elastic · benironside · Jun 28, 2022 · Jun 28, 2022
diff --git a/docs/experimental-features/experimental-features-intro.asciidoc b/docs/experimental-features/experimental-features-intro.asciidoc
@@ -1,8 +1,9 @@
 [[sec-experimental-intro]]
 = Technical preview
 
-The following features in this section are experimental and may be changed or removed completely in a future release. Elastic will make a best effort to fix any issues, but experimental features are not subject to the support of official GA features.
+The features in this section are experimental and may be changed or removed completely in future releases. Elastic will make a best effort to fix any issues, but experimental features are not supported to the same level as generally available (GA) features.
 
 
 include::host-risk-score.asciidoc[]
 include::beaconing-detection.asciidoc[]
+include::security-posture-management.asciidoc[]
diff --git a/docs/experimental-features/images/kspm-1.png b/docs/experimental-features/images/kspm-1.png
diff --git a/docs/experimental-features/images/kspm-2.png b/docs/experimental-features/images/kspm-2.png
diff --git a/docs/experimental-features/security-posture-management.asciidoc b/docs/experimental-features/security-posture-management.asciidoc
@@ -0,0 +1,43 @@
+[[security-posture-management]]
+== Cloud security posture management
+
+NOTE: This feature requires {stack} version 8.3.0 or later.
+
+Cloud security posture management (CSPM) and Kubernetes security posture management (KSPM) continuously monitor and compare your cloud and Kubernetes infrastructure against security best practices to help you identify and remediate misconfigurations.
+
+The steps to enable this feature differ between {ecloud} and self-hosted deployments.
+
+[[enable-kspm-on-cloud]]
+[discrete]
+=== Enable KSPM for cloud deployments
+
+1. First, enable the KSPM flag for your deployment:
+
+  a. From {kib}, open the main menu and click  **Manage this deployment**.
++
+image::images/kspm-1.png[The Manage deployment button]
+
+  b. Under **My deployment**, select **{kib}**.
+  c. Under **Instances**, click the three-dot menu next to your instance, then click **Edit configuration**.
+  d. Click **Edit user settings** in the upper-right of the page.
+  e. Add `xpack.cloudSecurityPosture.enabled: true` to the user settings.
+  f. Click **Back**, then save your {kib} user settings.
++
+NOTE: It may take up to two minutes for the changes to take effect.
++
+2. Return to {kib}. From the main menu, go to **Security** -> **Cloud Security**.
++
+image::images/kspm-2.png[The Cloud Security button on the main menu, width=160]
++
+3. Follow the prompts to set up data ingestion.
+
+[[enable-kspm-on-selfhosted]]
+[discrete]
+=== Enable KSPM for self-hosted deployments
+1. Edit the `kibana.yml` file (typically found at `/config/kibana.yml`) to include `xpack.cloudSecurityPosture.enabled: true`.
+
+2. Return to {kib}. From the main menu, go to **Security** -> **Cloud Security**.
++
+image::images/kspm-2.png[The Cloud Security button on the main menu, width=160]
+
+3. Follow the prompts to set up data ingestion.