[AppSec] Fix xrefs and Images

docs/en/enterprise-edition/content-collections/application-security/get-started/application-security-settings/application-security-settings.adoc

@@ -32,14 +32,14 @@ Define paths to exclude for scans and specify repositories for targeted applicat
 
 Prima Cloud leverages service provider APIs to verify the authenticity and integrity of secrets discovered within the codebase. This process serves as a crucial step in prioritizing security measures. By confirming the validity of these secrets, you can allocate resources and attention to the most pressing security concerns, ensuring a focused and effective approach to safeguarding sensitive information.
 
-|See xref:../../risk-management/monitor-and-manage-code-build/secrets-scanning.adoc[here] to know more.
+|xref:../../risk-management/monitor-and-manage-code-build/secrets-scanning.adoc[Secrets Scanning]
 
 |Validate Secrets
 
 Enabling Git History scanning empowers you to uncover any secrets that may have been removed from the repository but remain accessible in its history. This ensures a comprehensive security sweep for vulnerabilities in potentially forgotten or overlooked access points.
 
-|See xref:../../risk-management/monitor-and-manage-code-build/secrets-scanning.adoc#validate-secrets[here] to know more.
+|xref:../../risk-management/monitor-and-manage-code-build/secrets-scanning.adoc#validate-secrets[Validate Secrets]
 
 |===
 
-In addition to these configurations you can enable Developer Suppressions. By enabling this configuration, any suppressions specified in the code will be disregarded while a routine and thorough scan of associated resources will continue. This ensures that no potential issues or vulnerabilities are overlooked, bolstering the overall security posture of the system.
+In addition to these configurations you can enable *Developer Suppressions*. By enabling this configuration, any suppressions specified in the code will be disregarded while a routine and thorough scan of associated resources will continue. This ensures that no potential issues or vulnerabilities are overlooked, bolstering the overall security posture of the system.

docs/en/enterprise-edition/content-collections/application-security/get-started/manage-roles-permissions.adoc

@@ -1,19 +1,20 @@
 == Manage Roles and Permissions
 
-The Application Security provides the following roles, each with its specific set of permissions.
+Learn more about the roles and permissions when Application Security subscription is enabled.
+To know more about roles and permissions on Prisma Cloud see xref:../../administration/prisma-cloud-admin-permissions.adoc[Prisma Cloud Administrator Permissions]
 
 === System Administrator
 
-Enable administrative access for all the DevSecOps and Security teams who need to add code repositories or pipelines, create policies and review scan results on Prisma Cloud. For more refer to  add Prisma Cloud Administrators and role permissions. You can also see add administrative users.
+Enable administrative access for all the DevSecOps and Security teams who need to add code repositories or pipelines, create policies and review scan results on Prisma Cloud.
 
-=== Appsec Admin
+=== AppSec Administrator
 
-The Application Security practitioner manages application security, and accordingly by default, is granted full system admin permissions to the Cloud Application Security module (CAS).  In addition, the Appsec Admin has permissions for Application Security and selected platform permissions such as Alerts. See here for all Appsec permissions.
+The Application Security practitioner manages application security, and accordingly by default, is granted full system admin permissions to the Cloud Application Security module (CAS).  In addition, the AppSec Admin has permissions for Application Security and selected platform permissions such as Alerts.
 
-NOTE: Other than the specified permissions above, the Appsec Admin authority is restricted to the CAS module, and does not apply to other modules on Prisma Cloud (as opposed to a system admin).
+NOTE: Other than the specified permissions above, the AppSec Admin authority is restricted to the CAS module, and does not apply to other modules on Prisma Cloud (as opposed to a system admin).
 
 [.task]
-=== Developer Access for Application Security
+=== Developer
 
 You do not need to grant access for your developers to log in to the Prisma Cloud administrative console. However, if you would like to enable access, Prisma Cloud includes a predefined developer role with the least privilege permissions to the Prisma Cloud administrative console.
 The permissions for the developer role include the ability to:
@@ -50,8 +51,9 @@ NOTE: You are required to select both Create and Update permissions when onboard
 
 * *Code Security Configuration*: Enabling permissions for Application Security Configuration helps you manage Application Security licenses, Enforcement thresholds, notifications, developer suppressions and creating rules to exclude paths for scans.
 
-For further details see, xref:../../administration/create-custom-permission-groups.adoc[Create Custom Prisma Cloud Roles].
+For further details see, xref:../../administration/create-custom-permission-groups.adoc[Create Custom Prisma Cloud Groups].
 
+NOTE: Application Security currently supports Custom Permissions only for licensing types of IaC Security, Secrets Scanning and SCA Security.
 
 === View Audit Logs
 

docs/en/enterprise-edition/content-collections/application-security/risk-management/monitor-and-manage-code-build/drift-detection.adoc

@@ -86,7 +86,7 @@ image::application-security/drift-3.png[]
 An alert rule for Drift Detection generates alerts when a drift occurs for resources deployed on AWS (Amazon Web Services), Google Cloud Platform (GCP) and Azure. When creating a drift alert rule, you must specify the account groups for which you would like to receive alerts and include the policies for which you want to generate alerts.
 // You can create a single alert rule that includes all account groups and policies. You can also customize alert rules to include details like Policy Severity, Policy Compliance or Policy Label with regions, and even resource tags.
 // You can create a single rule alert for all account groups or choose to customize an alert rule for a specific requirement.
-Learn more on how to create an alert rule xref:../../..//alerts/create-an-alert-rule-cloud-infrastructure.adoc[here].
+See xref:../../../alerts/create-an-alert-rule-cloud-infrastructure.adoc[create an alert rule] to know more on creating an alert rule.
 
 ////
 . Verify that the policies for AWS, GCP and Azure are enabled.

docs/en/enterprise-edition/content-collections/application-security/risk-management/monitor-and-manage-code-build/secrets-scanning.adoc

@@ -8,7 +8,7 @@ For identifying secrets, Prisma Cloud provides default policies that use domain-
 
 image::application-security/scan-results-secrets-ide.png[]
 
-
+[#validate-secrets]
 === Validate Secrets
 
 When scanning for secrets, Prisma Cloud can validate secrets against public APIs to verify if the secret is still active so that you can prioritize and handle exposed secrets quickly.

docs/en/enterprise-edition/content-collections/application-security/risk-management/monitor-and-manage-code-build/software-composition-analysis/software-composition-analysis.adoc

@@ -35,7 +35,7 @@ Firstly, during code development you can run a Checkov scan and secondly, on the
 You can automatically remediate SCA open source package vulnerabilities on the Prisma Cloud console by bumping a package version of direct and sub-dependent packages by creating a pull request to your VCS. A package bump suggestion includes the minimum version of the root package that remediates both direct dependency and sub-dependency vulnerabilities.
 
 The vulnerabilities identified across the scan results are seen across multiple sections of the Prisma Cloud console and are contextualized to help you with vulnerability management.
-See xref:../../risk-management/monitor-and-manage-code-build/monitor-and-manage-code-build.adoc[here] for more information.
+See xref:../../risk-management/monitor-and-manage-code-build/monitor-and-manage-code-build.adoc[Monitor and Manage Code Build] for more information.
 
 === Software Composition Analysis
 

docs/en/enterprise-edition/content-collections/dashboards/dashboards-application-security.adoc

@@ -1,6 +1,6 @@
 == Code Security Dashboard
 
-The Code Security dashboard provides you with a unified view of the top code security vulnerabilities and misconfigurations identified in scans across the code and build integrations on Prisma Cloud. It gives you a contextual understanding of high priority errors that require attention across these vectors:
+As a part of Application Security, the Code Security dashboard provides you with a contextual view of the top code security vulnerabilities and misconfigurations identified in scans across the code and build integrations on Prisma Cloud. It gives you a contextual understanding of high priority errors that require attention across these vectors:
 
 * High-risk code errors by severity
 * Historical data for code issues and pull requests