diff --git a/content/en/security/cloud_security_management/identity_risks/_index.md b/content/en/security/cloud_security_management/identity_risks/_index.md
index 42a0e247ae411..91dfdac053cfb 100644
--- a/content/en/security/cloud_security_management/identity_risks/_index.md
+++ b/content/en/security/cloud_security_management/identity_risks/_index.md
@@ -51,17 +51,29 @@ To remediate the identity risk, click **Fix in AWS** to update the resource in A
 
 You can also use Terraform remediation to generate a pull request in GitHub with code changes that fix the underlying identity risk, or leverage [Workflow Automation][3] to create automated workflows for identity risks (with or without human involvement).
 
-## Gain visibility into who can access at-risk resources
+## Gain visibility into at-risk resource access
 
-To see all the principals that can directly or indirectly access a given misconfigured resource, click the **Access Insights** tab in Misconfigurations, Identity Risks, and the Security Inbox. In this example, it shows all the principals that can access this EC2 instance:
+In Misconfigurations, Identity Risks, and the Security Inbox, you can click the **Access Insights** tab to see:
+- Which entities the resource can access across your accounts
+- Which principals that can directly or indirectly access the resource
+
+In this example, it shows all the principals that can access this EC2 instance:
 
 {{< img src="security/csm/access_insights.png" alt="The Access Insights panel, showing a list of publicly accessible EC2 instances with highly privileged IAM roles" width="100%">}}
 
-You can see the risks associated with each principal in the **Risks** column, as well as the type of **Path** the principal can take (direct or indirect) to access the resource.
+Under **What can this resource access?**, you can:
+- See the account associated with each entity, and details about the access type
+- Search for entities, or filter them by entity type or account
+- View a list of excluded policies
+- Use the **All**, **Direct Access**, and **Indirect Access** tabs to filter which entities display in the table
+- Click the **Actions** dropdown beside an entity to see it in Resource Catalog, or update its configuration in AWS IAM console
 
-You can search for a subset of principals by name, type, public accessibility, or administrative access. Additionally, you can filter for direct or indirect access.
+Under **Who can access this resource?**, you can:
+- See the risks associated with each principal in the **Risks** column, as well as the type of **Path** the principal can take (direct or indirect) to access the resource
+- Filter principals by name, type, public accessibility, or administrative access
+- Use the **All**, **Direct Access**, and **Indirect Access** tabs to filter which principals display in the table
+- Click the **Actions** dropdown beside a principal to see it in Resource Catalog, or update its configuration in AWS IAM console
 
-Click the **Actions** dropdown beside a principal to see it in Resource Catalog, or update its configuration in AWS IAM console.
 
 ## AWS IAM Access Analyzer integration