aws-ia · kkvinjam · Aug 9, 2023 · Jun 14, 2023 · Jun 15, 2023 · Jun 15, 2023
diff --git a/guide/content/_index.md b/guide/content/_index.md
@@ -1,13 +1,13 @@
 ---
 weight: 1
 title: CrowdStrike Falcon Horizon
-description: CrowdStrike Falcon Horizon monitors your AWS cloud services to detect critical security issues, common configuration errors, and patterns of suspicious behavior. 
+description: CrowdStrike Falcon Horizon monitors your AWS Cloud services to detect critical security issues, common configuration errors, and patterns of suspicious behavior.
 ---
 
 # CrowdStrike Falcon Horizon
 
-The purpose of this document is to walk you through the process of onboarding your AWS Organization with CrowdStrike Falcon Horizon. This document is intended for Customers who are using the CrowdStrike Falcon Horizon AWS Built In program(ABI) and in process of building an ABI project.
+This guide is for customers who are building a CrowdStrike Falcon Horizon integration project using the AWS Built-In (ABI) program. It walks you through the process of onboarding your AWS organization with CrowdStrike Falcon Horizon.
 
-The AWS Built-in program is a differentiation program that validates Partner solutions which have automated their solution integrations with relevant AWS foundational services like identity, management, security and operations.  This program helps customers find and deploy a validated Partner solution that addresses specific customer use cases while providing deep visibility and control of AWS native service integration.
+ABI is a differentiation program that validates AWS Partner solutions that have automated their integrations with relevant AWS foundational services such as identity, management, security, and operations. It helps customers find and deploy a validated partner solution that addresses specific customer use cases while providing deep visibility and control of AWS native service integration.
 
 Choose [Overview](/overview/index.html) to get started.
diff --git a/guide/content/additional-resources.md b/guide/content/additional-resources.md
@@ -1,20 +1,20 @@
 ---
 weight: 11
-title: Additional Resources
-description: Additional Resources
+title: Additional resources
+description: Additional resources.
 ---
 
 ## Partner documentation
 
-* In CrowdStrike Falcon Console, navigate to Documentation/Falcon Horizon Overview
+* In the CrowdStrike Falcon console, navigate to **Documentation > Falcon Horizon Overview**.
 
-## AWS Services
+## AWS services
 
-* [CloudFormation StackSets](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html)
-* [Lambda](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html)
-* [IAM Roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)
-* [EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is.html)
-* [Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)
+* [Working with AWS CloudFormation StackSets](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html)
+* [What is AWS Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html)
+* [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)
+* [What is Amazon EventBridge?](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is.html)
+* [What is AWS Secrets Manager?](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)
 
 ## Frequently asked questions (FAQs)
 

diff --git a/guide/content/architecture.md b/guide/content/architecture.md
@@ -6,34 +6,27 @@ description: Solution architecture.
 
 Deploying this ABI package with default parameters builds the following architecture.
 
-![Architecture diagram](/images/architecture.png)
+![Architecture diagram](/images/abi-crowdstrike-architecture-diagram.png)
 
-As shown in the diagram, the Quick Start sets up the following:
+As shown in the diagram, the solution sets up the following:
 
-* In all current and AWS accounts in your AWS organization:    
-    * IAM Role for Horizon to perform Read-Only activities.
-    * IAM Role too allow EventBridge to PutEvents against CrowdStrike's EventBus.
-    * EventBridge Rules in each region with CrowdStrike EventBus as target.
+* In all current Horizon accounts in your AWS organization:
+    * IAM role that allows Horizon to perform read-only activities.
+    * IAM role that allows Amazon EventBridge to perform PutEvents actions against CrowdStrike's event bus.
+    * EventBridge rules in each Region with CrowdStrike event bus as the target.
 
 * In the management account:
-    * Secrets Manager Secret to store CrowdStrike API Keys.
-    * IAM Role for Horizon to perform Read-Only activities.
-    * IAM Role for EventBridge to PutEvents against CrowdStrike's EventBus.
-    * IAM Role for Lambda Execution.
-    * Lambda function to perform account registration with CrowdStrike.
-    * Custom CloudFormation Resource to trigger Lambda Function.
-    * CloudFormation StackSet to create EventBridge Rules in each region.
-    * CloudFormation StackSet to create IAM Roles in member accounts.
-    * CloudFormation StackSet to create EventBridge Rules in member accounts.
-
-* In the log archive account:
-    * IAM Role for Horizon to perform Read-Only activities.
-    * IAM Role to allow EventBridge to PutEvents against CrowdStrike's EventBus.
-    * EventBridge Rules in each region with CrowdStrike EventBus as target.
-
-* In the security tooling account:
-    * IAM Role for Horizon to perform Read-Only activities.
-    * IAM Role to allow EventBridge to PutEvents against CrowdStrike's EventBus.
-    * EventBridge Rules in each region with CrowdStrike EventBus as target.
-
-**Next:** Choose [Deployment Options](/deployment-options/index.html) to get started.
+    * AWS CloudFormation StackSets to create EventBridge rules in each Region and to create IAM roles and EventBridge rules in member accounts.
+    * IAM role that allows EventBridge to perform PutEvents actions against CrowdStrike's event bus.
+    * IAM role for running the AWS Lambda function.
+    * IAM role that allows Horizon to perform read-only activities.
+    * In the primary Region, AWS Secrets Manager secret for storing CrowdStrike API keys and a Lambda function to perform account registration with CrowdStrike.
+    * EventBridge rules in both primary and additional Regions.
+    * A custom AWS CloudFormation resource to trigger the Lambda function.
+
+* In the child AWS accounts (log archive and security tooling accounts):
+    * EventBridge rules in each Region with CrowdStrike event bus as the target.
+    * IAM role that allows Horizon to perform read-only activities.
+    * IAM role that allows EventBridge to perform PutEvents actions against CrowdStrike's event bus.
+
+**Next:** Choose [Deployment options](/deployment-options/index.html) to get started.
diff --git a/guide/content/cleanup-instructions.md b/guide/content/cleanup-instructions.md
@@ -1,8 +1,8 @@
 ---
 weight: 99
-title: Cleanup Instructions
-description: Instructions to cleanup the resources created by the ABI package
+title: Cleanup instructions
+description: Instructions to clean up the resources created by the ABI package
 ---
 ## Cleanup Instructions
 
-![Under Construction](/images/under_construction.jpeg)
+![Under construction](/images/under_construction.jpeg)
diff --git a/guide/content/costandlicenses.md b/guide/content/costandlicenses.md
@@ -4,13 +4,13 @@ title: Cost and licenses
 description: Cost of the solution and licenses required.
 ---
 
-[CrowdStrike Bundles and Pricing](https://www.crowdstrike.com/products/?ct-q2-2023-bn-products-nav)
+[CrowdStrike bundles and pricing](https://www.crowdstrike.com/products/?ct-q2-2023-bn-products-nav)
 
-<AWS Service cost>
+<AWS service cost>
 
 <Any other costs>
 
-[CrowdStrike End User License Agreement](https://s3.amazonaws.com/EULA/314ae52f-b319-4413-9052-fe03bfbd6b21-Crowdstrike-EULA.pdf)
+[CrowdStrike terms and conditions](https://s3.amazonaws.com/EULA/314ae52f-b319-4413-9052-fe03bfbd6b21-Crowdstrike-EULA.pdf)
 
 <ABI license>
 

diff --git a/guide/content/deployment-options.md b/guide/content/deployment-options.md
@@ -1,22 +1,15 @@
 ---
 weight: 6
-title: Deployment Options
-description: 
+title: Deployment options
+description: Deployment options.
 ---
 
-This ABI package provides one deployment option:
-
-* [Deploy [[Partner Name-Product Name]] for AWS Organizations](quick-link)
-
-This option builds <>.
-
-
 #### Deployment options supported by this ABI package
 
-Following are the deployment options supported by this ABI package:
+The following deployment options are supported by this ABI package:
 
-* Launch the [CloudFormation Template in the Management Account](/launch-using-cloudformation/index.html).
-* Launch using [Customizations for Control Tower (CfCT)](/launch-using-cfct/index.html).
+* Launch the [CloudFormation template in the AWS Management Console](/launch-using-cloudformation/index.html).
+* Launch using [Customizations for AWS Control Tower (CfCT)](/launch-using-cfct/index.html).
 
 
-**Next:** Choose [Pre Deployment Steps](/pre-deployment-steps/index.html) to get started.
+**Next:** Choose [Pre-deployment steps](/pre-deployment-steps/index.html) to get started.
diff --git a/guide/content/deployment-steps.md b/guide/content/deployment-steps.md
@@ -1,46 +1,44 @@
 ---
 weight: 8
 title: Deployment steps
-description: Deployment steps
+description: Deployment steps.
 ---
 
 
-## Launch the CloudFormation Template in the Management Account
+## Launch the CloudFormation Template in the AWS Management Console account
 
 
-1. Download the cloudformation template from source: https://<abi-template-location>
-2. Launch CloudFormation template in your AWS Control Tower home region.
+1. Download the Cloudformation template from the following location: https://<abi-template-location>
+2. Launch the CloudFormation template in your AWS Control Tower home Region.
     * Stack name: `template-crowdstrike-enable-integrations`
-    * List Parameters with [call out default values and update below example as needed]
+    * List parameters with [call out default values and update below example as needed]
         * **EnableIntegrationsStackName**: `template-crowdstrike-enable-integrations`
         * **EnableIntegrationsStackRegion**: `us-east-1`
         * **EnableIntegrationsStackSetAdminRoleName**: `AWSCloudFormationStackSetAdministrationRole`
         * **EnableIntegrationsStackSetExecutionRoleName**: `AWSCloudFormationStackSetExecutionRole`
         * **EnableIntegrationsStackSetExecutionRoleArn**: `arn:aws:iam::<account-id>:role/AWSCloudFormationStackSetExecutionRole`
 
-3. Choose both the **Capabilities** and select **Submit** to launch the stack.
+3. Select both of the following capabilities and choose **Submit** to launch the stack.
 
     [] I acknowledge that AWS CloudFormation might create IAM resources with custom names.
 
-    [] I acknowledge that AWS CloudFormation might require the following capability: CAPABILITY_AUTO_EXPAND    
+    [] I acknowledge that AWS CloudFormation might require the following capability: CAPABILITY_AUTO_EXPAND
 
 Wait for the CloudFormation status to change to `CREATE_COMPLETE` state.
 
 
-## Launch using Customizations for Control Tower (CfCT)
+## Launch using Customizations for Control Tower
 
 
-[Customizations for AWS Control Tower](https://aws.amazon.com/solutions/implementations/customizations-for-aws-control-tower/) combines AWS Control Tower and other highly-available, trusted AWS services to help customers more quickly set up a secure, multi-account AWS environment using AWS best practices. You can easily add customizations to your AWS Control Tower landing zone using an AWS CloudFormation template and service control policies (SCPs). You can deploy the custom template and policies to individual accounts and organizational units (OUs) within your organization. It also integrates with AWS Control Tower lifecycle events to ensure that resource deployments stay in sync with your landing zone. For example, when a new account is created using the AWS Control Tower account factory, Customizations for AWS Control Tower ensures that all resources attached to the account's OUs will be automatically deployed.
+[Customizations for AWS Control Tower](https://aws.amazon.com/solutions/implementations/customizations-for-aws-control-tower/) (CfCT) combines AWS Control Tower and other AWS services to help you set up an AWS environment. You can deploy the templates provided with the ABI packages using CfCT.
 
-The templates provided as part of the ABI packages are deployable using Customizations for Control Tower. Please check below for additional details.
+#### Prerequisites
 
-#### Pre-requisites
-
-1. The CfCT solution, do not have ability to launch resources on the Management account. Hence, you need to create the role with required permissions in the Management account.
+1. Create an IAM role with the required permissions in the AWS Management Console account to allow the CfCT solution to launch resources.
 
 #### How it works
 
-To deploy this sample partner integration page using CfCT solution, add the following blurb to the `manifest.yaml` file from your CfCT solution and update the account/ou names as needed.
+To deploy the sample partner integration page, add the following blurb to the `manifest.yaml` file from your CfCT solution and update the account and organizational unit (OU) names as needed.
 
 ```
 resources:
@@ -60,4 +58,4 @@ resources:
 ```
 
 
-**Next:** Choose [Postdeployment Options](/post-deployment-steps/index.html) to get started.
+**Next:** Choose [Postdeployment options](/post-deployment-steps/index.html) to get started.
diff --git a/guide/content/faqs.md b/guide/content/faqs.md
@@ -6,21 +6,21 @@ description: Frequently asked questions
 
 ## How frequently will CrowdStrike Horizon scan my environment for Configuration (IOM) assessment?
 
-You may configure your settings to determine how often the assessments will occur. The default rate is 2 hours after the last successfull assessment. Optional intervals: 6 hours, 12 hours and 24 hours
+You can configure your settings to determine the frequency of assessments. The default rate is two hours after the last successful assessment. Optional intervals are six, 12, and 24 hours.
 
 ## How frequently will CrowdStrike Horizon scan my environment for Behavioral (IOA) assessment?
 
-IOA findings are not generated by scheduled scans, but instead are forwarded to CrowdStrike at the time of the event via EventBridge.  This means IOA findings will appear in your Falcon Horizon console in near-real time.
+Indicator of Attack (IOA) findings are not generated by scheduled scans, but instead are forwarded to CrowdStrike at the time of the event via EventBridge. IOA findings will appear in your Falcon Horizon console in near real time.
 
 ## Can I create custom policies with CrowdStrike Falcon Horizon?
 
 You can create custom policies for misconfiguration detections in your cloud accounts in Horizon. By defining your own rules, you get more coverage with fine-tuned policies that meet your own security and compliance requirements.
 
-## Can I contribute to this repository? 
+## Can I contribute to this repository?
 
-Yes, this shared under Apache License, version 2.0 (the "License"). Please submit a GitHub issue if you see an issues or improvements. If you like to build and contribute a fix or enhancement, please submit a GitHub pull request with your changes.
+You can submit a GitHub issue if you encounter a problem or want to suggest improvements. To build and contribute a fix or enhancement, submit a GitHub pull request with your changes.
 
-All pull requests will go through auto validations and human reviews before it is merged.
+All pull requests go through automatic validations and human reviews before being merged.
 
 
 
diff --git a/guide/content/feedback.md b/guide/content/feedback.md
@@ -1,10 +1,10 @@
 ---
 weight: 13
 title: Feedback
-description: Feedback
+description: Feedback.
 ---
 
-To submit feature ideas and report bugs, use the Issues section of the [GitHub repository](https://public-github-repository-link) for this Quick Start. To submit code, refer to the [Quick Start Contributor’s Guide](https://link-to-reference-guide). To submit feedback on this deployment guide, use the following GitHub links:
+To submit feature ideas and report bugs, use the **Issues** section of the [GitHub repository](https://public-github-repository-link) for this solution. To submit code, refer to the [ABI Reference Guide](https://link-to-reference-guide). To submit feedback on this deployment guide, use the following GitHub links:
 
 * [Grammar or spelling](https-link)
 * [Broken link](https-link)

diff --git a/guide/content/images/abi-crowdstrike-architecture-diagram.png b/guide/content/images/abi-crowdstrike-architecture-diagram.png
diff --git a/guide/content/images/abi-crowdstrike-architecture-diagram.pptx b/guide/content/images/abi-crowdstrike-architecture-diagram.pptx
diff --git a/guide/content/overview.md b/guide/content/overview.md
@@ -1,20 +1,20 @@
 ---
 weight: 2
 title: Overview
-description: 
+description:
 ---
 
 
-This ABI deploys CrowdStrike Falcon Horizon Integrations for AWS Organizations on the AWS Cloud. It’s for <persona-1> and <persona-2> that want to provide Cloud Security Posture Management across multiple AWS accounts. If you are unfamiliar with AWS Built In, refer to the [AWS Built in](https://aws.amazon.com/builtin).
+This [AWS Built-In](https://aws.amazon.com/builtin) (ABI) solution deploys CrowdStrike Falcon Horizon integrations for AWS Organizations on the AWS Cloud. It’s for <persona-1> and <persona-2> who want to provide Cloud Security Posture Management (CSPM) across multiple AWS accounts.
 
-Deploying this ABI package does not guarantee an organization’s compliance with any laws, certifications, policies, or other regulations.
+Deploying this ABI solution doesn't guarantee an organization’s compliance with any laws, certifications, policies, or other regulations.
 
-Avoid breaches and make sure your cloud security configuration meets industry security recommendations with the CrowdStrike Cloud Security Posture Management platform, Falcon Horizon. Falcon Horizon monitors your AWS, Azure, and GCP cloud services to detect critical security issues, common configuration errors, and patterns of suspicious behavior. Use Horizon to triage findings and find recommended remediations to close the gaps and keep your cloud data secure.
+Avoid breaches and make sure your cloud security configuration meets industry security recommendations with the CSPM platform, Falcon Horizon. Falcon Horizon monitors your AWS, Azure, and GCP cloud services to detect critical security issues, common configuration errors, and patterns of suspicious behavior. Use Horizon to triage findings and find recommended remediations to close the gaps and keep your cloud data secure.
 
-The first step in getting started using Falcon Horizon, is to register your cloud accounts with Falcon Horizon. When registering, Falcon Horizon is granted limited read-only access to your cloud account.  When you register using this solution, all accounts in that organization are registered automatically for Falcon Horizon.
+Get started using Horizon by registering your cloud accounts. When registering, Horizon is granted limited read-only access to your cloud account. When registering your ABI solution, all accounts in that organization are registered automatically.
 
 ### AWS Marketplace listing
 
-[PCrowdStrike Falcon Cloud Security](https://aws.amazon.com/marketplace/pp/prodview-l6ti2ml2i2g6y?ref_=esp&feature_=FeaturedProducts)
+[CrowdStrike Falcon Cloud Security](https://aws.amazon.com/marketplace/pp/prodview-l6ti2ml2i2g6y?ref_=esp&feature_=FeaturedProducts)
 
 **Next:** Choose [Terminologies](/terminologies/index.html) to get started.
diff --git a/guide/content/post-deployment-steps.md b/guide/content/post-deployment-steps.md
@@ -1,15 +1,15 @@
 ---
 weight: 9
 title: PostDeployment Options
-description: Post deployment options
+description: Postdeployment options.
 ---
 
 ## Verifying the solution functionality
 
-## Verify Account Activation in CrowdStrike Falcon Console
-* Sign in to your CrowdStrike Falcon Console
-* Navigate to Cloud-Security/Registration https://falcon.crowdstrike.com/cloud-security/registration
-* Verify each AWS Account ID shows "Active" in the Configuration (IOM) and Behavior (IOA) columns.
-* This step may take several minutes, click refresh to retireve the latest account status.
+## Verify account activation in CrowdStrike Falcon console
+* Sign in to your CrowdStrike Falcon console.
+* Navigate to [Cloud-Security/Registration](https://falcon.crowdstrike.com/cloud-security/registration).
+* Verify each AWS account ID is active in the **Configuration** (IOM) and **Behavior** (IOA) columns.
+* After waiting several minutes, choose **Refresh** to retrieve the latest account status.
 
-**Next:** Choose [Test the Deployment](/test-deployment/index.html) to get started.
+**Next:** Choose [Test the deployment](/test-deployment/index.html) to get started.