diff --git a/content/en/security/cloud_siem/detect_and_monitor/custom_detection_rules/create_rule/scheduled_rule.md b/content/en/security/cloud_siem/detect_and_monitor/custom_detection_rules/create_rule/scheduled_rule.md
index 66366b7e08c31..57722a98a0d7c 100644
--- a/content/en/security/cloud_siem/detect_and_monitor/custom_detection_rules/create_rule/scheduled_rule.md
+++ b/content/en/security/cloud_siem/detect_and_monitor/custom_detection_rules/create_rule/scheduled_rule.md
@@ -5,6 +5,8 @@ type: multi-code-lang
weight: 2
---
+Scheduled Rule is not available for the Legacy product.
+
## Overview
Scheduled detection rules run at predefined intervals to analyze indexed log data and detect security threats. These rules can identify patterns, anomalies, or specific conditions within a defined time frame, and trigger alerts or reports if the criteria are met.
diff --git a/content/en/security/cloud_siem/detect_and_monitor/custom_detection_rules/sequence.md b/content/en/security/cloud_siem/detect_and_monitor/custom_detection_rules/sequence.md
index 3f6b7bbe503d0..d55b9e6811e48 100644
--- a/content/en/security/cloud_siem/detect_and_monitor/custom_detection_rules/sequence.md
+++ b/content/en/security/cloud_siem/detect_and_monitor/custom_detection_rules/sequence.md
@@ -4,6 +4,8 @@ description: Learn about how the sequence detection method works.
disable_toc: false
---
+Sequence detection is not available for the Legacy product.
+
## Overview
The sequence method enables you to detect multi-stage attacks by identifying ordered patterns of related events, such as initial access, privilege escalation, and data exfiltration.
diff --git a/content/en/security/cloud_siem/ingest_and_enrich/open_cybersecurity_schema_framework/_index.md b/content/en/security/cloud_siem/ingest_and_enrich/open_cybersecurity_schema_framework/_index.md
index e9ada080a95ed..d4090bf45b5aa 100644
--- a/content/en/security/cloud_siem/ingest_and_enrich/open_cybersecurity_schema_framework/_index.md
+++ b/content/en/security/cloud_siem/ingest_and_enrich/open_cybersecurity_schema_framework/_index.md
@@ -12,6 +12,8 @@ further_reading:
text: "Normalize your data with the OCSF Common Data Model in Datadog Cloud SIEM"
---
+This feature is not available for the Legacy product.
+
## Overview
Cloud SIEM collects and analyzes data from a wide range of sources such as cloud services, firewalls, networks, applications, and IT systems. Since these services emit data in different formats, it often requires significant effort to normalize and prepare logs before meaningful threat analysis can occur.
diff --git a/content/en/security/cloud_siem/ingest_and_enrich/threat_intelligence.md b/content/en/security/cloud_siem/ingest_and_enrich/threat_intelligence.md
index 8428f83814f90..b799419be346c 100644
--- a/content/en/security/cloud_siem/ingest_and_enrich/threat_intelligence.md
+++ b/content/en/security/cloud_siem/ingest_and_enrich/threat_intelligence.md
@@ -9,6 +9,8 @@ further_reading:
text: "Create custom detection rules"
---
+This feature is not available for the Legacy product.
+
## Overview
Datadog provides built-in [threat intelligence][1] for Cloud SIEM logs. This article explains how to extend that functionality by enriching logs with your own custom threat intelligence feeds.
diff --git a/content/en/security/cloud_siem/triage_and_investigate/entities_and_risk_scoring.md b/content/en/security/cloud_siem/triage_and_investigate/entities_and_risk_scoring.md
index 568f66be5062b..b2e734894d925 100644
--- a/content/en/security/cloud_siem/triage_and_investigate/entities_and_risk_scoring.md
+++ b/content/en/security/cloud_siem/triage_and_investigate/entities_and_risk_scoring.md
@@ -8,6 +8,8 @@ further_reading:
text: "Accelerate investigations with Datadog Cloud SIEM Risk-based Insights and AWS Entity Analytics"
---
+This feature is not available for the Legacy product.
+
## Overview
[Cloud SIEM's Risk Insights][4] consolidates multiple data sources, such as SIEM threats and Cloud Security insights, into a profile representing a single security entity, such as an IAM user.