diff --git a/docs/serverless/AI-for-security/ai-assistant.asciidoc b/docs/serverless/AI-for-security/ai-assistant.asciidoc
index ff86a5d84a..f570b80604 100644
--- a/docs/serverless/AI-for-security/ai-assistant.asciidoc
+++ b/docs/serverless/AI-for-security/ai-assistant.asciidoc
@@ -4,7 +4,6 @@
 // :description: Elastic AI Assistant is a generative AI open-code chat assistant.
 // :keywords: security, overview, get-started
 
-preview:[]
 
 The Elastic AI Assistant utilizes generative AI to bolster your cybersecurity operations team. It allows users to interact with {elastic-sec} for tasks such as alert investigation, incident response, and query generation or conversion using natural language and much more.
 
diff --git a/docs/serverless/advanced-entity-analytics/advanced-behavioral-detections.asciidoc b/docs/serverless/advanced-entity-analytics/advanced-behavioral-detections.asciidoc
index 7e62b9f5a6..c7d7b93323 100644
--- a/docs/serverless/advanced-entity-analytics/advanced-behavioral-detections.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/advanced-behavioral-detections.asciidoc
@@ -4,7 +4,6 @@
 // :description: Learn about advanced behavioral detections and its capabilities.
 // :keywords: serverless, security, overview, analyze
 
-preview:[]
 
 Elastic's {ml} capabilities and advanced correlation, scoring, and visualization techniques can help you identify potential behavioral threats that may be associated with security incidents.
 
diff --git a/docs/serverless/advanced-entity-analytics/advanced-entity-analytics-overview.asciidoc b/docs/serverless/advanced-entity-analytics/advanced-entity-analytics-overview.asciidoc
index 209e706cea..0b6b3d9a7b 100644
--- a/docs/serverless/advanced-entity-analytics/advanced-entity-analytics-overview.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/advanced-entity-analytics-overview.asciidoc
@@ -4,8 +4,6 @@
 // :description: Learn about Advanced Entity Analytics and its capabilities.
 // :keywords: serverless, security, overview, analyze
 
-preview:[]
-
 Advanced Entity Analytics generates a set of threat detection and risk analytics that allows you to expedite alert triage and hunt for new threats from within an entity's environment. This feature combines the power of the SIEM detection engine and Elastic's {ml} capabilities to identify unusual user behaviors and generate comprehensive risk analytics for hosts and users.
 
 Advanced Entity Analytics provides two key capabilities:
diff --git a/docs/serverless/advanced-entity-analytics/analyze-risk-score-data.asciidoc b/docs/serverless/advanced-entity-analytics/analyze-risk-score-data.asciidoc
index ed2b5e9c5e..040cc16723 100644
--- a/docs/serverless/advanced-entity-analytics/analyze-risk-score-data.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/analyze-risk-score-data.asciidoc
@@ -8,8 +8,6 @@
 <titleabbrev>View risk score data</titleabbrev>
 ++++
 
-preview:[]
-
 The {security-app} provides several options to monitor the change in the risk posture of hosts and users from your environment. Use the following places in the {security-app} to view and analyze risk score data:
 
 * <<security-analyze-risk-score-data-entity-analytics-dashboard,Entity Analytics dashboard>>
diff --git a/docs/serverless/advanced-entity-analytics/asset-criticality.asciidoc b/docs/serverless/advanced-entity-analytics/asset-criticality.asciidoc
index 5a8ff35b53..21ef9565a6 100644
--- a/docs/serverless/advanced-entity-analytics/asset-criticality.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/asset-criticality.asciidoc
@@ -4,8 +4,6 @@
 // :description: Learn how to use asset criticality to improve your security operations.
 // :keywords: serverless, security, overview, analyze
 
-preview:[]
-
 .Requirements
 [NOTE]
 ====
diff --git a/docs/serverless/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc b/docs/serverless/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc
index b7c9553f6f..53b6fb3ca2 100644
--- a/docs/serverless/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/behavioral-detection-use-cases.asciidoc
@@ -4,7 +4,6 @@
 // :description: Detect internal and external threats using behavioral detection integrations.
 // :keywords: serverless, security, overview, analyze
 
-preview:[]
 
 Behavioral detection identifies potential internal and external threats based on user and host activity. It uses a threat-centric approach to flag suspicious activity by analyzing patterns, anomalies, and context enrichment.
 
diff --git a/docs/serverless/advanced-entity-analytics/entity-risk-scoring.asciidoc b/docs/serverless/advanced-entity-analytics/entity-risk-scoring.asciidoc
index a31a175358..7c17c3dee1 100644
--- a/docs/serverless/advanced-entity-analytics/entity-risk-scoring.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/entity-risk-scoring.asciidoc
@@ -4,7 +4,6 @@
 // :description: Learn about the risk scoring engine and its features.
 // :keywords: serverless, security, overview, analyze
 
-preview:[]
 
 Entity risk scoring is an advanced {elastic-sec} analytics feature that helps security analysts detect changes in an entity's risk posture, hunt for new threats, and prioritize incident response.
 
diff --git a/docs/serverless/advanced-entity-analytics/machine-learning.asciidoc b/docs/serverless/advanced-entity-analytics/machine-learning.asciidoc
index fe353bd8d7..6564db5923 100644
--- a/docs/serverless/advanced-entity-analytics/machine-learning.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/machine-learning.asciidoc
@@ -4,7 +4,6 @@
 // :description: Use the power of machine learning to detect outliers and suspicious events.
 // :keywords: serverless, security, overview, manage
 
-preview:[]
 
 {ml-docs}/ml-ad-overview.html[{ml-cap}] functionality is available when
 you have the appropriate role. Refer to <<security-ml-requirements,Machine learning job and rule requirements>> for more information.
diff --git a/docs/serverless/advanced-entity-analytics/ml-requirements.asciidoc b/docs/serverless/advanced-entity-analytics/ml-requirements.asciidoc
index c1a282209f..6273602a07 100644
--- a/docs/serverless/advanced-entity-analytics/ml-requirements.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/ml-requirements.asciidoc
@@ -4,7 +4,6 @@
 // :description: Requirements for using {ml} jobs and rules.
 // :keywords: serverless, security, reference, manage
 
-preview:[]
 
 To run and create {ml} jobs and rules, you need the appropriate <<general-assign-user-roles,user role>>.
 
diff --git a/docs/serverless/advanced-entity-analytics/prebuilt-ml-jobs.asciidoc b/docs/serverless/advanced-entity-analytics/prebuilt-ml-jobs.asciidoc
index c7aa5e24a0..65c36e006a 100644
--- a/docs/serverless/advanced-entity-analytics/prebuilt-ml-jobs.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/prebuilt-ml-jobs.asciidoc
@@ -3,6 +3,5 @@
 
 // :keywords: serverless, security, reference
 
-preview:[]
 
 Refer to {security-guide}/prebuilt-ml-jobs.html[Prebuilt job reference] for information on available prebuilt {ml} jobs.
diff --git a/docs/serverless/advanced-entity-analytics/tuning-anomaly-results.asciidoc b/docs/serverless/advanced-entity-analytics/tuning-anomaly-results.asciidoc
index f6825215a4..dc40bb9166 100644
--- a/docs/serverless/advanced-entity-analytics/tuning-anomaly-results.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/tuning-anomaly-results.asciidoc
@@ -4,7 +4,6 @@
 // :description: Learn how to fine-tune and filter anomaly results.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 To gain clearer insights into real threats, you can tune the anomaly results. The following procedures help to reduce the number of false positives:
 
diff --git a/docs/serverless/advanced-entity-analytics/turn-on-risk-engine.asciidoc b/docs/serverless/advanced-entity-analytics/turn-on-risk-engine.asciidoc
index 48eeafe71d..956f3ae55f 100644
--- a/docs/serverless/advanced-entity-analytics/turn-on-risk-engine.asciidoc
+++ b/docs/serverless/advanced-entity-analytics/turn-on-risk-engine.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Turn on risk scoring</titleabbrev>
 ++++
 
-preview:[]
 
 .Requirements
 [NOTE]
diff --git a/docs/serverless/alerts/alert-schema.asciidoc b/docs/serverless/alerts/alert-schema.asciidoc
index 6f84f68b85..0bfbd63ee6 100644
--- a/docs/serverless/alerts/alert-schema.asciidoc
+++ b/docs/serverless/alerts/alert-schema.asciidoc
@@ -4,7 +4,6 @@
 // :description: The alert schema describes all the fields present in alert events.
 // :keywords: serverless, security, alerting, reference, manage
 
-preview:[]
 
 {elastic-sec} stores alerts that have been generated by detection rules in hidden {es} indices. The index pattern is `.alerts-security.alerts-<space-id->`.
 
diff --git a/docs/serverless/alerts/alert-suppression.asciidoc b/docs/serverless/alerts/alert-suppression.asciidoc
index 0b413a6636..9f54d69312 100644
--- a/docs/serverless/alerts/alert-suppression.asciidoc
+++ b/docs/serverless/alerts/alert-suppression.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Suppress alerts</titleabbrev>
 ++++
 
-preview:[]
 
 .Requirements and notice
 [IMPORTANT]
diff --git a/docs/serverless/alerts/alerts-ui-manage.asciidoc b/docs/serverless/alerts/alerts-ui-manage.asciidoc
index b51443485c..c5b5f47ca1 100644
--- a/docs/serverless/alerts/alerts-ui-manage.asciidoc
+++ b/docs/serverless/alerts/alerts-ui-manage.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Alerts</titleabbrev>
 ++++
 
-preview:[]
 
 The Alerts page displays all detection alerts.
 
diff --git a/docs/serverless/alerts/query-alert-indices.asciidoc b/docs/serverless/alerts/query-alert-indices.asciidoc
index cf167fe27c..4eecfdf8f9 100644
--- a/docs/serverless/alerts/query-alert-indices.asciidoc
+++ b/docs/serverless/alerts/query-alert-indices.asciidoc
@@ -4,7 +4,6 @@
 // :description: Index patterns for querying alert data.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 This page explains how you should query alert indices, for example, when building rule queries, custom dashboards, or visualizations. For more information about alert event field definitions, review the <<security-alert-schema,Alert schema>>.
 
diff --git a/docs/serverless/alerts/reduce-notifications-alerts.asciidoc b/docs/serverless/alerts/reduce-notifications-alerts.asciidoc
index f9f0f278bc..fecb120735 100644
--- a/docs/serverless/alerts/reduce-notifications-alerts.asciidoc
+++ b/docs/serverless/alerts/reduce-notifications-alerts.asciidoc
@@ -4,7 +4,6 @@
 // :description: A comparison of alert-reduction features.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 {elastic-sec} offers several features to help reduce the number of notifications and alerts generated by your detection rules. This table provides a general comparison of these features, with links for more details:
 
diff --git a/docs/serverless/alerts/signals-to-cases.asciidoc b/docs/serverless/alerts/signals-to-cases.asciidoc
index 17de0c71d7..d1320e84e3 100644
--- a/docs/serverless/alerts/signals-to-cases.asciidoc
+++ b/docs/serverless/alerts/signals-to-cases.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Add alerts to cases</titleabbrev>
 ++++
 
-preview:[]
 
 From the Alerts table, you can attach one or more alerts to a <<signals-to-new-cases,new case>> or <<signals-to-existing-cases,an existing one>>. Alerts from any rule type can be added to a case.
 
diff --git a/docs/serverless/alerts/view-alert-details.asciidoc b/docs/serverless/alerts/view-alert-details.asciidoc
index 62e141319e..5565ee7917 100644
--- a/docs/serverless/alerts/view-alert-details.asciidoc
+++ b/docs/serverless/alerts/view-alert-details.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>View alert details</titleabbrev>
 ++++
 
-preview:[]
 
 To learn more about an alert, click the **View details** button from the Alerts table. This opens the alert details flyout, which helps you understand and manage the alert.
 
diff --git a/docs/serverless/alerts/visual-event-analyzer.asciidoc b/docs/serverless/alerts/visual-event-analyzer.asciidoc
index 3e4ca14a21..631a2eefb4 100644
--- a/docs/serverless/alerts/visual-event-analyzer.asciidoc
+++ b/docs/serverless/alerts/visual-event-analyzer.asciidoc
@@ -4,7 +4,6 @@
 // :description: Examine events and processes in a graphical timeline.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 {elastic-sec} allows any event detected by {elastic-endpoint} to be analyzed using a process-based visual analyzer, which shows a graphical timeline of processes that led up to the alert and the events that occurred immediately after. Examining events in the visual event analyzer is useful to determine the origin of potentially malicious activity and other areas in your environment that may be compromised. It also enables security analysts to drill down into all related hosts, processes, and other events to aid in their investigations.
 
diff --git a/docs/serverless/alerts/visualize-alerts.asciidoc b/docs/serverless/alerts/visualize-alerts.asciidoc
index 28b5762bde..9a1ac6a33e 100644
--- a/docs/serverless/alerts/visualize-alerts.asciidoc
+++ b/docs/serverless/alerts/visualize-alerts.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Visualize alerts</titleabbrev>
 ++++
 
-preview:[]
 
 Visualize and group detection alerts by specific parameters in the visualization section of the Alerts page.
 
diff --git a/docs/serverless/assets/asset-management.asciidoc b/docs/serverless/assets/asset-management.asciidoc
index 3544f3c00e..b561644b9b 100644
--- a/docs/serverless/assets/asset-management.asciidoc
+++ b/docs/serverless/assets/asset-management.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, overview, manage
 
-preview:[]
 
 The **Assets** page allows you to manage the following features:
 
diff --git a/docs/serverless/billing.asciidoc b/docs/serverless/billing.asciidoc
index 6bb731696c..5dbd77fd7f 100644
--- a/docs/serverless/billing.asciidoc
+++ b/docs/serverless/billing.asciidoc
@@ -4,8 +4,6 @@
 // :description: Learn about how Security usage affects pricing.
 // :keywords: serverless, security, overview
 
-preview:[]
-
 {elastic-sec} serverless projects provide you with all the capabilities of {elastic-sec} to perform SIEM, security analytics, endpoint security, and cloud security workflows. Projects are provided using a Software as a Service (SaaS) model, and pricing is entirely consumption based. Security Analytics/SIEM is available in two tiers of carefully selected features to enable common security operations:
 
 * **Security Analytics Essentials** — Includes everything you need to operationalize traditional SIEM in most organizations.
diff --git a/docs/serverless/cloud-native-security/benchmark-rules.asciidoc b/docs/serverless/cloud-native-security/benchmark-rules.asciidoc
index d9fcc2eb7b..296f051376 100644
--- a/docs/serverless/cloud-native-security/benchmark-rules.asciidoc
+++ b/docs/serverless/cloud-native-security/benchmark-rules.asciidoc
@@ -8,7 +8,6 @@
 
 // tag::content[]
 
-preview:[]
 
 The Benchmarks page lets you view the cloud security posture (CSP) benchmarks for the <<security-cspm,Cloud security posture management>> (CSPM) and <<security-kspm,Kubernetes security posture management>> (KSPM) integrations.
 
diff --git a/docs/serverless/cloud-native-security/cloud-native-security-overview.asciidoc b/docs/serverless/cloud-native-security/cloud-native-security-overview.asciidoc
index 0b4b4523e7..7302b801e4 100644
--- a/docs/serverless/cloud-native-security/cloud-native-security-overview.asciidoc
+++ b/docs/serverless/cloud-native-security/cloud-native-security-overview.asciidoc
@@ -4,7 +4,6 @@
 // :description: Helps you improve your cloud security posture.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 Elastic Security for Cloud helps you improve your cloud security posture by comparing your cloud configuration to best practices, and scanning for vulnerabilities. It also helps you monitor and investigate your cloud workloads inside and outside Kubernetes.
 
diff --git a/docs/serverless/cloud-native-security/cloud-workload-protection.asciidoc b/docs/serverless/cloud-native-security/cloud-workload-protection.asciidoc
index 1d62e8d285..79fa318a46 100644
--- a/docs/serverless/cloud-native-security/cloud-workload-protection.asciidoc
+++ b/docs/serverless/cloud-native-security/cloud-workload-protection.asciidoc
@@ -4,7 +4,6 @@
 // :description: Use cloud workload protection to monitor and protect your Linux VMs.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 Cloud workload protection helps you monitor and protect your Linux VMs. It uses the <<security-install-edr,{elastic-defend}>> integration to capture cloud workload telemetry containing process, file, and network activity.
 
diff --git a/docs/serverless/cloud-native-security/cspm-findings-page.asciidoc b/docs/serverless/cloud-native-security/cspm-findings-page.asciidoc
index 05facdc6d0..77b4089c70 100644
--- a/docs/serverless/cloud-native-security/cspm-findings-page.asciidoc
+++ b/docs/serverless/cloud-native-security/cspm-findings-page.asciidoc
@@ -8,7 +8,6 @@
 
 // tag::content[]
 
-preview:[]
 
 The **Misconfigurations** tab on the **Findings** page displays the configuration risks identified by the <<security-cspm,CSPM>> and <<security-kspm,KSPM>> integrations, as well as data from <<ingest-third-party-cloud-security-data, third-party integrations>>.
 
diff --git a/docs/serverless/cloud-native-security/cspm-get-started-azure.asciidoc b/docs/serverless/cloud-native-security/cspm-get-started-azure.asciidoc
index 01c42f26e1..b04d071412 100644
--- a/docs/serverless/cloud-native-security/cspm-get-started-azure.asciidoc
+++ b/docs/serverless/cloud-native-security/cspm-get-started-azure.asciidoc
@@ -4,7 +4,6 @@
 // :description: Start monitoring the security posture of your Azure cloud assets.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 [discrete]
 [[cspm-overview-azure]]
diff --git a/docs/serverless/cloud-native-security/cspm-get-started-gcp.asciidoc b/docs/serverless/cloud-native-security/cspm-get-started-gcp.asciidoc
index 4eea50b7bf..2f72852609 100644
--- a/docs/serverless/cloud-native-security/cspm-get-started-gcp.asciidoc
+++ b/docs/serverless/cloud-native-security/cspm-get-started-gcp.asciidoc
@@ -4,7 +4,6 @@
 // :description: Start monitoring the security posture of your GCP cloud assets.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 [discrete]
 [[cspm-overview-gcp]]
diff --git a/docs/serverless/cloud-native-security/cspm-get-started.asciidoc b/docs/serverless/cloud-native-security/cspm-get-started.asciidoc
index 5883b97b99..9f1b85faae 100644
--- a/docs/serverless/cloud-native-security/cspm-get-started.asciidoc
+++ b/docs/serverless/cloud-native-security/cspm-get-started.asciidoc
@@ -4,7 +4,6 @@
 // :description: Start monitoring the security posture of your AWS cloud assets.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 [discrete]
 [[cspm-overview]]
diff --git a/docs/serverless/cloud-native-security/cspm-security-posture-faq.asciidoc b/docs/serverless/cloud-native-security/cspm-security-posture-faq.asciidoc
index ea2bff56bd..c5618d94d9 100644
--- a/docs/serverless/cloud-native-security/cspm-security-posture-faq.asciidoc
+++ b/docs/serverless/cloud-native-security/cspm-security-posture-faq.asciidoc
@@ -4,7 +4,6 @@
 // :description: Frequently asked questions about the CSPM and KSPM integrations.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 [discrete]
 [[cspm-security-posture-faq]]
diff --git a/docs/serverless/cloud-native-security/cspm.asciidoc b/docs/serverless/cloud-native-security/cspm.asciidoc
index 85112cddde..677abfdab0 100644
--- a/docs/serverless/cloud-native-security/cspm.asciidoc
+++ b/docs/serverless/cloud-native-security/cspm.asciidoc
@@ -4,7 +4,6 @@
 // :description: Identify misconfigured cloud resources.
 // :keywords: serverless, security, overview
 
-preview:[]
 
 The Cloud Security Posture Management (CSPM) feature discovers and evaluates the services in your cloud environment — like storage, compute, IAM, and more — against configuration security guidelines defined by the https://www.cisecurity.org/[Center for Internet Security] (CIS) to help you identify and remediate risks that could undermine the confidentiality, integrity, and availability of your cloud data.
 
diff --git a/docs/serverless/cloud-native-security/d4c-get-started.asciidoc b/docs/serverless/cloud-native-security/d4c-get-started.asciidoc
index e23b27fc8d..3b28a2c0b8 100644
--- a/docs/serverless/cloud-native-security/d4c-get-started.asciidoc
+++ b/docs/serverless/cloud-native-security/d4c-get-started.asciidoc
@@ -4,7 +4,6 @@
 // :description: Secure your containerized workloads and start detecting threats and vulnerabilities.
 // :keywords: security, how-to, get-started, cloud security
 
-preview:[]
 
 beta:[]
 
diff --git a/docs/serverless/cloud-native-security/d4c-overview.asciidoc b/docs/serverless/cloud-native-security/d4c-overview.asciidoc
index 5871762204..fbfe188b13 100644
--- a/docs/serverless/cloud-native-security/d4c-overview.asciidoc
+++ b/docs/serverless/cloud-native-security/d4c-overview.asciidoc
@@ -4,7 +4,6 @@
 // :description: Identify and block unexpected system behavior in Kubernetes containers.
 // :keywords: security, cloud, reference, manage
 
-preview:[]
 
 beta:[]
 
diff --git a/docs/serverless/cloud-native-security/d4c-policy-guide.asciidoc b/docs/serverless/cloud-native-security/d4c-policy-guide.asciidoc
index 5fc4091077..54b7ec101e 100644
--- a/docs/serverless/cloud-native-security/d4c-policy-guide.asciidoc
+++ b/docs/serverless/cloud-native-security/d4c-policy-guide.asciidoc
@@ -4,7 +4,6 @@
 // :description: Learn to build policies for cloud workload protection for Kubernetes.
 // :keywords: security, cloud, reference, manage, cloud security
 
-preview:[]
 
 To unlock the full functionality of the Defend for Containers (D4C) integration, you'll need to understand its policy syntax. This will enable you to construct policies that precisely allow expected container behaviors and prevent unexpected behaviors — thereby hardening your container workloads' security posture.
 
diff --git a/docs/serverless/cloud-native-security/environment-variable-capture.asciidoc b/docs/serverless/cloud-native-security/environment-variable-capture.asciidoc
index 311796c7a3..2e6e78ab6f 100644
--- a/docs/serverless/cloud-native-security/environment-variable-capture.asciidoc
+++ b/docs/serverless/cloud-native-security/environment-variable-capture.asciidoc
@@ -4,7 +4,6 @@
 // :description: Capture environment variables from monitored Linux sessions.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 You can configure an {agent} policy to capture up to five environment variables (`env vars`).
 
diff --git a/docs/serverless/cloud-native-security/get-started-with-kspm.asciidoc b/docs/serverless/cloud-native-security/get-started-with-kspm.asciidoc
index 2380fb9fef..3208a1f9ae 100644
--- a/docs/serverless/cloud-native-security/get-started-with-kspm.asciidoc
+++ b/docs/serverless/cloud-native-security/get-started-with-kspm.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 This page explains how to configure the Kubernetes Security Posture Management (KSPM) integration.
 
diff --git a/docs/serverless/cloud-native-security/kspm.asciidoc b/docs/serverless/cloud-native-security/kspm.asciidoc
index a5a9e8b200..a58f66aba8 100644
--- a/docs/serverless/cloud-native-security/kspm.asciidoc
+++ b/docs/serverless/cloud-native-security/kspm.asciidoc
@@ -4,7 +4,6 @@
 // :description: Identify configuration risks in your Kubernetes clusters.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 [discrete]
 [[kspm-overview]]
diff --git a/docs/serverless/cloud-native-security/security-posture-faq.asciidoc b/docs/serverless/cloud-native-security/security-posture-faq.asciidoc
index e130505bd0..0293f456ce 100644
--- a/docs/serverless/cloud-native-security/security-posture-faq.asciidoc
+++ b/docs/serverless/cloud-native-security/security-posture-faq.asciidoc
@@ -4,7 +4,6 @@
 // :description: Frequently asked questions about the CSPM integration.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 [discrete]
 [[cspm-faq]]
diff --git a/docs/serverless/cloud-native-security/security-posture-management.asciidoc b/docs/serverless/cloud-native-security/security-posture-management.asciidoc
index 0975975752..4a536ba2ef 100644
--- a/docs/serverless/cloud-native-security/security-posture-management.asciidoc
+++ b/docs/serverless/cloud-native-security/security-posture-management.asciidoc
@@ -4,7 +4,6 @@
 // :description: Discovers and evaluates your cloud services and resources against security best practices.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 [discrete]
 == Overview
diff --git a/docs/serverless/cloud-native-security/session-view.asciidoc b/docs/serverless/cloud-native-security/session-view.asciidoc
index 42092ec300..18ee98712d 100644
--- a/docs/serverless/cloud-native-security/session-view.asciidoc
+++ b/docs/serverless/cloud-native-security/session-view.asciidoc
@@ -4,7 +4,6 @@
 // :description: Examine Linux process data in context with Session View.
 // :keywords: serverless, security, overview, how to, cloud security
 
-preview:[]
 
 Session View is an investigation tool that allows you to examine Linux process data organized
 in a tree-like structure according to the Linux logical event model, with processes organized by parentage and time of execution.
diff --git a/docs/serverless/cloud-native-security/vuln-management-faq.asciidoc b/docs/serverless/cloud-native-security/vuln-management-faq.asciidoc
index fd3ed19567..a87a6af768 100644
--- a/docs/serverless/cloud-native-security/vuln-management-faq.asciidoc
+++ b/docs/serverless/cloud-native-security/vuln-management-faq.asciidoc
@@ -4,7 +4,6 @@
 // :description: Frequently asked questions about the CNVM integration.
 // :keywords: security, cloud, reference, manage
 
-preview:[]
 
 Frequently asked questions about the Cloud Native Vulnerability Management (CNVM) integration and features.
 
diff --git a/docs/serverless/cloud-native-security/vuln-management-findings.asciidoc b/docs/serverless/cloud-native-security/vuln-management-findings.asciidoc
index 1bd4e6a319..c191049b0b 100644
--- a/docs/serverless/cloud-native-security/vuln-management-findings.asciidoc
+++ b/docs/serverless/cloud-native-security/vuln-management-findings.asciidoc
@@ -4,7 +4,6 @@
 // :description: The Findings page displays information about cloud vulnerabilities found in your environment.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 The **Vulnerabilities** tab on the Findings page displays the vulnerabilities detected by the <<security-vuln-management-overview,CNVM integration>>, as well as those detected by <<ingest-third-party-cloud-security-data, third-party integrations>>.
 
diff --git a/docs/serverless/cloud-native-security/vuln-management-get-started.asciidoc b/docs/serverless/cloud-native-security/vuln-management-get-started.asciidoc
index b2a2157621..0ecc4d5971 100644
--- a/docs/serverless/cloud-native-security/vuln-management-get-started.asciidoc
+++ b/docs/serverless/cloud-native-security/vuln-management-get-started.asciidoc
@@ -4,7 +4,6 @@
 // :description: Set up cloud native vulnerability management.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 This page explains how to set up Cloud Native Vulnerability Management (CNVM).
 
diff --git a/docs/serverless/cloud-native-security/vuln-management-overview.asciidoc b/docs/serverless/cloud-native-security/vuln-management-overview.asciidoc
index 2d65262441..fde9a21689 100644
--- a/docs/serverless/cloud-native-security/vuln-management-overview.asciidoc
+++ b/docs/serverless/cloud-native-security/vuln-management-overview.asciidoc
@@ -4,7 +4,6 @@
 // :description: Find and track vulnerabilities in your cloud.
 // :keywords: serverless, security, overview, cloud security
 
-preview:[]
 
 Elastic's Cloud Native Vulnerability Management (CNVM) feature helps you identify known vulnerabilities in your cloud workloads.
 
diff --git a/docs/serverless/dashboards/cloud-posture-dashboard-dash.asciidoc b/docs/serverless/dashboards/cloud-posture-dashboard-dash.asciidoc
index f4a6f4eb91..8347befbeb 100644
--- a/docs/serverless/dashboards/cloud-posture-dashboard-dash.asciidoc
+++ b/docs/serverless/dashboards/cloud-posture-dashboard-dash.asciidoc
@@ -12,7 +12,6 @@
 <titleabbrev>Cloud Security Posture</titleabbrev>
 ++++
 
-preview:[]
 
 The Cloud Security Posture dashboard summarizes your cloud infrastructure's overall performance against <<security-benchmark-rules,security guidelines>> defined by the Center for Internet Security (CIS). To start collecting this data, refer to <<security-cspm-get-started,Get started with Cloud Security Posture Management>> or <<security-get-started-with-kspm,Get started with Kubernetes Security Posture Management>>.
 
diff --git a/docs/serverless/dashboards/dashboards-overview.asciidoc b/docs/serverless/dashboards/dashboards-overview.asciidoc
index fdb72bdd3b..8c77a3ad78 100644
--- a/docs/serverless/dashboards/dashboards-overview.asciidoc
+++ b/docs/serverless/dashboards/dashboards-overview.asciidoc
@@ -4,7 +4,6 @@
 // :description: Dashboards give you insight into your security environment.
 // :keywords: security, overview, visualize, monitor, analyze
 
-preview:[]
 
 The {security-app}'s default dashboards provide useful visualizations of your security environment. To view them in {elastic-sec}, select **Dashboards** from the navigation menu. From the Dashboards page, you can access the default dashboards, as well as create and access custom dashboards.
 
diff --git a/docs/serverless/dashboards/data-quality-dash.asciidoc b/docs/serverless/dashboards/data-quality-dash.asciidoc
index 1fe09e0392..c19a92cb60 100644
--- a/docs/serverless/dashboards/data-quality-dash.asciidoc
+++ b/docs/serverless/dashboards/data-quality-dash.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Data Quality</titleabbrev>
 ++++
 
-preview:[]
 
 The Data Quality dashboard shows you whether your data is correctly mapped to the https://www.elastic.co/guide/en/ecs/current/ecs-reference.html[Elastic Common Schema] (ECS). Successful {ref}/mapping.html[mapping] enables you to search, visualize, and interact with your data throughout {elastic-sec}.
 
diff --git a/docs/serverless/dashboards/detection-entity-dashboard.asciidoc b/docs/serverless/dashboards/detection-entity-dashboard.asciidoc
index 402a86a193..26fc3aaabc 100644
--- a/docs/serverless/dashboards/detection-entity-dashboard.asciidoc
+++ b/docs/serverless/dashboards/detection-entity-dashboard.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Entity Analytics</titleabbrev>
 ++++
 
-preview:[]
 
 The Entity Analytics dashboard provides a centralized view of emerging insider threats - including host risk, user risk, and anomalies from within your network. Use it to triage, investigate, and respond to these emerging threats.
 
diff --git a/docs/serverless/dashboards/detection-response-dashboard.asciidoc b/docs/serverless/dashboards/detection-response-dashboard.asciidoc
index ed14e7a5d4..c4a3f63161 100644
--- a/docs/serverless/dashboards/detection-response-dashboard.asciidoc
+++ b/docs/serverless/dashboards/detection-response-dashboard.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Detection & Response</titleabbrev>
 ++++
 
-preview:[]
 
 The Detection & Response dashboard provides focused visibility into the day-to-day operations of your security environment. It helps security operations managers and analysts quickly monitor recent and high priority detection alerts and cases, and identify the hosts and users associated with alerts.
 
diff --git a/docs/serverless/dashboards/kubernetes-dashboard-dash.asciidoc b/docs/serverless/dashboards/kubernetes-dashboard-dash.asciidoc
index 5f8668b950..b2b4b83837 100644
--- a/docs/serverless/dashboards/kubernetes-dashboard-dash.asciidoc
+++ b/docs/serverless/dashboards/kubernetes-dashboard-dash.asciidoc
@@ -12,7 +12,6 @@
 <titleabbrev>Kubernetes</titleabbrev>
 ++++
 
-preview:[]
 
 The Kubernetes dashboard provides insight into Linux process data from your Kubernetes clusters. It shows sessions in detail and in the context of your monitored infrastructure.
 
diff --git a/docs/serverless/dashboards/overview-dashboard.asciidoc b/docs/serverless/dashboards/overview-dashboard.asciidoc
index b07348d836..257988cdab 100644
--- a/docs/serverless/dashboards/overview-dashboard.asciidoc
+++ b/docs/serverless/dashboards/overview-dashboard.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Overview</titleabbrev>
 ++++
 
-preview:[]
 
 The Overview dashboard provides a high-level snapshot of alerts and events. It helps you assess overall system health and find anomalies that may require further investigation.
 
diff --git a/docs/serverless/dashboards/rule-monitoring-dashboard.asciidoc b/docs/serverless/dashboards/rule-monitoring-dashboard.asciidoc
index 40d6ec377b..005135052a 100644
--- a/docs/serverless/dashboards/rule-monitoring-dashboard.asciidoc
+++ b/docs/serverless/dashboards/rule-monitoring-dashboard.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Detection rule monitoring</titleabbrev>
 ++++
 
-preview:[]
 
 The Detection rule monitoring dashboard provides visualizations to help you monitor the overall health and performance of {elastic-sec}'s detection rules. Consult this dashboard for a high-level view of whether your rules are running successfully and how long they're taking to run, search data, and create alerts.
 
diff --git a/docs/serverless/dashboards/vuln-management-dashboard-dash.asciidoc b/docs/serverless/dashboards/vuln-management-dashboard-dash.asciidoc
index 4bd37ad17c..9458445f8b 100644
--- a/docs/serverless/dashboards/vuln-management-dashboard-dash.asciidoc
+++ b/docs/serverless/dashboards/vuln-management-dashboard-dash.asciidoc
@@ -12,7 +12,6 @@
 <titleabbrev>Cloud Native Vulnerability Management</titleabbrev>
 ++++
 
-preview:[]
 
 The Cloud Native Vulnerability Management (CNVM) dashboard gives you an overview of vulnerabilities detected in your cloud infrastructure.
 
diff --git a/docs/serverless/edr-install-config/agent-tamper-protection.asciidoc b/docs/serverless/edr-install-config/agent-tamper-protection.asciidoc
index f5ec1bf419..56a1342d1e 100644
--- a/docs/serverless/edr-install-config/agent-tamper-protection.asciidoc
+++ b/docs/serverless/edr-install-config/agent-tamper-protection.asciidoc
@@ -4,7 +4,6 @@
 // :description: Block unauthorized attempts to uninstall {agent} on hosts.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 For hosts enrolled in {elastic-defend}, you can prevent unauthorized attempts to uninstall {agent} and {elastic-endpoint} by enabling **Agent tamper protection** on the Agent policy. This offers an additional layer of security by preventing users from bypassing or disabling {elastic-defend}'s endpoint protections.
 
diff --git a/docs/serverless/edr-install-config/artifact-control.asciidoc b/docs/serverless/edr-install-config/artifact-control.asciidoc
index a98916511d..b2ea1694c4 100644
--- a/docs/serverless/edr-install-config/artifact-control.asciidoc
+++ b/docs/serverless/edr-install-config/artifact-control.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Configure protection updates</titleabbrev>
 ++++
 
-preview:[]
 
 On the **Protection updates** tab of the {elastic-defend} integration policy, you can configure how {elastic-defend} receives updates from Elastic with the latest threat detections, global exceptions, malware models, rule packages, and other protection artifacts. By default, these artifacts are automatically updated regularly, ensuring your environment is up to date with the latest protections.
 
diff --git a/docs/serverless/edr-install-config/configure-endpoint-integration-policy.asciidoc b/docs/serverless/edr-install-config/configure-endpoint-integration-policy.asciidoc
index def6970348..98866e6407 100644
--- a/docs/serverless/edr-install-config/configure-endpoint-integration-policy.asciidoc
+++ b/docs/serverless/edr-install-config/configure-endpoint-integration-policy.asciidoc
@@ -4,7 +4,6 @@
 // :description: Configure settings on an {elastic-defend} integration policy.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 After the {agent} is installed with the {elastic-defend} integration, several protections features — including
 preventions against malware, ransomware, memory threats, and malicious behavior — are automatically enabled
diff --git a/docs/serverless/edr-install-config/defend-feature-privs.asciidoc b/docs/serverless/edr-install-config/defend-feature-privs.asciidoc
index 353ca6997f..1f58efdc85 100644
--- a/docs/serverless/edr-install-config/defend-feature-privs.asciidoc
+++ b/docs/serverless/edr-install-config/defend-feature-privs.asciidoc
@@ -4,7 +4,6 @@
 // :description: Manage user roles and privileges to grant access to {elastic-defend} features.
 // :keywords: security, defend, reference, manage
 
-preview:[]
 
 You can create user roles and define privileges to manage feature access in {elastic-sec}. This allows you to use the principle of least privilege while managing access to {elastic-defend}'s features.
 
diff --git a/docs/serverless/edr-install-config/deploy-endpoint-macos-cat-mont.asciidoc b/docs/serverless/edr-install-config/deploy-endpoint-macos-cat-mont.asciidoc
index 7173b63bda..b180839bb8 100644
--- a/docs/serverless/edr-install-config/deploy-endpoint-macos-cat-mont.asciidoc
+++ b/docs/serverless/edr-install-config/deploy-endpoint-macos-cat-mont.asciidoc
@@ -4,7 +4,6 @@
 // :description: Configure access for deploying {elastic-defend} on macOS Monterey.
 // :keywords: security, how-to, secure
 
-preview:[]
 
 To properly install and configure {elastic-defend} manually without a Mobile Device Management (MDM) profile, there are additional permissions that must be enabled on the host before {elastic-endpoint}—the installed component that performs {elastic-defend}'s threat monitoring and prevention—is fully functional:
 
diff --git a/docs/serverless/edr-install-config/deploy-endpoint-macos-ven.asciidoc b/docs/serverless/edr-install-config/deploy-endpoint-macos-ven.asciidoc
index f908d5e522..34a9fb3454 100644
--- a/docs/serverless/edr-install-config/deploy-endpoint-macos-ven.asciidoc
+++ b/docs/serverless/edr-install-config/deploy-endpoint-macos-ven.asciidoc
@@ -4,7 +4,6 @@
 // :description: Configure access for deploying {elastic-defend} on macOS Ventura and higher.
 // :keywords: security, how-to, secure
 
-preview:[]
 
 To properly install and configure {elastic-defend} manually without a Mobile Device Management (MDM) profile, there are additional permissions that must be enabled on the host before {elastic-endpoint}—the installed component that performs {elastic-defend}'s threat monitoring and prevention—is fully functional:
 
diff --git a/docs/serverless/edr-install-config/deploy-endpoint-reqs.asciidoc b/docs/serverless/edr-install-config/deploy-endpoint-reqs.asciidoc
index 8da996e354..0b469f9d2c 100644
--- a/docs/serverless/edr-install-config/deploy-endpoint-reqs.asciidoc
+++ b/docs/serverless/edr-install-config/deploy-endpoint-reqs.asciidoc
@@ -4,7 +4,6 @@
 // :description: System requirements for {elastic-defend}.
 // :keywords: security, other, secure
 
-preview:[]
 
 To properly deploy {elastic-defend} without a Mobile Device Management (MDM) profile, you must manually enable additional permissions on the host before {elastic-endpoint}—the installed component that performs {elastic-defend}'s threat monitoring and prevention—is fully functional. For more information, refer to the instructions for your macOS version:
 
diff --git a/docs/serverless/edr-install-config/deploy-with-mdm.asciidoc b/docs/serverless/edr-install-config/deploy-with-mdm.asciidoc
index 8dd36182f8..64d08766aa 100644
--- a/docs/serverless/edr-install-config/deploy-with-mdm.asciidoc
+++ b/docs/serverless/edr-install-config/deploy-with-mdm.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Deploy on macOS with MDM</titleabbrev>
 ++++
 
-preview:[]
 
 To silently install and deploy {elastic-defend} without the need for user interaction, you need to configure a mobile device management (MDM) profile for {elastic-endpoint}—the installed component that performs {elastic-defend}'s threat monitoring and prevention. This allows you to pre-approve the {elastic-endpoint} system extension and grant Full Disk Access to all the necessary components.
 
diff --git a/docs/serverless/edr-install-config/endpoint-diagnostic-data.asciidoc b/docs/serverless/edr-install-config/endpoint-diagnostic-data.asciidoc
index 730f22ca69..8c242c5248 100644
--- a/docs/serverless/edr-install-config/endpoint-diagnostic-data.asciidoc
+++ b/docs/serverless/edr-install-config/endpoint-diagnostic-data.asciidoc
@@ -4,7 +4,6 @@
 // :description: Stop producing diagnostic data for Elastic defend by configuring your integration policy.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 By default, {elastic-defend} streams diagnostic data to your cluster, which Elastic uses to tune protection features. You can stop producing this diagnostic data by configuring the advanced settings in the {elastic-defend} integration policy.
 
diff --git a/docs/serverless/edr-install-config/endpoint-protection-intro.asciidoc b/docs/serverless/edr-install-config/endpoint-protection-intro.asciidoc
index 565439d52b..208e419774 100644
--- a/docs/serverless/edr-install-config/endpoint-protection-intro.asciidoc
+++ b/docs/serverless/edr-install-config/endpoint-protection-intro.asciidoc
@@ -4,6 +4,5 @@
 // :description: Start protecting your endpoints with {elastic-defend}.
 // :keywords: serverless, security, overview
 
-preview:[]
 
 This section contains information on installing and configuring {elastic-defend} for endpoint protection.
diff --git a/docs/serverless/edr-install-config/install-elastic-defend.asciidoc b/docs/serverless/edr-install-config/install-elastic-defend.asciidoc
index 46908d1128..99bdc1fff1 100644
--- a/docs/serverless/edr-install-config/install-elastic-defend.asciidoc
+++ b/docs/serverless/edr-install-config/install-elastic-defend.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Install Elastic Defend</titleabbrev>
 ++++
 
-preview:[]
 
 Like other Elastic integrations, {elastic-defend} is integrated into the {agent} using {fleet-guide}/fleet-overview.html[{fleet}]. Upon configuration, the integration allows the {agent} to monitor events on your host and send data to the {security-app}.
 
diff --git a/docs/serverless/edr-install-config/linux-file-monitoring.asciidoc b/docs/serverless/edr-install-config/linux-file-monitoring.asciidoc
index cd65c719c8..f8c94a4d29 100644
--- a/docs/serverless/edr-install-config/linux-file-monitoring.asciidoc
+++ b/docs/serverless/edr-install-config/linux-file-monitoring.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>File system monitoring (Linux)</titleabbrev>
 ++++
 
-preview:[]
 
 By default, {elastic-defend} monitors specific Linux file system types that Elastic has tested for compatibility. If your network includes nonstandard, proprietary, or otherwise unrecognized Linux file systems, you can configure the integration policy to extend monitoring and protections to those additional file systems. You can also have {elastic-defend} ignore unrecognized file system types if they don't require monitoring or cause unexpected problems.
 
diff --git a/docs/serverless/edr-install-config/self-healing-rollback.asciidoc b/docs/serverless/edr-install-config/self-healing-rollback.asciidoc
index fac21460db..3425309f84 100644
--- a/docs/serverless/edr-install-config/self-healing-rollback.asciidoc
+++ b/docs/serverless/edr-install-config/self-healing-rollback.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Self-healing rollback (Windows)</titleabbrev>
 ++++
 
-preview:[]
 
 {elastic-defend}'s self-healing feature rolls back file changes on Windows endpoints when a prevention alert is generated by enabled protection features. File changes that occurred on the host within five minutes before the prevention alert will revert to their previous state (which may be up to two hours before the alert).
 
diff --git a/docs/serverless/edr-install-config/uninstall-agent.asciidoc b/docs/serverless/edr-install-config/uninstall-agent.asciidoc
index 6f8813a040..f07443259d 100644
--- a/docs/serverless/edr-install-config/uninstall-agent.asciidoc
+++ b/docs/serverless/edr-install-config/uninstall-agent.asciidoc
@@ -4,7 +4,6 @@
 // :description: Remove {agent} from a host.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 To uninstall {agent} from a host, run the `uninstall` command from the directory where it's running. Refer to the {fleet-guide}/uninstall-elastic-agent.html[{fleet} and {agent} documentation] for more information.
 
diff --git a/docs/serverless/edr-manage/allowlist-endpoint-3rd-party-av.asciidoc b/docs/serverless/edr-manage/allowlist-endpoint-3rd-party-av.asciidoc
index 76d3f219da..1cba130a7d 100644
--- a/docs/serverless/edr-manage/allowlist-endpoint-3rd-party-av.asciidoc
+++ b/docs/serverless/edr-manage/allowlist-endpoint-3rd-party-av.asciidoc
@@ -4,7 +4,6 @@
 // :description: Add {elastic-endpoint} as a trusted application in third-party antivirus (AV) software.
 // :keywords: serverless, security, overview
 
-preview:[]
 
 [NOTE]
 ====
diff --git a/docs/serverless/edr-manage/blocklist.asciidoc b/docs/serverless/edr-manage/blocklist.asciidoc
index 668cf8b9ba..73571e8be3 100644
--- a/docs/serverless/edr-manage/blocklist.asciidoc
+++ b/docs/serverless/edr-manage/blocklist.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 The blocklist allows you to prevent specified applications from running on hosts, extending the list of processes that {elastic-defend} considers malicious. This helps ensure that known malicious processes aren't accidentally executed by end users.
 
diff --git a/docs/serverless/edr-manage/endpoint-command-ref.asciidoc b/docs/serverless/edr-manage/endpoint-command-ref.asciidoc
index d1bf4ef839..1f79488745 100644
--- a/docs/serverless/edr-manage/endpoint-command-ref.asciidoc
+++ b/docs/serverless/edr-manage/endpoint-command-ref.asciidoc
@@ -4,7 +4,6 @@
 // :description: Manage and troubleshoot {elastic-endpoint} using CLI commands.
 // :keywords: security, reference, manage
 
-preview:[]
 
 This page lists the commands for management and troubleshooting of {elastic-endpoint}, the installed component that performs {elastic-defend}'s threat monitoring and prevention.
 
diff --git a/docs/serverless/edr-manage/endpoint-event-capture.asciidoc b/docs/serverless/edr-manage/endpoint-event-capture.asciidoc
index 87a24eb111..b35fcd7184 100644
--- a/docs/serverless/edr-manage/endpoint-event-capture.asciidoc
+++ b/docs/serverless/edr-manage/endpoint-event-capture.asciidoc
@@ -4,7 +4,6 @@
 // :description: Learn more about how {elastic-defend} collects event data.
 // :keywords: serverless, security, reference
 
-preview:[]
 
 {elastic-defend} collects select data on system activity in order to detect and prevent as many threats as possible, while balancing storage and performance overhead. To that end, {elastic-defend} isn't designed to capture all system events. Some event data that {elastic-defend} generates gets aggregated, truncated, or deduplicated as needed to optimize threat detection and prevention.
 
diff --git a/docs/serverless/edr-manage/endpoint-self-protection.asciidoc b/docs/serverless/edr-manage/endpoint-self-protection.asciidoc
index 74522e1a82..58418b4575 100644
--- a/docs/serverless/edr-manage/endpoint-self-protection.asciidoc
+++ b/docs/serverless/edr-manage/endpoint-self-protection.asciidoc
@@ -4,7 +4,6 @@
 // :description: Learn how {elastic-endpoint} guards itself from tampering and attacks.
 // :keywords: serverless, security, overview
 
-preview:[]
 
 {elastic-endpoint}, the installed component that performs {elastic-defend}'s threat monitoring and prevention, protects itself against users and attackers that may try to interfere with its functionality. Protection features are consistently enhanced to prevent attackers who may attempt to use newer, more sophisticated tactics to interfere with the {elastic-endpoint}. Self-protection is enabled by default when {elastic-endpoint} installs on supported platforms, listed below.
 
diff --git a/docs/serverless/edr-manage/endpoints-page.asciidoc b/docs/serverless/edr-manage/endpoints-page.asciidoc
index a03e1f6e46..fb8396f152 100644
--- a/docs/serverless/edr-manage/endpoints-page.asciidoc
+++ b/docs/serverless/edr-manage/endpoints-page.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, overview
 
-preview:[]
 
 The **Endpoints** page (**Assets** → **Endpoints**) allows administrators to view and manage endpoints that are running the <<security-install-edr,{elastic-defend} integration>>.
 
diff --git a/docs/serverless/edr-manage/event-filters.asciidoc b/docs/serverless/edr-manage/event-filters.asciidoc
index 587411f867..950cf27b84 100644
--- a/docs/serverless/edr-manage/event-filters.asciidoc
+++ b/docs/serverless/edr-manage/event-filters.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 Event filters allow you to filter out endpoint events that you don't want stored in {es} — for example, high-volume events. By creating event filters, you can optimize your storage in {es}.
 
diff --git a/docs/serverless/edr-manage/host-isolation-exceptions.asciidoc b/docs/serverless/edr-manage/host-isolation-exceptions.asciidoc
index 1a4a274c37..aa53e95e8b 100644
--- a/docs/serverless/edr-manage/host-isolation-exceptions.asciidoc
+++ b/docs/serverless/edr-manage/host-isolation-exceptions.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 You can configure host isolation exceptions for specific IP addresses that <<security-isolate-host,isolated hosts>> are still allowed to communicate with, even when blocked from the rest of your network. Isolated hosts can still send data to {elastic-sec}, so you don't need to set up host isolation exceptions for them.
 
diff --git a/docs/serverless/edr-manage/manage-endpoint-protection.asciidoc b/docs/serverless/edr-manage/manage-endpoint-protection.asciidoc
index b0a4487cdf..8ab979cb2c 100644
--- a/docs/serverless/edr-manage/manage-endpoint-protection.asciidoc
+++ b/docs/serverless/edr-manage/manage-endpoint-protection.asciidoc
@@ -4,6 +4,5 @@
 // :description: Manage endpoint protection artifacts for {elastic-defend}.
 // :keywords: serverless, security, overview
 
-preview:[]
 
 This section provides an overview of the management tools on the **Assets** page that administrators can use to manage endpoints, integration policies, trusted applications, event filters, host isolation exceptions, and blocked applications.
diff --git a/docs/serverless/edr-manage/optimize-edr.asciidoc b/docs/serverless/edr-manage/optimize-edr.asciidoc
index 1ef4375f5b..b732ee12a2 100644
--- a/docs/serverless/edr-manage/optimize-edr.asciidoc
+++ b/docs/serverless/edr-manage/optimize-edr.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 If you encounter problems like incompatibilities with other antivirus software, too many false positive alerts, or excessive storage or CPU usage, you can optimize {elastic-defend} to mitigate these issues.
 
diff --git a/docs/serverless/edr-manage/policies-page-ov.asciidoc b/docs/serverless/edr-manage/policies-page-ov.asciidoc
index 10afde8cda..caa1b6aa50 100644
--- a/docs/serverless/edr-manage/policies-page-ov.asciidoc
+++ b/docs/serverless/edr-manage/policies-page-ov.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, reference
 
-preview:[]
 
 The **Policies** page (**Assets** → **Policies**) lists all of the integration policies configured for {elastic-defend}.
 
diff --git a/docs/serverless/edr-manage/trusted-apps-ov.asciidoc b/docs/serverless/edr-manage/trusted-apps-ov.asciidoc
index 3fd5307aff..c7c05e9095 100644
--- a/docs/serverless/edr-manage/trusted-apps-ov.asciidoc
+++ b/docs/serverless/edr-manage/trusted-apps-ov.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 [NOTE]
 ====
diff --git a/docs/serverless/endpoint-response-actions/automated-response-actions.asciidoc b/docs/serverless/endpoint-response-actions/automated-response-actions.asciidoc
index c3085b9344..ce4ddff3e9 100644
--- a/docs/serverless/endpoint-response-actions/automated-response-actions.asciidoc
+++ b/docs/serverless/endpoint-response-actions/automated-response-actions.asciidoc
@@ -4,7 +4,6 @@
 // :description: Automatically respond to events with endpoint response actions triggered by detection rules.
 // :keywords: serverless, security, defend, how-to, manage
 
-preview:[]
 
 Add {elastic-defend}'s <<security-response-actions,response actions>> to detection rules to automatically perform actions on an affected host when an event meets the rule's criteria. Use these actions to support your response to detected threats and suspicious events.
 
diff --git a/docs/serverless/endpoint-response-actions/host-isolation-ov.asciidoc b/docs/serverless/endpoint-response-actions/host-isolation-ov.asciidoc
index 151182625a..73de009985 100644
--- a/docs/serverless/endpoint-response-actions/host-isolation-ov.asciidoc
+++ b/docs/serverless/endpoint-response-actions/host-isolation-ov.asciidoc
@@ -4,7 +4,6 @@
 // :description: Host isolation allows you to cut off a host's network access until you release it.
 // :keywords: serverless, security, defend, how-to, manage
 
-preview:[]
 
 Host isolation allows you to isolate hosts from your network, blocking communication with other hosts on your network until you release the host. Isolating a host is useful for responding to malicious activity or preventing potential attacks, as it prevents lateral movement across other hosts.
 
diff --git a/docs/serverless/endpoint-response-actions/response-actions-config.asciidoc b/docs/serverless/endpoint-response-actions/response-actions-config.asciidoc
index bd521a744c..8d870d646d 100644
--- a/docs/serverless/endpoint-response-actions/response-actions-config.asciidoc
+++ b/docs/serverless/endpoint-response-actions/response-actions-config.asciidoc
@@ -4,7 +4,6 @@
 // :description: Configure {elastic-sec} to perform response actions on hosts protected by third-party systems.
 // :keywords: serverless, security, how-to, configure
 
-preview:[]
 
 preview::[]
 
diff --git a/docs/serverless/endpoint-response-actions/response-actions-history.asciidoc b/docs/serverless/endpoint-response-actions/response-actions-history.asciidoc
index 6966293814..6feccc0111 100644
--- a/docs/serverless/endpoint-response-actions/response-actions-history.asciidoc
+++ b/docs/serverless/endpoint-response-actions/response-actions-history.asciidoc
@@ -4,7 +4,6 @@
 // :description: The response actions history log keeps a record of actions taken on endpoints.
 // :keywords: serverless, security, defend, reference, manage
 
-preview:[]
 
 {elastic-sec} keeps a log of the <<security-response-actions,response actions>> performed on endpoints, such as isolating a host or terminating a process. The log displays when each command was performed, the host on which the action was performed, the user who requested the action, any comments added to the action, and the action's current status.
 
diff --git a/docs/serverless/endpoint-response-actions/response-actions.asciidoc b/docs/serverless/endpoint-response-actions/response-actions.asciidoc
index eb00192900..82012f892a 100644
--- a/docs/serverless/endpoint-response-actions/response-actions.asciidoc
+++ b/docs/serverless/endpoint-response-actions/response-actions.asciidoc
@@ -4,7 +4,6 @@
 // :description: Perform response actions on endpoints using a terminal-like interface.
 // :keywords: serverless, security, defend, reference, manage
 
-preview:[]
 
 The response console allows you to perform response actions on an endpoint using a terminal-like interface. You can enter action commands and get near-instant feedback on them. Actions are also recorded in the endpoint's <<actions-log,response actions history>> for reference.
 
diff --git a/docs/serverless/endpoint-response-actions/third-party-actions.asciidoc b/docs/serverless/endpoint-response-actions/third-party-actions.asciidoc
index c0d38cb0e1..9963946888 100644
--- a/docs/serverless/endpoint-response-actions/third-party-actions.asciidoc
+++ b/docs/serverless/endpoint-response-actions/third-party-actions.asciidoc
@@ -4,7 +4,6 @@
 // :description: Respond to threats on hosts enrolled in third-party security systems.
 // :keywords: serverless, security, defend, reference, manage
 
-preview:[]
 
 preview::[]
 
diff --git a/docs/serverless/explore/conf-map-ui.asciidoc b/docs/serverless/explore/conf-map-ui.asciidoc
index 7b4ae3e0c6..c81ec62f0d 100644
--- a/docs/serverless/explore/conf-map-ui.asciidoc
+++ b/docs/serverless/explore/conf-map-ui.asciidoc
@@ -4,7 +4,6 @@
 // :description: Requirements for setting up and using the Network page.
 // :keywords: serverless, security, how-to, manage
 
-preview:[]
 
 Depending on your setup, to display and interact with data on the
 **Network** page's map you might need to:
diff --git a/docs/serverless/explore/data-views-in-sec.asciidoc b/docs/serverless/explore/data-views-in-sec.asciidoc
index dfaeb02f04..a1b54d1180 100644
--- a/docs/serverless/explore/data-views-in-sec.asciidoc
+++ b/docs/serverless/explore/data-views-in-sec.asciidoc
@@ -4,7 +4,6 @@
 // :description: Use data views to control what data displays on {elastic-sec} pages with event or alert data.
 // :keywords: serverless, security, reference, manage
 
-preview:[]
 
 {data-sources-cap} determine what data displays on {elastic-sec} pages with event or alert data.
 {data-sources-cap} are defined by the index patterns they include.
diff --git a/docs/serverless/explore/explore-your-data.asciidoc b/docs/serverless/explore/explore-your-data.asciidoc
index 02f53a9f34..3f5ea175d9 100644
--- a/docs/serverless/explore/explore-your-data.asciidoc
+++ b/docs/serverless/explore/explore-your-data.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, overview
 
-preview:[]
 
 This section contains the following pages:
 
diff --git a/docs/serverless/explore/hosts-overview.asciidoc b/docs/serverless/explore/hosts-overview.asciidoc
index 2e00548bdf..06e904f705 100644
--- a/docs/serverless/explore/hosts-overview.asciidoc
+++ b/docs/serverless/explore/hosts-overview.asciidoc
@@ -4,7 +4,6 @@
 // :description: Explore the Hosts page to analyze hosts and related security events.
 // :keywords: serverless, security, how-to, analyze
 
-preview:[]
 
 The Hosts page provides a comprehensive overview of all hosts and host-related security events. Key performance indicator (KPI) charts, data tables, and interactive widgets let you view specific data, drill down for deeper insights, and interact with Timeline for further investigation.
 
diff --git a/docs/serverless/explore/network-page-overview.asciidoc b/docs/serverless/explore/network-page-overview.asciidoc
index 434175ba2a..45dba9cece 100644
--- a/docs/serverless/explore/network-page-overview.asciidoc
+++ b/docs/serverless/explore/network-page-overview.asciidoc
@@ -4,7 +4,6 @@
 // :description: Analyze key network activity metrics on an interactive map, and use network event tables for deeper insights.
 // :keywords: serverless, security, how-to, analyze
 
-preview:[]
 
 The Network page provides key network activity metrics in an interactive map, and network event tables that enable interaction with Timeline. You can drag and drop items of interest from the Network view to Timeline for further investigation.
 
diff --git a/docs/serverless/explore/runtime-fields.asciidoc b/docs/serverless/explore/runtime-fields.asciidoc
index a2aa1bc986..d603729924 100644
--- a/docs/serverless/explore/runtime-fields.asciidoc
+++ b/docs/serverless/explore/runtime-fields.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Create runtime fields</titleabbrev>
 ++++
 
-preview:[]
 
 Runtime fields are fields that you can add to documents after you've ingested your data. For example, you could combine two fields and treat them as one, or perform calculations on existing data and use the result as a separate field. Runtime fields are evaluated when a query is run.
 
diff --git a/docs/serverless/explore/siem-field-reference.asciidoc b/docs/serverless/explore/siem-field-reference.asciidoc
index 89e054ca88..ce815a77db 100644
--- a/docs/serverless/explore/siem-field-reference.asciidoc
+++ b/docs/serverless/explore/siem-field-reference.asciidoc
@@ -4,7 +4,6 @@
 // :description: Learn which ECS fields are used by {elastic-sec} to display various data.
 // :keywords: serverless, security, reference, manage
 
-preview:[]
 
 This section lists {ecs-ref}[Elastic Common Schema] (ECS) fields used by {elastic-sec} to provide an optimal SIEM and security analytics experience to users. These fields are used to display data, provide rule previews, enable detection by prebuilt detection rules, provide context during rule triage and investigation, escalate to cases, and more.
 
diff --git a/docs/serverless/explore/users-page.asciidoc b/docs/serverless/explore/users-page.asciidoc
index e71450de5b..9f6a095ae2 100644
--- a/docs/serverless/explore/users-page.asciidoc
+++ b/docs/serverless/explore/users-page.asciidoc
@@ -4,7 +4,6 @@
 // :description: Analyze authentication and user behavior within your environment.
 // :keywords: serverless, security, how-to, analyze
 
-preview:[]
 
 The Users page provides a comprehensive overview of user data to help you understand authentication and user behavior within your environment. Key performance indicator (KPI) charts, data tables, and interactive widgets let you view specific data and drill down for deeper insights.
 
diff --git a/docs/serverless/index.asciidoc b/docs/serverless/index.asciidoc
index 26b43198ab..f8612c0168 100644
--- a/docs/serverless/index.asciidoc
+++ b/docs/serverless/index.asciidoc
@@ -199,6 +199,4 @@ include::./settings/advanced-settings.asciidoc[leveloffset=+3]
 
 include::./troubleshooting/troubleshooting-intro.asciidoc[leveloffset=+2]
 include::./troubleshooting/ts-detection-rules.asciidoc[leveloffset=+3]
-include::./troubleshooting/troubleshoot-endpoints.asciidoc[leveloffset=+3]
-
-include::./technical-preview-limitations.asciidoc[leveloffset=+2]
+include::./troubleshooting/troubleshoot-endpoints.asciidoc[leveloffset=+3]
\ No newline at end of file
diff --git a/docs/serverless/ingest/auto-import.asciidoc b/docs/serverless/ingest/auto-import.asciidoc
index 605d846245..2cbc100c9a 100644
--- a/docs/serverless/ingest/auto-import.asciidoc
+++ b/docs/serverless/ingest/auto-import.asciidoc
@@ -4,7 +4,6 @@
 // :description: Use Automatic Import to quickly normalize and ingest third-party data.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 .Technical preview
 [IMPORTANT]
diff --git a/docs/serverless/ingest/ingest-data.asciidoc b/docs/serverless/ingest/ingest-data.asciidoc
index fc2bb73c70..79544e8b27 100644
--- a/docs/serverless/ingest/ingest-data.asciidoc
+++ b/docs/serverless/ingest/ingest-data.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Ingest data</titleabbrev>
 ++++
 
-preview:[]
 
 To ingest data, you can use:
 
diff --git a/docs/serverless/ingest/threat-intelligence.asciidoc b/docs/serverless/ingest/threat-intelligence.asciidoc
index 1f89cadc63..bceb8c4337 100644
--- a/docs/serverless/ingest/threat-intelligence.asciidoc
+++ b/docs/serverless/ingest/threat-intelligence.asciidoc
@@ -4,7 +4,6 @@
 // :description: Use threat indicators to detect known threats and malicious activity.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 The Threat Intelligence view provides a streamlined way to collect threat intelligence data that you can use for threat detection and matching. Threat intelligence data consists of  <<ti-indicators,threat indicators>> ingested from third-party threat intelligence sources.
 
diff --git a/docs/serverless/investigate/add-manage-notes.asciidoc b/docs/serverless/investigate/add-manage-notes.asciidoc
index 63540f13a4..2aac9b004e 100644
--- a/docs/serverless/investigate/add-manage-notes.asciidoc
+++ b/docs/serverless/investigate/add-manage-notes.asciidoc
@@ -4,7 +4,6 @@
 // :description: Create and manage notes for alerts, events, and Timeline.
 // :keywords: serverless, security, how-to, manage
 
-preview:[]
 
 Incorporate notes into your investigative workflows to coordinate responses, conduct threat hunting, and share investigative findings. You can attach notes to alerts, events, and Timelines and manage them from the **Notes** page.
 
diff --git a/docs/serverless/investigate/case-permissions.asciidoc b/docs/serverless/investigate/case-permissions.asciidoc
index e883d761b7..237a29c724 100644
--- a/docs/serverless/investigate/case-permissions.asciidoc
+++ b/docs/serverless/investigate/case-permissions.asciidoc
@@ -4,7 +4,6 @@
 // :description: Requirements for using and managing cases.
 // :keywords: serverless, security, reference, manage
 
-preview:[]
 
 To access cases, you need either the appropriate <<general-assign-user-roles,predefined Security user role>> or a <<custom-roles,custom role>> with the right privileges.
 
diff --git a/docs/serverless/investigate/cases-open-manage.asciidoc b/docs/serverless/investigate/cases-open-manage.asciidoc
index f3c90ee27f..260ec61f4c 100644
--- a/docs/serverless/investigate/cases-open-manage.asciidoc
+++ b/docs/serverless/investigate/cases-open-manage.asciidoc
@@ -4,7 +4,6 @@
 // :description: Create a case in {elastic-sec}, and add files and visualizations.
 // :keywords: serverless, security, how-to, analyze, manage
 
-preview:[]
 
 You can create and manage cases using the UI or the {security-guide}/cases-api-overview.html[Cases API].
 
@@ -18,8 +17,7 @@ Open a new case to keep track of security issues and share their details with
 colleagues.
 
 . Go to **Cases**, then click **Create case**. If no cases exist, the Cases table will be empty and you'll be prompted to create one by clicking the **Create case** button inside the table.
-. (Optional) If you defined <<security-cases-settings-templates,templates>>, select one to use its default field values. preview:[]
-. Give the case a name, assign a severity level, and provide a description. You can use
+. (Optional) If you defined <<security-cases-settings-templates,templates>>, select one to use its default field values. . Give the case a name, assign a severity level, and provide a description. You can use
 https://www.markdownguide.org/cheat-sheet[Markdown] syntax in the case description.
 +
 [NOTE]
diff --git a/docs/serverless/investigate/cases-overview.asciidoc b/docs/serverless/investigate/cases-overview.asciidoc
index b0d0721f97..bf84870b63 100644
--- a/docs/serverless/investigate/cases-overview.asciidoc
+++ b/docs/serverless/investigate/cases-overview.asciidoc
@@ -4,7 +4,6 @@
 // :description: Cases enable you to track investigation details about security issues.
 // :keywords: security, overview, analyze
 
-preview:[]
 
 Collect and share information about security issues by opening a case in {elastic-sec}. Cases allow you to track key investigation details, collect alerts in a central location, and more. The {elastic-sec} UI provides several ways to create and manage cases. Alternatively, you can use the {security-guide}/cases-api-overview.html[Cases API] to perform the same tasks.
 
diff --git a/docs/serverless/investigate/cases-settings.asciidoc b/docs/serverless/investigate/cases-settings.asciidoc
index 851d0478c6..54c8e1db2e 100644
--- a/docs/serverless/investigate/cases-settings.asciidoc
+++ b/docs/serverless/investigate/cases-settings.asciidoc
@@ -4,7 +4,6 @@
 // :description: Change the default behavior of {elastic-sec} cases by adding connectors, custom fields, templates, and closure options.
 // :keywords: serverless, security, how-to, configure
 
-preview:[]
 
 To access case settings in an {elastic-sec} project, go to **Cases** → **Settings**.
 
diff --git a/docs/serverless/investigate/indicators-of-compromise.asciidoc b/docs/serverless/investigate/indicators-of-compromise.asciidoc
index 03a1e8f9b0..f02f82f759 100644
--- a/docs/serverless/investigate/indicators-of-compromise.asciidoc
+++ b/docs/serverless/investigate/indicators-of-compromise.asciidoc
@@ -4,7 +4,6 @@
 // :description: Set up the Indicators page to detect, analyze, and respond to threats.
 // :keywords: serverless, security, how-to, analyze, manage
 
-preview:[]
 
 The Indicators page collects data from enabled threat intelligence feeds and provides a centralized view of indicators, also known as indicators of compromise (IoCs). This topic helps you set up the Indicators page and explains how to work with IoCs.
 
diff --git a/docs/serverless/investigate/investigate-events.asciidoc b/docs/serverless/investigate/investigate-events.asciidoc
index c3f627d562..4f7cfe7d2a 100644
--- a/docs/serverless/investigate/investigate-events.asciidoc
+++ b/docs/serverless/investigate/investigate-events.asciidoc
@@ -4,7 +4,6 @@
 // :description: Investigate security events and track security issues in {elastic-sec}.
 // :keywords: serverless, security, overview
 
-preview:[]
 
 The following sections describe tools for investigating security events and tracking security issues directly in {elastic-sec}.
 
diff --git a/docs/serverless/investigate/timeline-object-schema.asciidoc b/docs/serverless/investigate/timeline-object-schema.asciidoc
index 2e768128f3..459353264b 100644
--- a/docs/serverless/investigate/timeline-object-schema.asciidoc
+++ b/docs/serverless/investigate/timeline-object-schema.asciidoc
@@ -4,7 +4,6 @@
 // :description: A list of JSON elements inside the timeline object.
 // :keywords: serverless, security, reference
 
-preview:[]
 
 The Timeline schema lists all the JSON fields and objects required to create a Timeline or a Timeline template using the Create Timeline API.
 
diff --git a/docs/serverless/investigate/timeline-templates-ui.asciidoc b/docs/serverless/investigate/timeline-templates-ui.asciidoc
index 4356ad7c86..98025e7e61 100644
--- a/docs/serverless/investigate/timeline-templates-ui.asciidoc
+++ b/docs/serverless/investigate/timeline-templates-ui.asciidoc
@@ -4,7 +4,6 @@
 // :description: Attach Timeline templates to detection rules to streamline investigations.
 // :keywords: serverless, security, how-to, analyze, manage
 
-preview:[]
 
 You can attach Timeline templates to detection rules. When attached, the rule's alerts use the template when they are investigated in Timeline. This enables immediately viewing the alert's most interesting fields when you start an investigation.
 
diff --git a/docs/serverless/investigate/timelines-ui.asciidoc b/docs/serverless/investigate/timelines-ui.asciidoc
index 0cfcba0667..16019c0b1c 100644
--- a/docs/serverless/investigate/timelines-ui.asciidoc
+++ b/docs/serverless/investigate/timelines-ui.asciidoc
@@ -4,7 +4,6 @@
 // :description: Investigate events and complex threats in your network.
 // :keywords: serverless, security, how-to, analyze, manage
 
-preview:[]
 
 Use Timeline as your workspace for investigations and threat hunting.
 You can add alerts from multiple indices to a Timeline to facilitate advanced investigations.
diff --git a/docs/serverless/osquery/alerts-run-osquery.asciidoc b/docs/serverless/osquery/alerts-run-osquery.asciidoc
index 8efa489aa3..ae24a24cf7 100644
--- a/docs/serverless/osquery/alerts-run-osquery.asciidoc
+++ b/docs/serverless/osquery/alerts-run-osquery.asciidoc
@@ -4,7 +4,6 @@
 // :description: Run live queries against an alert's host to investigate potential security threats and system compromises.
 // :keywords: serverless, security, how-to, analyze
 
-preview:[]
 
 Run live queries on hosts associated with alerts to learn more about your infrastructure and operating systems. For example, with Osquery, you can search your system for indicators of compromise that might have contributed to the alert. You can then use this data to inform your investigation and alert triage efforts.
 
diff --git a/docs/serverless/osquery/invest-guide-run-osquery.asciidoc b/docs/serverless/osquery/invest-guide-run-osquery.asciidoc
index bc536194fc..a5281adc29 100644
--- a/docs/serverless/osquery/invest-guide-run-osquery.asciidoc
+++ b/docs/serverless/osquery/invest-guide-run-osquery.asciidoc
@@ -4,7 +4,6 @@
 // :description: Add and run live queries from a rule's investigation guide.
 // :keywords: serverless, security, how-to, analyze
 
-preview:[]
 
 Detection rule investigation guides suggest steps for triaging, analyzing, and responding to potential security issues. When you build a custom rule, you can also set up an investigation guide that incorporates Osquery. This allows you to run live queries from a rule's investigation guide as you analyze alerts produced by the rule.
 
diff --git a/docs/serverless/osquery/osquery-placeholder-fields.asciidoc b/docs/serverless/osquery/osquery-placeholder-fields.asciidoc
index e8f22c0b9e..02a7c4370c 100644
--- a/docs/serverless/osquery/osquery-placeholder-fields.asciidoc
+++ b/docs/serverless/osquery/osquery-placeholder-fields.asciidoc
@@ -4,7 +4,6 @@
 // :description: Pass data into queries dynamically, to enhance their flexibility and reusability.
 // :keywords: serverless, security, how-to, manage
 
-preview:[]
 
 Instead of hard-coding alert and event values into Osquery queries, you can use placeholder fields to dynamically pass this data into queries. Placeholder fields function like parameters. You can use placeholder fields to build flexible and reusable queries.
 
diff --git a/docs/serverless/osquery/osquery-response-action.asciidoc b/docs/serverless/osquery/osquery-response-action.asciidoc
index 0b97338b82..3fa9253f1f 100644
--- a/docs/serverless/osquery/osquery-response-action.asciidoc
+++ b/docs/serverless/osquery/osquery-response-action.asciidoc
@@ -4,7 +4,6 @@
 // :description: Osquery Response Actions allow you to add live queries to custom query rules so you can automatically collect data on systems the rules are monitoring.
 // :keywords: serverless, security, how-to, manage
 
-preview:[]
 
 preview::[]
 
diff --git a/docs/serverless/osquery/use-osquery.asciidoc b/docs/serverless/osquery/use-osquery.asciidoc
index cc2da6f6ef..f8c3f7a57b 100644
--- a/docs/serverless/osquery/use-osquery.asciidoc
+++ b/docs/serverless/osquery/use-osquery.asciidoc
@@ -4,7 +4,6 @@
 // :description: Integrate Osquery with {elastic-sec} for comprehensive data collection and security monitoring.
 // :keywords: serverless, security, overview
 
-preview:[]
 
 Osquery is an open source tool that lets you use SQL to query operating systems like a database. When you add the {kibana-ref}/manage-osquery-integration.html[Osquery manager integration] to an {agent} policy, Osquery is deployed to all agents assigned to that policy. After completing this setup, you can {kibana-ref}/osquery.html[run live queries and schedule recurring queries] for agents and begin gathering data from your entire environment.
 
diff --git a/docs/serverless/osquery/view-osquery-results.asciidoc b/docs/serverless/osquery/view-osquery-results.asciidoc
index 2e79d5fca3..e19821a8a8 100644
--- a/docs/serverless/osquery/view-osquery-results.asciidoc
+++ b/docs/serverless/osquery/view-osquery-results.asciidoc
@@ -4,7 +4,6 @@
 // :description: Analyze results from queries and query packs.
 // :keywords: serverless, security, how-to, analyze
 
-preview:[]
 
 Osquery provides relevant, timely data that you can use to better understand and monitor your environment. When you run queries, results are indexed and displayed the Results table, which you can filter, sort, and interact with.
 
diff --git a/docs/serverless/projects-create/create-project.asciidoc b/docs/serverless/projects-create/create-project.asciidoc
index 3723ab8710..f2d1054ab1 100644
--- a/docs/serverless/projects-create/create-project.asciidoc
+++ b/docs/serverless/projects-create/create-project.asciidoc
@@ -4,7 +4,6 @@
 // :description: Get started with {serverless-short} {elastic-sec} in a few steps.
 // :keywords: serverless, security, how-to, get-started
 
-preview:[]
 
 A {serverless-short} project allows you to run {elastic-sec} in an autoscaled and fully-managed environment, where you don't have to manage the underlying {es} cluster and {kib} instances.
 
diff --git a/docs/serverless/rules/about-rules.asciidoc b/docs/serverless/rules/about-rules.asciidoc
index 73a8ed7a70..08f6bb88de 100644
--- a/docs/serverless/rules/about-rules.asciidoc
+++ b/docs/serverless/rules/about-rules.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Rules</titleabbrev>
 ++++
 
-preview:[]
 
 Rules run periodically and search for source events, matches, sequences, or {ml} job anomaly results that meet their criteria. When a rule's criteria are met, a detection alert is created.
 
diff --git a/docs/serverless/rules/add-exceptions.asciidoc b/docs/serverless/rules/add-exceptions.asciidoc
index b3431a9b14..4269745f2e 100644
--- a/docs/serverless/rules/add-exceptions.asciidoc
+++ b/docs/serverless/rules/add-exceptions.asciidoc
@@ -4,7 +4,6 @@
 // :description: Learn how to create and manage rule exceptions.
 // :keywords: serverless, security, how-to, configure
 
-preview:[]
 
 You can add exceptions to a rule from the rule details page, the Alerts table, the alert details flyout, or the Shared Exception Lists page. When you add an exception, you can also close all alerts that meet the exception’s criteria.
 
diff --git a/docs/serverless/rules/alerts-ui-monitor.asciidoc b/docs/serverless/rules/alerts-ui-monitor.asciidoc
index c736b52bab..93f706aeb3 100644
--- a/docs/serverless/rules/alerts-ui-monitor.asciidoc
+++ b/docs/serverless/rules/alerts-ui-monitor.asciidoc
@@ -4,7 +4,6 @@
 // :description: Find out how your rules are performing, and troubleshoot common rule issues.
 // :keywords: serverless, security, how-to, monitor, manage
 
-preview:[]
 
 Several tools can help you gain insight into the performance of your detection rules:
 
diff --git a/docs/serverless/rules/building-block-rule.asciidoc b/docs/serverless/rules/building-block-rule.asciidoc
index 7bf6da4418..9d3cac2452 100644
--- a/docs/serverless/rules/building-block-rule.asciidoc
+++ b/docs/serverless/rules/building-block-rule.asciidoc
@@ -4,7 +4,6 @@
 // :description: Set up building block rules and view building block alerts.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 Create building block rules when you do not want to see their generated alerts
 in the UI. This is useful when you want:
diff --git a/docs/serverless/rules/detection-engine-overview.asciidoc b/docs/serverless/rules/detection-engine-overview.asciidoc
index f5dcb2c385..f7a345289f 100644
--- a/docs/serverless/rules/detection-engine-overview.asciidoc
+++ b/docs/serverless/rules/detection-engine-overview.asciidoc
@@ -4,7 +4,6 @@
 // :description: Learn about the detection engine and its features.
 // :keywords: serverless, security, overview
 
-preview:[]
 
 Use the detection engine to create and manage rules and view the alerts
 these rules create. Rules periodically search indices (such as `logs-*` and
diff --git a/docs/serverless/rules/detections-permissions-section.asciidoc b/docs/serverless/rules/detections-permissions-section.asciidoc
index f185b54887..c955c8c987 100644
--- a/docs/serverless/rules/detections-permissions-section.asciidoc
+++ b/docs/serverless/rules/detections-permissions-section.asciidoc
@@ -4,7 +4,6 @@
 // :description: Requirements for setting up and configuring the detections feature.
 // :keywords: serverless, security, reference, manage
 
-preview:[]
 
 To use the <<security-detection-engine-overview,Detections feature>>, you first need to
 configure a few settings. You also need the appropriate role to send
diff --git a/docs/serverless/rules/detections-ui-exceptions.asciidoc b/docs/serverless/rules/detections-ui-exceptions.asciidoc
index f5f7ed3f7f..7cdff538da 100644
--- a/docs/serverless/rules/detections-ui-exceptions.asciidoc
+++ b/docs/serverless/rules/detections-ui-exceptions.asciidoc
@@ -4,7 +4,6 @@
 // :description: Understand the different types of rule exceptions.
 // :keywords: serverless, security, overview
 
-preview:[]
 
 You can associate rule exceptions with detection and endpoint rules to prevent trusted processes and network activity from generating unnecessary alerts, therefore, reducing the number of false positives.
 
diff --git a/docs/serverless/rules/interactive-investigation-guides.asciidoc b/docs/serverless/rules/interactive-investigation-guides.asciidoc
index 7ec6a3cfae..61e224339f 100644
--- a/docs/serverless/rules/interactive-investigation-guides.asciidoc
+++ b/docs/serverless/rules/interactive-investigation-guides.asciidoc
@@ -4,7 +4,6 @@
 // :description: Pivot from detection alerts to investigations with interactive investigation guide actions.
 // :keywords: serverless, security, how-to, analyze, configure
 
-preview:[]
 
 Detection rule investigation guides suggest steps for triaging, analyzing, and responding to potential security issues. For custom rules, you can create an interactive investigation guide that includes buttons for launching runtime queries in <<security-timelines-ui,Timeline>>, using alert data and hard-coded literal values. This allows you to start detailed Timeline investigations directly from an alert using relevant data.
 
diff --git a/docs/serverless/rules/prebuilt-rules/prebuilt-rules-management.asciidoc b/docs/serverless/rules/prebuilt-rules/prebuilt-rules-management.asciidoc
index 1f7d3cd530..76113f5c91 100644
--- a/docs/serverless/rules/prebuilt-rules/prebuilt-rules-management.asciidoc
+++ b/docs/serverless/rules/prebuilt-rules/prebuilt-rules-management.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Use Elastic prebuilt rules</titleabbrev>
 ++++
 
-preview:[]
 
 Follow these guidelines to start using the {security-app}'s <<security-prebuilt-rules,prebuilt rules>>, keep them updated, and make sure they have the data needed to run successfully.
 
diff --git a/docs/serverless/rules/prebuilt-rules/prebuilt-rules.asciidoc b/docs/serverless/rules/prebuilt-rules/prebuilt-rules.asciidoc
index ab1b1bc1a7..43c802e750 100644
--- a/docs/serverless/rules/prebuilt-rules/prebuilt-rules.asciidoc
+++ b/docs/serverless/rules/prebuilt-rules/prebuilt-rules.asciidoc
@@ -3,7 +3,6 @@
 
 // :description: Learn more about Elastic's prebuilt detection rules.
 
-preview:[]
 
 Refer to the following documentation for more details about Elastic's prebuilt rules:
 
diff --git a/docs/serverless/rules/rules-coverage.asciidoc b/docs/serverless/rules/rules-coverage.asciidoc
index 31d4ddd969..92e933e691 100644
--- a/docs/serverless/rules/rules-coverage.asciidoc
+++ b/docs/serverless/rules/rules-coverage.asciidoc
@@ -4,7 +4,6 @@
 // :description: Review your current coverage of MITRE ATT&CK® tactics and techniques, based on installed rules.
 // :keywords: security, how-to, manage, analyze, visualize
 
-preview:[]
 
 The **MITRE ATT&CK® coverage** page (**Rules** → **MITRE ATT&CK® Coverage**) shows which https://attack.mitre.org[MITRE ATT&CK®] adversary tactics and techniques are covered by your installed and enabled detection rules. This includes both Elastic prebuilt rules and custom rules.
 
diff --git a/docs/serverless/rules/rules-ui-create.asciidoc b/docs/serverless/rules/rules-ui-create.asciidoc
index c4ccc245ef..a1391fa086 100644
--- a/docs/serverless/rules/rules-ui-create.asciidoc
+++ b/docs/serverless/rules/rules-ui-create.asciidoc
@@ -4,7 +4,6 @@
 // :description: Create detection rules to monitor your environment for suspicious and malicious behavior.
 // :keywords: serverless, security, defend, how-to, manage, secure
 
-preview:[]
 
 To create a new detection rule, follow these steps:
 
diff --git a/docs/serverless/rules/rules-ui-management.asciidoc b/docs/serverless/rules/rules-ui-management.asciidoc
index 6a3a6e69a7..e2be121fc1 100644
--- a/docs/serverless/rules/rules-ui-management.asciidoc
+++ b/docs/serverless/rules/rules-ui-management.asciidoc
@@ -4,7 +4,6 @@
 // :description: Manage your detection rules and enable Elastic prebuilt rules on the Rules page.
 // :keywords: serverless, security, how-to, manage
 
-preview:[]
 
 The Rules page allows you to view and manage all prebuilt and custom detection rules.
 
diff --git a/docs/serverless/rules/shared-exception-lists.asciidoc b/docs/serverless/rules/shared-exception-lists.asciidoc
index c269137996..a6c168a271 100644
--- a/docs/serverless/rules/shared-exception-lists.asciidoc
+++ b/docs/serverless/rules/shared-exception-lists.asciidoc
@@ -4,7 +4,6 @@
 // :description: Learn how to create and manage shared exception lists.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 Shared exception lists allow you to group exceptions together and then apply them to multiple rules. Use the Shared Exception Lists page to set up shared exception lists.
 
diff --git a/docs/serverless/rules/tuning-detection-signals.asciidoc b/docs/serverless/rules/tuning-detection-signals.asciidoc
index 3788a5c580..8916731800 100644
--- a/docs/serverless/rules/tuning-detection-signals.asciidoc
+++ b/docs/serverless/rules/tuning-detection-signals.asciidoc
@@ -4,7 +4,6 @@
 // :description: Tune prebuilt and custom detection rules to optimize alert generation.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 Using the {security-app}, you can tune prebuilt and custom detection rules to optimize alert generation. To reduce noise, you can:
 
diff --git a/docs/serverless/rules/value-lists-exceptions.asciidoc b/docs/serverless/rules/value-lists-exceptions.asciidoc
index d1fe4c39ce..3c2c9c0ec9 100644
--- a/docs/serverless/rules/value-lists-exceptions.asciidoc
+++ b/docs/serverless/rules/value-lists-exceptions.asciidoc
@@ -4,7 +4,6 @@
 // :description: Make and manage value lists.
 // :keywords: serverless, security, how-to
 
-preview:[]
 
 Value lists hold multiple values of the same Elasticsearch data type, such as IP addresses, which are used to determine when an exception prevents an alert from being generated. You can use value lists to define exceptions for detection rules; however, you cannot use value lists to define endpoint rule exceptions.
 
diff --git a/docs/serverless/sec-requirements.asciidoc b/docs/serverless/sec-requirements.asciidoc
index 94558fdfa7..ecbf8ac860 100644
--- a/docs/serverless/sec-requirements.asciidoc
+++ b/docs/serverless/sec-requirements.asciidoc
@@ -4,8 +4,6 @@
 // :description: Requirements for using and configuring {elastic-sec}.
 // :keywords: serverless, security, how-to, manage
 
-preview:[]
-
 The https://www.elastic.co/support/matrix[Support Matrix] page lists officially
 supported operating systems, platforms, and browsers on which components such as {beats}, {agent}, {elastic-defend}, and {elastic-endpoint} have been tested.
 
diff --git a/docs/serverless/security-overview.asciidoc b/docs/serverless/security-overview.asciidoc
index afce3c8dce..9114e20de0 100644
--- a/docs/serverless/security-overview.asciidoc
+++ b/docs/serverless/security-overview.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, reference
 
-preview:[]
 
 {elastic-sec} combines threat detection analytics, cloud native security, and endpoint protection capabilities in a single solution, so you can quickly detect, investigate, and respond to threats and vulnerabilities across your environment.
 
diff --git a/docs/serverless/security-ui.asciidoc b/docs/serverless/security-ui.asciidoc
index b5d5050cc7..e17bcbfc20 100644
--- a/docs/serverless/security-ui.asciidoc
+++ b/docs/serverless/security-ui.asciidoc
@@ -3,8 +3,6 @@
 
 // :keywords: serverless, security, reference
 
-preview:[]
-
 The {security-app} is a highly interactive workspace designed for security analysts that provides a clear overview of events and alerts from your environment. You can use the interactive UI to drill down into areas of interest.
 
 [discrete]
diff --git a/docs/serverless/settings/advanced-settings.asciidoc b/docs/serverless/settings/advanced-settings.asciidoc
index 3f28e023cd..81ce14da10 100644
--- a/docs/serverless/settings/advanced-settings.asciidoc
+++ b/docs/serverless/settings/advanced-settings.asciidoc
@@ -4,7 +4,6 @@
 // :description: Update advanced {elastic-sec} settings.
 // :keywords: serverless, security, reference, manage
 
-preview:[]
 
 The advanced settings determine:
 
diff --git a/docs/serverless/settings/manage-settings.asciidoc b/docs/serverless/settings/manage-settings.asciidoc
index 848b489ce9..fd832d1ea7 100644
--- a/docs/serverless/settings/manage-settings.asciidoc
+++ b/docs/serverless/settings/manage-settings.asciidoc
@@ -3,7 +3,6 @@
 
 // :keywords: serverless, security, overview
 
-preview:[]
 
 These pages explain how to manage settings in various areas of the {security-app}:
 
diff --git a/docs/serverless/settings/project-settings.asciidoc b/docs/serverless/settings/project-settings.asciidoc
index 9a4b8d70f5..1ded959ff8 100644
--- a/docs/serverless/settings/project-settings.asciidoc
+++ b/docs/serverless/settings/project-settings.asciidoc
@@ -4,6 +4,5 @@
 // :description: Configure project-wide settings related to users, billing, data management, and more.
 // :keywords: serverless, security, overview, manage
 
-preview:[]
 
 Navigate to **Project settings** to configure project-wide settings related to users, billing, data management, and more.
diff --git a/docs/serverless/technical-preview-limitations.asciidoc b/docs/serverless/technical-preview-limitations.asciidoc
deleted file mode 100644
index 4f507a5b62..0000000000
--- a/docs/serverless/technical-preview-limitations.asciidoc
+++ /dev/null
@@ -1,14 +0,0 @@
-[[security-technical-preview-limitations]]
-= Technical preview limitations
-
-// :description: Review the limitations that apply to Elastic Security projects in technical preview.
-// :keywords: serverless, security
-
-preview:[]
-
-Currently, workloads outside of the following ranges may experience higher latencies:
-
-* Data ingest rate, total of all data sources, greater than 500GB per day
-* Number of {ml} jobs greater than 50
-* Searchable data size greater than 10TB
-* Number of endpoints and Cloud assets for {fleet} and {agent} management greater than 40,000
diff --git a/docs/serverless/troubleshooting/troubleshoot-endpoints.asciidoc b/docs/serverless/troubleshooting/troubleshoot-endpoints.asciidoc
index 92c70d7eb1..05800cecd9 100644
--- a/docs/serverless/troubleshooting/troubleshoot-endpoints.asciidoc
+++ b/docs/serverless/troubleshooting/troubleshoot-endpoints.asciidoc
@@ -7,7 +7,6 @@
 <titleabbrev>Elastic Defend</titleabbrev>
 ++++
 
-preview:[]
 
 This topic covers common troubleshooting issues when using {elastic-defend}'s <<security-manage-endpoint-protection,endpoint management tools>>.
 
diff --git a/docs/serverless/troubleshooting/ts-detection-rules.asciidoc b/docs/serverless/troubleshooting/ts-detection-rules.asciidoc
index bb66887996..664c0e4e05 100644
--- a/docs/serverless/troubleshooting/ts-detection-rules.asciidoc
+++ b/docs/serverless/troubleshooting/ts-detection-rules.asciidoc
@@ -8,7 +8,6 @@
 <titleabbrev>Detection rules</titleabbrev>
 ++++
 
-preview:[]
 
 This topic covers common troubleshooting issues when creating or managing <<security-rules-create,detection rules>>.
 
diff --git a/docs/serverless/what-is-security-serverless.asciidoc b/docs/serverless/what-is-security-serverless.asciidoc
index 1d393fed92..6ac054cbbe 100644
--- a/docs/serverless/what-is-security-serverless.asciidoc
+++ b/docs/serverless/what-is-security-serverless.asciidoc
@@ -1,6 +1,5 @@
 // :keywords: serverless, security, overview
 
-preview:[]
 
 {elastic-sec} combines threat detection analytics, cloud native security, and endpoint protection in a single solution, so you can quickly detect, investigate, and respond to threats and vulnerabilities across your environment.