freshness updates (#19404)

content/security/_index.md

@@ -85,7 +85,7 @@ grid_resources:
 
 Docker provides security guardrails for both administrators and developers. 
 
-If you're an administrator, you can enforce sign in across Docker products for your developers, and 
+If you're an administrator, you can enforce sign-in across Docker products for your developers, and 
 scale, manage, and secure your instances of Docker Desktop with DevOps security controls like Enhanced Container Isolation and Registry Access Management. 
 
 For both administrators and developers, Docker provides security-specific products such as Docker Scout, for securing your software supply chain with proactive image vulnerability monitoring and remediation strategies. 

content/security/for-admins/configure-sign-in.md

@@ -1,7 +1,7 @@
 ---
 description: Configure registry.json to enforce users to sign into Docker Desktop
 toc_max: 2
-keywords: authentication, registry.json, configure,
+keywords: authentication, registry.json, configure, enforce sign-in
 title: Enforce sign-in for Desktop
 aliases:
 - /docker-hub/configure-sign-in/

content/security/for-admins/domain-audit.md

@@ -24,7 +24,7 @@ Although domain audit can't identify all Docker users in your environment, you c
 Before you audit your domains, review the following required prerequisites:
 
 - Your organization must be part of a Docker Business subscription. To upgrade your existing account to a Docker Business subscription, see [Upgrade your subscription](../../subscription/upgrade.md).
-- You must add and verify your domains.
+- You must [add and verify your domains](./single-sign-on/configure/_index.md#step-one-add-and-verify-your-domain).
 
 > **Important**
 >

content/security/for-admins/image-access-management.md

@@ -8,9 +8,9 @@ aliases:
 - /admin/organization/image-access/
 ---
 
-> Note
+> **Note**
 >
-> Image Access Management is available to [Docker Business](../../subscription/details.md) customers only.
+> Image Access Management is available to [Docker Business](../../subscription/details.md#docker-business) customers only.
 
 Image Access Management gives administrators control over which types of images, such as Docker Official Images, Docker Verified Publisher Images, or community images, their developers can pull from Docker Hub.
 

content/security/for-admins/registry-access-management.md

@@ -8,11 +8,11 @@ aliases:
 - /docker-hub/registry-access-management/
 ---
 
-> Note
+> **Note**
 >
 > Registry Access Management is available to [Docker Business](../../subscription/details.md) customers only. 
 
-With Registry Access Management (RAM), administrators can ensure that their developers using Docker Desktop only access allowed registries. This is done through the Registry Access Management dashboard on Docker Hub. 
+With Registry Access Management (RAM), administrators can ensure that their developers using Docker Desktop only access allowed registries. This is done through the Registry Access Management dashboard in Docker Hub or the Docker Admin Console.
 
 Registry Access Management supports both cloud and on-prem registries. Example registries administrators can allow include: 
  - Docker Hub. This is enabled by default.

content/security/for-admins/roles-and-permissions.md

@@ -74,7 +74,7 @@ The following outlines organization management permissions for member, editor, o
 | Image Access Management                                           | ❌     | ❌     | ✅                 | ✅            |
 | Registry Access Management                                        | ❌     | ❌     | ✅                 | ✅            |
 | Set up Single Sign-On (SSO) and SCIM                              | ❌     | ❌     | ✅ \*              | ✅            |
-| Require Desktop sign-in                                           | ❌     | ❌     | ✅ \*              | ✅            |
+| Require Docker Desktop sign-in                                    | ❌     | ❌     | ✅ \*              | ✅            |
 | Manage billing information (e.g. billing address)                 | ❌     | ❌     | ✅                 | ✅            |
 | Manage payment methods (e.g. credit card or invoice)              | ❌     | ❌     | ✅                 | ✅            |
 | View billing history                                              | ❌     | ❌     | ✅                 | ✅            |

content/security/for-admins/single-sign-on/_index.md

@@ -8,11 +8,11 @@ aliases:
 - /admin/organization/security-settings/sso-management/
 ---
 
-SSO allows users to authenticate using their identity providers (IdPs) to access Docker. SSO is available for a whole company, and all associated organizations, or an individual organization that has a Docker Business subscription. To upgrade your existing account to a Docker Business subscription, see [Upgrade your subscription](/subscription/upgrade/).
+Single Sign-On (SSO) allows users to authenticate using their identity providers (IdPs) to access Docker. SSO is available for a whole company, and all associated organizations, or an individual organization that has a Docker Business subscription. To upgrade your existing account to a Docker Business subscription, see [Upgrade your subscription](/subscription/upgrade/).
 
 ## How it works
 
-When you enable SSO, this redirects to your IdP's authentication page to sign in. They can't authenticate using their Docker login credentials (Docker ID and password). Docker supports Service Provider Initiated SSO flow. Your users must sign in to Docker Hub or Docker Desktop to initiate the SSO authentication process.
+When you enable SSO, your users can't authenticate using their Docker login credentials (Docker ID and password). Docker supports Service Provider Initiated SSO flow. Instead, they are redirected to your IdP's authentication page to sign in. Your users must sign in to Docker Hub or Docker Desktop to initiate the SSO authentication process.
 
 The following diagram shows how SSO operates and is managed in Docker Hub and Docker Desktop. In addition, it provides information on how to authenticate between your IdP.
 
@@ -20,13 +20,10 @@ The following diagram shows how SSO operates and is managed in Docker Hub and Do
 
 ## How to set it up
 
-Before enabling SSO in Docker, administrators must first configure their IdP to work with Docker. Docker provides the Assertion Consumer Service (ACS) URL and the Entity ID. Administrators use this information to establish a connection between their IdP server and Docker Hub.
-
-After establishing the connection between the IdP server and Docker, administrators sign in to Docker Hub or the Docker Admin Console and complete SSO enablement.
-
-When you enable SSO for your company, a first-time user can sign in to Docker Hub using their company's domain email address. They're then added to your company, assigned to an organization, and optionally assigned to a team.
-
-Administrators can then choose to enforce SSO sign-in and manage SSO connections for their individual company.
+1. Configure SSO by adding and verify your domain for your organization, then create an SSO connection with your IdP. Docker provides the Assertion Consumer Service (ACS) URL and Entity ID needed to establish a connection between your IdP server and Docker Hub.
+2. Test your connection by attempting to sign in to Docker Hub using your domain email address.
+3. Optionally, you can enforce SSO sign-in.
+4. Complete SSO enablement. A first-time user can sign in to Docker Hub using their company's domain email address. They're then added to your company, assigned to an organization, and optionally assigned to a team.
 
 ### SSO attributes
 

layouts/shortcodes/admin-image-access.html

@@ -3,17 +3,17 @@
 
 {{ if eq (.Get "product") "admin" }}
   {{ $product_link = "the [Admin Console](https://admin.docker.com)" }}
-  {{ $iam_navigation = "Select your organization in the left navigation drop-down menu, and then select **Image Access**." }}
+  {{ $iam_navigation = "Select your organization in the left navigation drop-down menu, and then select **Image access**." }}
 {{ end }}
 
 1. Sign in to {{ $product_link }}.
 2. {{ $iam_navigation }}
 3. Enable Image Access Management to set the permissions for the following categories of images you can manage:
 
-  - **Organization Images**: Images from your organization are always allowed by default. These images can be public or private created by members within your organization.
+  - **Organization images**: Images from your organization are always allowed by default. These images can be public or private created by members within your organization.
   - **Docker Official Images**: A curated set of Docker repositories hosted on Hub. They provide OS repositories, best practices for Dockerfiles, drop-in solutions, and applies security updates on time.
   - **Docker Verified Publisher Images**: Images published by Docker partners that are part of the Verified Publisher program and are qualified to be included in the developer secure supply chain.
-  - **Community Images**: These images are disabled by default when Image Access Management is enabled because various users contribute them and they may pose security risks. This category includes Docker-Sponsored Open Source images.
+  - **Community images**: These images are disabled by default when Image Access Management is enabled because various users contribute them and they may pose security risks. This category includes Docker-Sponsored Open Source images.
 
   > **Note**
   >

layouts/shortcodes/admin-registry-access.html

@@ -6,7 +6,7 @@
 To configure Registry Access Management permissions, perform the following steps:
 
 1. Sign in to {{ $product_link }}.
-2. Select **Organizations**, your organization, **Settings**, and then select **Registry Access**.
+2. Select **Organizations**, your organization, **Settings**, and then select **Registry access**.
 3. Enable Registry Access Management to set the permissions for your registry.
 
    > **Note**
@@ -14,7 +14,7 @@ To configure Registry Access Management permissions, perform the following steps
    > When enabled, the Docker Hub registry is set by default, however you can also restrict this registry for your developers.
 
 4. Select **Add** and enter your registry details in the applicable fields, and then select **Create** to add the registry to your list.
-5. Verify that the registry appears in your list and select **Save & Apply**.
+5. Verify that the registry appears in your list and select **Save**.
 
    > **Note**
    >