ((agent)), you must have permission to use ((fleet)) in ((kib)).
+* To configure the ((elastic-defend)) integration on the ((agent)), you must have permission to use ((fleet)).
-* You must have the **((elastic-defend)) Policy Management : All** privilege to configure an integration policy, and the **Endpoint List** privilege to access the **Endpoints** page.
+* You must have the **((elastic-defend)) Policy Management: All** privilege to configure an integration policy, and the **Endpoint List** privilege to access the **Endpoints** page.
@@ -37,19 +37,18 @@ If you're using macOS, some versions may require you to grant Full Disk Access t
1. Go to the **Integrations** page, which you can access in several ways:
-* In ((kib)): **Management** -> **Integrations**
-* In the ((security-app)): **Get started** -> **Add security integrations**
+ * In ((kib)): **Management** -> **Integrations**
+ * In the ((security-app)): **Get started** -> **Add security integrations**
![Search result for "((elastic-defend))" on the Integrations page.](../images/install-endpoint/-getting-started-install-endpoint-endpoint-cloud-sec-integrations-page.png)
1. Search for and select **((elastic-defend))**, then select **Add ((elastic-defend))**. The integration configuration page appears.
-
-If this is the first integration you've installed and the **Ready to add your first integration?** page appears instead, select **Add integration only (skip agent installation)** to proceed. You can install ((agent)) after setting up the ((elastic-defend)) integration.
-
-
+
+ If this is the first integration you've installed and the **Ready to add your first integration?** page appears instead, select **Add integration only (skip agent installation)** to proceed. You can install ((agent)) after setting up the ((elastic-defend)) integration.
+
-
+
1. Configure the ((elastic-defend)) integration with an **Integration name** and optional **Description**.
1. Select the type of environment you want to protect, either **Traditional Endpoints** or **Cloud Workloads**.
@@ -58,11 +57,11 @@ If this is the first integration you've installed and the **Ready to add your fi
@@ -71,7 +70,7 @@ If this is the first integration you've installed and the **Ready to add your fi
- All traditional endpoint presets _except **Data Collection**_ have these preventions enabled by default: malware, ransomware, memory threat, malicious behavior, and credential theft. Each preset collects the following events:
+ All traditional endpoint presets _except_ **Data Collection** have these preventions enabled by default: malware, ransomware, memory threat, malicious behavior, and credential theft. Each preset collects the following events:
* **Data Collection:** All events; no preventions
* **Next-Generation Antivirus (NGAV):** Process events; all preventions