EASE docs updates

solutions/security/ai/ease/ease-intro.md

@@ -6,7 +6,9 @@ applies_to:
 ---
 # Elastic AI SOC Engine with {{sec-serverless}}
 
-Elastic AI Security Operations Center (SOC) Engine (EASE) is an {{sec-serverless}} project type that provides AI-powered tools and case management to augment third-party SIEM and EDR/XDR platforms. This page describes how to create an {{sec-serverless}} EASE project, how to ingest your data, and how to use its key features.
+Elastic AI SOC Engine (EASE) is an {{sec-serverless}} project type that provides cutting-edge AI-powered tools to augment your existing SIEM and EDR/XDR platforms. Because serverless deployments are quick to deploy and easy to configure, and because all the integrations that you can use to ingest data to EASE support fast and easy [agentless](/solutions/security/get-started/agentless-integrations.md) deployment, you can start getting value from EASE in minutes.
+
+This page describes how to create an EASE project, how to ingest your data, and how to use its key features.
 
 ## Create an EASE project
 
@@ -21,21 +23,29 @@ To create an EASE project:
 2. Click **Create serverless project**, and wait for your project to be provisioned. When it's ready, open it.
 
 
-## Ingest your SOC data
+## Ingest your SIEM and EDR/XDR data
 
-To ingest your SOC data: 
+To ingest third-party security data: 
 
 1. Go to the **Configurations** page using the navigation menu or the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md).
 
     :::{image} /solutions/images/security-ease-integrations.png
     :alt: The integrations page of an EASE project
+    :width: 600px
     :::
 
-2. From the **Integrations** tab, select any [integration](integration-docs://reference/index.md) you want to ingest data from to view deployment instructions and more information.
+2. From the **Integrations** tab, select a SIEM and EDR/XDR platform from which you want to ingest data to view setup instructions and more information. You can ingest data from:
+
+    * CrowdStrike
+    * Elastic Security
+    * Google SecOps
+    * Microsoft Sentinel
+    * SentinelOne
+    * Splunk
 
 ## Select a model
 
-EASE uses LLM connectors to enable its AI features such as Attack Discovery and AI Assistant. The Elastic Managed LLM is enabled by default. You can also [create custom connectors](/solutions/security/ai/set-up-connectors-for-large-language-models-llm.md). Keep in mind that different models [perform differently](/solutions/security/ai/large-language-model-performance-matrix.md) on different tasks. 
+EASE uses LLM connectors to enable its AI features such as Attack Discovery and AI Assistant. The Elastic Managed LLM is enabled by default. You can also [configure your own third-party LLM connector](/solutions/security/ai/set-up-connectors-for-large-language-models-llm.md). Keep in mind that different models [perform differently](/solutions/security/ai/large-language-model-performance-matrix.md) on different tasks. 
 
 
 ## Features
@@ -46,9 +56,19 @@ EASE provides a set of capabilities designed to help make the most of each secur
 
      :::{image} /solutions/images/security-attck-disc-example-disc.png
      :alt: Attack Discovery detail view
+     :width: 600px
      :::
 
-- **[AI Assistant](/solutions/security/ai/ai-assistant.md)**: An LLM-powered virtual assistant specialized for digital security; it helps with data analysis, alert investigation, incident response, and {{esql}} query generation. You can add custom background knowledge and data to its [knowledge base](/solutions/security/ai/ai-assistant-knowledge-base.md) and use natural language to ask for its assistance with your SOC operations.
+     You can [schedule](/solutions/security/ai/attack-discovery.md#schedule-discoveries) Attack Discovery to run automatically, and notify you of any discoveries via a range of connectors such as Slack, Teams, PagerDuty, or email.
+
+- **[AI Assistant](/solutions/security/ai/ai-assistant.md)**: An LLM-powered virtual assistant specialized for digital security; it helps with data analysis, alert investigation, incident response, and {{esql}} query generation. You can add custom background knowledge and data to its [knowledge base](/solutions/security/ai/ai-assistant-knowledge-base.md) and use natural language to ask for its assistance with your SOC operations. 
+
+    :::{image} /solutions/images/security-ease-ai-assistant.png
+    :alt: A new conversation with AI Assistant
+    :width: 450px
+    :::
+
+    You can add custom information to AI Assistant's [Knowledge Base](/solutions/security/ai/ai-assistant-knowledge-base.md), either in the form of individual documents or entire indices containing numerous documents. This information informs the AI Assistant's responses and can include everything from threat intelligence, to information about your team's on-call rotation, to information about your infrastructure, and more. 
 
 - **[Cases](/solutions/security/investigate/cases.md)**: Helps you track and share related information about security issues. Track key investigation details and collect alerts in a central location.
 

solutions/security/get-started/agentless-integrations.md

@@ -37,18 +37,20 @@ Agentless deployment for the following integrations is in beta and is subject to
 1. AbuseCH
 2. Cloud Asset Discovery
 3. CrowdStrike  
-4. Google SecOps 
-5. Google Security Command Center
-6. Google Workspace
-7. Microsoft 365 Defender
-8. Microsoft Defender for Endpoint
-9. Microsoft Sentinel
-10. Okta
-11. Qualys VMDR
-12. SentinelOne
-13. Tenable IO
-14. Wiz
-15. Zscaler ZIA
+4. Elastic Security
+5. Google SecOps 
+6. Google Security Command Center
+7. Google Workspace
+8. Microsoft 365 Defender
+9. Microsoft Defender for Endpoint
+10. Microsoft Sentinel
+11. Okta
+12. Qualys VMDR
+13. SentinelOne
+14. Splunk
+15. Tenable IO
+16. Wiz
+17. Zscaler ZIA
 
 
 To learn more about these integrations and find setup guides, refer to [Elastic integrations](https://docs.elastic.co/en/integrations/).