crowdsecurity · ziracmo · Nov 25, 2024 · Nov 19, 2024 · Nov 22, 2024
diff --git a/crowdsec-docs/sidebarsUnversioned.js b/crowdsec-docs/sidebarsUnversioned.js
@@ -178,11 +178,6 @@ module.exports = {
             type: "category",
             label: "CTI",
             items: [
-                {
-                    type: "doc",
-                    label: "Introduction",
-                    id: "console/cti/intro",
-                },
                 {
                     type: "doc",
                     label: "Getting started",
@@ -198,6 +193,11 @@ module.exports = {
                     label: "Advanced search",
                     id: "console/cti/advanced_search",
                 },
+                {
+                    type: "doc",
+                    label: "FAQ",
+                    id: "console/cti/faq",
+                },
             ],
         },
         {

diff --git a/crowdsec-docs/static/img/console/cti/home.jpeg b/crowdsec-docs/static/img/console/cti/home.jpeg
diff --git a/crowdsec-docs/static/img/console/cti/home.png b/crowdsec-docs/static/img/console/cti/home.png
diff --git a/crowdsec-docs/static/img/console/cti/report/page.jpeg b/crowdsec-docs/static/img/console/cti/report/page.jpeg
diff --git a/crowdsec-docs/static/img/console/cti/report/page.png b/crowdsec-docs/static/img/console/cti/report/page.png
diff --git a/...sec-docs/unversioned/console/cti/intro.md → crowdsec-docs/unversioned/console/cti/faq.md b/...sec-docs/unversioned/console/cti/intro.md → crowdsec-docs/unversioned/console/cti/faq.md
@@ -1,13 +1,13 @@
 ---
-title: Introduction
-description: Introduction to CrowdSec's Cyber Threat Intelligence (CTI) platform.
+title: FAQ
+description: CrowdSec's Cyber Threat Intelligence (CTI) FAQ.
 ---
 
 **CrowdSec’s Cyber Threat Intelligence (CTI)** is a cutting-edge platform that enhances your cybersecurity defenses through community-driven insights and advanced threat intelligence. This introduction provides an overview of CTI’s purpose, benefits, competitive advantages and including a search page with filters and IP detail pages.
 
 Investigate your first IP [there](https://app.crowdsec.net/cti).
 
-![Alerts](/img/console/cti/home.jpeg)
+![Alerts](/img/console/cti/home.png)
 
 # What Is Cyber Threat Intelligence (CTI)?
 
@@ -44,19 +44,6 @@ With CTI’s advanced search and filtering capabilities, finding relevant inform
 
 CTI integrates seamlessly into your existing CrowdSec setup, making it an invaluable part of your defense strategy without requiring additional complexity. Use the [Free CrowdSec CTI API](https://app.crowdsec.net/settings/cti-api-keys) to access threat data programmatically and enhance your security operations.
 
-# What to Expect Next
-
-In this documentation, you’ll discover:
-
-### IP Details Pages
-
-Dive deep into individual IP profiles to uncover:
-
--   Risk assessment scores
--   Threat patterns
--   Timeline of malicious activity
--   Geographical distribution of attacks
-
 ### Faceted Research for Analysts
 
 Understand how CTI enables analysts to uncover trends, identify repeat offenders, and map out potential attack vectors using advanced research tools. [(You can check this example)](<https://app.crowdsec.net/cti?q=classifications.classifications.name:%22crowdsec:ai_vpn_proxy%22+AND+(reputation:malicious+OR+reputation:suspicious)&page=1>)
diff --git a/crowdsec-docs/unversioned/console/cti/getting_started.md b/crowdsec-docs/unversioned/console/cti/getting_started.md
@@ -5,7 +5,7 @@ description: Get started with CrowdSec's Cyber Threat Intelligence (CTI) platfor
 
 Welcome to CrowdSec’s Cyber Threat Intelligence (CTI)! This guide will help you navigate the home page and make the most of its features, from searching for IP details to exploring real-time threat insights. Let’s get started!
 
-> You can access the CTI home page [here](https://app.crowdsec.net/cti).
+> You can access the [CTI Home page](https://app.crowdsec.net/cti) or directly call our [API](https://docs.crowdsec.net/u/cti_api/getting_started).
 
 ## What Can You Find on the Home Page?
 

diff --git a/crowdsec-docs/unversioned/console/cti/ip_report.mdx b/crowdsec-docs/unversioned/console/cti/ip_report.mdx
@@ -7,7 +7,7 @@ description: Learn how to investigate an IP address in CrowdSec's Cyber Threat I
 
 CrowdSec’s Cyber Threat Intelligence (CTI) platform provides detailed insights into IP addresses, enabling you to assess their risk levels, threat types, and historical activities.
 
-![CTI Report](/img/console/cti/report/page.jpeg)
+![CTI Report](/img/console/cti/report/page.png)
 
 ### IP Title and Status
 
@@ -85,10 +85,12 @@ A summary of the IP’s recent activity, showing its aggressiveness over time:
 
 ### Blocklists
 
-Indicates the **blocklists** where the IP is currently listed. These are provided by CrowdSec to users for preemptive blocking. Users can:
+Indicates the **blocklists** where the IP is currently listed. These are provided by CrowdSec to community for preemptive blocking.
 
 ![CTI Report blocklists](/img/console/cti/report/blocklists.png)
 
+It allows to:
+
 -   View whether the IP is on free or premium blocklists.
 -   Click through to explore the relevant blocklists.
 
@@ -121,7 +123,7 @@ Breaks down specific types of attacks linked to the IP, such as:
 
 ### Feedbacks
 
-CrowdSec invites users to participate in improving threat intelligence by:
+CrowdSec invites community to participate in improving threat intelligence by:
 
 ![CTI Report share opinion](/img/console/cti/report/share_opinion.png)
 
@@ -137,7 +139,7 @@ This section provides a detailed **Security Engine Report** for the IP, showing
 
 ![CTI Report security engines report](/img/console/cti/report/security_engines_report.png)
 
--   Allows users to add **comments** to the report, share insights, or annotate findings.
+-   Allows organization's users to add **comments** to the report, share insights, or annotate findings.
 -   Shared comments are visible across all members of the user’s organization, fostering collaboration.
 
 ### Conclusion