feat(iast): peer review comments

src/content/docs/iast/use-iast.mdx

@@ -28,7 +28,7 @@ import iastEnableIast from 'images/iast_screenshot-crop_enable-iast.webp'
     This feature is currently in preview.
 </Callout>
 
-When your application has exploitable vulnerabilities, it means that someone could take advantage of a misconfiguration to access sensitive information. To help prevent that from happening, install our interactive applications security testing (IAST) to assist in finding exploitable vulnerabilities. 
+When your application has exploitable vulnerabilities, it means that someone could take advantage of a misconfiguration to access sensitive information. To help prevent that, install our interactive applications security testing (IAST). 
 
 <img
     title="IAST Summary page"
@@ -48,9 +48,9 @@ You can use IAST to test applications written in the following languages:
 ## Test your application [#install]
 
 <Callout variant="important">
-  Run IAST with non-production deployments only.
+  Run IAST with non-production deployments only to avoid exposing vulnerabilities on your production software.
 
-  IAST tests your applications for any exploitable vulnerability by replaying the generated HTTP request with vulnerable payloads. Run IAST only on non-production deployments to avoid exposing vulnerabilities on your production software.
+  IAST tests your applications for any exploitable vulnerability by replaying the generated HTTP request with vulnerable payloads.
 </Callout>
 
 1. Go to **[one.newrelic.com](https://one.newrelic.com)** > **All capabilities** > **IAST**, and click **Start trial**.
@@ -187,3 +187,67 @@ Go to **[one.newrelic.com](https://one.newrelic.com)** > **All capabilities** >
 ```sql
 SELECT * FROM Vulnerability WHERE issueType = 'Application Vulnerability' AND appId = {MY_APP_ID} 
 ```
+
+## Troubleshooting 
+
+<CollapserGroup>
+    <Collapser
+    id="app-not-in-NR"
+    title="I don't see my application in IAST"
+    >
+    If you don't see your application in **[one.newrelic.com](https://one.newrelic.com)** > **All capabilities** > **IAST**, make sure that the application has started and then, review your application's logs for further information.
+    </Collapser>
+
+    <Collapser
+    id="agent-working"
+    title="I'm not sure the security agent is working"
+    >
+
+    In the `nr-security-home/logs` directory, search for the file called `LANGUAGE-security-collector-init.log`. Replace `LANGUAGE` in the path with the one you used, and make sure these steps work for you:
+
+    1. If the security agent started, you'll see this message in your application `stdout`:
+        ```shell
+        This application instance is now being scanned by New Relic Security under id {{UUID}}
+        ```
+    2. The security agent generates a unique identifier. For web socket connection, you'll see Node auth headers.
+    3. The security agent gathers information about your application.
+    4. The web socket connection to SaaS validator is established successfully.
+    5. The security agent threads are started.
+    6. The application instrumentation is successful.
+    7. The application receives and applies your policies and configuration.
+    8. You see a first event sent for validation, which means the security agent started successfully.
+
+    </Collapser>
+
+    <Collapser
+    id="IAST-not-working"
+    title="I'm not sure IAST is looking for vulnerabilities"
+    >
+    Currently, IAST shows findings only.
+
+    In order to see the IAST analysis in progress, if you've set the `loglevel` to `debug`, search for `Fuzz request received` in the `nr-security-home/logs/java-security-collector.log` file.
+    </Collapser>
+
+    <Collapser
+    id="no-vuln"
+    title="I don't see vulnerabilities in IAST"
+    >
+    If you see your application in New Relic and the security agent successfully started IAST, but you don't see vulnerabilities in **[one.newrelic.com](https://one.newrelic.com)** > **All capabilities** > **IAST**, that could be due to:
+
+    - Your application not being vulnerable.
+    - Your web socket connection being broken.
+    - Your application's framework or vulnerability category not being supported.
+
+    If you're not sure why this is happening, share your application's configuration and logs with our support team at [support.newrelic.com](https://support.newrelic.com).
+
+    </Collapser>
+
+    <Collapser
+    id="stability-issues"
+    title="I'm facing application stability issues during IAST testing"
+    >
+    Snapshot log files are in the `nr-security-home/logs/snapshots` folder. The log file shows you the status of the security agent, resource usage, and the last five errors.   
+
+    </Collapser>
+
+</CollapserGroup>

src/nav/iast.yml

@@ -1,7 +1,5 @@
-title: Interactive applications security testing (IAST)
+title: IAST
 path: /docs/iast
 pages:
   - title: Use IAST in New Relic
     path: /docs/iast/use-iast
-  - title: Troubleshooting for IAST
-    path: /docs/iast/troubleshoot-iast

src/nav/root.yml

@@ -51,12 +51,12 @@ pages:
     path: codestream
   - title: Errors Inbox
     path: errors-inbox
+  - title: IAST
+    path: iast
   - title: Open-source integrations
     path: integrations
   - title: Vulnerability Management
     path: vuln-management
-  - title: Interactive applications security testing (IAST)
-    path: iast
   - title: Latest updates
   - title: Release notes
     path: release-notes