diff --git a/content/manuals/desktop/troubleshoot-and-support/troubleshoot/topics.md b/content/manuals/desktop/troubleshoot-and-support/troubleshoot/topics.md
index a234191093c9..356db9f4ed0b 100644
--- a/content/manuals/desktop/troubleshoot-and-support/troubleshoot/topics.md
+++ b/content/manuals/desktop/troubleshoot-and-support/troubleshoot/topics.md
@@ -156,6 +156,23 @@ Ensure your username is short enough to keep paths within the allowed limit:
 
 ## Topics for Mac
 
+### Upgrade requires administrator privileges
+
+#### Cause 
+
+On macOS, users without administrator privileges cannot perform in-app upgrades from the Docker Desktop Dashboard.
+
+#### Solution
+
+> [!IMPORTANT]
+>
+> Do not uninstall the current version before upgrading. Doing so deletes all local Docker containers, images, and volumes.
+
+To upgrade Docker Desktop:
+
+- Ask an administrator to install the newer version over the existing one.
+- Use the []`--user` install flag](/manuals/desktop/setup/install/mac-install.md#security-and-access) if appropriate for your setup.
+
 ### Persistent notification telling me an application has changed my Desktop configurations
 
 #### Cause 
diff --git a/content/manuals/security/faqs/general.md b/content/manuals/security/faqs/general.md
index 341c76c2a714..f358e9962432 100644
--- a/content/manuals/security/faqs/general.md
+++ b/content/manuals/security/faqs/general.md
@@ -70,7 +70,12 @@ This is applicable only when using Docker Hub's application-level password versu
 
 ### How do we de-provision users who are not part of our IdP? We use SSO but not SCIM
 
-If SCIM isn't enabled, you have to manually remove users from the organization in our system. Using SCIM automates this.
+If SCIM isn't enabled, you have to manually remove users from the organization.
+SCIM can automate this if your users are added after SCIM is enabled. Any users
+added to your organization before SCIM is enabled must be removed manually.
+
+For more information on manually removing users, see
+[Manage organization members](/manuals/admin/organization/members.md).
 
 ### What metadata is collected from container images that Scout analyzes?
 
diff --git a/content/manuals/security/for-admins/hardened-desktop/settings-management/compliance-reporting.md b/content/manuals/security/for-admins/hardened-desktop/settings-management/compliance-reporting.md
index f7304b448455..603587407e78 100644
--- a/content/manuals/security/for-admins/hardened-desktop/settings-management/compliance-reporting.md
+++ b/content/manuals/security/for-admins/hardened-desktop/settings-management/compliance-reporting.md
@@ -83,7 +83,6 @@ highest-priority applicable status according to the following rules.
 | No policy assigned | The user does not have any policy assigned to them. |
 | Non-compliant | The user fetched the correct policy, but hasn't applied it. |
 | Outdated | The user fetched a previous version of the policy. |
-| Unknown | The user hasn't fetched any policy yet, or their compliance can't be determined. |
 | Compliant | The user fetched and applied the latest assigned policy. |
 
 **Domain status**
@@ -95,7 +94,6 @@ This reflects how the user’s email domain is evaluated based on the organizati
 | Verified | The user’s email domain is verified. |
 | Guest user | The user's email domain is not verified. |
 | Domainless | Your organization has no verified domains, and the user's domain is unknown. |
-| Unknown user | Your organization has verified domains, but the user's domain is unknown. |
 
 **Settings status**
 
diff --git a/content/manuals/security/for-admins/provisioning/scim.md b/content/manuals/security/for-admins/provisioning/scim.md
index a76de476b39a..5914174c02e9 100644
--- a/content/manuals/security/for-admins/provisioning/scim.md
+++ b/content/manuals/security/for-admins/provisioning/scim.md
@@ -11,31 +11,46 @@ weight: 30
 
 {{< summary-bar feature_name="SSO" >}}
 
-System for Cross-domain Identity Management (SCIM) is available for Docker Business customers. This guide provides an overview of SCIM provisioning.
+System for Cross-domain Identity Management (SCIM) is available for Docker
+Business customers. This guide provides an overview of SCIM provisioning.
 
 ## How SCIM works
 
-SCIM offers automated user provisioning and de-provisioning for Docker through your identity provider (IdP). Once SCIM is enabled, users assigned to the Docker application in your IdP are automatically provisioned and added to your Docker organization. If a user is unassigned, they are removed from Docker.
+SCIM automates user provisioning and de-provisioning for Docker through your
+identity provider (IdP). After you enable SCIM, any user assigned to your
+Docker application in your IdP is automatically provisioned and added to your
+Docker organization. When a user is removed from the Docker application in your
+IdP, SCIM deactivates and removes them from your Docker organization.
 
-SCIM also syncs user profile updates, such as name changes, made in your IdP. SCIM can be used with Docker’s default Just-in-Time (JIT) provisioning configuration, or on its own with JIT disabled.
+In addition to provisioning and removal, SCIM also syncs profile updates like
+name changes—made in your IdP. You can use SCIM alongside Docker’s default
+Just-in-Time (JIT) provisioning or on its own with JIT disabled.
+
+SCIM automates:
 
-SCIM supports the automation of:
 - Creating users
 - Updating user profiles
 - Removing and deactivating users
 - Re-activating users
 - Group mapping
 
-## Supported attributes
-
-> [!IMPORTANT]
+> [!NOTE]
+>
+> SCIM only manages users provisioned through your IdP after SCIM is enabled.
+It cannot remove users who were manually added to your Docker organization
+before SCIM was set up.
 >
-> Docker uses JIT provisioning by default for SSO configurations. If you enable SCIM, JIT values still overwrite the attribute
-values set by SCIM provisioning. To avoid conflicts, your JIT attribute values must match your SCIM attribute values. To avoid conflicts between SCIM and JIT, you can also disable JIT provisioning. See [Just-in-Time](/manuals/security/for-admins/provisioning/just-in-time.md) for more information.
+> To remove those users, delete them manually from your Docker organization.
+For more information, see [Manage organization members](/manuals/admin/organization/members.md).
 
-Attributes are pieces of user information, such as name and email, that are synchronized between your IdP and Docker when using SCIM. Proper mapping of these attributes is essential for seamless user provisioning and to prevent duplicate entries when using SSO.
+## Supported attributes
+
+SCIM uses attributes (e.g., name, email) to sync user information between your
+IdP and Docker. Properly mapping these attributes in your IdP ensures that user
+provisioning works smoothly and prevents issues like duplicate user accounts
+when using single sign-on (SSO).
 
-The following table lists the supported attributes for SCIM:
+Docker supports the following SCIM attributes:
 
 | Attribute    | Description |
 |:---------------------------------------------------------------|:-------------------------------------------------------------------------------------------|
@@ -46,6 +61,16 @@ The following table lists the supported attributes for SCIM:
 
 For additional details about supported attributes and SCIM, see [Docker Hub API SCIM reference](/reference/api/hub/latest/#tag/scim).
 
+> [!IMPORTANT]
+>
+> By default, Docker uses Just-in-Time (JIT) provisioning for SSO. If SCIM is
+enabled, JIT values still take precedence and will overwrite attribute values
+set by SCIM. To avoid conflicts, make sure your JIT attribute values match your
+SCIM values.
+>
+> Alternatively, you can disable JIT provisioning to rely solely on SCIM.
+For details, see [Just-in-Time](/manuals/security/for-admins/provisioning/just-in-time.md).
+
 ## Enable SCIM in Docker
 
 You must [configure SSO](../single-sign-on/configure/_index.md) before you enable SCIM. Enforcing SSO isn't required to use SCIM.
diff --git a/hugo_stats.json b/hugo_stats.json
index b1aeaa2a9792..357cc9d7dc6d 100644
--- a/hugo_stats.json
+++ b/hugo_stats.json
@@ -80,6 +80,7 @@
       "Mac-with-Apple-silicon",
       "Mac-with-Intel-chip",
       "Manually-create-assets",
+      "Manually-set-it-up",
       "NetworkManager",
       "Node",
       "Non-compliant",
@@ -113,8 +114,10 @@
       "Use-OpenAI",
       "Using-the-CLI",
       "Using-the-GUI",
+      "Using-the-MCP-Toolkit-Recommended",
       "VS-Code",
       "Vue",
+      "WSL-2-backend-Arm-Early-Access",
       "WSL-2-backend-x86_64",
       "Web-browser",
       "What-are-the-key-features-of-Docker-Desktop",