diff --git a/cpp/ql/src/Likely Bugs/Memory Management/Buffer Overflow/NtohlArrayNoBoundOpenSource.qhelp b/cpp/ql/src/Likely Bugs/Memory Management/Buffer Overflow/NtohlArrayNoBoundOpenSource.qhelp
index 522d6cde74c8..fc8f309f73a0 100644
--- a/cpp/ql/src/Likely Bugs/Memory Management/Buffer Overflow/NtohlArrayNoBoundOpenSource.qhelp	
+++ b/cpp/ql/src/Likely Bugs/Memory Management/Buffer Overflow/NtohlArrayNoBoundOpenSource.qhelp	
@@ -14,7 +14,7 @@ byte order function, such as <code>ntohl</code>.
 The use of a network-to-host byte order function is therefore a good indicator that the returned
 value is unvalidated data retrieved from the network, and should not be used without further
 validation. In particular, the returned value should not be used as an array index or array length
-value without validation, which may result in a buffer overflow vulnerability.
+value without validation, as this could result in a buffer overflow vulnerability.
 </p>
 </overview>
 
diff --git a/cpp/ql/src/Security/CWE/CWE-457/ConditionallyUninitializedVariable.qhelp b/cpp/ql/src/Security/CWE/CWE-457/ConditionallyUninitializedVariable.qhelp
index b9118edc7361..8e6a89034838 100644
--- a/cpp/ql/src/Security/CWE/CWE-457/ConditionallyUninitializedVariable.qhelp
+++ b/cpp/ql/src/Security/CWE/CWE-457/ConditionallyUninitializedVariable.qhelp
@@ -37,7 +37,7 @@ which is then subsequently accessed to fetch properties of the device. However,
 check the return value from the function call to <code>initDeviceConfig</code>. If the
 device number passed to the <code>notify</code> function was invalid, the
 <code>initDeviceConfig</code> function will leave the <code>config</code> variable uninitialized,
-which would result in the <code>notify</code> function accessing uninitialized memory.</p>
+which will result in the <code>notify</code> function accessing uninitialized memory.</p>
 
 <sample src="ConditionallyUninitializedVariableBad.c" />
 
diff --git a/cpp/ql/src/Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql b/cpp/ql/src/Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql
index eb00fb9ea106..f9eb2fe5400f 100644
--- a/cpp/ql/src/Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql
+++ b/cpp/ql/src/Security/CWE/CWE-457/ConditionallyUninitializedVariable.ql
@@ -2,7 +2,7 @@
  * @name Conditionally uninitialized variable
  * @description When an initialization function is used to initialize a local variable, but the
  *              returned status code is not checked, the variable may be left in an uninitialized
- *              state, and reading the variable may result in undefined behaviour.
+ *              state, and reading the variable may result in undefined behavior.
  * @kind problem
  * @problem.severity warning
  * @opaque-id SM02313
diff --git a/csharp/ql/src/Security Features/CWE-091/XMLInjection.qhelp b/csharp/ql/src/Security Features/CWE-091/XMLInjection.qhelp
index 4e70b06531ae..3aff9901bfce 100644
--- a/csharp/ql/src/Security Features/CWE-091/XMLInjection.qhelp	
+++ b/csharp/ql/src/Security Features/CWE-091/XMLInjection.qhelp	
@@ -36,10 +36,10 @@ which ensures the content is appropriately escaped.</p>
 
 <references>
   <li>
-    <a href="http://projects.webappsec.org/w/page/13247004/XML%20Injection">XML Injection</a> (The Web Application Security Consortium).
+    Web Application Security Consortium: <a href="http://projects.webappsec.org/w/page/13247004/XML%20Injection">XML Injection</a>.
   </li>
   <li>
-    <a href="https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmlwriter.writeraw?view=netframework-4.8">WriteRaw</a> (Microsoft documentation).
+    Microsoft Docs: <a href="https://docs.microsoft.com/en-us/dotnet/api/system.xml.xmlwriter.writeraw?view=netframework-4.8">WriteRaw</a>.
   </li>
 </references>
 </qhelp>
diff --git a/csharp/ql/src/Security Features/CWE-114/AssemblyPathInjection.qhelp b/csharp/ql/src/Security Features/CWE-114/AssemblyPathInjection.qhelp
index 5f95181c092e..e1dbe9c1bd0a 100644
--- a/csharp/ql/src/Security Features/CWE-114/AssemblyPathInjection.qhelp	
+++ b/csharp/ql/src/Security Features/CWE-114/AssemblyPathInjection.qhelp	
@@ -14,7 +14,7 @@ was not intended to be loaded, and executing arbitrary code.
 <p>
 Avoid loading assemblies based on user provided input. If this is not possible, ensure that the path
 is validated before being used with <code>Assembly</code>. For example, compare the provided input
-against a whitelist of known safe assemblies, or confirm that path is restricted to a single
+against a whitelist of known safe assemblies, or confirm that the path is restricted to a single
 directory which only contains safe assemblies.
 </p>
 </recommendation>
@@ -30,8 +30,8 @@ is only loaded if the user input matches one of those options.</p>
 </example>
 
 <references>
-  <li>
-    <a href="https://docs.microsoft.com/en-us/dotnet/api/system.reflection.assembly?view=netframework-4.8">System.Reflection.Assembly</a> (Microsoft documentation).
+  <li>Microsoft: 
+    <a href="https://docs.microsoft.com/en-us/dotnet/api/system.reflection.assembly?view=netframework-4.8">System.Reflection.Assembly</a>.
   </li>
 </references>
 </qhelp>
diff --git a/csharp/ql/src/Security Features/CWE-321/HardcodedEncryptionKey.ql b/csharp/ql/src/Security Features/CWE-321/HardcodedEncryptionKey.ql
index c09a67d756c6..cce122ffa62d 100644
--- a/csharp/ql/src/Security Features/CWE-321/HardcodedEncryptionKey.ql	
+++ b/csharp/ql/src/Security Features/CWE-321/HardcodedEncryptionKey.ql	
@@ -1,6 +1,6 @@
 /**
- * @name Do not use hard-coded encryption keys.
- * @description The .Key property or rgbKey parameter of a SymmetricAlgorithm should never be a hardcoded value.
+ * @name Hard-coded encryption key
+ * @description The .Key property or rgbKey parameter of a SymmetricAlgorithm should never be a hard-coded value.
  * @kind problem
  * @id cs/hardcoded-key
  * @problem.severity error
diff --git a/csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.qhelp b/csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.qhelp
index ae69402eb7e1..c59feeed61c5 100644
--- a/csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.qhelp	
+++ b/csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.qhelp	
@@ -3,7 +3,6 @@
   "qhelp.dtd">
 <qhelp>
 <overview>
-<p>Finds uses of insecure SQL Connections string by not enabling the <code>Encrypt</code> option.</p>
 
   <p>
     SQL Server connections where the client is not enforcing the encryption in transit are susceptible to multiple attacks, including a man-in-the-middle, that would potentially compromise the user credentials and/or the TDS session.
@@ -29,18 +28,17 @@
 
 </example>
 <references>
-
-  <li>
-    <a href="https://blogs.msdn.microsoft.com/sql_protocols/2009/10/19/selectively-using-secure-connection-to-sql-server/">Selectively using secure connection to SQL Server</a>
+  <li>Microsoft, SQL Protocols blog: 
+    <a href="https://blogs.msdn.microsoft.com/sql_protocols/2009/10/19/selectively-using-secure-connection-to-sql-server/">Selectively using secure connection to SQL Server</a>.
+  </li>
+  <li>Microsoft:
+    <a href="https://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.connectionstring(v=vs.110).aspx">SqlConnection.ConnectionString Property</a>.
+  </li>
+  <li>Microsoft: 
+    <a href="https://msdn.microsoft.com/en-us/library/ms130822.aspx">Using Connection String Keywords with SQL Server Native Client</a>.
   </li>
-  <li>
-    <a href="https://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.connectionstring(v=vs.110).aspx">Net SqlClient (ADO .Net)</a>
+  <li>Microsoft: 
+    <a href="https://msdn.microsoft.com/en-us/library/ms378988(v=sql.110).aspx">Setting the connection properties</a>.
   </li>
-  <li><a href="https://msdn.microsoft.com/en-us/library/ms130822.aspx">SQL native driver (SNAC)</a>
-</li>
-  <li>
-    <a href="https://msdn.microsoft.com/en-us/library/ms378988(v=sql.110).aspx">JDBC driver</a>
-</li>
-  
 </references>
 </qhelp>
diff --git a/csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.ql b/csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.ql
index 0f855150aa98..78bcc1c19e5f 100644
--- a/csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.ql	
+++ b/csharp/ql/src/Security Features/CWE-327/InsecureSQLConnection.ql	
@@ -1,6 +1,6 @@
 /**
  * @name Insecure SQL connection
- * @description TODO.
+ * @description Using an SQL Server connection without enforcing encryption is a security vulnerability.
  * @kind path-problem
  * @id cs/insecure-sql-connection
  * @problem.severity error