diff --git a/docs/getting-started/configure-integration-policy.asciidoc b/docs/getting-started/configure-integration-policy.asciidoc
index f2ebba2b36..4db8d90fbb 100644
--- a/docs/getting-started/configure-integration-policy.asciidoc
+++ b/docs/getting-started/configure-integration-policy.asciidoc
@@ -156,9 +156,9 @@ Malicious behavior protection levels are:
 * **Prevent** (Default): Detects malicious behavior on the host, forces the process to stop,
 and generates an alert.
 
-Select whether you want to use **Reputation service** for additional malware analysis. This is a cloud service that can identify malicious activity and false positives, and enrich alerts using data from various sources, such as VirusTotal and telemetry. For example, reputation service can detect suspicious downloads of binaries with low or malicious reputation.
+Select whether you want to use **Reputation service** for additional malware analysis. This service identifies malicious activity and false positives, and enriches alerts using data from various sources, such as VirusTotal and telemetry. For example, reputation service can detect suspicious downloads of binaries with low or malicious reputation.
 
-NOTE: Reputation service requires an active https://www.elastic.co/pricing[Platinum or Enterprise subscription].
+NOTE: Reputation service is available to Elastic Cloud users only and requires an active https://www.elastic.co/pricing[Platinum or Enterprise subscription].
 
 Select **Notify user** to send a push notification in the host operating system when activity is detected or prevented. Notifications are enabled by default for the *Prevent* option.