diff --git a/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon.md b/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon.md
index e1f02b45b5..f49f541535 100644
--- a/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon.md
+++ b/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon.md
@@ -7,6 +7,13 @@ type: intake
 CrowdStrike Falcon is an Endpoint Detection and Response solution.
 This setup guide explains how to forward and collect the detections and activity logs of your CrowdStrike EDR to Sekoia.io.
 
+CrowdStrike Falcon integration gathers EDR logs. Below is a concise list of activities that can be monitored using CrowdStrike Falcon logs:
+
+- Alerts raised by the EDR, with limited informations like hash, command line, IP.
+- Crowdstrike Falcon Audit logs
+- Crowdstrike Falcon Incident logs
+- Identity protection events
+
 {!_shared_content/operations_center/detection/generated/suggested_rules_22f2afd2-c858-443d-8e06-7b335e439c29_do_not_edit_manually.md!}
 
 {!_shared_content/operations_center/integrations/generated/22f2afd2-c858-443d-8e06-7b335e439c29.md!}
@@ -16,7 +23,7 @@ This setup guide explains how to forward and collect the detections and activity
 This integration supports the following events from CrowdStrike Falcon:
 
 - Detection Summaries (`DetectionSummaryEvent`)
-- Incident Summaries ('IncidentSummaryEvent')
+- Incident Summaries (`IncidentSummaryEvent`)
 - Audit logs (`UserActivityAuditEvent` and `AuthActivityAuditEvent`)
 - Identity protection events (`IdpDetectionSummaryEvent` and `IdentityProtectionEvent`)
 
diff --git a/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon_telemetry.md b/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon_telemetry.md
index 9b60e8a94e..a8afcf22ab 100644
--- a/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon_telemetry.md
+++ b/docs/xdr/features/collect/integrations/endpoint/crowdstrike_falcon_telemetry.md
@@ -9,6 +9,14 @@ CrowdStrike provides cloud workload and endpoint security, threat intelligence,
 !!! warning
     Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
+CrowdStrike Falcon Telemetry gathers raw system logs, legitimate and suspicious activities. Below is a non-exhaustive list of activities that can be monitored using CrowdStrike Telemetry logs:
+
+-Process creation and termination
+-File path creation and deletion
+-Events related to processes
+-DNS requests
+-HTTP connections
+
 {!_shared_content/operations_center/detection/generated/suggested_rules_10999b99-9a8d-4b92-9fbd-01e3fac01cd5_do_not_edit_manually.md!}
 
 {!_shared_content/operations_center/integrations/generated/10999b99-9a8d-4b92-9fbd-01e3fac01cd5.md!}