diff --git a/modules/high-sev-security-policies.adoc b/modules/high-sev-security-policies.adoc
index 90112c2b9704..3ed8bca25a27 100644
--- a/modules/high-sev-security-policies.adoc
+++ b/modules/high-sev-security-policies.adoc
@@ -22,6 +22,16 @@ The following table lists the default security policies in {product-title} that
 |Build or Deploy |Fixable Severity at least Important |Alerts when deployments with fixable vulnerabilities have a severity rating of at least Important. |Enabled
 |Build or Deploy |Rapid Reset: Denial of Service Vulnerability in HTTP/2 Protocol |Alerts on deployments with images containing components that are susceptible to a Denial of Service (DoS) vulnerability for HTTP/2 servers. This addresses a flaw in the handling of multiplexed streams in HTTP/2. A client can rapidly create a request and immediately reset them, which creates extra work for the server while avoiding hitting any server-side limits, resulting in a denial of service attack. To use this policy, consider cloning the policy and adding the `Fixable` policy criteria before enabling it. |Disabled
 |Build or Deploy |Secure Shell (ssh) Port Exposed in Image |Alerts when deployments expose port 22, which is commonly reserved for SSH access. |Enabled
+|Build or Deploy 
+|Red{nbsp}Hat Images must be signed by the Red{nbsp}Hat Release Key 
+a|Alerts when a Red{nbsp}Hat image is not signed by the official link:https://access.redhat.com/security/team/key[Red{nbsp}Hat product signing key, "Release Key 3"]. These alerts apply to images from the following registries and remotes:
+
+* `registry.redhat.io`
+* `registry.access.redhat.com`
+* `quay.io/openshift-release-dev/ocp-release`
+* `quay.io/openshift-release-dev/ocp-v4.0-art-dev` 
+
+|Disabled
 |Deploy |Emergency Deployment Annotation |Alerts when deployments use the emergency annotation, such as "admission.stackrox.io/break-glass":"ticket-1234" to circumvent StackRox Admission controller checks. |Enabled
 |Deploy |Environment Variable Contains Secret |Alerts when deployments have environment variables that contain 'SECRET'. |Enabled
 |Deploy |Fixable CVSS >= 6 and Privileged |Alerts when deployments run in privileged mode with fixable vulnerabilities that have a CVSS of at least 6. However, Red{nbsp}Hat recommends that you create policies using CVE severity instead of CVSS score. |Disabled by default in version 3.72.0 and later
@@ -59,4 +69,4 @@ The following table lists the default security policies in {product-title} that
 * A bulleted list of links to other closely-related material. These links can include `link:` and `xref:` macros.
 * For more details on writing reference modules, see the link:https://github.com/redhat-documentation/modular-docs#modular-documentation-reference-guide[Modular Documentation Reference Guide].
 * Use a consistent system for file names, IDs, and titles. For tips, see _Anchor Names and File Names_ in link:https://github.com/redhat-documentation/modular-docs#modular-documentation-reference-guide[Modular Documentation Reference Guide].
-////
\ No newline at end of file
+////