Add DNI grouping

Author: maxvp

src/content/docs/cloudflare-one/applications/app-library.mdx

@@ -11,6 +11,10 @@ The Application Library allows users to manage their SaaS applications in Cloudf
 
 To access the App Library in [Zero Trust](https://one.dash.cloudflare.com/), go to **My team** > **App Library**. Each application card will list the number of hostnames associated with the application, the supported Zero Trust product usage, and the [app type](/cloudflare-one/policies/gateway/application-app-types/#app-types).
 
+:::note[Do Not Inspect application organization]
+The App Library groups [Do Not Inspect applications](/cloudflare-one/policies/gateway/application-app-types/#do-not-inspect-applications) within the corresponding application. For example, the App Library will group _Google Drive (Do Not Inspect)_ under **Google Drive**.
+:::
+
 ## View application details
 
 Select an application card to view details about the application.

src/content/docs/cloudflare-one/policies/gateway/application-app-types.mdx

@@ -13,6 +13,8 @@ Gateway allows you to create DNS, Network, and HTTP policies based on applicatio
 
 When you choose the _Application_ selector in a Gateway policy builder, the **Value** field will include all supported applications and their respective app types. Alternatively, you can use the [Gateway API](/api/resources/zero_trust/subresources/gateway/subresources/app_types/methods/list/) to fetch a list of applications, app types, and ID numbers.
 
+To manage a consolidated list of applications across Zero Trust, you can use the [Application Library](/cloudflare-one/applications/app-library/).
+
 ## App types
 
 Gateway sorts applications into the following app type groups:
@@ -57,8 +59,9 @@ To ensure Gateway evaluates traffic with your desired precedence, order your mos
 
 Gateway automatically groups applications incompatible with TLS decryption into the _Do Not Inspect_ app type. As Cloudflare identifies incompatible applications, Gateway will periodically update this app type to add new applications. To ensure Gateway does not intercept any current or future incompatible traffic, you can [create a Do Not Inspect HTTP policy](/cloudflare-one/policies/gateway/http-policies/#do-not-inspect) with the entire _Do Not Inspect_ app type selected.
 
-:::note[Install Cloudflare certificate manually to allow TLS decryption]
+When managing applications with the [Application Library](/cloudflare-one/applications/app-library/), Do Not Inspect applications will appear under the corresponding application. For example, the App Library will group _Google Drive (Do Not Inspect)_ under **Google Drive**.
 
+:::note[Install Cloudflare certificate manually to allow TLS decryption]
 Instead of creating a Do Not Inspect policy for an application, you may be able to configure the application to [trust a Cloudflare certificate](/cloudflare-one/connections/connect-devices/user-side-certificates/manual-deployment/#add-the-certificate-to-applications). Doing so will allow the application to function without losing visibility into your traffic.
 :::