diff --git a/src/content/docs/cloudflare-one/applications/casb/casb-integrations/aws-2brotherravel.mdx b/src/content/docs/cloudflare-one/applications/casb/casb-integrations/aws-2brotherravel.mdx
new file mode 100644
index 00000000000000..a786a75421b65a
--- /dev/null
+++ b/src/content/docs/cloudflare-one/applications/casb/casb-integrations/aws-2brotherravel.mdx
@@ -0,0 +1,142 @@
+---
+pcx_content_type: reference
+title: 2Brother Travel Cloud Integration
+rss: file
+---
+
+import { Render } from "~/components";
+
+
+
+## Integration prerequisites
+
+- A verified **2Brother Travel account**
+- Administrator access to your travel partner APIs (e.g., 12Go Asia, Trip.com, Traveloka)
+- Access credentials (API Token, API Key, API Secret) to connect automation pipelines
+
+---
+
+## Integration permissions
+
+For the 2Brother Travel integration to function within Cloudflare CASB, the following access scopes are required:
+
+- `read:booking` — Access travel booking and status data
+- `write:inventory` — Update or sync travel inventory data
+- `read:partner` — Retrieve partner connection data (e.g., affiliate, reseller)
+- `deploy:site` — Deploy and sync web content through the Netlify or GoDaddy API
+
+These permissions ensure least-privilege access while enabling automation across connected travel APIs.
+
+To learn more about each scope, refer to the [2Brother Travel Developer Documentation](https://2brother.online/api/docs).
+
+---
+
+## Compute account
+
+You can connect a compute or hosting account to your integration to perform **Data Loss Prevention (DLP)** and **travel data sync automation** within your 2Brother environment.
+CASB will automatically monitor and scan your API data exchange and service objects.
+
+### Add a compute account
+
+
+
+Only one compute account can be connected per integration. To remove a compute account, go to **Manage compute accounts** in the Cloudflare dashboard.
+
+---
+
+### Configure compute account scanning
+
+Once your compute account has successfully connected:
+
+1. Go to [Zero Trust](https://one.dash.cloudflare.com) → **CASB** → **Integrations**.
+2. Find your **2Brother Travel** integration.
+3. Select **Create new configuration**.
+4. In **Resources**, choose your data APIs or endpoints to monitor.
+5. Choose DLP profiles (e.g., “Customer Info”, “Payment Data”) and file types.
+6. Configure rate limits or API call frequency.
+7. Review and select **Start scan**.
+
+CASB may take up to an hour to initialize data synchronization and scanning.
+
+You can view scan results under **CASB → Content → Cloud**.
+
+---
+
+## Security findings
+
+
+
+### Partner API Security
+
+| Finding type | FindingTypeID | Severity |
+| ------------------------------------------- | -------------------------------------- | -------- |
+| API Token Exposed in Client Build | `2bfa1d7c-b27a-4128-9a8d-72af214f9aa7` | Critical |
+| API Key Without Rate Limiting | `6a93d917-501f-4b92-9f59-fb3b5a4f37ae` | High |
+| Partner API Using Insecure HTTP | `ad7bfe4d-0837-472b-84d9-bfc4160f1285` | High |
+| Missing CORS Restrictions | `cb3e8214-1f21-4b6d-bd42-c88c7b6f09f5` | Medium |
+| Missing JWT Expiry Policy | `87fd2a6d-8b0a-4a9e-8e51-62f8e3b8c231` | Medium |
+| Inactive Affiliate Token Older than 90 days | `90aee8e2-0d94-4c16-8c97-19388a3cc5de` | Medium |
+| Publicly Accessible Booking Endpoint | `3c8b18e1-7e4b-4f4d-9394-64c8c3b28ef4` | High |
+
+---
+
+### Authentication & Access Control
+
+| Finding type | FindingTypeID | Severity |
+| -------------------------------------------- | -------------------------------------- | -------- |
+| Weak Password Policy | `eb741f33-103a-49cb-b81a-8c4a06a6c90f` | High |
+| Multi-Factor Authentication Not Enforced | `09c9a2b5-1920-4b35-bf42-b93c0deacb1a` | Critical |
+| OAuth Token Without Expiration | `10b2f326-6540-44ce-9b8c-ccf02736d171` | Medium |
+| User Session Expiration Not Configured | `fb02a28a-d174-45cf-b816-2a8aebcbf1d7` | Medium |
+| Public Admin Console Exposure | `fcae0e54-8a57-4f07-a690-02e4e6d7dfbb` | High |
+
+---
+
+### Certificates & Domain Security
+
+| Finding type | FindingTypeID | Severity |
+| -------------------------------------- | -------------------------------------- | -------- |
+| Expired SSL Certificate | `a97f2728-177c-4a35-9d52-5f8afde1e014` | Critical |
+| Wildcard Certificate without SAN check | `97d9df3f-c124-414d-934b-caaaf1a3e662` | High |
+| Insecure DNS Record (HTTP only) | `f1db9a44-3947-4a19-b9da-83520f3c3d12` | Medium |
+| Missing DNSSEC on Domain | `d4729b61-032d-4e63-985e-81b12cf8b721` | Medium |
+
+---
+
+### Integration Lifecycle
+
+| Finding type | FindingTypeID | Severity |
+| --------------------------------------- | -------------------------------------- | -------- |
+| Outdated API Integration (>180 days) | `5a9c4731-50cc-420d-8ff1-1af7ec0e7d87` | Medium |
+| Deprecated Partner SDK in Use | `8e1cd594-b6a2-4ab0-84f8-fb0d9b27d625` | Medium |
+| Unverified Third-Party Plugin Detected | `2bff8c43-2469-4fd2-85a3-cb8f1da2f1a1` | High |
+
+---
+
+### Root Access & Admin Management
+
+| Finding type | FindingTypeID | Severity |
+| ------------------------------------ | -------------------------------------- | -------- |
+| Root Access Token Used in Last 90 Days | `9d23c002-aece-42b5-b082-2b51fab8d7c1` | Critical |
+| Root Access Without MFA | `19abe0ee-e8bd-4e3b-9ee9-ea5c64fe769c` | Critical |
+| Admin Token Without Scope Restriction | `b3e89c2e-b5e1-45e1-871d-6af0a1c90123` | High |
+| Privileged Access Not Audited | `7a86e5fa-7e8b-4f47-b927-0e38eac3c2fd` | Medium |
+
+---
+
+### 📘 Learn more
+For setup guides, visit [https://2brother.online/docs](https://2brother.online/docs).
+For automation workflow examples, see the [2Brother Automator Demo Project](https://github.com/2brothertravel/demo).
+
+---
diff --git a/src/content/docs/cloudflare-one/applications/casb/casb-integrations/aws-s3.mdx b/src/content/docs/cloudflare-one/applications/casb/casb-integrations/aws-s3.mdx
deleted file mode 100644
index 169fb868b747ea..00000000000000
--- a/src/content/docs/cloudflare-one/applications/casb/casb-integrations/aws-s3.mdx
+++ /dev/null
@@ -1,155 +0,0 @@
----
-pcx_content_type: reference
-title: Amazon Web Services (AWS) S3
-rss: file
----
-
-import { Render } from "~/components";
-
-
-
-## Integration prerequisites
-
-- An AWS account using AWS S3 (Simple Storage Service)
-- For initial setup, access to the AWS account with permission to create a new IAM Role with the scopes listed below.
-
-## Integration permissions
-
-For the AWS S3 integration to function, Cloudflare CASB requires the following access scopes via an IAM Role with cross-account access:
-
-- `s3:PutBucketNotification`
-- `s3:GetObject`
-- `s3:ListBucket`
-
-These permissions follow the principle of least privilege to ensure that only the minimum required access is granted. To learn more about each permission scope, refer to the [AWS S3 Permissions documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-policy-actions.html).
-
-## Compute account
-
-You can connect an AWS compute account to your CASB integration to perform [Data Loss Prevention](/cloudflare-one/policies/data-loss-prevention/) scans within your S3 bucket and avoid data egress. CASB will scan any objects that exist in the bucket at the time of configuration.
-
-### Add a compute account
-
-
-
-You can only connect one computer account to an integration. To remove a compute account, select **Manage compute accounts**.
-
-### Configure compute account scanning
-
-Once your AWS compute account has successfully connected to your CASB integration, you can configure where and how to scan for sensitive data:
-
-1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Integrations**.
-2. Find and select your AWS integration.
-3. Select **Create new configuration**.
-4. In **Resources**, choose the buckets you want to scan. Select **Continue**.
-5. Choose the file types, sampling percentage, and [DLP profiles](/cloudflare-one/policies/data-loss-prevention/dlp-profiles/) to scan for.
-6. (Optional) Configure additional settings, such as the limit of API calls over time for CASB to adhere to.
-7. Select **Continue**.
-8. Review the details of the scan, then select **Start scan**.
-
-CASB will take up to an hour to begin scanning. To view the scan results, go to **CASB** > **Content** > **Cloud**.
-
-To manage your resources, go to **CASB** > **Integrations**, then find and select your AWS integration. From here, you can pause all or individual scans, add or remove resources, and change scan settings.
-
-For more information, refer to [Content findings](/cloudflare-one/applications/casb/manage-findings/#content-findings).
-
-## Security findings
-
-
-
-### S3 Bucket security
-
-Flag security issues in S3 Buckets, including overpermissioning, access policies, and user security best practices.
-
-| Finding type | FindingTypeID | Severity |
-| -------------------------------------------------------- | -------------------------------------- | -------- |
-| S3 Bucket ACL Allows Any Authenticated User to Write | `09bc7d1f-e682-43bc-a4ce-e6e03b408244` | Critical |
-| S3 Bucket ACL Allows Any Authenticated User to Write ACP | `9392a460-c566-4e0d-b06b-01d87dc84d7c` | Critical |
-| S3 Bucket ACL Allows Public ACP Write | `5b792c7f-2546-4fcd-96dc-a58a53fea7e0` | Critical |
-| S3 Bucket ACL Allows Public Write | `f50ae197-fa0a-4caa-be95-79aed91eed63` | Critical |
-| S3 Bucket Policy Allows Any Authenticated User to Write | `70fe0596-28bc-41dd-a2c3-1486fb0fb1dd` | Critical |
-| S3 Bucket Policy Allows Public Write | `5e2aac4b-d8be-43dc-b324-84fdf63f760e` | Critical |
-| S3 Bucket Publicly Accessible | `6b1276e3-88e8-4150-a4d5-1b8273f11078` | Critical |
-| S3 Bucket ACL Allows Any Authenticated User to Read | `fda31c4d-24dc-43d4-8a84-a1a9e1df01a1` | High |
-| S3 Bucket ACL Allows Any Authenticated User to Read ACP | `7232e46b-3539-4080-b905-022f1091556c` | High |
-| S3 Bucket ACL Allows Public ACP Read | `e324242c-5feb-41a3-8d91-f70611471fad` | High |
-| S3 Bucket ACL Allows Public Read | `f8c9f979-29f0-4ada-b09e-a149937a55d4` | High |
-| S3 Bucket Policy Allows Any Authenticated User to Read | `c6b3a745-b535-45ea-b2c0-ba8a139ca634` | High |
-| S3 Bucket Policy Allows Public Read | `f3915412-eef9-47d9-8448-e04462de8ba2` | High |
-| S3 Bucket Without MFA Delete Enabled | `f108bd28-9870-453f-a439-01818e85bdc7` | High |
-| S3 Bucket Without Server-Side Encryption (SSE) | `7817b383-79c3-44ca-8d5d-e01748afe75b` | High |
-| S3 Bucket Encryption in Transit Disabled | `0b3227dd-63d3-46bc-97b3-e62d9c11567a` | Medium |
-| S3 Bucket MFA Delete Disabled | `518697ff-3f7e-463e-acf3-79d106599f0e` | Medium |
-| S3 Bucket ACL Allows Public List | `e3c8a170-7817-4151-bd01-55442f4416ea` | Medium |
-| S3 Bucket Objects Can Be Public | `0ff170dc-be6b-46fa-a1cf-95ca7d067f4b` | Medium |
-| S3 Bucket Policy Allows Any Authenticated AWS User | `264be783-7fe1-4f50-aee7-d8df370b7b77` | Medium |
-| S3 Bucket Policy Allows Any Authenticated User to Delete | `4431eaeb-63e3-43c1-a4bc-029f09da66fd` | Medium |
-| S3 Bucket Policy Allows Any Authenticated User to List | `319c9715-b86d-4215-bdfa-c5d9b3a5cc83` | Medium |
-| S3 Bucket Policy Allows Public Delete | `bbbeacbc-6692-4121-a785-d634da1e5c56` | Medium |
-| S3 Bucket Policy Allows Public List | `f7ae03e3-1303-4404-b6f5-a7f97e52105e` | Medium |
-| S3 Bucket Server Side Encryption Disabled | `d69ab398-fba8-4e71-bf49-60af48d00cbc` | Medium |
-| S3 Bucket Without Access Logging | `67d0995d-7b4a-40c5-a43f-7a98d20faac6` | Medium |
-| S3 Bucket Without AWS CloudTrail Logging | `89366ebe-ca0b-45fc-a9cb-135674e0a49b` | Medium |
-| S3 Bucket Without Cross-Region Replication | `d4e5c815-33e3-4a01-b852-fe040d51ee55` | Medium |
-| S3 Bucket Without Default Encryption | `fb7a41af-294c-4e9b-a6ca-a1fed35542d6` | Medium |
-| S3 Bucket Without Lifecycle Policies | `2df6f1b8-e41c-4ab5-a466-992ce485a367` | Medium |
-| S3 Bucket Without Object-Level Logging | `9af2594c-3999-49c9-bd3d-2f4b091f99c0` | Medium |
-| S3 Bucket Without Replication Enabled | `cb61ef18-a498-456c-985c-78a45e19f4fe` | Medium |
-| S3 Bucket Without Versioning Enabled | `95e1284f-a514-4396-bf64-cd003818790c` | Medium |
-| S3 Bucket Access Logging Disabled | `84ba76fa-4703-490e-ab75-1b554993c054` | Low |
-| S3 Bucket Lifecycle Disabled | `970d2ca8-e189-42a8-8e86-9f674fcb1aea` | Low |
-| S3 Bucket Policy Not Existent | `3e1d0535-d82f-4ed1-9664-d2c50905db17` | Low |
-| S3 Bucket Versioning Disabled | `4e976e0d-b545-4c4a-99c5-a2f5d9a6f3d8` | Low |
-
-### IAM Policies
-
-Identify AWS IAM-related security issues that could affect S3 Bucket and Object security.
-
-| Finding type | FindingTypeID | Severity |
-| --------------------------------------------------------------- | -------------------------------------- | -------- |
-| IAM Account Password Policy Does Not Exist | `e39ee4da-eed5-49d0-95f7-b423884b858c` | Critical |
-| IAM Account Password Policy Doesn't Require Lowercase Letters | `9278444b-0c38-4ed0-8127-f3f25444811c` | High |
-| IAM Account Password Policy Doesn't Require Passwords to Expire | `5be79a96-4570-45cf-8ba3-1abe62802d16` | High |
-| IAM Account Password Policy Doesn't Require Symbols | `dd17afa3-4d4c-49e4-84c3-e829af9fff97` | High |
-| IAM Account Password Policy Doesn't Require Uppercase Letters | `e4976e53-bab5-4276-a1d3-1d85ebfd4d57` | High |
-| IAM Account Password Policy Max Age is greater than 90 days | `4e1092a0-7092-405f-a991-537d8c371440` | High |
-| IAM Account Password Policy Minimum Length is less than 8 | `2a2fa181-7beb-48ba-bc8d-8f1170c6062c` | High |
-| IAM Account Password Policy Re-use Prevention is less than 5 | `a4791a20-373f-44d3-9f6e-e61f1685fe05` | High |
-| IAM Role with Cross-Account Access | `8de72710-b23a-4d94-915e-26ef7249d21e` | High |
-| IAM Access Key Inactive over 90 Days | `37d1adb1-8e37-4708-a849-e06945c60802` | Medium |
-| IAM Access Key Not Rotated over 90 Days | `d2caf571-4c99-4da7-a21c-4384f8cb4e5c` | Medium |
-| IAM User Console Login Inactive Over 90 Days | `82b50a4d-8582-4766-9bad-f41b441bf336` | Medium |
-| IAM User MFA Disabled | `4679563f-5975-4c68-9dbf-896810ec8de9` | Medium |
-| IAM User Password Older Than 90 Days | `c5376384-e4e4-4b2c-af84-12d6740939f0` | Medium |
-| IAM Account Password Policy Doesn't Require Numbers | `15c65813-c7e6-4b22-95b3-b3942c8b8924` | Low |
-
-### Root User Management
-
-Detect security issues related to the use of an IAM Root User, which has the ability to access and configure important settings.
-
-| Finding type | FindingTypeID | Severity |
-| ------------------------------------------------- | -------------------------------------- | -------- |
-| AWS Root User Access Key Used within Last 90 Days | `9d23c002-aece-42b5-b082-2b51fab8d7c1` | Critical |
-| AWS Root User has Access Keys | `1b788d31-ed56-4008-b136-6993f38e4d1c` | Critical |
-| AWS Root User Logged in within Last 90 Days | `e9959d6e-edc9-4ea3-9113-3c30b02a811e` | Critical |
-| AWS Root User MFA Disabled | `19abe0ee-e8bd-4e3b-9ee9-ea5c64fe769c` | Critical |
-
-### Certificates
-
-Catch certificate-related issues and risks to prevent malicious compromise of internal resources.
-
-| Finding type | FindingTypeID | Severity |
-| -------------------------------------- | -------------------------------------- | -------- |
-| ACM Certificate Expired | `30ce0a22-eb3d-457d-bc59-6468f9bb4c4f` | Critical |
-| ACM Certificate Has Domain Wildcard | `d313bc0c-a2fb-41d8-b5a8-ef2704bb5570` | High |
-| ACM Certificate Expires within 30 days | `cd93f2c1-9b07-4e6c-964c-79f3a64d56ac` | Medium |