diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/risk_summary.tsx b/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/risk_summary.tsx
index 399a2cbee24a5..e0bc4637ea54b 100644
--- a/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/risk_summary.tsx
+++ b/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/risk_summary.tsx
@@ -10,7 +10,7 @@ import { EuiLoadingSpinner, EuiPanel } from '@elastic/eui';
 import { FormattedMessage } from '@kbn/i18n-react';
 import * as i18n from './translations';
 import { EnrichedDataRow, ThreatSummaryPanelHeader } from './threat_summary_view';
-import { RiskScore } from '../../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../../explore/components/risk_score/severity/common';
 import type { RiskSeverity } from '../../../../../common/search_strategy';
 import { RiskScoreEntity } from '../../../../../common/search_strategy';
 import type { HostRisk, UserRisk } from '../../../../explore/containers/risk_score';
@@ -52,13 +52,12 @@ const RiskSummaryComponent: React.FC<RiskEntity> = ({ risk, riskEntity, original
             <RiskScoreHeaderTitle
               title={i18n.RISK_DATA_TITLE(riskEntity)}
               riskScoreEntity={riskEntity}
-              showTechnicalPreviewBadge
             />
           }
           toolTipContent={
             <FormattedMessage
               id="xpack.securitySolution.alertDetails.overview.riskDataTooltipContent"
-              defaultMessage="Risk classification is displayed only when available for a {riskEntity}. Ensure {riskScoreDocumentationLink} is enabled within your environment."
+              defaultMessage="Risk level is displayed only when available for a {riskEntity}. Ensure {riskScoreDocumentationLink} is enabled within your environment."
               values={{
                 riskEntity,
                 riskScoreDocumentationLink: (
@@ -77,10 +76,10 @@ const RiskSummaryComponent: React.FC<RiskEntity> = ({ risk, riskEntity, original
         {!risk.loading && (
           <>
             <EnrichedDataRow
-              field={i18n.CURRENT_RISK_CLASSIFICATION(riskEntity)}
+              field={i18n.CURRENT_RISK_LEVEL(riskEntity)}
               value={
                 currentRiskScore ? (
-                  <RiskScore severity={currentRiskScore} hideBackgroundColor />
+                  <RiskScoreLevel severity={currentRiskScore} hideBackgroundColor />
                 ) : (
                   getEmptyValue()
                 )
@@ -90,8 +89,8 @@ const RiskSummaryComponent: React.FC<RiskEntity> = ({ risk, riskEntity, original
             {originalRisk && currentRiskScore !== originalRisk && (
               <>
                 <EnrichedDataRow
-                  field={i18n.ORIGINAL_RISK_CLASSIFICATION(riskEntity)}
-                  value={<RiskScore severity={originalRisk} hideBackgroundColor />}
+                  field={i18n.ORIGINAL_RISK_LEVEL(riskEntity)}
+                  value={<RiskScoreLevel severity={originalRisk} hideBackgroundColor />}
                 />
               </>
             )}
diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/threat_summary_view.tsx b/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/threat_summary_view.tsx
index da6cf3a04436d..4f5e1f847ad83 100644
--- a/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/threat_summary_view.tsx
+++ b/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/threat_summary_view.tsx
@@ -6,18 +6,8 @@
  */
 
 import styled from 'styled-components';
-import React, { useCallback, useState } from 'react';
-import {
-  EuiTitle,
-  EuiHorizontalRule,
-  EuiFlexGroup,
-  EuiFlexItem,
-  EuiSpacer,
-  EuiPopover,
-  EuiButtonIcon,
-  EuiPopoverTitle,
-  EuiText,
-} from '@elastic/eui';
+import React from 'react';
+import { EuiTitle, EuiHorizontalRule, EuiFlexGroup, EuiFlexItem, EuiSpacer } from '@elastic/eui';
 import * as i18n from './translations';
 import type { CtiEnrichment } from '../../../../../common/search_strategy/security_solution/cti';
 
@@ -31,6 +21,7 @@ import { EnrichmentSummary } from './enrichment_summary';
 import type { HostRisk, UserRisk } from '../../../../explore/containers/risk_score';
 import { RiskScoreEntity } from '../../../../../common/search_strategy';
 import { useHasSecurityCapability } from '../../../../helper_hooks';
+import { RiskScoreInfoTooltip } from '../../../../overview/components/common';
 
 const UppercaseEuiTitle = styled(EuiTitle)`
   text-transform: uppercase;
@@ -82,42 +73,16 @@ export const ThreatSummaryPanelHeader: React.FC<{
   toolTipContent: React.ReactNode;
   toolTipTitle?: React.ReactNode;
 }> = ({ title, toolTipContent, toolTipTitle }) => {
-  const [isPopoverOpen, setIsPopoverOpen] = useState(false);
-
-  const onClick = useCallback(() => {
-    setIsPopoverOpen(!isPopoverOpen);
-  }, [isPopoverOpen, setIsPopoverOpen]);
-
-  const closePopover = useCallback(() => {
-    setIsPopoverOpen(false);
-  }, [setIsPopoverOpen]);
-
   return (
     <EuiFlexGroup direction="row" gutterSize="none" alignItems="center">
       <EuiFlexItem>
         <ThreatSummaryPanelTitle>{title}</ThreatSummaryPanelTitle>
       </EuiFlexItem>
       <EuiFlexItem grow={false}>
-        <EuiPopover
-          isOpen={isPopoverOpen}
-          closePopover={closePopover}
-          anchorPosition="leftCenter"
-          button={
-            <EuiButtonIcon
-              color="text"
-              size="xs"
-              iconSize="m"
-              iconType="iInCircle"
-              aria-label={i18n.INFORMATION_ARIA_LABEL}
-              onClick={onClick}
-            />
-          }
-        >
-          <EuiPopoverTitle>{toolTipTitle ?? title}</EuiPopoverTitle>
-          <EuiText size="s" style={{ width: '270px' }}>
-            {toolTipContent}
-          </EuiText>
-        </EuiPopover>
+        <RiskScoreInfoTooltip
+          toolTipContent={toolTipContent}
+          toolTipTitle={toolTipTitle ?? title}
+        />
       </EuiFlexItem>
     </EuiFlexGroup>
   );
diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/translations.ts b/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/translations.ts
index 09c233c73cca1..0ba5a464dc9d5 100644
--- a/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/translations.ts
+++ b/x-pack/plugins/security_solution/public/common/components/event_details/cti_details/translations.ts
@@ -38,13 +38,6 @@ export const INDICATOR_TOOLTIP_CONTENT = i18n.translate(
   }
 );
 
-export const INFORMATION_ARIA_LABEL = i18n.translate(
-  'xpack.securitySolution.eventDetails.ctiSummary.informationAriaLabel',
-  {
-    defaultMessage: 'Information',
-  }
-);
-
 export const INVESTIGATION_TOOLTIP_CONTENT = i18n.translate(
   'xpack.securitySolution.eventDetails.ctiSummary.investigationEnrichmentTooltipContent',
   {
@@ -99,17 +92,17 @@ export const ENRICHED_DATA = i18n.translate(
   }
 );
 
-export const CURRENT_RISK_CLASSIFICATION = (riskEntity: RiskScoreEntity) =>
-  i18n.translate('xpack.securitySolution.alertDetails.overview.hostRiskClassification', {
-    defaultMessage: 'Current {riskEntity} risk classification',
+export const CURRENT_RISK_LEVEL = (riskEntity: RiskScoreEntity) =>
+  i18n.translate('xpack.securitySolution.alertDetails.overview.hostRiskLevel', {
+    defaultMessage: 'Current {riskEntity} risk level',
     values: {
       riskEntity: getRiskEntityTranslation(riskEntity, true),
     },
   });
 
-export const ORIGINAL_RISK_CLASSIFICATION = (riskEntity: RiskScoreEntity) =>
-  i18n.translate('xpack.securitySolution.alertDetails.overview.originalHostRiskClassification', {
-    defaultMessage: 'Original {riskEntity} risk classification',
+export const ORIGINAL_RISK_LEVEL = (riskEntity: RiskScoreEntity) =>
+  i18n.translate('xpack.securitySolution.alertDetails.overview.originalHostRiskLevel', {
+    defaultMessage: 'Original {riskEntity} risk level',
     values: {
       riskEntity: getRiskEntityTranslation(riskEntity, true),
     },
diff --git a/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/host_panel/index.tsx b/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/host_panel/index.tsx
index 9c4fdf7fab522..2688dd5cabf3c 100644
--- a/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/host_panel/index.tsx
+++ b/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/host_panel/index.tsx
@@ -16,7 +16,7 @@ import { SummaryValueCell } from '../../../../../../common/components/event_deta
 import { useRiskScore } from '../../../../../../explore/containers/risk_score';
 import { RiskScoreEntity } from '../../../../../../../common/search_strategy';
 import { getEmptyTagValue } from '../../../../../../common/components/empty_value';
-import { RiskScore } from '../../../../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../../../../explore/components/risk_score/severity/common';
 import {
   FirstLastSeen,
   FirstLastSeenType,
@@ -31,7 +31,7 @@ import {
   AGENT_STATUS_TITLE,
   HOST_NAME_TITLE,
   HOST_PANEL_TITLE,
-  HOST_RISK_CLASSIFICATION,
+  HOST_RISK_LEVEL,
   HOST_RISK_SCORE,
   IP_ADDRESSES_TITLE,
   LAST_SEEN_TITLE,
@@ -99,7 +99,7 @@ export const HostPanel = React.memo(
         ? Math.round(hostRiskData.host.risk.calculated_score_norm)
         : getEmptyTagValue();
       const hostRiskSeverity = hostRiskData ? (
-        <RiskScore severity={hostRiskData.host.risk.calculated_level} hideBackgroundColor />
+        <RiskScoreLevel severity={hostRiskData.host.risk.calculated_level} hideBackgroundColor />
       ) : (
         getEmptyTagValue()
       );
@@ -156,9 +156,7 @@ export const HostPanel = React.memo(
                     <HostPanelSection title={HOST_RISK_SCORE}>{hostRiskScore}</HostPanelSection>
                   )}
                   {hostRiskLevel && (
-                    <HostPanelSection title={HOST_RISK_CLASSIFICATION}>
-                      {hostRiskLevel}
-                    </HostPanelSection>
+                    <HostPanelSection title={HOST_RISK_LEVEL}>{hostRiskLevel}</HostPanelSection>
                   )}
                 </EuiFlexGroup>
                 <EuiSpacer size="l" />
diff --git a/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/translation.ts b/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/translation.ts
index d50b1338ffb37..6a509ff958735 100644
--- a/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/translation.ts
+++ b/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/translation.ts
@@ -189,10 +189,10 @@ export const HOST_RISK_SCORE = i18n.translate(
   }
 );
 
-export const HOST_RISK_CLASSIFICATION = i18n.translate(
-  'xpack.securitySolution.alerts.alertDetails.summary.host.riskClassification',
+export const HOST_RISK_LEVEL = i18n.translate(
+  'xpack.securitySolution.alerts.alertDetails.summary.host.riskLevel',
   {
-    defaultMessage: 'Host risk classification',
+    defaultMessage: 'Host risk level',
   }
 );
 
@@ -210,10 +210,10 @@ export const USER_RISK_SCORE = i18n.translate(
   }
 );
 
-export const USER_RISK_CLASSIFICATION = i18n.translate(
-  'xpack.securitySolution.alerts.alertDetails.summary.user.riskClassification',
+export const USER_RISK_LEVEL = i18n.translate(
+  'xpack.securitySolution.alerts.alertDetails.summary.user.riskLevel',
   {
-    defaultMessage: 'User risk classification',
+    defaultMessage: 'User risk level',
   }
 );
 
diff --git a/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/user_panel/index.tsx b/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/user_panel/index.tsx
index 3d931a952ed8e..3fca60579b1da 100644
--- a/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/user_panel/index.tsx
+++ b/x-pack/plugins/security_solution/public/detections/pages/alert_details/tabs/summary/user_panel/index.tsx
@@ -13,7 +13,7 @@ import type { EuiFlexItemProps } from '@elastic/eui/src/components/flex/flex_ite
 import { useRiskScore } from '../../../../../../explore/containers/risk_score';
 import { RiskScoreEntity } from '../../../../../../../common/search_strategy';
 import { getEmptyTagValue } from '../../../../../../common/components/empty_value';
-import { RiskScore } from '../../../../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../../../../explore/components/risk_score/severity/common';
 import {
   FirstLastSeen,
   FirstLastSeenType,
@@ -28,7 +28,7 @@ import {
   LAST_SEEN_TITLE,
   USER_NAME_TITLE,
   USER_PANEL_TITLE,
-  USER_RISK_CLASSIFICATION,
+  USER_RISK_LEVEL,
   USER_RISK_SCORE,
 } from '../translation';
 import { SummaryPanel } from '../wrappers';
@@ -78,7 +78,7 @@ export const UserPanel = React.memo(
         ? Math.round(userRiskData.user.risk.calculated_score_norm)
         : getEmptyTagValue();
       const userRiskSeverity = userRiskData ? (
-        <RiskScore severity={userRiskData.user.risk.calculated_level} hideBackgroundColor />
+        <RiskScoreLevel severity={userRiskData.user.risk.calculated_level} hideBackgroundColor />
       ) : (
         getEmptyTagValue()
       );
@@ -121,9 +121,7 @@ export const UserPanel = React.memo(
                     <UserPanelSection title={USER_RISK_SCORE}>{userRiskScore}</UserPanelSection>
                   )}
                   {userRiskLevel && (
-                    <UserPanelSection title={USER_RISK_CLASSIFICATION}>
-                      {userRiskLevel}
-                    </UserPanelSection>
+                    <UserPanelSection title={USER_RISK_LEVEL}>{userRiskLevel}</UserPanelSection>
                   )}
                 </EuiFlexGroup>
                 <EuiSpacer size="l" />
diff --git a/x-pack/plugins/security_solution/public/entity_analytics/components/risk_score_preview_table.tsx b/x-pack/plugins/security_solution/public/entity_analytics/components/risk_score_preview_table.tsx
index d8f4f164f848d..12b162d467132 100644
--- a/x-pack/plugins/security_solution/public/entity_analytics/components/risk_score_preview_table.tsx
+++ b/x-pack/plugins/security_solution/public/entity_analytics/components/risk_score_preview_table.tsx
@@ -9,7 +9,7 @@ import React from 'react';
 import { EuiInMemoryTable } from '@elastic/eui';
 import type { EuiBasicTableColumn } from '@elastic/eui';
 import type { RiskSeverity } from '../../../common/search_strategy';
-import { RiskScore } from '../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../explore/components/risk_score/severity/common';
 
 import { HostDetailsLink, UserDetailsLink } from '../../common/components/links';
 import { RiskScoreEntity, type RiskScore as IRiskScore } from '../../../common/risk_engine';
@@ -42,7 +42,7 @@ export const RiskScorePreviewTable = ({
       name: 'Level',
       render: (risk: RiskSeverity | null) => {
         if (risk != null) {
-          return <RiskScore severity={risk} />;
+          return <RiskScoreLevel severity={risk} />;
         }
 
         return '';
diff --git a/x-pack/plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx b/x-pack/plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx
index ae2f2abed902b..16521b065c2a0 100644
--- a/x-pack/plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx
+++ b/x-pack/plugins/security_solution/public/entity_analytics/pages/entity_analytics_management_page.tsx
@@ -6,21 +6,28 @@
  */
 
 import React from 'react';
-import { EuiFlexGroup, EuiFlexItem, EuiPageHeader, EuiSpacer } from '@elastic/eui';
+import { EuiBetaBadge, EuiFlexGroup, EuiFlexItem, EuiPageHeader, EuiSpacer } from '@elastic/eui';
 
 import { RiskScorePreviewSection } from '../components/risk_score_preview_section';
 import { RiskScoreEnableSection } from '../components/risk_score_enable_section';
 import { MissingPrivilegesCallOut } from '../../detections/components/callouts/missing_privileges_callout';
 import { ENTITY_ANALYTICS_RISK_SCORE } from '../../app/translations';
+import { BETA } from '../../common/translations';
 
 export const EntityAnalyticsManagementPage = () => {
   return (
     <>
       <MissingPrivilegesCallOut />
-      <EuiPageHeader
-        data-test-subj="entityAnalyticsManagmentPageTitle"
-        pageTitle={ENTITY_ANALYTICS_RISK_SCORE}
-      />
+      <EuiFlexGroup gutterSize="s" alignItems="baseline">
+        <EuiFlexItem grow={false}>
+          <EuiPageHeader
+            data-test-subj="entityAnalyticsManagementPageTitle"
+            pageTitle={ENTITY_ANALYTICS_RISK_SCORE}
+          />
+        </EuiFlexItem>
+        <EuiFlexItem grow={false} />
+        <EuiBetaBadge label={BETA} size="s" />
+      </EuiFlexGroup>
       <EuiSpacer size="l" />
       <EuiFlexGroup gutterSize="xl">
         <EuiFlexItem grow={2}>
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/enable_risk_score/index.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/enable_risk_score/index.tsx
index 4f8b12db74c9c..ac064feb35f04 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/enable_risk_score/index.tsx
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/enable_risk_score/index.tsx
@@ -48,10 +48,7 @@ const EnableRiskScoreComponent = ({
 
   return (
     <EuiPanel hasBorder>
-      <HeaderSection
-        title={<RiskScoreHeaderTitle riskScoreEntity={entityType} showTechnicalPreviewBadge />}
-        titleSize="s"
-      />
+      <HeaderSection title={<RiskScoreHeaderTitle riskScoreEntity={entityType} />} titleSize="s" />
       <EuiEmptyPrompt
         title={<h2>{text.cta}</h2>}
         body={
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_details_tab_body/index.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_details_tab_body/index.tsx
index 208fd950315e4..37b61a86fbea3 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_details_tab_body/index.tsx
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_details_tab_body/index.tsx
@@ -167,51 +167,52 @@ const RiskDetailsTabBodyComponent: React.FC<
           </EuiFlexItem>
         </StyledEuiFlexGroup>
       ) : (
-        <EuiFlexGroup direction="row">
-          <EuiFlexItem grow={2}>
-            <RiskScoreOverTime
-              from={startDate}
-              loading={loading}
-              queryId={queryId}
-              riskEntity={riskEntity}
-              riskScore={data}
-              title={i18n.RISK_SCORE_OVER_TIME(riskEntity)}
-              to={endDate}
-              toggleQuery={toggleOverTimeQuery}
-              toggleStatus={overTimeToggleStatus}
-            />
-          </EuiFlexItem>
+        <>
+          <EuiFlexGroup direction="row">
+            <EuiFlexItem grow={2}>
+              <RiskScoreOverTime
+                from={startDate}
+                loading={loading}
+                queryId={queryId}
+                riskEntity={riskEntity}
+                riskScore={data}
+                title={i18n.RISK_SCORE_OVER_TIME(riskEntity)}
+                to={endDate}
+                toggleQuery={toggleOverTimeQuery}
+                toggleStatus={overTimeToggleStatus}
+              />
+            </EuiFlexItem>
 
-          <EuiFlexItem grow={1}>
-            <TopRiskScoreContributors
-              loading={loading}
-              queryId={queryId}
-              toggleStatus={contributorsToggleStatus}
-              toggleQuery={toggleContributorsQuery}
-              rules={rules}
-            />
-          </EuiFlexItem>
-        </EuiFlexGroup>
+            <EuiFlexItem grow={1}>
+              <TopRiskScoreContributors
+                loading={loading}
+                queryId={queryId}
+                toggleStatus={contributorsToggleStatus}
+                toggleQuery={toggleContributorsQuery}
+                rules={rules}
+              />
+            </EuiFlexItem>
+          </EuiFlexGroup>
+          <StyledEuiFlexGroup gutterSize="s">
+            <EuiFlexItem grow={false}>
+              <EuiButton
+                href={buttonHref}
+                isDisabled={!buttonHref}
+                data-test-subj={`risky-${riskEntity}s-view-dashboard-button`}
+                target="_blank"
+                iconType="popout"
+                iconSide="right"
+              >
+                {i18n.VIEW_DASHBOARD_BUTTON}
+              </EuiButton>
+            </EuiFlexItem>
+
+            <EuiFlexItem grow={false}>
+              <RiskInformationButtonEmpty riskEntity={riskEntity} />
+            </EuiFlexItem>
+          </StyledEuiFlexGroup>
+        </>
       )}
-
-      <StyledEuiFlexGroup gutterSize="s">
-        <EuiFlexItem grow={false}>
-          <EuiButton
-            href={buttonHref}
-            isDisabled={!buttonHref}
-            data-test-subj={`risky-${riskEntity}s-view-dashboard-button`}
-            target="_blank"
-            iconType="popout"
-            iconSide="right"
-          >
-            {i18n.VIEW_DASHBOARD_BUTTON}
-          </EuiButton>
-        </EuiFlexItem>
-
-        <EuiFlexItem grow={false}>
-          <RiskInformationButtonEmpty riskEntity={riskEntity} />
-        </EuiFlexItem>
-      </StyledEuiFlexGroup>
     </>
   );
 };
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_information/index.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_information/index.tsx
index b72f170894370..4edecf5c40174 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_information/index.tsx
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_information/index.tsx
@@ -23,6 +23,7 @@ import {
   useGeneratedHtmlId,
   EuiBetaBadge,
   useEuiTheme,
+  EuiLink,
 } from '@elastic/eui';
 import React from 'react';
 import { FormattedMessage } from '@kbn/i18n-react';
@@ -30,18 +31,18 @@ import { css } from '@emotion/react';
 import { getRiskEntityTranslation } from '../translations';
 import * as i18n from './translations';
 import { useOnOpenCloseHandler } from '../../../../helper_hooks';
-import { RiskScore } from '../severity/common';
+import { RiskScoreLevel } from '../severity/common';
 import { RiskScoreEntity, RiskSeverity } from '../../../../../common/search_strategy';
 import { RiskScoreDocLink } from '../risk_score_onboarding/risk_score_doc_link';
-import { TECHNICAL_PREVIEW } from '../risk_score_onboarding/translations';
+import { BETA } from '../risk_score_onboarding/translations';
 
 const getTableColumns = (riskEntity: RiskScoreEntity): Array<EuiBasicTableColumn<TableItem>> => [
   {
-    field: 'classification',
-    name: i18n.INFORMATION_CLASSIFICATION_HEADER,
+    field: 'level',
+    name: i18n.INFORMATION_LEVEL_HEADER,
     render: (riskScore?: RiskSeverity) => {
       if (riskScore != null) {
-        return <RiskScore severity={riskScore} hideBackgroundColor />;
+        return <RiskScoreLevel severity={riskScore} hideBackgroundColor />;
       }
     },
   },
@@ -53,15 +54,15 @@ const getTableColumns = (riskEntity: RiskScoreEntity): Array<EuiBasicTableColumn
 
 interface TableItem {
   range?: string;
-  classification: RiskSeverity;
+  level: RiskSeverity;
 }
 
 const tableItems: TableItem[] = [
-  { classification: RiskSeverity.critical, range: i18n.CRITICAL_RISK_DESCRIPTION },
-  { classification: RiskSeverity.high, range: '70 - 90 ' },
-  { classification: RiskSeverity.moderate, range: '40 - 70' },
-  { classification: RiskSeverity.low, range: '20 - 40' },
-  { classification: RiskSeverity.unknown, range: i18n.UNKNOWN_RISK_DESCRIPTION },
+  { level: RiskSeverity.critical, range: i18n.CRITICAL_RISK_DESCRIPTION },
+  { level: RiskSeverity.high, range: '70 - 90 ' },
+  { level: RiskSeverity.moderate, range: '40 - 70' },
+  { level: RiskSeverity.low, range: '20 - 40' },
+  { level: RiskSeverity.unknown, range: i18n.UNKNOWN_RISK_DESCRIPTION },
 ];
 export const HOST_RISK_INFO_BUTTON_CLASS = 'HostRiskInformation__button';
 export const USER_RISK_INFO_BUTTON_CLASS = 'UserRiskInformation__button';
@@ -127,22 +128,117 @@ const RiskInformationFlyout = ({
       data-test-subj="open-risk-information-flyout"
     >
       <EuiFlyoutHeader hasBorder>
-        <EuiTitle size="m">
-          <h2 id={simpleFlyoutTitleId}>{i18n.TITLE(riskEntity)}</h2>
-        </EuiTitle>
-        <EuiBetaBadge
-          label={TECHNICAL_PREVIEW}
-          size="s"
-          css={css`
-            color: ${euiTheme.colors.text};
-            margin-top: ${euiTheme.size.xxs};
-          `}
-        />
+        <EuiFlexGroup gutterSize="s" alignItems="center">
+          <EuiFlexItem grow={false}>
+            <EuiTitle size="m">
+              <h2 id={simpleFlyoutTitleId}>{i18n.TITLE}</h2>
+            </EuiTitle>
+          </EuiFlexItem>
+          <EuiFlexItem grow={false}>
+            <EuiBetaBadge
+              label={BETA}
+              size="s"
+              css={css`
+                color: ${euiTheme.colors.text};
+                margin-top: ${euiTheme.size.xxs};
+              `}
+            />
+          </EuiFlexItem>
+        </EuiFlexGroup>
       </EuiFlyoutHeader>
       <EuiFlyoutBody>
         <EuiText size="s">
-          <p>{i18n.INTRODUCTION(riskEntity)}</p>
-          <p>{i18n.EXPLANATION_MESSAGE(riskEntity)}</p>
+          <p>
+            <FormattedMessage
+              id="xpack.securitySolution.riskInformation.introText"
+              defaultMessage="Entity Risk Analytics surfaces risky hosts and users from within your environment."
+            />
+          </p>
+          <p>
+            <FormattedMessage
+              id="xpack.securitySolution.riskInformation.riskScoreFieldText"
+              defaultMessage="The {riskScoreField} field represents the normalized risk of the {riskEntity} as a single numerical value. You can use this value as a relative indicator of risk in triaging and response playbooks."
+              values={{
+                riskEntity,
+                riskScoreField: (
+                  <b>
+                    <FormattedMessage
+                      id="xpack.securitySolution.riskInformation.riskScoreFieldLabel"
+                      defaultMessage="{riskEntity} risk score"
+                      values={{ riskEntity }}
+                    />
+                  </b>
+                ),
+              }}
+            />
+          </p>
+          <p>
+            <FormattedMessage
+              id="xpack.securitySolution.riskInformation.riskScoreLevelText"
+              defaultMessage="The {riskLevelField} field represents one of the six risk level of
+              the {riskEntity} based on a predefined risk metrics."
+              values={{
+                riskEntity,
+                riskLevelField: (
+                  <b>
+                    <FormattedMessage
+                      id="xpack.securitySolution.riskInformation.riskScoreLevelLabel"
+                      defaultMessage="{riskEntity} risk level"
+                      values={{ riskEntity }}
+                    />
+                  </b>
+                ),
+              }}
+            />
+          </p>
+          <EuiTitle size="xxs">
+            <h3>
+              <FormattedMessage
+                id="xpack.securitySolution.riskInformation.howOftenTitle"
+                defaultMessage="How often is risk calculated?"
+              />
+            </h3>
+          </EuiTitle>
+          <p>
+            <FormattedMessage
+              id="xpack.securitySolution.riskInformation.howOftenText"
+              defaultMessage="The risk engine runs hourly and aggregates alerts with an “open” status from the last 30
+              days."
+            />
+          </p>
+          <EuiTitle size="s">
+            <h3>
+              <FormattedMessage
+                id="xpack.securitySolution.riskInformation.howCalculatedTitle"
+                defaultMessage="How is risk calculated?"
+              />
+            </h3>
+          </EuiTitle>
+          <p>
+            <FormattedMessage
+              id="xpack.securitySolution.riskInformation.howCalculatedText"
+              defaultMessage="The Entity Risk engine runs hourly to aggregate “Open” and “Acknowledged” alerts from the last 30 days and assigns risk score to the host or user. It then aggregates the individual
+              risk scores and normalizes to the 0-100 range using the {riemannZetaLink}."
+              values={{
+                riemannZetaLink: (
+                  <EuiLink
+                    target="_blank"
+                    rel="noopener nofollow noreferrer"
+                    href="https://en.wikipedia.org/wiki/Riemann_zeta_function"
+                  >
+                    {'Riemann Zeta function'}
+                  </EuiLink>
+                ),
+              }}
+            />
+          </p>
+          <p>
+            <FormattedMessage
+              id="xpack.securitySolution.riskInformation.intro"
+              defaultMessage="Finally, the engine assigns a risk level by mapping the normalized risk score to the
+            below 6 risk levels."
+            />
+          </p>
         </EuiText>
         <EuiSpacer />
         <EuiBasicTable
@@ -151,30 +247,24 @@ const RiskInformationFlyout = ({
           data-test-subj="risk-information-table"
         />
         <EuiSpacer size="l" />
-        <FormattedMessage
-          id="xpack.securitySolution.riskInformation.learnMore"
-          defaultMessage="You can learn more about {riskEntity} risk {riskScoreDocumentationLink}"
-          values={{
-            riskScoreDocumentationLink: (
-              <RiskScoreDocLink
-                riskScoreEntity={riskEntity}
-                title={
-                  <FormattedMessage
-                    id="xpack.securitySolution.riskInformation.link"
-                    defaultMessage="here"
-                  />
-                }
-              />
-            ),
-            riskEntity: getRiskEntityTranslation(riskEntity, true),
-          }}
+        <RiskScoreDocLink
+          riskScoreEntity={riskEntity}
+          title={
+            <FormattedMessage
+              id="xpack.securitySolution.riskInformation.learnMore"
+              defaultMessage="Learn more about {riskEntity} risk"
+              values={{
+                riskEntity: getRiskEntityTranslation(riskEntity, true),
+              }}
+            />
+          }
         />
       </EuiFlyoutBody>
 
       <EuiFlyoutFooter>
         <EuiFlexGroup justifyContent="flexEnd">
           <EuiFlexItem grow={false}>
-            <EuiButton onClick={handleOnClose}>{i18n.CLOSE_BUTTON_LTEXT}</EuiButton>
+            <EuiButton onClick={handleOnClose}>{i18n.CLOSE_BUTTON_TEXT}</EuiButton>
           </EuiFlexItem>
         </EuiFlexGroup>
       </EuiFlyoutFooter>
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_information/translations.ts b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_information/translations.ts
index a79ccbafc5d31..112c6d37ca4a2 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_information/translations.ts
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_information/translations.ts
@@ -9,10 +9,10 @@ import { i18n } from '@kbn/i18n';
 import type { RiskScoreEntity } from '../../../../../common/search_strategy';
 import { getRiskEntityTranslation } from '../translations';
 
-export const INFORMATION_CLASSIFICATION_HEADER = i18n.translate(
-  'xpack.securitySolution.riskInformation.classificationHeader',
+export const INFORMATION_LEVEL_HEADER = i18n.translate(
+  'xpack.securitySolution.riskInformation.levelHeader',
   {
-    defaultMessage: 'Classification',
+    defaultMessage: 'Level',
   }
 );
 
@@ -44,39 +44,13 @@ export const CRITICAL_RISK_DESCRIPTION = i18n.translate(
     defaultMessage: '90 and above',
   }
 );
-export const TITLE = (riskEntity: RiskScoreEntity) =>
-  i18n.translate('xpack.securitySolution.riskInformation.title', {
-    defaultMessage: 'How is {riskEntity} risk calculated?',
-    values: {
-      riskEntity: getRiskEntityTranslation(riskEntity, true),
-    },
-  });
-
-export const INTRODUCTION = (riskEntity: RiskScoreEntity) =>
-  i18n.translate('xpack.securitySolution.riskInformation.introduction', {
-    defaultMessage:
-      'The {riskEntity} Risk Score capability surfaces risky {riskEntityLowerPlural} from within your environment.',
-    values: {
-      riskEntity: getRiskEntityTranslation(riskEntity),
-      riskEntityLowerPlural: getRiskEntityTranslation(riskEntity, true, true),
-    },
-  });
+export const TITLE = i18n.translate('xpack.securitySolution.riskInformation.title', {
+  defaultMessage: 'Entity Risk Analytics',
+});
 
-export const EXPLANATION_MESSAGE = (riskEntity: RiskScoreEntity) =>
-  i18n.translate('xpack.securitySolution.riskInformation.explanation', {
-    defaultMessage:
-      'This feature utilizes a transform, with a scripted metric aggregation to calculate {riskEntityLower} risk scores based on detection rule alerts with an "open" status, within a 5 day time window. The transform runs hourly to keep the score updated as new detection rule alerts stream in.',
-    values: {
-      riskEntityLower: getRiskEntityTranslation(riskEntity, true),
-    },
-  });
-
-export const CLOSE_BUTTON_LTEXT = i18n.translate(
-  'xpack.securitySolution.riskInformation.closeBtn',
-  {
-    defaultMessage: 'Close',
-  }
-);
+export const CLOSE_BUTTON_TEXT = i18n.translate('xpack.securitySolution.riskInformation.closeBtn', {
+  defaultMessage: 'Close',
+});
 
 export const INFO_BUTTON_TEXT = i18n.translate(
   'xpack.securitySolution.riskInformation.buttonLabel',
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_doc_link.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_doc_link.tsx
index 9f0fc185ed450..cae89799d2d1e 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_doc_link.tsx
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_doc_link.tsx
@@ -23,7 +23,7 @@ const RiskScoreDocLinkComponent = ({
 
   return (
     <EuiLink target="_blank" rel="noopener nofollow noreferrer" href={docLink}>
-      {title ? title : LEARN_MORE}
+      {title ? title : LEARN_MORE(riskScoreEntity)}
     </EuiLink>
   );
 };
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_header_title.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_header_title.tsx
index 69a253947353b..741469833f92d 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_header_title.tsx
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/risk_score_header_title.tsx
@@ -7,29 +7,20 @@
 import React from 'react';
 
 import { RiskScoreEntity } from '../../../../../common/search_strategy';
-import { NavItemBetaBadge } from '../../../../common/components/navigation/nav_item_beta_badge';
 import * as i18n from '../../../../overview/components/entity_analytics/common/translations';
-import { TECHNICAL_PREVIEW } from './translations';
 
 const RiskScoreHeaderTitleComponent = ({
   riskScoreEntity,
   title,
-  showTechnicalPreviewBadge = false,
 }: {
   riskScoreEntity: RiskScoreEntity;
   title?: string;
-  showTechnicalPreviewBadge?: boolean;
-}) => {
-  return (
-    <>
-      {title ??
-        (riskScoreEntity === RiskScoreEntity.user ? i18n.USER_RISK_TITLE : i18n.HOST_RISK_TITLE)}
-      {showTechnicalPreviewBadge && (
-        <NavItemBetaBadge text={TECHNICAL_PREVIEW} className="eui-alignMiddle" />
-      )}
-    </>
-  );
-};
+}) => (
+  <>
+    {title ??
+      (riskScoreEntity === RiskScoreEntity.user ? i18n.USER_RISK_TITLE : i18n.HOST_RISK_TITLE)}
+  </>
+);
 
 export const RiskScoreHeaderTitle = React.memo(RiskScoreHeaderTitleComponent);
 RiskScoreHeaderTitle.displayName = 'RiskScoreHeaderTitle';
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/translations.ts b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/translations.ts
index 6b5edc80d65af..424e88c9850c3 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/translations.ts
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/risk_score_onboarding/translations.ts
@@ -5,13 +5,12 @@
  * 2.0.
  */
 import { i18n } from '@kbn/i18n';
+import type { RiskScoreEntity } from '../../../../../common/risk_engine';
+import { getRiskEntityTranslation } from '../translations';
 
-export const TECHNICAL_PREVIEW = i18n.translate(
-  'xpack.securitySolution.riskScore.technicalPreviewLabel',
-  {
-    defaultMessage: 'Technical Preview',
-  }
-);
+export const BETA = i18n.translate('xpack.securitySolution.riskScore.technicalPreviewLabel', {
+  defaultMessage: 'Beta',
+});
 
 export const HOST_WARNING_TITLE = i18n.translate(
   'xpack.securitySolution.riskScore.hostsDashboardWarningPanelTitle',
@@ -48,3 +47,11 @@ export const RESTART_TOOLTIP = i18n.translate(
       'The risk score calculation might take a while to run. However, by pressing restart, you can force it to run immediately.',
   }
 );
+
+export const RISK_DATA_TITLE = (riskEntity: RiskScoreEntity) =>
+  i18n.translate('xpack.securitySolution.alertDetails.overview.hostRiskDataTitle', {
+    defaultMessage: '{riskEntity} Risk Data',
+    values: {
+      riskEntity: getRiskEntityTranslation(riskEntity),
+    },
+  });
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/common/index.test.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/common/index.test.tsx
index 5041d0866b16b..9068c01a760ca 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/common/index.test.tsx
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/common/index.test.tsx
@@ -15,7 +15,7 @@ import { EuiHealth } from '@elastic/eui';
 
 import { euiThemeVars } from '@kbn/ui-theme';
 import { RiskSeverity } from '../../../../../../common/search_strategy';
-import { RiskScore } from '.';
+import { RiskScoreLevel } from '.';
 import { SEVERITY_COLOR } from '../../../../../overview/components/detection_response/utils';
 
 jest.mock('@elastic/eui', () => {
@@ -31,7 +31,7 @@ describe('RiskScore', () => {
   it('renders critical severity risk score', () => {
     const { container } = render(
       <TestProviders>
-        <RiskScore severity={RiskSeverity.critical} />
+        <RiskScoreLevel severity={RiskSeverity.critical} />
       </TestProviders>
     );
 
@@ -46,7 +46,7 @@ describe('RiskScore', () => {
   it('renders hight severity risk score', () => {
     const { container } = render(
       <TestProviders>
-        <RiskScore severity={RiskSeverity.high} />
+        <RiskScoreLevel severity={RiskSeverity.high} />
       </TestProviders>
     );
 
@@ -61,7 +61,7 @@ describe('RiskScore', () => {
   it('renders moderate severity risk score', () => {
     const { container } = render(
       <TestProviders>
-        <RiskScore severity={RiskSeverity.moderate} />
+        <RiskScoreLevel severity={RiskSeverity.moderate} />
       </TestProviders>
     );
 
@@ -76,7 +76,7 @@ describe('RiskScore', () => {
   it('renders low severity risk score', () => {
     const { container } = render(
       <TestProviders>
-        <RiskScore severity={RiskSeverity.low} />
+        <RiskScoreLevel severity={RiskSeverity.low} />
       </TestProviders>
     );
 
@@ -91,7 +91,7 @@ describe('RiskScore', () => {
   it('renders unknown severity risk score', () => {
     const { container } = render(
       <TestProviders>
-        <RiskScore severity={RiskSeverity.unknown} />
+        <RiskScoreLevel severity={RiskSeverity.unknown} />
       </TestProviders>
     );
 
@@ -106,7 +106,7 @@ describe('RiskScore', () => {
   it("doesn't render background-color when hideBackgroundColor is true", () => {
     const { queryByTestId } = render(
       <TestProviders>
-        <RiskScore severity={RiskSeverity.critical} hideBackgroundColor />
+        <RiskScoreLevel severity={RiskSeverity.critical} hideBackgroundColor />
       </TestProviders>
     );
 
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/common/index.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/common/index.tsx
index 8ba146b825aaf..b28898b384e00 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/common/index.tsx
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/common/index.tsx
@@ -41,7 +41,8 @@ const RiskBadge = styled.div<{ $severity: RiskSeverity; $hideBackgroundColor: bo
 const TooltipContainer = styled.div`
   padding: ${({ theme }) => theme.eui.euiSizeS};
 `;
-export const RiskScore: React.FC<{
+
+export const RiskScoreLevel: React.FC<{
   severity: RiskSeverity;
   hideBackgroundColor?: boolean;
   toolTipContent?: JSX.Element;
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/severity_badges.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/severity_badges.tsx
index ef80d8a095699..f1ebae0897595 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/severity_badges.tsx
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/severity_badges.tsx
@@ -8,7 +8,7 @@
 import { EuiFlexGroup, EuiNotificationBadge, EuiFlexItem } from '@elastic/eui';
 import React from 'react';
 import type { RiskSeverity } from '../../../../../common/search_strategy';
-import { RiskScore, RISK_SEVERITY_COLOUR } from './common';
+import { RiskScoreLevel, RISK_SEVERITY_COLOUR } from './common';
 import type { SeverityCount } from './types';
 
 export const SeverityBadges: React.FC<{
@@ -38,7 +38,7 @@ const SeverityBadge: React.FC<{ status: RiskSeverity; count: number }> = React.m
   ({ status, count }) => (
     <EuiFlexGroup alignItems="center" gutterSize="s">
       <EuiFlexItem grow={false}>
-        <RiskScore severity={status} />
+        <RiskScoreLevel severity={status} />
       </EuiFlexItem>
       <EuiFlexItem grow={false}>
         <EuiNotificationBadge size="s" color="subdued">
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/severity_filter_group.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/severity_filter_group.tsx
index 10a53c7609277..02ce5e01e8873 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/severity_filter_group.tsx
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/severity/severity_filter_group.tsx
@@ -19,8 +19,8 @@ import {
 import type { RiskScoreEntity, RiskSeverity } from '../../../../../common/search_strategy';
 import { SEVERITY_UI_SORT_ORDER } from '../../../../../common/search_strategy';
 import type { SeverityCount } from './types';
-import { RiskScore } from './common';
-import { ENTITY_RISK_CLASSIFICATION } from '../translations';
+import { RiskScoreLevel } from './common';
+import { ENTITY_RISK_LEVEL } from '../translations';
 import { useKibana } from '../../../../common/lib/kibana';
 
 interface SeverityItems {
@@ -92,7 +92,7 @@ export const SeverityFilterGroup: React.FC<{
         numActiveFilters={totalActiveItem}
         onClick={onButtonClick}
       >
-        {ENTITY_RISK_CLASSIFICATION(riskEntity)}
+        {ENTITY_RISK_LEVEL(riskEntity)}
       </EuiFilterButton>
     ),
     [isPopoverOpen, items, onButtonClick, totalActiveItem, riskEntity]
@@ -118,7 +118,7 @@ export const SeverityFilterGroup: React.FC<{
               key={index + item.risk}
               onClick={() => updateSeverityFilter(item.risk)}
             >
-              <RiskScore severity={item.risk} />
+              <RiskScoreLevel severity={item.risk} />
             </EuiFilterSelectItem>
           ))}
         </div>
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/top_risk_score_contributors_alerts/index.tsx b/x-pack/plugins/security_solution/public/explore/components/risk_score/top_risk_score_contributors_alerts/index.tsx
index 0517df3afdd34..05132003ae095 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/top_risk_score_contributors_alerts/index.tsx
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/top_risk_score_contributors_alerts/index.tsx
@@ -25,6 +25,7 @@ import { inputsSelectors } from '../../../../common/store/inputs';
 import { useUserData } from '../../../../detections/components/user_info';
 import { useSourcererDataView } from '../../../../common/containers/sourcerer';
 import { SourcererScopeName } from '../../../../common/store/sourcerer/model';
+import { RiskInformationButtonEmpty } from '../risk_information';
 
 export interface TopRiskScoreContributorsAlertsProps {
   toggleStatus: boolean;
@@ -100,6 +101,7 @@ export const TopRiskScoreContributorsAlerts: React.FC<TopRiskScoreContributorsAl
             hideSubtitle
             toggleQuery={toggleQuery}
             toggleStatus={toggleStatus}
+            headerFilters={<RiskInformationButtonEmpty riskEntity={riskEntity} />}
           />
         </EuiFlexItem>
       </EuiFlexGroup>
diff --git a/x-pack/plugins/security_solution/public/explore/components/risk_score/translations.ts b/x-pack/plugins/security_solution/public/explore/components/risk_score/translations.ts
index a2a04f346de09..501de5719a63e 100644
--- a/x-pack/plugins/security_solution/public/explore/components/risk_score/translations.ts
+++ b/x-pack/plugins/security_solution/public/explore/components/risk_score/translations.ts
@@ -32,9 +32,9 @@ export const RISK_SCORE_TITLE = (riskEntity: RiskScoreEntity) =>
     },
   });
 
-export const ENTITY_RISK_CLASSIFICATION = (riskEntity: RiskScoreEntity) =>
-  i18n.translate('xpack.securitySolution.entityAnalytics.riskDashboard.riskClassificationTitle', {
-    defaultMessage: '{riskEntity} risk classification',
+export const ENTITY_RISK_LEVEL = (riskEntity: RiskScoreEntity) =>
+  i18n.translate('xpack.securitySolution.entityAnalytics.riskDashboard.riskLevelTitle', {
+    defaultMessage: '{riskEntity} risk level',
     values: {
       riskEntity: getRiskEntityTranslation(riskEntity),
     },
diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.tsx b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.tsx
index ae2969a0d1116..de66a5bca1110 100644
--- a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.tsx
+++ b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/columns.tsx
@@ -6,7 +6,7 @@
  */
 
 import React from 'react';
-import { EuiIcon, EuiLink, EuiText, EuiToolTip } from '@elastic/eui';
+import { EuiLink, EuiText } from '@elastic/eui';
 import {
   SecurityCellActions,
   CellActionsMode,
@@ -19,8 +19,8 @@ import * as i18n from './translations';
 import { HostsTableType } from '../../store/model';
 import type { RiskSeverity } from '../../../../../common/search_strategy';
 import { RiskScoreFields, RiskScoreEntity } from '../../../../../common/search_strategy';
-import { RiskScore } from '../../../components/risk_score/severity/common';
-import { ENTITY_RISK_CLASSIFICATION } from '../../../components/risk_score/translations';
+import { RiskScoreLevel } from '../../../components/risk_score/severity/common';
+import { ENTITY_RISK_LEVEL } from '../../../components/risk_score/translations';
 import { CELL_ACTIONS_TELEMETRY } from '../../../components/risk_score/constants';
 
 export const getHostRiskScoreColumns = ({
@@ -76,21 +76,14 @@ export const getHostRiskScoreColumns = ({
   },
   {
     field: RiskScoreFields.hostRisk,
-    name: (
-      <EuiToolTip content={i18n.HOST_RISK_TOOLTIP}>
-        <>
-          {ENTITY_RISK_CLASSIFICATION(RiskScoreEntity.host)}{' '}
-          <EuiIcon color="subdued" type="iInCircle" className="eui-alignTop" />
-        </>
-      </EuiToolTip>
-    ),
+    name: ENTITY_RISK_LEVEL(RiskScoreEntity.host),
     truncateText: false,
     mobileOptions: { show: true },
     sortable: true,
     render: (risk) => {
       if (risk != null) {
         return (
-          <RiskScore
+          <RiskScoreLevel
             toolTipContent={
               <EuiLink onClick={() => dispatchSeverityUpdate(risk)}>
                 <EuiText size="xs">{i18n.VIEW_HOSTS_BY_SEVERITY(risk.toLowerCase())}</EuiText>
diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/index.tsx b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/index.tsx
index f4cec6357c328..497c21e8f9dec 100644
--- a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/index.tsx
+++ b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/index.tsx
@@ -31,6 +31,7 @@ import { SeverityBar } from '../../../components/risk_score/severity/severity_ba
 import { SeverityFilterGroup } from '../../../components/risk_score/severity/severity_filter_group';
 
 import type { SeverityCount } from '../../../components/risk_score/severity/types';
+import { RiskInformationButtonEmpty } from '../../../components/risk_score/risk_information';
 
 export const rowItems: ItemsPerRow[] = [
   {
@@ -173,12 +174,19 @@ const HostRiskScoreTableComponent: React.FC<HostRiskScoreTableProps> = ({
       dataTestSubj={`table-${tableType}`}
       headerCount={totalCount}
       headerFilters={
-        <SeverityFilterGroup
-          selectedSeverities={severitySelectionRedux}
-          severityCount={severityCount}
-          onSelect={onSelect}
-          riskEntity={RiskScoreEntity.host}
-        />
+        <EuiFlexGroup gutterSize="s">
+          <EuiFlexItem grow={false}>
+            <RiskInformationButtonEmpty riskEntity={RiskScoreEntity.host} />
+          </EuiFlexItem>
+          <EuiFlexItem grow={false}>
+            <SeverityFilterGroup
+              selectedSeverities={severitySelectionRedux}
+              severityCount={severityCount}
+              onSelect={onSelect}
+              riskEntity={RiskScoreEntity.host}
+            />
+          </EuiFlexItem>
+        </EuiFlexGroup>
       }
       headerSupplement={risk}
       headerTitle={i18nHosts.HOST_RISK_TITLE}
diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/translations.ts b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/translations.ts
index 1b4820e622755..08c685720a2e4 100644
--- a/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/translations.ts
+++ b/x-pack/plugins/security_solution/public/explore/hosts/components/host_risk_score_table/translations.ts
@@ -18,17 +18,9 @@ export const HOST_RISK_SCORE = i18n.translate(
 );
 
 export const HOST_RISK = i18n.translate('xpack.securitySolution.hostsRiskTable.riskTitle', {
-  defaultMessage: 'Host risk classification',
+  defaultMessage: 'Host risk level',
 });
 
-export const HOST_RISK_TOOLTIP = i18n.translate(
-  'xpack.securitySolution.hostsRiskTable.hostRiskToolTip',
-  {
-    defaultMessage:
-      'Host risk classification is determined by host risk score. Hosts classified as Critical or High are indicated as risky.',
-  }
-);
-
 export const HOST_RISK_TITLE = i18n.translate(
   'xpack.securitySolution.hostsRiskTable.hostRiskTitle',
   {
diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/columns.tsx b/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/columns.tsx
index 3848b6dafe6ba..292e106fa5d4d 100644
--- a/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/columns.tsx
+++ b/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/columns.tsx
@@ -20,8 +20,8 @@ import * as i18n from './translations';
 import type { Maybe, RiskSeverity } from '../../../../../common/search_strategy';
 import { RiskScoreEntity } from '../../../../../common/search_strategy';
 import { VIEW_HOSTS_BY_SEVERITY } from '../host_risk_score_table/translations';
-import { RiskScore } from '../../../components/risk_score/severity/common';
-import { ENTITY_RISK_CLASSIFICATION } from '../../../components/risk_score/translations';
+import { RiskScoreLevel } from '../../../components/risk_score/severity/common';
+import { ENTITY_RISK_LEVEL } from '../../../components/risk_score/translations';
 
 export const getHostsColumns = (
   showRiskColumn: boolean,
@@ -141,21 +141,14 @@ export const getHostsColumns = (
   if (showRiskColumn) {
     columns.push({
       field: 'node.risk',
-      name: (
-        <EuiToolTip content={i18n.HOST_RISK_TOOLTIP}>
-          <>
-            {ENTITY_RISK_CLASSIFICATION(RiskScoreEntity.host)}{' '}
-            <EuiIcon color="subdued" type="iInCircle" className="eui-alignTop" />
-          </>
-        </EuiToolTip>
-      ),
+      name: ENTITY_RISK_LEVEL(RiskScoreEntity.host),
       truncateText: false,
       mobileOptions: { show: true },
       sortable: false,
       render: (riskScore: RiskSeverity) => {
         if (riskScore != null) {
           return (
-            <RiskScore
+            <RiskScoreLevel
               toolTipContent={
                 <EuiLink onClick={() => dispatchSeverityUpdate(riskScore)}>
                   <EuiText size="xs">{VIEW_HOSTS_BY_SEVERITY(riskScore.toLowerCase())}</EuiText>
diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/index.test.tsx b/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/index.test.tsx
index 9bca791409a48..498efb3fdd62b 100644
--- a/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/index.test.tsx
+++ b/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/index.test.tsx
@@ -89,7 +89,7 @@ describe('Hosts Table', () => {
       expect(wrapper.find('HostsTable')).toMatchSnapshot();
     });
 
-    test('it renders "Host Risk classification" column when "isPlatinumOrTrialLicense" is truthy and user has risk-entity capability', () => {
+    test('it renders "Host Risk level" column when "isPlatinumOrTrialLicense" is truthy and user has risk-entity capability', () => {
       mockUseMlCapabilities.mockReturnValue({ isPlatinumOrTrialLicense: true });
       mockUseHasSecurityCapability.mockReturnValue(true);
 
@@ -113,7 +113,7 @@ describe('Hosts Table', () => {
       expect(queryByTestId('tableHeaderCell_node.risk_4')).toBeInTheDocument();
     });
 
-    test("it doesn't renders 'Host Risk classification' column when 'isPlatinumOrTrialLicense' is falsy", () => {
+    test("it doesn't renders 'Host Risk level' column when 'isPlatinumOrTrialLicense' is falsy", () => {
       mockUseMlCapabilities.mockReturnValue({ isPlatinumOrTrialLicense: false });
       mockUseHasSecurityCapability.mockReturnValue(true);
 
@@ -137,7 +137,7 @@ describe('Hosts Table', () => {
       expect(queryByTestId('tableHeaderCell_node.riskScore_4')).not.toBeInTheDocument();
     });
 
-    test("it doesn't renders 'Host Risk classification' column when user doesn't has entity-analytics capabilities", () => {
+    test("it doesn't renders 'Host Risk level' column when user doesn't has entity-analytics capabilities", () => {
       mockUseMlCapabilities.mockReturnValue({ isPlatinumOrTrialLicense: true });
       mockUseHasSecurityCapability.mockReturnValue(false);
 
diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/translations.ts b/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/translations.ts
index bf4002cd5568c..1f81968213b45 100644
--- a/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/translations.ts
+++ b/x-pack/plugins/security_solution/public/explore/hosts/components/hosts_table/translations.ts
@@ -36,14 +36,6 @@ export const FIRST_LAST_SEEN_TOOLTIP = i18n.translate(
   }
 );
 
-export const HOST_RISK_TOOLTIP = i18n.translate(
-  'xpack.securitySolution.hostsTable.hostRiskToolTip',
-  {
-    defaultMessage:
-      "The host's risk score determines its risk classification. Risky hosts are labeled as critical or high.",
-  }
-);
-
 export const OS_LAST_SEEN_TOOLTIP = i18n.translate(
   'xpack.securitySolution.hostsTable.osLastSeenToolTip',
   {
diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/kpi_hosts/risky_hosts/index.test.tsx b/x-pack/plugins/security_solution/public/explore/hosts/components/kpi_hosts/risky_hosts/index.test.tsx
deleted file mode 100644
index b96c63e85b12b..0000000000000
--- a/x-pack/plugins/security_solution/public/explore/hosts/components/kpi_hosts/risky_hosts/index.test.tsx
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import React from 'react';
-
-import { render } from '@testing-library/react';
-
-import { RiskyHosts } from '.';
-import { TestProviders } from '../../../../../common/mock';
-import type { KpiRiskScoreStrategyResponse } from '../../../../../../common/search_strategy';
-
-describe('RiskyHosts', () => {
-  const defaultProps = {
-    error: undefined,
-    loading: false,
-  };
-
-  test('it renders', () => {
-    const { queryByText } = render(
-      <TestProviders>
-        <RiskyHosts {...defaultProps} />
-      </TestProviders>
-    );
-
-    expect(queryByText('Risky Hosts')).toBeInTheDocument();
-  });
-
-  test('it displays loader while API is loading', () => {
-    const { getByTestId } = render(
-      <TestProviders>
-        <RiskyHosts {...defaultProps} loading />
-      </TestProviders>
-    );
-
-    expect(getByTestId('KpiLoader')).toBeInTheDocument();
-  });
-
-  test('it displays 0 risky hosts when initializing', () => {
-    const { getByTestId } = render(
-      <TestProviders>
-        <RiskyHosts {...defaultProps} />
-      </TestProviders>
-    );
-
-    expect(getByTestId('riskyHostsTotal').textContent).toEqual('0 Risky Hosts');
-    expect(getByTestId('riskyHostsCriticalQuantity').textContent).toEqual('0 hosts');
-    expect(getByTestId('riskyHostsHighQuantity').textContent).toEqual('0 hosts');
-  });
-
-  test('it displays risky hosts quantity returned by the API', () => {
-    const data: KpiRiskScoreStrategyResponse = {
-      rawResponse: {} as KpiRiskScoreStrategyResponse['rawResponse'],
-      kpiRiskScore: {
-        Critical: 1,
-        High: 1,
-        Unknown: 0,
-        Low: 0,
-        Moderate: 0,
-      },
-    };
-    const { getByTestId } = render(
-      <TestProviders>
-        <RiskyHosts {...defaultProps} data={data} />
-      </TestProviders>
-    );
-
-    expect(getByTestId('riskyHostsTotal').textContent).toEqual('2 Risky Hosts');
-    expect(getByTestId('riskyHostsCriticalQuantity').textContent).toEqual('1 host');
-    expect(getByTestId('riskyHostsHighQuantity').textContent).toEqual('1 host');
-  });
-});
diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/kpi_hosts/risky_hosts/index.tsx b/x-pack/plugins/security_solution/public/explore/hosts/components/kpi_hosts/risky_hosts/index.tsx
deleted file mode 100644
index 0863212e44eca..0000000000000
--- a/x-pack/plugins/security_solution/public/explore/hosts/components/kpi_hosts/risky_hosts/index.tsx
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import {
-  EuiFlexGroup,
-  EuiFlexItem,
-  EuiHorizontalRule,
-  EuiIcon,
-  EuiPanel,
-  EuiLoadingSpinner,
-  EuiTitle,
-  EuiText,
-} from '@elastic/eui';
-import React from 'react';
-import styled from 'styled-components';
-import { euiLightVars } from '@kbn/ui-theme';
-import {
-  RiskInformationButtonIcon,
-  HOST_RISK_INFO_BUTTON_CLASS,
-} from '../../../../components/risk_score/risk_information';
-import {
-  InspectButton,
-  BUTTON_CLASS as INPECT_BUTTON_CLASS,
-} from '../../../../../common/components/inspect';
-
-import * as i18n from './translations';
-
-import { useInspectQuery } from '../../../../../common/hooks/use_inspect_query';
-import { useErrorToast } from '../../../../../common/hooks/use_error_toast';
-
-import { HoverVisibilityContainer } from '../../../../../common/components/hover_visibility_container';
-import type { KpiRiskScoreStrategyResponse } from '../../../../../../common/search_strategy';
-import { RiskScoreEntity, RiskSeverity } from '../../../../../../common/search_strategy';
-import { RiskScore } from '../../../../components/risk_score/severity/common';
-
-const KpiBaseComponentLoader: React.FC = () => (
-  <EuiFlexGroup justifyContent="center" alignItems="center" data-test-subj="KpiLoader">
-    <EuiFlexItem grow={false}>
-      <EuiLoadingSpinner size="xl" />
-    </EuiFlexItem>
-  </EuiFlexGroup>
-);
-const QUERY_ID = 'hostsKpiRiskyHostsQuery';
-
-const HostCount = styled(EuiText)`
-  font-weight: bold;
-`;
-HostCount.displayName = 'HostCount';
-
-const StatusTitle = styled(EuiTitle)`
-  text-transform: lowercase;
-`;
-
-const RiskScoreContainer = styled(EuiFlexItem)`
-  min-width: 80px;
-`;
-
-/**
- * FUTURE ENGINEER: This is a host risk card for the host page.
- * Due to not being able to apply KQL,
- * we decided not to go forward with this for 8.1
- * saving the code for future implementation
- */
-const RiskyHostsComponent: React.FC<{
-  error: unknown;
-  loading: boolean;
-  data?: KpiRiskScoreStrategyResponse;
-}> = ({ error, loading, data }) => {
-  useInspectQuery(QUERY_ID, loading, data);
-  useErrorToast(i18n.ERROR_TITLE, error);
-
-  if (loading) {
-    return <KpiBaseComponentLoader />;
-  }
-
-  const criticalRiskCount = data?.kpiRiskScore.Critical ?? 0;
-  const hightlRiskCount = data?.kpiRiskScore.High ?? 0;
-
-  const totalCount = criticalRiskCount + hightlRiskCount;
-
-  return (
-    <HoverVisibilityContainer targetClassNames={[INPECT_BUTTON_CLASS, HOST_RISK_INFO_BUTTON_CLASS]}>
-      <EuiPanel hasBorder data-test-subj="risky-hosts">
-        <EuiFlexGroup gutterSize={'none'}>
-          <EuiFlexItem>
-            <EuiTitle size="xxxs">
-              <h6>{i18n.RISKY_HOSTS_TITLE}</h6>
-            </EuiTitle>
-          </EuiFlexItem>
-          <EuiFlexItem grow={false}>
-            <EuiFlexGroup gutterSize="s">
-              <EuiFlexItem>
-                <RiskInformationButtonIcon riskEntity={RiskScoreEntity.host} />
-              </EuiFlexItem>
-              {data?.inspect && (
-                <EuiFlexItem>
-                  <InspectButton queryId={QUERY_ID} title={i18n.INSPECT_RISKY_HOSTS} />
-                </EuiFlexItem>
-              )}
-            </EuiFlexGroup>
-          </EuiFlexItem>
-        </EuiFlexGroup>
-        <EuiFlexGroup>
-          <EuiFlexItem>
-            <EuiFlexGroup alignItems="center" gutterSize="m" responsive={false}>
-              <EuiFlexItem grow={false}>
-                <EuiIcon type="warning" color={euiLightVars.euiColorDarkestShade} size="l" />
-              </EuiFlexItem>
-              <EuiFlexItem>
-                <StatusTitle className="eui-textTruncate" data-test-subj="riskyHostsTotal">
-                  <p>{i18n.RISKY_HOSTS_DESCRIPTION(totalCount, totalCount.toLocaleString())}</p>
-                </StatusTitle>
-              </EuiFlexItem>
-            </EuiFlexGroup>
-          </EuiFlexItem>
-        </EuiFlexGroup>
-        <EuiHorizontalRule />
-        <EuiFlexGroup direction="column" gutterSize="l" responsive={false}>
-          <EuiFlexItem>
-            <EuiFlexGroup gutterSize="s" alignItems="center" responsive={false}>
-              <RiskScoreContainer grow={false}>
-                <RiskScore severity={RiskSeverity.critical} />
-              </RiskScoreContainer>
-              <EuiFlexItem>
-                <HostCount size="m" data-test-subj="riskyHostsCriticalQuantity">
-                  {i18n.HOSTS_COUNT(criticalRiskCount)}
-                </HostCount>
-              </EuiFlexItem>
-            </EuiFlexGroup>
-          </EuiFlexItem>
-          <EuiFlexItem>
-            <EuiFlexGroup gutterSize="s" alignItems="center" responsive={false}>
-              <RiskScoreContainer grow={false}>
-                <RiskScore severity={RiskSeverity.high} />
-              </RiskScoreContainer>
-              <EuiFlexItem>
-                <HostCount size="m" data-test-subj="riskyHostsHighQuantity">
-                  {i18n.HOSTS_COUNT(hightlRiskCount)}
-                </HostCount>
-              </EuiFlexItem>
-            </EuiFlexGroup>
-          </EuiFlexItem>
-        </EuiFlexGroup>
-      </EuiPanel>
-    </HoverVisibilityContainer>
-  );
-};
-
-export const RiskyHosts = React.memo(RiskyHostsComponent);
diff --git a/x-pack/plugins/security_solution/public/explore/hosts/components/kpi_hosts/risky_hosts/translations.ts b/x-pack/plugins/security_solution/public/explore/hosts/components/kpi_hosts/risky_hosts/translations.ts
deleted file mode 100644
index ef289a0aa6aab..0000000000000
--- a/x-pack/plugins/security_solution/public/explore/hosts/components/kpi_hosts/risky_hosts/translations.ts
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
- * or more contributor license agreements. Licensed under the Elastic License
- * 2.0; you may not use this file except in compliance with the Elastic License
- * 2.0.
- */
-
-import { i18n } from '@kbn/i18n';
-
-export const HOSTS_COUNT = (quantity: number) =>
-  i18n.translate('xpack.securitySolution.kpiHosts.riskyHosts.hostsCount', {
-    defaultMessage: '{quantity} {quantity, plural, =1 {host} other {hosts}}',
-    values: {
-      quantity,
-    },
-  });
-
-export const RISKY_HOSTS_DESCRIPTION = (quantity: number, formattedQuantity: string) =>
-  i18n.translate('xpack.securitySolution.kpiHosts.riskyHosts.description', {
-    defaultMessage: '{formattedQuantity} Risky {quantity, plural, =1 {Host} other {Hosts}}',
-    values: {
-      formattedQuantity,
-      quantity,
-    },
-  });
-
-export const RISKY_HOSTS_TITLE = i18n.translate(
-  'xpack.securitySolution.kpiHosts.riskyHosts.title',
-  {
-    defaultMessage: 'Risky Hosts',
-  }
-);
-
-export const INSPECT_RISKY_HOSTS = i18n.translate(
-  'xpack.securitySolution.kpiHosts.riskyHosts.inspectTitle',
-  {
-    defaultMessage: 'Risky Hosts',
-  }
-);
-
-export const ERROR_TITLE = i18n.translate(
-  'xpack.securitySolution.kpiHosts.riskyHosts.errorMessage',
-  {
-    defaultMessage: 'Error Fetching Risky Hosts API',
-  }
-);
diff --git a/x-pack/plugins/security_solution/public/explore/hosts/pages/translations.ts b/x-pack/plugins/security_solution/public/explore/hosts/pages/translations.ts
index 7fe50385d9034..5f064f06faef1 100644
--- a/x-pack/plugins/security_solution/public/explore/hosts/pages/translations.ts
+++ b/x-pack/plugins/security_solution/public/explore/hosts/pages/translations.ts
@@ -66,10 +66,3 @@ export const ERROR_FETCHING_EVENTS_DATA = i18n.translate(
     defaultMessage: 'Failed to query events data',
   }
 );
-
-export const VIEW_DASHBOARD_BUTTON = i18n.translate(
-  'xpack.securitySolution.hosts.navigaton.hostRisk.viewDashboardButtonLabel',
-  {
-    defaultMessage: 'View source dashboard',
-  }
-);
diff --git a/x-pack/plugins/security_solution/public/explore/users/components/all_users/index.tsx b/x-pack/plugins/security_solution/public/explore/users/components/all_users/index.tsx
index 29ab7551341a9..7cf90c41fd7c3 100644
--- a/x-pack/plugins/security_solution/public/explore/users/components/all_users/index.tsx
+++ b/x-pack/plugins/security_solution/public/explore/users/components/all_users/index.tsx
@@ -8,7 +8,7 @@
 import React, { useCallback, useMemo } from 'react';
 import { useDispatch } from 'react-redux';
 
-import { EuiIcon, EuiLink, EuiText, EuiToolTip } from '@elastic/eui';
+import { EuiLink, EuiText } from '@elastic/eui';
 import { FormattedRelativePreferenceDate } from '../../../../common/components/formatted_date';
 import { UserDetailsLink } from '../../../../common/components/links';
 import {
@@ -27,7 +27,7 @@ import { usersActions, usersModel, usersSelectors } from '../../store';
 import type { User } from '../../../../../common/search_strategy/security_solution/users/all';
 import type { SortUsersField } from '../../../../../common/search_strategy/security_solution/users/common';
 import type { RiskSeverity } from '../../../../../common/search_strategy';
-import { RiskScore } from '../../../components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../components/risk_score/severity/common';
 import { useMlCapabilities } from '../../../../common/components/ml/hooks/use_ml_capabilities';
 import { VIEW_USERS_BY_SEVERITY } from '../user_risk_score_table/translations';
 import { SecurityPageName } from '../../../../app/types';
@@ -116,20 +116,14 @@ const getUsersColumns = (
   if (showRiskColumn) {
     columns.push({
       field: 'risk',
-      name: (
-        <EuiToolTip content={i18n.USER_RISK_TOOLTIP}>
-          <>
-            {i18n.USER_RISK} <EuiIcon color="subdued" type="iInCircle" className="eui-alignTop" />
-          </>
-        </EuiToolTip>
-      ),
+      name: i18n.USER_RISK,
       truncateText: false,
       mobileOptions: { show: true },
       sortable: false,
       render: (riskScore: RiskSeverity) => {
         if (riskScore != null) {
           return (
-            <RiskScore
+            <RiskScoreLevel
               toolTipContent={
                 <EuiLink onClick={() => dispatchSeverityUpdate(riskScore)}>
                   <EuiText size="xs">{VIEW_USERS_BY_SEVERITY(riskScore.toLowerCase())}</EuiText>
diff --git a/x-pack/plugins/security_solution/public/explore/users/components/all_users/translations.ts b/x-pack/plugins/security_solution/public/explore/users/components/all_users/translations.ts
index 17319a82e74f1..e1e3f43c6af32 100644
--- a/x-pack/plugins/security_solution/public/explore/users/components/all_users/translations.ts
+++ b/x-pack/plugins/security_solution/public/explore/users/components/all_users/translations.ts
@@ -39,14 +39,6 @@ export const UNIT = (totalCount: number) =>
     defaultMessage: `{totalCount, plural, =1 {user} other {users}}`,
   });
 
-export const USER_RISK_TOOLTIP = i18n.translate(
-  'xpack.securitySolution.usersTable.userRiskToolTip',
-  {
-    defaultMessage:
-      "The user's risk score determines its risk classification. Risky users are labeled as critical or high.",
-  }
-);
-
 export const USER_RISK = i18n.translate('xpack.securitySolution.usersTable.riskTitle', {
-  defaultMessage: 'User risk classification',
+  defaultMessage: 'User risk level',
 });
diff --git a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.tsx b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.tsx
index a41f97f4e81d1..6de43c4dbe2fc 100644
--- a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.tsx
+++ b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/columns.tsx
@@ -6,7 +6,7 @@
  */
 
 import React from 'react';
-import { EuiIcon, EuiLink, EuiText, EuiToolTip } from '@elastic/eui';
+import { EuiLink, EuiText } from '@elastic/eui';
 import {
   SecurityCellActions,
   SecurityCellActionsTrigger,
@@ -16,12 +16,12 @@ import { escapeDataProviderId } from '../../../../common/components/drag_and_dro
 import { getEmptyTagValue } from '../../../../common/components/empty_value';
 import type { UserRiskScoreColumns } from '.';
 import * as i18n from './translations';
-import { RiskScore } from '../../../components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../components/risk_score/severity/common';
 import type { RiskSeverity } from '../../../../../common/search_strategy';
 import { RiskScoreEntity, RiskScoreFields } from '../../../../../common/search_strategy';
 import { UserDetailsLink } from '../../../../common/components/links';
 import { UsersTableType } from '../../store/model';
-import { ENTITY_RISK_CLASSIFICATION } from '../../../components/risk_score/translations';
+import { ENTITY_RISK_LEVEL } from '../../../components/risk_score/translations';
 import { CELL_ACTIONS_TELEMETRY } from '../../../components/risk_score/constants';
 
 export const getUserRiskScoreColumns = ({
@@ -79,21 +79,14 @@ export const getUserRiskScoreColumns = ({
   },
   {
     field: RiskScoreFields.userRisk,
-    name: (
-      <EuiToolTip content={i18n.USER_RISK_TOOLTIP}>
-        <>
-          {ENTITY_RISK_CLASSIFICATION(RiskScoreEntity.user)}{' '}
-          <EuiIcon color="subdued" type="iInCircle" className="eui-alignTop" />
-        </>
-      </EuiToolTip>
-    ),
+    name: ENTITY_RISK_LEVEL(RiskScoreEntity.user),
     truncateText: false,
     mobileOptions: { show: true },
     sortable: true,
     render: (risk) => {
       if (risk != null) {
         return (
-          <RiskScore
+          <RiskScoreLevel
             toolTipContent={
               <EuiLink onClick={() => dispatchSeverityUpdate(risk)}>
                 <EuiText size="xs">{i18n.VIEW_USERS_BY_SEVERITY(risk.toLowerCase())}</EuiText>
diff --git a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/index.tsx b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/index.tsx
index 378705bd6932e..5dc1c3c6bd08e 100644
--- a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/index.tsx
+++ b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/index.tsx
@@ -31,6 +31,7 @@ import type {
   UserRiskScore,
 } from '../../../../../common/search_strategy';
 import { RiskScoreEntity } from '../../../../../common/search_strategy';
+import { RiskInformationButtonEmpty } from '../../../components/risk_score/risk_information';
 
 export const rowItems: ItemsPerRow[] = [
   {
@@ -174,12 +175,19 @@ const UserRiskScoreTableComponent: React.FC<UserRiskScoreTableProps> = ({
       dataTestSubj={`table-${tableType}`}
       headerCount={totalCount}
       headerFilters={
-        <SeverityFilterGroup
-          selectedSeverities={severitySelectionRedux}
-          severityCount={severityCount}
-          onSelect={onSelect}
-          riskEntity={RiskScoreEntity.user}
-        />
+        <EuiFlexGroup gutterSize="s">
+          <EuiFlexItem grow={false}>
+            <RiskInformationButtonEmpty riskEntity={RiskScoreEntity.user} />
+          </EuiFlexItem>
+          <EuiFlexItem grow={false}>
+            <SeverityFilterGroup
+              selectedSeverities={severitySelectionRedux}
+              severityCount={severityCount}
+              onSelect={onSelect}
+              riskEntity={RiskScoreEntity.user}
+            />
+          </EuiFlexItem>
+        </EuiFlexGroup>
       }
       headerSupplement={risk}
       headerTitle={i18nUsers.NAVIGATION_RISK_TITLE}
diff --git a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/translations.ts b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/translations.ts
index c1f5f2f9da7e8..d0cf95dea6c23 100644
--- a/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/translations.ts
+++ b/x-pack/plugins/security_solution/public/explore/users/components/user_risk_score_table/translations.ts
@@ -17,14 +17,6 @@ export const USER_RISK_SCORE = i18n.translate(
   }
 );
 
-export const USER_RISK_TOOLTIP = i18n.translate(
-  'xpack.securitySolution.usersRiskTable.userRiskToolTip',
-  {
-    defaultMessage:
-      'User risk classification is determined by user risk score. Users classified as Critical or High are indicated as risky.',
-  }
-);
-
 export const VIEW_USERS_BY_SEVERITY = (severity: string) =>
   i18n.translate('xpack.securitySolution.usersRiskTable.filteredUsersTitle', {
     values: { severity },
diff --git a/x-pack/plugins/security_solution/public/explore/users/pages/translations.ts b/x-pack/plugins/security_solution/public/explore/users/pages/translations.ts
index 6668564c6cef1..256f48bc5d15e 100644
--- a/x-pack/plugins/security_solution/public/explore/users/pages/translations.ts
+++ b/x-pack/plugins/security_solution/public/explore/users/pages/translations.ts
@@ -52,10 +52,3 @@ export const USER_RISK_SCORE_OVER_TIME = i18n.translate(
     defaultMessage: 'User risk score over time',
   }
 );
-
-export const VIEW_DASHBOARD_BUTTON = i18n.translate(
-  'xpack.securitySolution.hosts.navigaton.hostRisk.viewDashboardButtonLabel',
-  {
-    defaultMessage: 'View source dashboard',
-  }
-);
diff --git a/x-pack/plugins/security_solution/public/flyout/left/components/host_details.tsx b/x-pack/plugins/security_solution/public/flyout/left/components/host_details.tsx
index 44a1a23abf774..3e103d1cbb8b1 100644
--- a/x-pack/plugins/security_solution/public/flyout/left/components/host_details.tsx
+++ b/x-pack/plugins/security_solution/public/flyout/left/components/host_details.tsx
@@ -30,7 +30,7 @@ import { AnomalyTableProvider } from '../../../common/components/ml/anomaly/anom
 import { InspectButton, InspectButtonContainer } from '../../../common/components/inspect';
 import { NetworkDetailsLink } from '../../../common/components/links';
 import { RiskScoreEntity } from '../../../../common/search_strategy';
-import { RiskScore } from '../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../explore/components/risk_score/severity/common';
 import { DefaultFieldRenderer } from '../../../timelines/components/field_renderers/field_renderers';
 import { InputsModelId } from '../../../common/store/inputs/constants';
 import {
@@ -49,8 +49,7 @@ import { useHostRelatedUsers } from '../../../common/containers/related_entities
 import { useMlCapabilities } from '../../../common/components/ml/hooks/use_ml_capabilities';
 import { getEmptyTagValue } from '../../../common/components/empty_value';
 import { HOST_DETAILS_TEST_ID, HOST_DETAILS_RELATED_USERS_TABLE_TEST_ID } from './test_ids';
-import { ENTITY_RISK_CLASSIFICATION } from '../../../explore/components/risk_score/translations';
-import { USER_RISK_TOOLTIP } from '../../../explore/users/components/all_users/translations';
+import { ENTITY_RISK_LEVEL } from '../../../explore/components/risk_score/translations';
 import { useHasSecurityCapability } from '../../../helper_hooks';
 
 const HOST_DETAILS_ID = 'entities-hosts-details';
@@ -177,20 +176,13 @@ export const HostDetails: React.FC<HostDetailsProps> = ({ hostName, timestamp, s
         ? [
             {
               field: 'risk',
-              name: (
-                <EuiToolTip content={USER_RISK_TOOLTIP}>
-                  <>
-                    {ENTITY_RISK_CLASSIFICATION(RiskScoreEntity.user)}{' '}
-                    <EuiIcon color="subdued" type="iInCircle" className="eui-alignTop" />
-                  </>
-                </EuiToolTip>
-              ),
+              name: ENTITY_RISK_LEVEL(RiskScoreEntity.user),
               truncateText: false,
               mobileOptions: { show: true },
               sortable: false,
               render: (riskScore: RiskSeverity) => {
                 if (riskScore != null) {
-                  return <RiskScore severity={riskScore} />;
+                  return <RiskScoreLevel severity={riskScore} />;
                 }
                 return getEmptyTagValue();
               },
diff --git a/x-pack/plugins/security_solution/public/flyout/left/components/user_details.tsx b/x-pack/plugins/security_solution/public/flyout/left/components/user_details.tsx
index 8d395f4a1d3dd..2e4f60baf9a64 100644
--- a/x-pack/plugins/security_solution/public/flyout/left/components/user_details.tsx
+++ b/x-pack/plugins/security_solution/public/flyout/left/components/user_details.tsx
@@ -30,7 +30,7 @@ import { AnomalyTableProvider } from '../../../common/components/ml/anomaly/anom
 import { InspectButton, InspectButtonContainer } from '../../../common/components/inspect';
 import { NetworkDetailsLink } from '../../../common/components/links';
 import { RiskScoreEntity } from '../../../../common/search_strategy';
-import { RiskScore } from '../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../explore/components/risk_score/severity/common';
 import { DefaultFieldRenderer } from '../../../timelines/components/field_renderers/field_renderers';
 import {
   SecurityCellActions,
@@ -49,8 +49,7 @@ import { useUserRelatedHosts } from '../../../common/containers/related_entities
 import { useMlCapabilities } from '../../../common/components/ml/hooks/use_ml_capabilities';
 import { getEmptyTagValue } from '../../../common/components/empty_value';
 import { USER_DETAILS_RELATED_HOSTS_TABLE_TEST_ID, USER_DETAILS_TEST_ID } from './test_ids';
-import { ENTITY_RISK_CLASSIFICATION } from '../../../explore/components/risk_score/translations';
-import { HOST_RISK_TOOLTIP } from '../../../explore/hosts/components/hosts_table/translations';
+import { ENTITY_RISK_LEVEL } from '../../../explore/components/risk_score/translations';
 import { useHasSecurityCapability } from '../../../helper_hooks';
 
 const USER_DETAILS_ID = 'entities-users-details';
@@ -178,20 +177,13 @@ export const UserDetails: React.FC<UserDetailsProps> = ({ userName, timestamp, s
         ? [
             {
               field: 'risk',
-              name: (
-                <EuiToolTip content={HOST_RISK_TOOLTIP}>
-                  <>
-                    {ENTITY_RISK_CLASSIFICATION(RiskScoreEntity.host)}{' '}
-                    <EuiIcon color="subdued" type="iInCircle" className="eui-alignTop" />
-                  </>
-                </EuiToolTip>
-              ),
+              name: ENTITY_RISK_LEVEL(RiskScoreEntity.host),
               truncateText: false,
               mobileOptions: { show: true },
               sortable: false,
               render: (riskScore: RiskSeverity) => {
                 if (riskScore != null) {
-                  return <RiskScore severity={riskScore} />;
+                  return <RiskScoreLevel severity={riskScore} />;
                 }
                 return getEmptyTagValue();
               },
diff --git a/x-pack/plugins/security_solution/public/flyout/right/components/host_entity_overview.test.tsx b/x-pack/plugins/security_solution/public/flyout/right/components/host_entity_overview.test.tsx
index c5a9f7d7d324a..c690e8a700119 100644
--- a/x-pack/plugins/security_solution/public/flyout/right/components/host_entity_overview.test.tsx
+++ b/x-pack/plugins/security_solution/public/flyout/right/components/host_entity_overview.test.tsx
@@ -80,7 +80,7 @@ const renderHostEntityContent = () =>
 
 describe('<HostEntityContent />', () => {
   describe('license is valid', () => {
-    it('should render os family and host risk classification', () => {
+    it('should render os family and host risk level', () => {
       mockUseHostDetails.mockReturnValue([false, { hostDetails: hostData }]);
       mockUseRiskScore.mockReturnValue({ data: riskLevel, isAuthorized: true });
 
diff --git a/x-pack/plugins/security_solution/public/flyout/right/components/host_entity_overview.tsx b/x-pack/plugins/security_solution/public/flyout/right/components/host_entity_overview.tsx
index 36f1bec0a8f5b..30ccab532234e 100644
--- a/x-pack/plugins/security_solution/public/flyout/right/components/host_entity_overview.tsx
+++ b/x-pack/plugins/security_solution/public/flyout/right/components/host_entity_overview.tsx
@@ -13,14 +13,12 @@ import {
   EuiIcon,
   useEuiTheme,
   useEuiFontSize,
-  EuiIconTip,
   EuiSkeletonText,
 } from '@elastic/eui';
 import { css } from '@emotion/css';
 import { getOr } from 'lodash/fp';
 import { i18n } from '@kbn/i18n';
 import { useExpandableFlyoutContext } from '@kbn/expandable-flyout';
-import { FormattedMessage } from '@kbn/i18n-react';
 import { useRightPanelContext } from '../context';
 import type { DescriptionList } from '../../../../common/utility_types';
 import {
@@ -32,7 +30,7 @@ import { getEmptyTagValue } from '../../../common/components/empty_value';
 import { DefaultFieldRenderer } from '../../../timelines/components/field_renderers/field_renderers';
 import { DescriptionListStyled } from '../../../common/components/page';
 import { OverviewDescriptionList } from '../../../common/components/overview_description_list';
-import { RiskScore } from '../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../explore/components/risk_score/severity/common';
 import { useSourcererDataView } from '../../../common/containers/sourcerer';
 import { useGlobalTime } from '../../../common/containers/use_global_time';
 import { useRiskScore } from '../../../explore/containers/risk_score';
@@ -40,7 +38,7 @@ import { useHostDetails } from '../../../explore/hosts/containers/hosts/details'
 import {
   FAMILY,
   LAST_SEEN,
-  HOST_RISK_CLASSIFICATION,
+  HOST_RISK_LEVEL,
 } from '../../../overview/components/host_overview/translations';
 import { ENTITIES_TAB_ID } from '../../left/components/entities_details';
 import {
@@ -50,22 +48,22 @@ import {
   ENTITIES_HOST_OVERVIEW_RISK_LEVEL_TEST_ID,
   ENTITIES_HOST_OVERVIEW_LINK_TEST_ID,
   ENTITIES_HOST_OVERVIEW_LOADING_TEST_ID,
-  TECHNICAL_PREVIEW_ICON_TEST_ID,
 } from './test_ids';
 import { LeftPanelInsightsTab, LeftPanelKey } from '../../left';
+import { RiskScoreDocTooltip } from '../../../overview/components/common';
 
 const HOST_ICON = 'storage';
 const CONTEXT_ID = `flyout-host-entity-overview`;
 
 export interface HostEntityOverviewProps {
   /**
-   * Host name for looking up host related ip addresses and risk classification
+   * Host name for looking up host related ip addresses and risk level
    */
   hostName: string;
 }
 
 /**
- * Host preview content for the entities preview in right flyout. It contains ip addresses and risk classification
+ * Host preview content for the entities preview in right flyout. It contains ip addresses and risk level
  */
 export const HostEntityOverview: React.FC<HostEntityOverviewProps> = ({ hostName }) => {
   const { eventId, indexName, scopeId } = useRightPanelContext();
@@ -158,35 +156,17 @@ export const HostEntityOverview: React.FC<HostEntityOverviewProps> = ({ hostName
     return [
       {
         title: (
-          <>
-            {HOST_RISK_CLASSIFICATION}
-            <EuiIconTip
-              title={
-                <FormattedMessage
-                  id="xpack.securitySolution.flyout.right.insights.entities.hostTechnicalPreviewButtonLabel"
-                  defaultMessage="Technical preview"
-                />
-              }
-              size="m"
-              type="iInCircle"
-              content={
-                <FormattedMessage
-                  id="xpack.securitySolution.flyout.right.insights.entities.hostTechnicalPreviewTooltip"
-                  defaultMessage="This functionality is in technical preview and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but features in technical preview are not subject to the support SLA of official GA features."
-                />
-              }
-              position="bottom"
-              iconProps={{
-                className: 'eui-alignTop',
-              }}
-              data-test-subj={TECHNICAL_PREVIEW_ICON_TEST_ID}
-            />
-          </>
+          <EuiFlexGroup alignItems="flexEnd" gutterSize="none">
+            <EuiFlexItem grow={false}>{HOST_RISK_LEVEL}</EuiFlexItem>
+            <EuiFlexItem grow={false}>
+              <RiskScoreDocTooltip riskScoreEntity={RiskScoreEntity.host} />
+            </EuiFlexItem>
+          </EuiFlexGroup>
         ),
         description: (
           <>
             {hostRiskData ? (
-              <RiskScore severity={hostRiskData.host.risk.calculated_level} />
+              <RiskScoreLevel severity={hostRiskData.host.risk.calculated_level} />
             ) : (
               getEmptyTagValue()
             )}
diff --git a/x-pack/plugins/security_solution/public/flyout/right/components/user_entity_overview.test.tsx b/x-pack/plugins/security_solution/public/flyout/right/components/user_entity_overview.test.tsx
index 24e64d7292bb7..798e7136253bb 100644
--- a/x-pack/plugins/security_solution/public/flyout/right/components/user_entity_overview.test.tsx
+++ b/x-pack/plugins/security_solution/public/flyout/right/components/user_entity_overview.test.tsx
@@ -78,7 +78,7 @@ const renderUserEntityOverview = () =>
 
 describe('<UserEntityOverview />', () => {
   describe('license is valid', () => {
-    it('should render user domain and user risk classification', () => {
+    it('should render user domain and user risk level', () => {
       mockUseUserDetails.mockReturnValue([false, { userDetails: userData }]);
       mockUseRiskScore.mockReturnValue({ data: riskLevel, isAuthorized: true });
 
diff --git a/x-pack/plugins/security_solution/public/flyout/right/components/user_entity_overview.tsx b/x-pack/plugins/security_solution/public/flyout/right/components/user_entity_overview.tsx
index e905607bfa740..9f28753a5c1cc 100644
--- a/x-pack/plugins/security_solution/public/flyout/right/components/user_entity_overview.tsx
+++ b/x-pack/plugins/security_solution/public/flyout/right/components/user_entity_overview.tsx
@@ -13,14 +13,12 @@ import {
   EuiLink,
   useEuiTheme,
   useEuiFontSize,
-  EuiIconTip,
   EuiSkeletonText,
 } from '@elastic/eui';
 import { css } from '@emotion/css';
 import { getOr } from 'lodash/fp';
 import { i18n } from '@kbn/i18n';
 import { useExpandableFlyoutContext } from '@kbn/expandable-flyout';
-import { FormattedMessage } from '@kbn/i18n-react';
 import { LeftPanelInsightsTab, LeftPanelKey } from '../../left';
 import { ENTITIES_TAB_ID } from '../../left/components/entities_details';
 import { useRightPanelContext } from '../context';
@@ -34,14 +32,14 @@ import { getEmptyTagValue } from '../../../common/components/empty_value';
 import { DefaultFieldRenderer } from '../../../timelines/components/field_renderers/field_renderers';
 import { DescriptionListStyled } from '../../../common/components/page';
 import { OverviewDescriptionList } from '../../../common/components/overview_description_list';
-import { RiskScore } from '../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../explore/components/risk_score/severity/common';
 import { useSourcererDataView } from '../../../common/containers/sourcerer';
 import { useGlobalTime } from '../../../common/containers/use_global_time';
 import { useRiskScore } from '../../../explore/containers/risk_score';
 import {
   USER_DOMAIN,
   LAST_SEEN,
-  USER_RISK_CLASSIFICATION,
+  USER_RISK_LEVEL,
 } from '../../../overview/components/user_overview/translations';
 import {
   ENTITIES_USER_OVERVIEW_TEST_ID,
@@ -49,23 +47,23 @@ import {
   ENTITIES_USER_OVERVIEW_LAST_SEEN_TEST_ID,
   ENTITIES_USER_OVERVIEW_RISK_LEVEL_TEST_ID,
   ENTITIES_USER_OVERVIEW_LINK_TEST_ID,
-  TECHNICAL_PREVIEW_ICON_TEST_ID,
   ENTITIES_USER_OVERVIEW_LOADING_TEST_ID,
 } from './test_ids';
 import { useObservedUserDetails } from '../../../explore/users/containers/users/observed_details';
+import { RiskScoreDocTooltip } from '../../../overview/components/common';
 
 const USER_ICON = 'user';
 const CONTEXT_ID = `flyout-user-entity-overview`;
 
 export interface UserEntityOverviewProps {
   /**
-   * User name for looking up user related ip addresses and risk classification
+   * User name for looking up user related ip addresses and risk level
    */
   userName: string;
 }
 
 /**
- * User preview content for the entities preview in right flyout. It contains ip addresses and risk classification
+ * User preview content for the entities preview in right flyout. It contains ip addresses and risk level
  */
 export const UserEntityOverview: React.FC<UserEntityOverviewProps> = ({ userName }) => {
   const { eventId, indexName, scopeId } = useRightPanelContext();
@@ -157,35 +155,17 @@ export const UserEntityOverview: React.FC<UserEntityOverviewProps> = ({ userName
     return [
       {
         title: (
-          <>
-            {USER_RISK_CLASSIFICATION}
-            <EuiIconTip
-              title={
-                <FormattedMessage
-                  id="xpack.securitySolution.flyout.right.insights.entities.userTechnicalPreviewButtonLabel"
-                  defaultMessage="Technical preview"
-                />
-              }
-              size="m"
-              type="iInCircle"
-              content={
-                <FormattedMessage
-                  id="xpack.securitySolution.flyout.right.insights.entities.userTechnicalPreviewTooltip"
-                  defaultMessage="This functionality is in technical preview and may be changed or removed completely in a future release. Elastic will take a best effort approach to fix any issues, but features in technical preview are not subject to the support SLA of official GA features."
-                />
-              }
-              position="bottom"
-              iconProps={{
-                className: 'eui-alignTop',
-              }}
-              data-test-subj={TECHNICAL_PREVIEW_ICON_TEST_ID}
-            />
-          </>
+          <EuiFlexGroup alignItems="flexEnd" gutterSize="none">
+            <EuiFlexItem grow={false}>{USER_RISK_LEVEL}</EuiFlexItem>
+            <EuiFlexItem grow={false}>
+              <RiskScoreDocTooltip riskScoreEntity={RiskScoreEntity.user} />
+            </EuiFlexItem>
+          </EuiFlexGroup>
         ),
         description: (
           <>
             {userRiskData ? (
-              <RiskScore severity={userRiskData.user.risk.calculated_level} />
+              <RiskScoreLevel severity={userRiskData.user.risk.calculated_level} />
             ) : (
               getEmptyTagValue()
             )}
@@ -252,5 +232,3 @@ export const UserEntityOverview: React.FC<UserEntityOverviewProps> = ({ userName
     </EuiFlexGroup>
   );
 };
-
-UserEntityOverview.displayName = 'UserEntityOverview';
diff --git a/x-pack/plugins/security_solution/public/overview/components/common.tsx b/x-pack/plugins/security_solution/public/overview/components/common.tsx
new file mode 100644
index 0000000000000..7ffcc7e5a95e3
--- /dev/null
+++ b/x-pack/plugins/security_solution/public/overview/components/common.tsx
@@ -0,0 +1,58 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { EuiButtonIcon, EuiPopover, EuiPopoverTitle, EuiText } from '@elastic/eui';
+import React, { useCallback, useState } from 'react';
+import * as i18n from './translations';
+import { RiskScoreDocLink } from '../../explore/components/risk_score/risk_score_onboarding/risk_score_doc_link';
+import type { RiskScoreEntity } from '../../../common/risk_engine';
+
+export const RiskScoreInfoTooltip: React.FC<{
+  toolTipContent: React.ReactNode;
+  toolTipTitle?: React.ReactNode;
+  width?: number;
+}> = ({ toolTipContent, toolTipTitle, width = 270 }) => {
+  const [isPopoverOpen, setIsPopoverOpen] = useState(false);
+
+  const onClick = useCallback(() => {
+    setIsPopoverOpen(!isPopoverOpen);
+  }, [isPopoverOpen, setIsPopoverOpen]);
+
+  const closePopover = useCallback(() => {
+    setIsPopoverOpen(false);
+  }, [setIsPopoverOpen]);
+
+  return (
+    <EuiPopover
+      isOpen={isPopoverOpen}
+      closePopover={closePopover}
+      anchorPosition="leftCenter"
+      button={
+        <EuiButtonIcon
+          color="text"
+          size="xs"
+          iconSize="m"
+          iconType="iInCircle"
+          aria-label={i18n.INFORMATION_ARIA_LABEL}
+          onClick={onClick}
+        />
+      }
+    >
+      {toolTipTitle && <EuiPopoverTitle>{toolTipTitle}</EuiPopoverTitle>}
+      <EuiText size="s" style={{ width: `${width}px` }}>
+        {toolTipContent}
+      </EuiText>
+    </EuiPopover>
+  );
+};
+
+export const RiskScoreDocTooltip = ({ riskScoreEntity }: { riskScoreEntity: RiskScoreEntity }) => (
+  <RiskScoreInfoTooltip
+    toolTipContent={<RiskScoreDocLink riskScoreEntity={riskScoreEntity} />}
+    width={200} // Magic number to match the width of the doc link
+  />
+);
diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/common/translations.ts b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/common/translations.ts
index c790dcfabf713..a1d35310b6bfe 100644
--- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/common/translations.ts
+++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/common/translations.ts
@@ -40,10 +40,3 @@ export const USER_RISK_TABLE_TOOLTIP = i18n.translate(
       'The user risk table is not affected by the time range. This table shows the latest recorded risk score for each user.',
   }
 );
-
-export const RISK_TABLE_TOOLTIP_TITLE = i18n.translate(
-  'xpack.securitySolution.entityAnalytics.riskDashboard.tableTooltipTitle',
-  {
-    defaultMessage: 'In Technical Preview',
-  }
-);
diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/columns.tsx b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/columns.tsx
index 68494c2f461ea..cdebe0042d777 100644
--- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/columns.tsx
+++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/columns.tsx
@@ -7,13 +7,13 @@
 
 import React from 'react';
 import type { EuiBasicTableColumn } from '@elastic/eui';
-import { EuiLink, EuiIcon, EuiToolTip } from '@elastic/eui';
+import { EuiLink } from '@elastic/eui';
 import styled from 'styled-components';
 import { UsersTableType } from '../../../../explore/users/store/model';
 import { getEmptyTagValue } from '../../../../common/components/empty_value';
 import { HostDetailsLink, UserDetailsLink } from '../../../../common/components/links';
 import { HostsTableType } from '../../../../explore/hosts/store/model';
-import { RiskScore } from '../../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../../explore/components/risk_score/severity/common';
 import { CELL_ACTIONS_TELEMETRY } from '../../../../explore/components/risk_score/constants';
 import type {
   HostRiskScore,
@@ -115,19 +115,12 @@ export const getRiskScoreColumns = (
     field:
       riskEntity === RiskScoreEntity.host ? RiskScoreFields.hostRisk : RiskScoreFields.userRisk,
     width: '30%',
-    name: (
-      <EuiToolTip content={i18n.ENTITY_RISK_TOOLTIP(riskEntity)}>
-        <>
-          {i18n.ENTITY_RISK_CLASSIFICATION(riskEntity)}
-          <EuiIcon color="subdued" type="iInCircle" className="eui-alignTop" />
-        </>
-      </EuiToolTip>
-    ),
+    name: i18n.ENTITY_RISK_LEVEL(riskEntity),
     truncateText: false,
     mobileOptions: { show: true },
     render: (risk: RiskSeverity) => {
       if (risk != null) {
-        return <RiskScore severity={risk} />;
+        return <RiskScoreLevel severity={risk} />;
       }
       return getEmptyTagValue();
     },
diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/header_content.test.tsx b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/header_content.test.tsx
index 262bf4792288f..d6e7c39b4fada 100644
--- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/header_content.test.tsx
+++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/header_content.test.tsx
@@ -32,7 +32,6 @@ describe('RiskScoreHeaderContent', () => {
   beforeEach(() => {
     res = render(
       <RiskScoreHeaderContent
-        entityDocLink="https://www.elastic.co/guide/en/security/current/user-risk-score.html"
         entityLinkProps={{
           deepLinkId: SecurityPageName.users,
           onClick: jest.fn(),
@@ -51,7 +50,7 @@ describe('RiskScoreHeaderContent', () => {
   });
 
   it('should render learn more button', () => {
-    expect(res.getByText(`Learn more`)).toBeInTheDocument();
+    expect(res.getByText(`How is risk score calculated?`)).toBeInTheDocument();
   });
 
   it('should render severity filter group', () => {
@@ -65,7 +64,6 @@ describe('RiskScoreHeaderContent', () => {
   it('should not render if toggleStatus = false', () => {
     res = render(
       <RiskScoreHeaderContent
-        entityDocLink="https://www.elastic.co/guide/en/security/current/user-risk-score.html"
         entityLinkProps={{
           deepLinkId: SecurityPageName.users,
           onClick: jest.fn(),
diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/header_content.tsx b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/header_content.tsx
index d4a1ff1887285..e9b1f56c6e0ec 100644
--- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/header_content.tsx
+++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/header_content.tsx
@@ -5,7 +5,7 @@
  * 2.0.
  */
 import React, { useMemo } from 'react';
-import { EuiFlexGroup, EuiFlexItem, EuiButtonEmpty } from '@elastic/eui';
+import { EuiFlexGroup, EuiFlexItem } from '@elastic/eui';
 import type { RiskSeverity, RiskScoreEntity } from '../../../../../common/search_strategy';
 import { SeverityFilterGroup } from '../../../../explore/components/risk_score/severity/severity_filter_group';
 import type { SeverityCount } from '../../../../explore/components/risk_score/severity/types';
@@ -13,9 +13,9 @@ import { EMPTY_SEVERITY_COUNT } from '../../../../../common/search_strategy';
 import { LinkButton, useGetSecuritySolutionLinkProps } from '../../../../common/components/links';
 import type { SecurityPageName } from '../../../../../common/constants';
 import * as i18n from './translations';
+import { RiskInformationButtonEmpty } from '../../../../explore/components/risk_score/risk_information';
 
 const RiskScoreHeaderContentComponent = ({
-  entityDocLink,
   entityLinkProps,
   onSelectSeverityFilterGroup,
   riskEntity,
@@ -23,7 +23,6 @@ const RiskScoreHeaderContentComponent = ({
   severityCount,
   toggleStatus,
 }: {
-  entityDocLink: string;
   entityLinkProps: {
     deepLinkId: SecurityPageName;
     path: string;
@@ -48,9 +47,7 @@ const RiskScoreHeaderContentComponent = ({
       data-test-subj={`${riskEntity}-risk-score-header-content`}
     >
       <EuiFlexItem>
-        <EuiButtonEmpty rel="noopener nofollow noreferrer" href={entityDocLink} target="_blank">
-          {i18n.LEARN_MORE}
-        </EuiButtonEmpty>
+        <RiskInformationButtonEmpty riskEntity={riskEntity} />
       </EuiFlexItem>
       <EuiFlexItem grow={false}>
         <SeverityFilterGroup
diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/index.tsx b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/index.tsx
index 332f5535a1304..982d68952a5c0 100644
--- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/index.tsx
+++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/index.tsx
@@ -26,7 +26,6 @@ import { RiskScoresNoDataDetected } from '../../../../explore/components/risk_sc
 import { useRefetchQueries } from '../../../../common/hooks/use_refetch_queries';
 import { Loader } from '../../../../common/components/loader';
 import { Panel } from '../../../../common/components/panel';
-import * as commonI18n from '../common/translations';
 import * as i18n from './translations';
 import { useEntityInfo } from './use_entity';
 import { RiskScoreHeaderContent } from './header_content';
@@ -181,10 +180,8 @@ const EntityAnalyticsRiskScoresComponent = ({ riskEntity }: { riskEntity: RiskSc
               ? i18n.HOST_RISK_TABLE_TOOLTIP
               : i18n.USER_RISK_TABLE_TOOLTIP
           }
-          tooltipTitle={commonI18n.RISK_TABLE_TOOLTIP_TITLE}
         >
           <RiskScoreHeaderContent
-            entityDocLink={entity.docLink}
             entityLinkProps={entity.linkProps}
             onSelectSeverityFilterGroup={onSelectSeverityFilterGroup}
             riskEntity={riskEntity}
diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/translations.ts b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/translations.ts
index 12c126e75014a..5174af108d1c8 100644
--- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/translations.ts
+++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/translations.ts
@@ -10,16 +10,6 @@ import { getRiskEntityTranslation } from '../../../../explore/components/risk_sc
 import type { RiskScoreEntity } from '../../../../../common/search_strategy';
 export * from '../../../../explore/components/risk_score/translations';
 
-export const ENTITY_RISK_TOOLTIP = (riskEntity: RiskScoreEntity) =>
-  i18n.translate('xpack.securitySolution.entityAnalytics.riskDashboard.riskToolTip', {
-    defaultMessage:
-      '{riskEntity} risk classification is determined by {riskEntityLowercase} risk score. {riskEntity}s classified as Critical or High are indicated as risky.',
-    values: {
-      riskEntity: getRiskEntityTranslation(riskEntity),
-      riskEntityLowercase: getRiskEntityTranslation(riskEntity, true),
-    },
-  });
-
 export const ENTITY_NAME = (riskEntity: RiskScoreEntity) =>
   i18n.translate('xpack.securitySolution.entityAnalytics.riskDashboard.nameTitle', {
     defaultMessage: '{riskEntity} Name',
@@ -35,12 +25,13 @@ export const VIEW_ALL = i18n.translate(
   }
 );
 
-export const LEARN_MORE = i18n.translate(
-  'xpack.securitySolution.entityAnalytics.riskDashboard.learnMore',
-  {
-    defaultMessage: 'Learn more',
-  }
-);
+export const LEARN_MORE = (riskEntity: RiskScoreEntity) =>
+  i18n.translate('xpack.securitySolution.entityAnalytics.riskDashboard.learnMore', {
+    defaultMessage: 'Learn more about {riskEntity} risk',
+    values: {
+      riskEntity: getRiskEntityTranslation(riskEntity, true),
+    },
+  });
 
 export const HOST_RISK_TABLE_TOOLTIP = i18n.translate(
   'xpack.securitySolution.entityAnalytics.riskDashboard.hostsTableTooltip',
diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/use_entity.test.ts b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/use_entity.test.ts
index 967e7503c2483..3e0f475d47fa9 100644
--- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/use_entity.test.ts
+++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/use_entity.test.ts
@@ -22,7 +22,6 @@ describe('useEntityInfo', () => {
     const { result } = renderHook(() => useEntityInfo(RiskScoreEntity.host));
     expect(result?.current).toMatchInlineSnapshot(`
       Object {
-        "docLink": "https://www.elastic.co/guide/en/security/current/host-risk-score.html",
         "kpiQueryId": "headerHostRiskScoreKpiQuery",
         "linkProps": Object {
           "deepLinkId": "hosts",
@@ -37,7 +36,6 @@ describe('useEntityInfo', () => {
     const { result } = renderHook(() => useEntityInfo(RiskScoreEntity.user));
     expect(result?.current).toMatchInlineSnapshot(`
       Object {
-        "docLink": "https://www.elastic.co/guide/en/security/current/user-risk-score.html",
         "kpiQueryId": "headerUserRiskScoreKpiQuery",
         "linkProps": Object {
           "deepLinkId": "users",
diff --git a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/use_entity.ts b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/use_entity.ts
index 10494a1d679f1..dc5d947ad4495 100644
--- a/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/use_entity.ts
+++ b/x-pack/plugins/security_solution/public/overview/components/entity_analytics/risk_score/use_entity.ts
@@ -13,7 +13,6 @@ import { HostsTableType, HostsType } from '../../../../explore/hosts/store/model
 
 import { RiskScoreEntity } from '../../../../../common/search_strategy/security_solution/risk_score';
 import { usersActions } from '../../../../explore/users/store';
-import { RISKY_HOSTS_DOC_LINK, RISKY_USERS_DOC_LINK } from '../../../../../common/constants';
 import { hostsActions } from '../../../../explore/hosts/store';
 import { SecurityPageName } from '../../../../app/types';
 
@@ -27,7 +26,6 @@ export const useEntityInfo = (riskEntity: RiskScoreEntity) => {
 
   return riskEntity === RiskScoreEntity.host
     ? {
-        docLink: RISKY_HOSTS_DOC_LINK,
         linkProps: {
           deepLinkId: SecurityPageName.hosts,
           path: getTabsOnHostsUrl(HostsTableType.risk),
@@ -44,7 +42,6 @@ export const useEntityInfo = (riskEntity: RiskScoreEntity) => {
         kpiQueryId: HOST_RISK_KPI_QUERY_ID,
       }
     : {
-        docLink: RISKY_USERS_DOC_LINK,
         linkProps: {
           deepLinkId: SecurityPageName.users,
           path: getTabsOnUsersUrl(UsersTableType.risk),
diff --git a/x-pack/plugins/security_solution/public/overview/components/host_overview/index.tsx b/x-pack/plugins/security_solution/public/overview/components/host_overview/index.tsx
index 5f040fe274bb8..2a32874a044bc 100644
--- a/x-pack/plugins/security_solution/public/overview/components/host_overview/index.tsx
+++ b/x-pack/plugins/security_solution/public/overview/components/host_overview/index.tsx
@@ -37,9 +37,10 @@ import * as i18n from './translations';
 import { EndpointOverview } from './endpoint_overview';
 import { OverviewDescriptionList } from '../../../common/components/overview_description_list';
 import { useRiskScore } from '../../../explore/containers/risk_score';
-import { RiskScore } from '../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../explore/components/risk_score/severity/common';
 import { RiskScoreHeaderTitle } from '../../../explore/components/risk_score/risk_score_onboarding/risk_score_header_title';
 import type { SourcererScopeName } from '../../../common/store/sourcerer/model';
+import { RiskScoreDocTooltip } from '../common';
 
 interface HostSummaryProps {
   contextID?: string; // used to provide unique draggable context when viewing in the side panel
@@ -138,15 +139,25 @@ export const HostOverview = React.memo<HostSummaryProps>(
         },
         {
           title: (
-            <RiskScoreHeaderTitle
-              title={i18n.HOST_RISK_CLASSIFICATION}
-              riskScoreEntity={RiskScoreEntity.host}
-            />
+            <EuiFlexGroup alignItems="flexEnd" gutterSize="none">
+              <EuiFlexItem grow={false}>
+                <RiskScoreHeaderTitle
+                  title={i18n.HOST_RISK_LEVEL}
+                  riskScoreEntity={RiskScoreEntity.host}
+                />
+              </EuiFlexItem>
+              <EuiFlexItem grow={false}>
+                <RiskScoreDocTooltip riskScoreEntity={RiskScoreEntity.host} />
+              </EuiFlexItem>
+            </EuiFlexGroup>
           ),
           description: (
             <>
               {hostRiskData ? (
-                <RiskScore severity={hostRiskData.host.risk.calculated_level} hideBackgroundColor />
+                <RiskScoreLevel
+                  severity={hostRiskData.host.risk.calculated_level}
+                  hideBackgroundColor
+                />
               ) : (
                 getEmptyTagValue()
               )}
diff --git a/x-pack/plugins/security_solution/public/overview/components/host_overview/translations.ts b/x-pack/plugins/security_solution/public/overview/components/host_overview/translations.ts
index e4e47da524842..a2fb14970617b 100644
--- a/x-pack/plugins/security_solution/public/overview/components/host_overview/translations.ts
+++ b/x-pack/plugins/security_solution/public/overview/components/host_overview/translations.ts
@@ -33,10 +33,10 @@ export const HOST_RISK_SCORE = i18n.translate(
   }
 );
 
-export const HOST_RISK_CLASSIFICATION = i18n.translate(
-  'xpack.securitySolution.host.details.overview.hostRiskClassification',
+export const HOST_RISK_LEVEL = i18n.translate(
+  'xpack.securitySolution.host.details.overview.hostRiskLevel',
   {
-    defaultMessage: 'Host risk classification',
+    defaultMessage: 'Host risk level',
   }
 );
 
diff --git a/x-pack/plugins/security_solution/public/overview/components/translations.ts b/x-pack/plugins/security_solution/public/overview/components/translations.ts
new file mode 100644
index 0000000000000..ca96386f08d0c
--- /dev/null
+++ b/x-pack/plugins/security_solution/public/overview/components/translations.ts
@@ -0,0 +1,15 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { i18n } from '@kbn/i18n';
+
+export const INFORMATION_ARIA_LABEL = i18n.translate(
+  'xpack.securitySolution.overview.informationAriaLabel',
+  {
+    defaultMessage: 'Information',
+  }
+);
diff --git a/x-pack/plugins/security_solution/public/overview/components/user_overview/index.tsx b/x-pack/plugins/security_solution/public/overview/components/user_overview/index.tsx
index 636551522be42..812c3f9340b0a 100644
--- a/x-pack/plugins/security_solution/public/overview/components/user_overview/index.tsx
+++ b/x-pack/plugins/security_solution/public/overview/components/user_overview/index.tsx
@@ -34,10 +34,11 @@ import * as i18n from './translations';
 
 import { OverviewDescriptionList } from '../../../common/components/overview_description_list';
 import { useRiskScore } from '../../../explore/containers/risk_score';
-import { RiskScore } from '../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../explore/components/risk_score/severity/common';
 import type { UserItem } from '../../../../common/search_strategy/security_solution/users/common';
 import { RiskScoreHeaderTitle } from '../../../explore/components/risk_score/risk_score_onboarding/risk_score_header_title';
 import type { SourcererScopeName } from '../../../common/store/sourcerer/model';
+import { RiskScoreDocTooltip } from '../common';
 
 export interface UserSummaryProps {
   contextID?: string; // used to provide unique draggable context when viewing in the side panel
@@ -138,15 +139,25 @@ export const UserOverview = React.memo<UserSummaryProps>(
         },
         {
           title: (
-            <RiskScoreHeaderTitle
-              title={i18n.USER_RISK_CLASSIFICATION}
-              riskScoreEntity={RiskScoreEntity.host}
-            />
+            <EuiFlexGroup alignItems="flexEnd" gutterSize="none">
+              <EuiFlexItem grow={false}>
+                <RiskScoreHeaderTitle
+                  title={i18n.USER_RISK_LEVEL}
+                  riskScoreEntity={RiskScoreEntity.user}
+                />
+              </EuiFlexItem>
+              <EuiFlexItem grow={false}>
+                <RiskScoreDocTooltip riskScoreEntity={RiskScoreEntity.user} />
+              </EuiFlexItem>
+            </EuiFlexGroup>
           ),
           description: (
             <>
               {userRiskData ? (
-                <RiskScore severity={userRiskData.user.risk.calculated_level} hideBackgroundColor />
+                <RiskScoreLevel
+                  severity={userRiskData.user.risk.calculated_level}
+                  hideBackgroundColor
+                />
               ) : (
                 getEmptyTagValue()
               )}
diff --git a/x-pack/plugins/security_solution/public/overview/components/user_overview/translations.ts b/x-pack/plugins/security_solution/public/overview/components/user_overview/translations.ts
index 88ee4f726653a..601a798dbf542 100644
--- a/x-pack/plugins/security_solution/public/overview/components/user_overview/translations.ts
+++ b/x-pack/plugins/security_solution/public/overview/components/user_overview/translations.ts
@@ -70,9 +70,9 @@ export const USER_RISK_SCORE = i18n.translate(
   }
 );
 
-export const USER_RISK_CLASSIFICATION = i18n.translate(
-  'xpack.securitySolution.user.details.overview.userRiskClassification',
+export const USER_RISK_LEVEL = i18n.translate(
+  'xpack.securitySolution.user.details.overview.userRiskLevel',
   {
-    defaultMessage: 'User risk classification',
+    defaultMessage: 'User risk level',
   }
 );
diff --git a/x-pack/plugins/security_solution/public/timelines/components/side_panel/new_user_detail/risk_score_field.tsx b/x-pack/plugins/security_solution/public/timelines/components/side_panel/new_user_detail/risk_score_field.tsx
index d9a52b2c4c23b..798588928bb77 100644
--- a/x-pack/plugins/security_solution/public/timelines/components/side_panel/new_user_detail/risk_score_field.tsx
+++ b/x-pack/plugins/security_solution/public/timelines/components/side_panel/new_user_detail/risk_score_field.tsx
@@ -10,13 +10,18 @@ import { EuiFlexItem, EuiFlexGroup, useEuiFontSize, useEuiTheme } from '@elastic
 import React from 'react';
 import { css } from '@emotion/react';
 
+import styled from 'styled-components';
 import * as i18n from './translations';
 
-import type { RiskScoreEntity } from '../../../../../common/search_strategy';
-import { RiskSeverity } from '../../../../../common/search_strategy';
+import { RiskScoreEntity } from '../../../../../common/search_strategy';
 import { getEmptyTagValue } from '../../../../common/components/empty_value';
-import { RiskScore } from '../../../../explore/components/risk_score/severity/common';
+import { RiskScoreLevel } from '../../../../explore/components/risk_score/severity/common';
 import type { RiskScoreState } from '../../../../explore/containers/risk_score';
+import { RiskScoreDocTooltip } from '../../../../overview/components/common';
+
+export const TooltipContainer = styled.div`
+  padding: ${({ theme }) => theme.eui.euiSizeS};
+`;
 
 export const RiskScoreField = ({
   riskScoreState,
@@ -52,14 +57,20 @@ export const RiskScoreField = ({
         </span>
       </EuiFlexItem>
       {userRiskData ? (
-        <>
+        <EuiFlexGroup alignItems="center" gutterSize="none">
           <EuiFlexItem grow={false}>
             {Math.round(userRiskData.user.risk.calculated_score_norm)}
           </EuiFlexItem>
           <EuiFlexItem grow={false}>
-            <RiskScore severity={RiskSeverity.high} hideBackgroundColor />
+            <RiskScoreLevel
+              severity={userRiskData.user.risk.calculated_level}
+              hideBackgroundColor
+            />
+          </EuiFlexItem>
+          <EuiFlexItem grow={false}>
+            <RiskScoreDocTooltip riskScoreEntity={RiskScoreEntity.user} />
           </EuiFlexItem>
-        </>
+        </EuiFlexGroup>
       ) : (
         getEmptyTagValue()
       )}
diff --git a/x-pack/plugins/translations/translations/fr-FR.json b/x-pack/plugins/translations/translations/fr-FR.json
index 61e5306384a53..f68c110d14128 100644
--- a/x-pack/plugins/translations/translations/fr-FR.json
+++ b/x-pack/plugins/translations/translations/fr-FR.json
@@ -29311,7 +29311,6 @@
     "xpack.securitySolution.actions.addToTimeline.severityLevel": "Sévérité {level}",
     "xpack.securitySolution.actions.showTopTooltip": "Afficher le premier {fieldName}",
     "xpack.securitySolution.actions.toggleColumnToggle.nestedLabel": "Le champ {field} est un objet, et il est composé de champs imbriqués qui peuvent être ajoutés en tant que colonnes",
-    "xpack.securitySolution.alertDetails.overview.hostRiskClassification": "Classification de risque de {riskEntity} actuelle",
     "xpack.securitySolution.alertDetails.overview.hostRiskDataTitle": "Données de risque de {riskEntity}",
     "xpack.securitySolution.alertDetails.overview.insights_related_alerts_by_source_event_count": "{count} {count, plural, =1 {alerte} one {alertes} many {alertes} other {alertes}} associée(s) par événement source",
     "xpack.securitySolution.alertDetails.overview.insights_related_cases_found_content": "Cette alerte a été détectée dans {caseCount}",
@@ -29321,7 +29320,6 @@
     "xpack.securitySolution.alertDetails.overview.insights.related_cases_count": "{count} {count, plural, =1 {cas} one {aux cas suivants} many {cas} other {cas associés à cette alerte}}",
     "xpack.securitySolution.alertDetails.overview.insights.relatedCasesFailure": "Impossible de charger les cas connexes : \"{error}\"",
     "xpack.securitySolution.alertDetails.overview.insights.suppressedAlertsCount": "{count} {count, plural, =1 {alerte} one {alertes} many {alertes} other {alertes}} supprimée(s)",
-    "xpack.securitySolution.alertDetails.overview.originalHostRiskClassification": "Classification de risque de {riskEntity} d'origine",
     "xpack.securitySolution.alertDetails.overview.riskDataTooltipContent": "La classification des risques n'est affichée que lorsqu'elle est disponible pour une {riskEntity}. Vérifiez que {riskScoreDocumentationLink} est activé dans votre environnement.",
     "xpack.securitySolution.alerts.alertDetails.summary.cases.subTitle": "Affichage des {caseCount} cas les plus récemment créés contenant cette alerte",
     "xpack.securitySolution.alertSummaryView.alertSummaryViewContextDescription": "Alerte (à partir de {view})",
@@ -29613,8 +29611,6 @@
     "xpack.securitySolution.endpointResponseActions.actionError.errorMessage": "{errorCount, plural, =1 {L'erreur suivante a été rencontrée} one {Les erreurs suivantes ont été rencontrées} many {Les erreurs suivantes ont été rencontrées} other {Les erreurs suivantes ont été rencontrées}} :",
     "xpack.securitySolution.entityAnalytics.anomalies.moduleNotCompatibleTitle": "{incompatibleJobCount} {incompatibleJobCount, plural, =1 {tâche est actuellement non disponible} one {tâches sont actuellement non disponibles} many {tâches sont actuellement non disponibles} other {tâches sont actuellement non disponibles}}",
     "xpack.securitySolution.entityAnalytics.riskDashboard.nameTitle": "Nom de {riskEntity}",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.riskClassificationTitle": "Classification de risque de {riskEntity}",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.riskToolTip": "La classification de risque de {riskEntity} est déterminée par le score de risque de {riskEntityLowercase}. Les {riskEntity} classées comme Critique ou Élevée sont indiquées comme étant à risque.",
     "xpack.securitySolution.event.summary.threat_indicator.showMatches": "Afficher l'ensemble des {count} alertes de correspondance d'indicateur",
     "xpack.securitySolution.eventDetails.nestedColumnCheckboxAriaLabel": "Le champ {field} est un objet, et il est composé de champs imbriqués qui peuvent être ajoutés en tant que colonne",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.executed": "a exécuté la commande {command}",
@@ -29683,8 +29679,6 @@
     "xpack.securitySolution.indexPatterns.timelineTemplate.currentPatternsBad": "Les modèles d'indexation actuels de ce modèle de chronologie sont : {callout}",
     "xpack.securitySolution.indexPatterns.timelineTemplate.noMatchData": "Les modèles d'indexation suivants sont enregistrés dans ce modèle de chronologie, mais ils ne correspondent à aucun flux de données, index ni alias d'index : {aliases}",
     "xpack.securitySolution.indexPatterns.timelineTemplate.toggleToNewSourcerer": "Nous avons conservé votre modèle de chronologie en créant une vue de données temporaires. Si vous souhaitez modifier vos données, nous pouvons recréer votre vue de données temporaires à l'aide du sélecteur de vue de nouvelles données. Vous pouvez également sélectionner manuellement une vue de données {link}.",
-    "xpack.securitySolution.kpiHosts.riskyHosts.description": "{formattedQuantity} {quantity, plural, =1 {Hôte} one {Hôtes} many {Hôtes} other {Hôtes}} à risque",
-    "xpack.securitySolution.kpiHosts.riskyHosts.hostsCount": "{quantity} {quantity, plural, =1 {hôte} one {hôtes} many {hôtes} other {hôtes}}",
     "xpack.securitySolution.lists.exceptionListImportSuccess": "La liste d'exceptions {fileName} a été importée",
     "xpack.securitySolution.lists.referenceModalDescription": "Cette liste de valeurs est associée à ({referenceCount}) {referenceCount, plural, =1 {liste d'exception} one {listes d'exception} many {listes d'exception} other {listes d'exception}}. Le retrait de cette liste supprimera tous les éléments d'exception qui référencent cette liste de valeurs.",
     "xpack.securitySolution.lists.uploadValueListExtensionValidationMessage": "Le fichier doit être de l'un des types suivants : [{fileTypes}]",
@@ -29754,11 +29748,7 @@
     "xpack.securitySolution.responseActionsList.list.item.wasSuccessful": "{command} terminée",
     "xpack.securitySolution.responseActionsList.list.recordRange": "Affichage de {range} sur {total} {recordsLabel}",
     "xpack.securitySolution.responseActionsList.list.recordRangeLabel": "{records, plural, one {action de réponse} many {actions de réponse} other {actions de réponse}}",
-    "xpack.securitySolution.riskInformation.explanation": "Cette fonctionnalité utilise une transformation, avec une agrégation d'indicateurs scriptée pour calculer les scores de risque {riskEntityLower} en fonction des alertes de règle de détection ayant le statut \"ouvert\", sur une fenêtre temporelle de 5 jours. La transformation s'exécute toutes les heures afin que le score reste à jour au moment où de nouvelles alertes de règles de détection sont transmises.",
-    "xpack.securitySolution.riskInformation.introduction": "La fonctionnalité de score de risque {riskEntity} détecte les {riskEntityLowerPlural} à risque depuis l'intérieur de votre environnement.",
-    "xpack.securitySolution.riskInformation.learnMore": "Vous pouvez en savoir plus sur les risques de {riskEntity} {riskScoreDocumentationLink}",
     "xpack.securitySolution.riskInformation.riskHeader": "Plage de scores de risque de {riskEntity}",
-    "xpack.securitySolution.riskInformation.title": "Comment le risque de {riskEntity} est-il calculé ?",
     "xpack.securitySolution.riskScore.api.ingestPipeline.delete.errorMessageTitle": "Impossible de supprimer {totalCount, plural, =1 {pipeline} one {pipelines} many {pipelines} other {pipelines}} d'ingestion",
     "xpack.securitySolution.riskScore.api.transforms.delete.errorMessageTitle": "Impossible de supprimer {totalCount, plural, =1 {Transformer} one {Transformations} many {Transformations} other {Transformations}}",
     "xpack.securitySolution.riskScore.api.transforms.start.errorMessageTitle": "Impossible de démarrer {totalCount, plural, =1 {Transformer} one {Transformations} many {Transformations} other {Transformations}}",
@@ -29928,7 +29918,6 @@
     "xpack.securitySolution.alerts.alertDetails.summary.host.agentStatus.title": "Statut de l'agent",
     "xpack.securitySolution.alerts.alertDetails.summary.host.hostName.title": "Nom d'hôte",
     "xpack.securitySolution.alerts.alertDetails.summary.host.osName.title": "Système d'exploitation",
-    "xpack.securitySolution.alerts.alertDetails.summary.host.riskClassification": "Classification de risque de l'hôte",
     "xpack.securitySolution.alerts.alertDetails.summary.host.riskScore": "Score de risque de l'hôte",
     "xpack.securitySolution.alerts.alertDetails.summary.host.title": "Hôte",
     "xpack.securitySolution.alerts.alertDetails.summary.ipAddresses.title": "Adresses IP",
@@ -29942,7 +29931,6 @@
     "xpack.securitySolution.alerts.alertDetails.summary.rule.title": "Règle",
     "xpack.securitySolution.alerts.alertDetails.summary.user.action.openUserDetailsPage": "Ouvrir la page de détails de l'utilisateur",
     "xpack.securitySolution.alerts.alertDetails.summary.user.action.viewUserSummary": "Afficher le résumé de l'utilisateur",
-    "xpack.securitySolution.alerts.alertDetails.summary.user.riskClassification": "Classification de risque de l'utilisateur",
     "xpack.securitySolution.alerts.alertDetails.summary.user.riskScore": "Score de risque de l'utilisateur",
     "xpack.securitySolution.alerts.alertDetails.summary.user.title": "Utilisateur",
     "xpack.securitySolution.alerts.alertDetails.summary.user.userName.title": "Nom d'utilisateur",
@@ -32585,8 +32573,6 @@
     "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.hostsTableTooltip": "Le tableau des risques de l'hôte n'est pas affecté par la plage temporelle. Ce tableau montre le dernier score de risque enregistré pour chaque hôte.",
     "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.title": "Scores de risque de l'hôte",
     "xpack.securitySolution.entityAnalytics.riskDashboard.hostsTableTooltip": "Le panneau de Score de risque de l'hôte affiche la liste des hôtes à risque ainsi que leur dernier score de risque. Vous pouvez filtrer cette liste à l’aide de filtres globaux dans la barre de recherche KQL. Le filtre de sélecteur de plage temporelle affiche les alertes dans l’intervalle de temps sélectionné uniquement et ne filtre pas la liste des hôtes à risque.",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.learnMore": "En savoir plus",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.tableTooltipTitle": "En version d'évaluation technique",
     "xpack.securitySolution.entityAnalytics.riskDashboard.usersTableTooltip": "Le panneau de score de risque de l'utilisateur affiche la liste des utilisateurs à risque et leur dernier score de risque. Vous pouvez filtrer cette liste à l’aide de filtres globaux dans la barre de recherche KQL. Le filtre de sélecteur de plage temporelle affiche uniquement les alertes dans l’intervalle de temps sélectionné et ne filtre pas la liste des utilisateurs à risque.",
     "xpack.securitySolution.entityAnalytics.riskDashboard.viewAllLabel": "Afficher tout",
     "xpack.securitySolution.entityAnalytics.technicalPreviewLabel": "Version d'évaluation technique",
@@ -32600,7 +32586,6 @@
     "xpack.securitySolution.eventDetails.ctiSummary.feedNamePreposition": "de",
     "xpack.securitySolution.eventDetails.ctiSummary.indicatorEnrichmentTitle": "Correspondance de menace détectée",
     "xpack.securitySolution.eventDetails.ctiSummary.indicatorEnrichmentTooltipContent": "Cette valeur de champ correspond à un indicateur de Threat Intelligence avec une règle que vous avez créée.",
-    "xpack.securitySolution.eventDetails.ctiSummary.informationAriaLabel": "Informations",
     "xpack.securitySolution.eventDetails.ctiSummary.investigationEnrichmentTitle": "Enrichi avec la Threat Intelligence",
     "xpack.securitySolution.eventDetails.ctiSummary.investigationEnrichmentTooltipContent": "Cette valeur de champ possède des informations supplémentaires disponibles provenant de sources de Threat Intelligence.",
     "xpack.securitySolution.eventDetails.description": "Description",
@@ -32940,7 +32925,6 @@
     "xpack.securitySolution.host.details.overview.cloudProviderTitle": "Fournisseur cloud",
     "xpack.securitySolution.host.details.overview.familyTitle": "Famille",
     "xpack.securitySolution.host.details.overview.hostIdTitle": "ID de l'hôte",
-    "xpack.securitySolution.host.details.overview.hostRiskClassification": "Classification de risque de l'hôte",
     "xpack.securitySolution.host.details.overview.hostRiskScoreTitle": "Score de risque de l'hôte",
     "xpack.securitySolution.host.details.overview.inspectTitle": "Aperçu de l'hôte",
     "xpack.securitySolution.host.details.overview.instanceIdTitle": "ID de l'instance",
@@ -32989,7 +32973,6 @@
     "xpack.securitySolution.hosts.navigation.hostRiskTitle": "Risque de l'hôte",
     "xpack.securitySolution.hosts.navigation.sessionsTitle": "Sessions",
     "xpack.securitySolution.hosts.navigation.uncommonProcessesTitle": "Processus inhabituels",
-    "xpack.securitySolution.hosts.navigaton.hostRisk.viewDashboardButtonLabel": "Afficher le tableau de bord de la source",
     "xpack.securitySolution.hosts.navigaton.matrixHistogram.errorFetchingAuthenticationsData": "Impossible d'interroger les données d'authentifications",
     "xpack.securitySolution.hosts.navigaton.matrixHistogram.errorFetchingEventsData": "Impossible d'interroger les données d'événements",
     "xpack.securitySolution.hosts.pageTitle": "Hôtes",
@@ -33003,13 +32986,11 @@
     "xpack.securitySolution.hostsRiskTable.hostNameTitle": "Nom d'hôte",
     "xpack.securitySolution.hostsRiskTable.hostRiskScoreTitle": "Score de risque de l'hôte",
     "xpack.securitySolution.hostsRiskTable.hostRiskTitle": "Risque de l'hôte",
-    "xpack.securitySolution.hostsRiskTable.hostRiskToolTip": "La classification des risques de l'hôte est déterminée par score de risque de l'hôte. Les hôtes classés comme étant Critique ou Élevé sont indiqués comme étant \"à risque\".",
     "xpack.securitySolution.hostsRiskTable.hostsTableTooltip": "Le tableau des risques de l'hôte n'est pas affecté par la plage temporelle KQL. Ce tableau montre le dernier score de risque enregistré pour chaque hôte.",
     "xpack.securitySolution.hostsRiskTable.riskTitle": "Classification de risque de l'hôte",
     "xpack.securitySolution.hostsRiskTable.tableTitle": "Risque de l'hôte",
     "xpack.securitySolution.hostsRiskTable.usersTableTooltip": "Le tableau des risques de l'utilisateur n'est pas affecté par la plage temporelle KQL. Ce tableau montre le dernier score de risque enregistré pour chaque utilisateur.",
     "xpack.securitySolution.hostsTable.firstLastSeenToolTip": "Par rapport à la plage de dates sélectionnée",
-    "xpack.securitySolution.hostsTable.hostRiskToolTip": "La classification des risques de l'hôte est déterminée par score de risque de l'hôte. Les hôtes classés comme étant Critique ou Élevé sont indiqués comme étant \"à risque\".",
     "xpack.securitySolution.hostsTable.hostsTitle": "Tous les hôtes",
     "xpack.securitySolution.hostsTable.lastSeenTitle": "Vu en dernier",
     "xpack.securitySolution.hostsTable.nameTitle": "Nom d'hôte",
@@ -33069,9 +33050,6 @@
     "xpack.securitySolution.investigationEnrichment.requestError": "Une erreur est survenue lors de la demande de Threat Intelligence",
     "xpack.securitySolution.ja3.fingerprint.ja3.fingerprintLabel": "ja3",
     "xpack.securitySolution.kpiHosts.hosts.title": "Hôtes",
-    "xpack.securitySolution.kpiHosts.riskyHosts.errorMessage": "Erreur lors de la récupération de l'API d'hôtes à risque",
-    "xpack.securitySolution.kpiHosts.riskyHosts.inspectTitle": "Hôtes à risque",
-    "xpack.securitySolution.kpiHosts.riskyHosts.title": "Hôtes à risque",
     "xpack.securitySolution.kpiHosts.uniqueIps.destinationChartLabel": "Dest.",
     "xpack.securitySolution.kpiHosts.uniqueIps.destinationUnitLabel": "destination",
     "xpack.securitySolution.kpiHosts.uniqueIps.sourceChartLabel": "Src.",
@@ -33587,11 +33565,9 @@
     "xpack.securitySolution.risk_score.toast.viewDashboard": "Afficher le tableau de bord",
     "xpack.securitySolution.riskDeprecated.entity.upgradeRiskScoreDescription": "Les données actuelles ne sont plus prises en charge. Veuillez migrer vos données et mettre à niveau le module. Les données pourront prendre jusqu'à une heure pour être générées après l'activation du module.",
     "xpack.securitySolution.riskInformation.buttonLabel": "Comment le score de risque est-il calculé ?",
-    "xpack.securitySolution.riskInformation.classificationHeader": "Classification",
     "xpack.securitySolution.riskInformation.closeBtn": "Fermer",
     "xpack.securitySolution.riskInformation.criticalRiskDescription": "90 et supérieur",
     "xpack.securitySolution.riskInformation.informationAriaLabel": "Informations",
-    "xpack.securitySolution.riskInformation.link": "ici",
     "xpack.securitySolution.riskInformation.unknownRiskDescription": "Inférieur à 20",
     "xpack.securitySolution.riskScore.api.ingestPipeline.create.errorMessageTitle": "Impossible de créer un pipeline d'ingestion",
     "xpack.securitySolution.riskScore.api.storedScript.create.errorMessageTitle": "Impossible de créer un script stocké",
@@ -34114,7 +34090,6 @@
     "xpack.securitySolution.user.details.overview.osTitle": "Système d'exploitation",
     "xpack.securitySolution.user.details.overview.userDomainTitle": "Domaine",
     "xpack.securitySolution.user.details.overview.userIdTitle": "ID utilisateur",
-    "xpack.securitySolution.user.details.overview.userRiskClassification": "Classification de risque de l'utilisateur",
     "xpack.securitySolution.user.details.overview.userRiskScoreTitle": "Score de risque de l'utilisateur",
     "xpack.securitySolution.user.ipDetails.ipOverview.lastSeenTitle": "Vu en dernier",
     "xpack.securitySolution.userDetails.failSearchDescription": "Impossible de lancer la recherche sur les détails de l'utilisateur",
@@ -34129,13 +34104,11 @@
     "xpack.securitySolution.usersKpiAuthentications.failSearchDescription": "Impossible de lancer une recherche sur les authentifications du KPI des utilisateurs",
     "xpack.securitySolution.usersRiskTable.userNameTitle": "Nom d'utilisateur",
     "xpack.securitySolution.usersRiskTable.userRiskScoreTitle": "Score de risque de l'utilisateur",
-    "xpack.securitySolution.usersRiskTable.userRiskToolTip": "La classification des risques de l'utilisateur est déterminée par score de risque de l'utilisateur. Les utilisateurs classés comme étant Critique ou Élevé sont indiqués comme étant \"à risque\".",
     "xpack.securitySolution.usersTable.domainTitle": "Domaine",
     "xpack.securitySolution.usersTable.lastSeenTitle": "Vu en dernier",
     "xpack.securitySolution.usersTable.riskTitle": "Classification de risque de l'utilisateur",
     "xpack.securitySolution.usersTable.title": "Utilisateurs",
     "xpack.securitySolution.usersTable.userNameTitle": "Nom d'utilisateur",
-    "xpack.securitySolution.usersTable.userRiskToolTip": "La classification des risques de l'utilisateur est déterminée par score de risque de l'utilisateur. Les utilisateurs classés comme étant Critique ou Élevé sont indiqués comme étant \"à risque\".",
     "xpack.securitySolution.userTab.errorFetchingsData": "Impossible d'interroger les données des utilisateurs",
     "xpack.securitySolution.visualizationActions.addToCaseSuccessContent": "Visualisation correctement ajoutée au cas",
     "xpack.securitySolution.visualizationActions.addToExistingCase": "Ajouter à un cas existant",
diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json
index e5dcbb8b17af5..c462b7850cff7 100644
--- a/x-pack/plugins/translations/translations/ja-JP.json
+++ b/x-pack/plugins/translations/translations/ja-JP.json
@@ -29310,7 +29310,6 @@
     "xpack.securitySolution.actions.addToTimeline.severityLevel": "{level}重要度",
     "xpack.securitySolution.actions.showTopTooltip": "上位の{fieldName}を表示",
     "xpack.securitySolution.actions.toggleColumnToggle.nestedLabel": "{field}フィールドはオブジェクトであり、列として追加できるネストされたフィールドに分解されます",
-    "xpack.securitySolution.alertDetails.overview.hostRiskClassification": "現在の{riskEntity}リスク分類",
     "xpack.securitySolution.alertDetails.overview.hostRiskDataTitle": "{riskEntity}リスクデータ",
     "xpack.securitySolution.alertDetails.overview.insights_related_alerts_by_source_event_count": "ソースイベントに関連する{count}件の{count, plural, =1 {アラート} other {アラート}}",
     "xpack.securitySolution.alertDetails.overview.insights_related_cases_found_content": "このアラートは{caseCount}で見つかりました",
@@ -29320,7 +29319,6 @@
     "xpack.securitySolution.alertDetails.overview.insights.related_cases_count": "このアラートに関連する{count}件の{count, plural, =1 {ケース} other {ケース}}",
     "xpack.securitySolution.alertDetails.overview.insights.relatedCasesFailure": "関連するケースを読み込めません：\"{error}\"",
     "xpack.securitySolution.alertDetails.overview.insights.suppressedAlertsCount": "{count}件の抑制された{count, plural, =1 {アラート} other {アラート}}",
-    "xpack.securitySolution.alertDetails.overview.originalHostRiskClassification": "元の{riskEntity}リスク分類",
     "xpack.securitySolution.alertDetails.overview.riskDataTooltipContent": "リスク分類は、{riskEntity}で使用可能なときにのみ表示されます。{riskScoreDocumentationLink}が環境内で有効であることを確認します。",
     "xpack.securitySolution.alerts.alertDetails.summary.cases.subTitle": "このアラートを含む直近に作成された{caseCount}件のケースを表示しています",
     "xpack.securitySolution.alertSummaryView.alertSummaryViewContextDescription": "アラート（{view}から）",
@@ -29612,8 +29610,6 @@
     "xpack.securitySolution.endpointResponseActions.actionError.errorMessage": "次の{errorCount, plural, =1 {エラー} other {エラー}}が発生しました：",
     "xpack.securitySolution.entityAnalytics.anomalies.moduleNotCompatibleTitle": "現在、{incompatibleJobCount}個の{incompatibleJobCount, plural, =1 {ジョブ} other {ジョブ}}が使用できません",
     "xpack.securitySolution.entityAnalytics.riskDashboard.nameTitle": "{riskEntity}名",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.riskClassificationTitle": "{riskEntity}リスク分類",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.riskToolTip": "{riskEntity}リスク分類は、{riskEntityLowercase}リスクスコアによって決定されます。「重大」または「高」に分類された{riskEntity}は、リスクが高いことが表示されます。",
     "xpack.securitySolution.event.summary.threat_indicator.showMatches": "すべての{count}件のインジケーター一致アラートを表示",
     "xpack.securitySolution.eventDetails.nestedColumnCheckboxAriaLabel": "{field}フィールドはオブジェクトであり、列として追加できるネストされたフィールドに分解されます",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.executed": "{command}コマンドを実行しました",
@@ -29682,8 +29678,6 @@
     "xpack.securitySolution.indexPatterns.timelineTemplate.currentPatternsBad": "このタイムラインテンプレートの現在のインデックスパターン：{callout}",
     "xpack.securitySolution.indexPatterns.timelineTemplate.noMatchData": "次のインデックスパターンはこのタイムラインテンプレートに保存されますが、データストリーム、インデックス、またはインデックスエイリアスと一致しません：{aliases}",
     "xpack.securitySolution.indexPatterns.timelineTemplate.toggleToNewSourcerer": "一時データビューを作成することで、タイムラインテンプレートを保持しています。データを修正する場合は、新しいデータビューセレクターを使用して、一時データビューを再作成できます。手動でデータビュー{link}を選択することもできます。",
-    "xpack.securitySolution.kpiHosts.riskyHosts.description": "{formattedQuantity}個の高リスクの{quantity, plural, =1 {ホスト} other {ホスト}}",
-    "xpack.securitySolution.kpiHosts.riskyHosts.hostsCount": "{quantity} {quantity, plural, =1 {ホスト} other {ホスト}}",
     "xpack.securitySolution.lists.exceptionListImportSuccess": "例外リスト{fileName}がインポートされました",
     "xpack.securitySolution.lists.referenceModalDescription": "この値リストは、（{referenceCount}）例外{referenceCount, plural, =1 {リスト} other {リスト}}に関連付けられています。このリストを削除すると、この値リストを参照するすべての例外アイテムが削除されます。",
     "xpack.securitySolution.lists.uploadValueListExtensionValidationMessage": "ファイルは次の種類のいずれかでなければなりません：[{fileTypes}]",
@@ -29753,11 +29747,7 @@
     "xpack.securitySolution.responseActionsList.list.item.wasSuccessful": "{command}は正常に完了しました",
     "xpack.securitySolution.responseActionsList.list.recordRange": "{total} {recordsLabel}件中{range}を表示中",
     "xpack.securitySolution.responseActionsList.list.recordRangeLabel": "{records, plural, other {対応アクション}}",
-    "xpack.securitySolution.riskInformation.explanation": "この機能は変換を利用します。また、5日間の範囲で、スクリプトメトリックアグリゲーションを使用して、「オープン」ステータスの検知ルールアラートに基づいて{riskEntityLower}リスクスコアを計算します。変換は毎時実行され、新しい検知ルールアラートを受信するとスコアが常に更新されます。",
-    "xpack.securitySolution.riskInformation.introduction": "{riskEntity}リスクスコア機能は、環境内のリスクが高い{riskEntityLowerPlural}を明らかにします。",
-    "xpack.securitySolution.riskInformation.learnMore": "{riskEntity}リスク{riskScoreDocumentationLink}の詳細をご覧ください",
     "xpack.securitySolution.riskInformation.riskHeader": "{riskEntity}リスクスコア範囲",
-    "xpack.securitySolution.riskInformation.title": "{riskEntity}リスクを計算する方法",
     "xpack.securitySolution.riskScore.api.ingestPipeline.delete.errorMessageTitle": "インジェスト{totalCount, plural, =1 {パイプライン} other {パイプライン}}を削除できませんでした",
     "xpack.securitySolution.riskScore.api.transforms.delete.errorMessageTitle": "{totalCount, plural, =1 {変換} other {変換}}の削除に失敗しました",
     "xpack.securitySolution.riskScore.api.transforms.start.errorMessageTitle": "{totalCount, plural, =1 {変換} other {変換}}の開始に失敗しました",
@@ -29927,7 +29917,6 @@
     "xpack.securitySolution.alerts.alertDetails.summary.host.agentStatus.title": "エージェントステータス",
     "xpack.securitySolution.alerts.alertDetails.summary.host.hostName.title": "ホスト名",
     "xpack.securitySolution.alerts.alertDetails.summary.host.osName.title": "オペレーティングシステム",
-    "xpack.securitySolution.alerts.alertDetails.summary.host.riskClassification": "ホストリスク分類",
     "xpack.securitySolution.alerts.alertDetails.summary.host.riskScore": "ホストリスクスコア",
     "xpack.securitySolution.alerts.alertDetails.summary.host.title": "ホスト",
     "xpack.securitySolution.alerts.alertDetails.summary.ipAddresses.title": "IP アドレス",
@@ -29941,7 +29930,6 @@
     "xpack.securitySolution.alerts.alertDetails.summary.rule.title": "ルール",
     "xpack.securitySolution.alerts.alertDetails.summary.user.action.openUserDetailsPage": "ユーザー詳細ページを開く",
     "xpack.securitySolution.alerts.alertDetails.summary.user.action.viewUserSummary": "ユーザー概要を表示",
-    "xpack.securitySolution.alerts.alertDetails.summary.user.riskClassification": "ユーザーリスク分類",
     "xpack.securitySolution.alerts.alertDetails.summary.user.riskScore": "ユーザーリスクスコア",
     "xpack.securitySolution.alerts.alertDetails.summary.user.title": "ユーザー",
     "xpack.securitySolution.alerts.alertDetails.summary.user.userName.title": "ユーザー名",
@@ -32584,8 +32572,6 @@
     "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.hostsTableTooltip": "ホストリスク表は時間範囲の影響を受けません。この表は、各ホストの最後に記録されたリスクスコアを示します。",
     "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.title": "ホストリスクスコア",
     "xpack.securitySolution.entityAnalytics.riskDashboard.hostsTableTooltip": "ホストリスクスコアパネルには、リスクのあるホストの一覧と最新のリスクスコアが表示されます。KQL検索バーのグローバルフィルターを使って、この一覧をフィルタリングできます。時間範囲ピッカーフィルターは、選択した時間範囲内のアラートのみを表示し、リスクのあるホストの一覧をフィルタリングしません。",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.learnMore": "詳細",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.tableTooltipTitle": "テクニカルプレビュー",
     "xpack.securitySolution.entityAnalytics.riskDashboard.usersTableTooltip": "ユーザーリスクスコアパネルには、リスクのあるユーザーの一覧と最新のリスクスコアが表示されます。KQL検索バーのグローバルフィルターを使って、この一覧をフィルタリングできます。時間範囲ピッカーフィルターは、選択した時間範囲内のアラートのみを表示し、リスクのあるユーザーの一覧をフィルタリングしません。",
     "xpack.securitySolution.entityAnalytics.riskDashboard.viewAllLabel": "すべて表示",
     "xpack.securitySolution.entityAnalytics.technicalPreviewLabel": "テクニカルプレビュー",
@@ -32599,7 +32585,6 @@
     "xpack.securitySolution.eventDetails.ctiSummary.feedNamePreposition": "開始",
     "xpack.securitySolution.eventDetails.ctiSummary.indicatorEnrichmentTitle": "脅威一致が検出されました",
     "xpack.securitySolution.eventDetails.ctiSummary.indicatorEnrichmentTooltipContent": "このフィールド値は、作成したルールの脅威インテリジェンス指標と一致しました。",
-    "xpack.securitySolution.eventDetails.ctiSummary.informationAriaLabel": "情報",
     "xpack.securitySolution.eventDetails.ctiSummary.investigationEnrichmentTitle": "Threat Intelligenceで拡張",
     "xpack.securitySolution.eventDetails.ctiSummary.investigationEnrichmentTooltipContent": "このフィールド値には脅威インテリジェンスソースの別の情報があります。",
     "xpack.securitySolution.eventDetails.description": "説明",
@@ -32939,7 +32924,6 @@
     "xpack.securitySolution.host.details.overview.cloudProviderTitle": "クラウドプロバイダー",
     "xpack.securitySolution.host.details.overview.familyTitle": "ファミリー",
     "xpack.securitySolution.host.details.overview.hostIdTitle": "ホストID",
-    "xpack.securitySolution.host.details.overview.hostRiskClassification": "ホストリスク分類",
     "xpack.securitySolution.host.details.overview.hostRiskScoreTitle": "ホストリスクスコア",
     "xpack.securitySolution.host.details.overview.inspectTitle": "ホスト概要",
     "xpack.securitySolution.host.details.overview.instanceIdTitle": "インスタンス ID",
@@ -32988,7 +32972,6 @@
     "xpack.securitySolution.hosts.navigation.hostRiskTitle": "ホストリスク",
     "xpack.securitySolution.hosts.navigation.sessionsTitle": "セッション",
     "xpack.securitySolution.hosts.navigation.uncommonProcessesTitle": "非共通プロセス",
-    "xpack.securitySolution.hosts.navigaton.hostRisk.viewDashboardButtonLabel": "ソースダッシュボードを表示",
     "xpack.securitySolution.hosts.navigaton.matrixHistogram.errorFetchingAuthenticationsData": "認証データをクエリできませんでした",
     "xpack.securitySolution.hosts.navigaton.matrixHistogram.errorFetchingEventsData": "イベントデータをクエリできませんでした",
     "xpack.securitySolution.hosts.pageTitle": "ホスト",
@@ -33002,13 +32985,11 @@
     "xpack.securitySolution.hostsRiskTable.hostNameTitle": "ホスト名",
     "xpack.securitySolution.hostsRiskTable.hostRiskScoreTitle": "ホストリスクスコア",
     "xpack.securitySolution.hostsRiskTable.hostRiskTitle": "ホストリスク",
-    "xpack.securitySolution.hostsRiskTable.hostRiskToolTip": "ホストリスク分類はホストリスクスコアで決まります。「重大」または「高」に分類されたホストはリスクが高いことが示されます。",
     "xpack.securitySolution.hostsRiskTable.hostsTableTooltip": "ホストリスク表はKQL時間範囲の影響を受けません。この表は、各ホストの最後に記録されたリスクスコアを示します。",
     "xpack.securitySolution.hostsRiskTable.riskTitle": "ホストリスク分類",
     "xpack.securitySolution.hostsRiskTable.tableTitle": "ホストリスク",
     "xpack.securitySolution.hostsRiskTable.usersTableTooltip": "ユーザーリスク表はKQL時間範囲の影響を受けません。この表は、各ユーザーの最後に記録されたリスクスコアを示します。",
     "xpack.securitySolution.hostsTable.firstLastSeenToolTip": "選択された日付範囲との相関付けです",
-    "xpack.securitySolution.hostsTable.hostRiskToolTip": "ホストリスク分類はホストリスクスコアで決まります。「重大」または「高」に分類されたホストはリスクが高いことが示されます。",
     "xpack.securitySolution.hostsTable.hostsTitle": "すべてのホスト",
     "xpack.securitySolution.hostsTable.lastSeenTitle": "前回の認識",
     "xpack.securitySolution.hostsTable.nameTitle": "ホスト名",
@@ -33068,9 +33049,6 @@
     "xpack.securitySolution.investigationEnrichment.requestError": "脅威インテリジェンスの要求中にエラーが発生しました",
     "xpack.securitySolution.ja3.fingerprint.ja3.fingerprintLabel": "ja3",
     "xpack.securitySolution.kpiHosts.hosts.title": "ホスト",
-    "xpack.securitySolution.kpiHosts.riskyHosts.errorMessage": "高リスクホストAPIの取得エラー",
-    "xpack.securitySolution.kpiHosts.riskyHosts.inspectTitle": "高リスクホスト",
-    "xpack.securitySolution.kpiHosts.riskyHosts.title": "高リスクホスト",
     "xpack.securitySolution.kpiHosts.uniqueIps.destinationChartLabel": "Dest.",
     "xpack.securitySolution.kpiHosts.uniqueIps.destinationUnitLabel": "デスティネーション",
     "xpack.securitySolution.kpiHosts.uniqueIps.sourceChartLabel": "Src.",
@@ -33586,11 +33564,9 @@
     "xpack.securitySolution.risk_score.toast.viewDashboard": "ダッシュボードを表示",
     "xpack.securitySolution.riskDeprecated.entity.upgradeRiskScoreDescription": "現在のデータはサポートされていません。データを移行し、モジュールをアップグレードしてください。モジュールを有効化した後、データの生成までに1時間かかる場合があります。",
     "xpack.securitySolution.riskInformation.buttonLabel": "リスクスコアを計算する方法",
-    "xpack.securitySolution.riskInformation.classificationHeader": "分類",
     "xpack.securitySolution.riskInformation.closeBtn": "閉じる",
     "xpack.securitySolution.riskInformation.criticalRiskDescription": "90以上",
     "xpack.securitySolution.riskInformation.informationAriaLabel": "情報",
-    "xpack.securitySolution.riskInformation.link": "こちら",
     "xpack.securitySolution.riskInformation.unknownRiskDescription": "20未満",
     "xpack.securitySolution.riskScore.api.ingestPipeline.create.errorMessageTitle": "インジェストパイプラインを作成できませんでした",
     "xpack.securitySolution.riskScore.api.storedScript.create.errorMessageTitle": "保存されたスクリプトを作成できませんでした",
@@ -34113,7 +34089,6 @@
     "xpack.securitySolution.user.details.overview.osTitle": "オペレーティングシステム",
     "xpack.securitySolution.user.details.overview.userDomainTitle": "ドメイン",
     "xpack.securitySolution.user.details.overview.userIdTitle": "ユーザーID",
-    "xpack.securitySolution.user.details.overview.userRiskClassification": "ユーザーリスク分類",
     "xpack.securitySolution.user.details.overview.userRiskScoreTitle": "ユーザーリスクスコア",
     "xpack.securitySolution.user.ipDetails.ipOverview.lastSeenTitle": "前回の認識",
     "xpack.securitySolution.userDetails.failSearchDescription": "ユーザー詳細で検索を実行できませんでした",
@@ -34128,13 +34103,11 @@
     "xpack.securitySolution.usersKpiAuthentications.failSearchDescription": "ユーザーKPI認証で検索を実行できませんでした",
     "xpack.securitySolution.usersRiskTable.userNameTitle": "ユーザー名",
     "xpack.securitySolution.usersRiskTable.userRiskScoreTitle": "ユーザーリスクスコア",
-    "xpack.securitySolution.usersRiskTable.userRiskToolTip": "ユーザーリスク分類はユーザーリスクスコアで決まります。「重大」または「高」に分類されたユーザーはリスクが高いことが示されます。",
     "xpack.securitySolution.usersTable.domainTitle": "ドメイン",
     "xpack.securitySolution.usersTable.lastSeenTitle": "前回の認識",
     "xpack.securitySolution.usersTable.riskTitle": "ユーザーリスク分類",
     "xpack.securitySolution.usersTable.title": "ユーザー",
     "xpack.securitySolution.usersTable.userNameTitle": "ユーザー名",
-    "xpack.securitySolution.usersTable.userRiskToolTip": "ユーザーリスク分類はユーザーリスクスコアで決まります。「重大」または「高」に分類されたユーザーはリスクが高いことが示されます。",
     "xpack.securitySolution.userTab.errorFetchingsData": "ユーザーデータをクエリできませんでした",
     "xpack.securitySolution.visualizationActions.addToCaseSuccessContent": "ビジュアライゼーションが正常にケースに追加されました",
     "xpack.securitySolution.visualizationActions.addToExistingCase": "既存のケースに追加",
diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json
index fc12edb97a8e5..d5ab00e4dc425 100644
--- a/x-pack/plugins/translations/translations/zh-CN.json
+++ b/x-pack/plugins/translations/translations/zh-CN.json
@@ -29306,7 +29306,6 @@
     "xpack.securitySolution.actions.addToTimeline.severityLevel": "{level} 严重性",
     "xpack.securitySolution.actions.showTopTooltip": "排名靠前的{fieldName}",
     "xpack.securitySolution.actions.toggleColumnToggle.nestedLabel": "{field} 字段是对象，并分解为可以添加为列的嵌套字段",
-    "xpack.securitySolution.alertDetails.overview.hostRiskClassification": "当前 {riskEntity} 风险分类",
     "xpack.securitySolution.alertDetails.overview.hostRiskDataTitle": "{riskEntity} 风险数据",
     "xpack.securitySolution.alertDetails.overview.insights_related_alerts_by_source_event_count": "{count} 个{count, plural, =1 {告警} other {告警}}与源事件相关",
     "xpack.securitySolution.alertDetails.overview.insights_related_cases_found_content": "发现此告警位于 {caseCount}",
@@ -29316,7 +29315,6 @@
     "xpack.securitySolution.alertDetails.overview.insights.related_cases_count": "{count} 个{count, plural, =1 {案例} other {案例}}与此告警相关",
     "xpack.securitySolution.alertDetails.overview.insights.relatedCasesFailure": "无法加载相关案例：“{error}”",
     "xpack.securitySolution.alertDetails.overview.insights.suppressedAlertsCount": "{count} 个已阻止{count, plural, =1 {告警} other {告警}}",
-    "xpack.securitySolution.alertDetails.overview.originalHostRiskClassification": "原始 {riskEntity} 风险分类",
     "xpack.securitySolution.alertDetails.overview.riskDataTooltipContent": "仅在其对 {riskEntity} 可用时才会显示风险分类。确保在您的环境中启用了 {riskScoreDocumentationLink}。",
     "xpack.securitySolution.alerts.alertDetails.summary.cases.subTitle": "正在显示 {caseCount} 个包含此告警的最新创建的案例",
     "xpack.securitySolution.alertSummaryView.alertSummaryViewContextDescription": "告警（来自 {view}）",
@@ -29608,8 +29606,6 @@
     "xpack.securitySolution.endpointResponseActions.actionError.errorMessage": "遇到以下{errorCount, plural, =1 {错误} other {错误}}：",
     "xpack.securitySolution.entityAnalytics.anomalies.moduleNotCompatibleTitle": "{incompatibleJobCount} 个{incompatibleJobCount, plural, =1 {作业} other {作业}}当前不可用",
     "xpack.securitySolution.entityAnalytics.riskDashboard.nameTitle": "{riskEntity} 名称",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.riskClassificationTitle": "{riskEntity} 风险分类",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.riskToolTip": "{riskEntity} 风险分类由 {riskEntityLowercase} 风险分数决定。分类为紧急或高的{riskEntity}主机即表示存在风险。",
     "xpack.securitySolution.event.summary.threat_indicator.showMatches": "显示所有 {count} 个指标匹配告警",
     "xpack.securitySolution.eventDetails.nestedColumnCheckboxAriaLabel": "{field} 字段是对象，并分解为可以添加为列的嵌套字段",
     "xpack.securitySolution.eventDetails.responseActions.endpoint.executed": "已执行 {command} 命令",
@@ -29678,8 +29674,6 @@
     "xpack.securitySolution.indexPatterns.timelineTemplate.currentPatternsBad": "此时间线模板中的当前索引模式为：{callout}",
     "xpack.securitySolution.indexPatterns.timelineTemplate.noMatchData": "以下索引模式已保存到此时间线模板，但不匹配任何数据流、索引或索引别名：{aliases}",
     "xpack.securitySolution.indexPatterns.timelineTemplate.toggleToNewSourcerer": "我们已通过创建临时数据视图来保留您的时间线模板。如果您要修改数据，我们可以使用新的数据视图选择器重新创建临时数据视图。您还可以手动选择数据视图 {link}。",
-    "xpack.securitySolution.kpiHosts.riskyHosts.description": "{formattedQuantity} 台有风险的{quantity, plural, =1 {主机} other {主机}}",
-    "xpack.securitySolution.kpiHosts.riskyHosts.hostsCount": "{quantity} {quantity, plural, =1 {主机} other {主机}}",
     "xpack.securitySolution.lists.exceptionListImportSuccess": "已导入例外列表 {fileName}",
     "xpack.securitySolution.lists.referenceModalDescription": "此值列表与 ({referenceCount}) 个例外{referenceCount, plural, =1 {列表} other {列表}}关联。移除此列表将移除引用此值列表的所有例外项。",
     "xpack.securitySolution.lists.uploadValueListExtensionValidationMessage": "文件必须属于以下类型之一：[{fileTypes}]",
@@ -29749,11 +29743,7 @@
     "xpack.securitySolution.responseActionsList.list.item.wasSuccessful": "{command} 已成功完成",
     "xpack.securitySolution.responseActionsList.list.recordRange": "正在显示第 {range} 个（共 {total} 个）{recordsLabel}",
     "xpack.securitySolution.responseActionsList.list.recordRangeLabel": "{records, plural, other {响应操作}}",
-    "xpack.securitySolution.riskInformation.explanation": "此功能利用转换，通过脚本指标聚合基于“开放”状态的检测规则告警来计算 5 天时间窗口内的 {riskEntityLower} 风险分数。该转换每小时运行一次，以根据流入的新检测规则告警更新分数。",
-    "xpack.securitySolution.riskInformation.introduction": "{riskEntity} 风险分数功能将显示您环境中存在风险的 {riskEntityLowerPlural}。",
-    "xpack.securitySolution.riskInformation.learnMore": "您可以详细了解 {riskEntity} 风险{riskScoreDocumentationLink}",
     "xpack.securitySolution.riskInformation.riskHeader": "{riskEntity} 风险分数范围",
-    "xpack.securitySolution.riskInformation.title": "如何计算 {riskEntity} 风险？",
     "xpack.securitySolution.riskScore.api.ingestPipeline.delete.errorMessageTitle": "无法删除采集{totalCount, plural, =1 {管道} other {管道}}",
     "xpack.securitySolution.riskScore.api.transforms.delete.errorMessageTitle": "无法删除{totalCount, plural, =1 {转换} other {转换}}",
     "xpack.securitySolution.riskScore.api.transforms.start.errorMessageTitle": "无法启动{totalCount, plural, =1 {转换} other {转换}}",
@@ -29923,7 +29913,6 @@
     "xpack.securitySolution.alerts.alertDetails.summary.host.agentStatus.title": "代理状态",
     "xpack.securitySolution.alerts.alertDetails.summary.host.hostName.title": "主机名",
     "xpack.securitySolution.alerts.alertDetails.summary.host.osName.title": "操作系统",
-    "xpack.securitySolution.alerts.alertDetails.summary.host.riskClassification": "主机风险分类",
     "xpack.securitySolution.alerts.alertDetails.summary.host.riskScore": "主机风险分数",
     "xpack.securitySolution.alerts.alertDetails.summary.host.title": "主机",
     "xpack.securitySolution.alerts.alertDetails.summary.ipAddresses.title": "IP 地址",
@@ -29937,7 +29926,6 @@
     "xpack.securitySolution.alerts.alertDetails.summary.rule.title": "规则",
     "xpack.securitySolution.alerts.alertDetails.summary.user.action.openUserDetailsPage": "打开用户详情页面",
     "xpack.securitySolution.alerts.alertDetails.summary.user.action.viewUserSummary": "查看用户摘要",
-    "xpack.securitySolution.alerts.alertDetails.summary.user.riskClassification": "用户风险分类",
     "xpack.securitySolution.alerts.alertDetails.summary.user.riskScore": "用户风险分数",
     "xpack.securitySolution.alerts.alertDetails.summary.user.title": "用户",
     "xpack.securitySolution.alerts.alertDetails.summary.user.userName.title": "用户名",
@@ -32580,8 +32568,6 @@
     "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.hostsTableTooltip": "主机风险表不受时间范围影响。本表显示每台主机最新记录的风险分数。",
     "xpack.securitySolution.entityAnalytics.hostsRiskDashboard.title": "主机风险分数",
     "xpack.securitySolution.entityAnalytics.riskDashboard.hostsTableTooltip": "“主机风险分数”面板显示有风险主机及其最新风险分数的列表。可以在 KQL 搜索栏中使用全局筛选来筛选此列表。时间范围选取器筛选将仅显示选定时间范围内的告警，并且不筛选有风险主机列表。",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.learnMore": "了解详情",
-    "xpack.securitySolution.entityAnalytics.riskDashboard.tableTooltipTitle": "处于技术预览状态",
     "xpack.securitySolution.entityAnalytics.riskDashboard.usersTableTooltip": "“用户风险分数”面板显示有风险用户及其最新风险分数的列表。可以在 KQL 搜索栏中使用全局筛选来筛选此列表。时间范围选取器筛选将仅显示选定时间范围内的告警，并且不筛选有风险用户列表。",
     "xpack.securitySolution.entityAnalytics.riskDashboard.viewAllLabel": "查看全部",
     "xpack.securitySolution.entityAnalytics.technicalPreviewLabel": "技术预览",
@@ -32595,7 +32581,6 @@
     "xpack.securitySolution.eventDetails.ctiSummary.feedNamePreposition": "来自",
     "xpack.securitySolution.eventDetails.ctiSummary.indicatorEnrichmentTitle": "检测到威胁匹配",
     "xpack.securitySolution.eventDetails.ctiSummary.indicatorEnrichmentTooltipContent": "此字段值使用您创建的规则匹配威胁情报指标。",
-    "xpack.securitySolution.eventDetails.ctiSummary.informationAriaLabel": "信息",
     "xpack.securitySolution.eventDetails.ctiSummary.investigationEnrichmentTitle": "已使用威胁情报扩充",
     "xpack.securitySolution.eventDetails.ctiSummary.investigationEnrichmentTooltipContent": "此字段值具有威胁情报源提供的其他信息。",
     "xpack.securitySolution.eventDetails.description": "描述",
@@ -32935,7 +32920,6 @@
     "xpack.securitySolution.host.details.overview.cloudProviderTitle": "云服务提供商",
     "xpack.securitySolution.host.details.overview.familyTitle": "系列",
     "xpack.securitySolution.host.details.overview.hostIdTitle": "主机 ID",
-    "xpack.securitySolution.host.details.overview.hostRiskClassification": "主机风险分类",
     "xpack.securitySolution.host.details.overview.hostRiskScoreTitle": "主机风险分数",
     "xpack.securitySolution.host.details.overview.inspectTitle": "主机概览",
     "xpack.securitySolution.host.details.overview.instanceIdTitle": "实例 ID",
@@ -32984,7 +32968,6 @@
     "xpack.securitySolution.hosts.navigation.hostRiskTitle": "主机风险",
     "xpack.securitySolution.hosts.navigation.sessionsTitle": "会话",
     "xpack.securitySolution.hosts.navigation.uncommonProcessesTitle": "不常见进程",
-    "xpack.securitySolution.hosts.navigaton.hostRisk.viewDashboardButtonLabel": "查看源仪表板",
     "xpack.securitySolution.hosts.navigaton.matrixHistogram.errorFetchingAuthenticationsData": "无法查询身份验证数据",
     "xpack.securitySolution.hosts.navigaton.matrixHistogram.errorFetchingEventsData": "无法查询事件数据",
     "xpack.securitySolution.hosts.pageTitle": "主机",
@@ -32998,13 +32981,11 @@
     "xpack.securitySolution.hostsRiskTable.hostNameTitle": "主机名",
     "xpack.securitySolution.hostsRiskTable.hostRiskScoreTitle": "主机风险分数",
     "xpack.securitySolution.hostsRiskTable.hostRiskTitle": "主机风险",
-    "xpack.securitySolution.hostsRiskTable.hostRiskToolTip": "主机风险分类由主机风险分数决定。分类为紧急或高的主机即表示存在风险。",
     "xpack.securitySolution.hostsRiskTable.hostsTableTooltip": "主机风险表不受 KQL 时间范围影响。本表显示每台主机最新记录的风险分数。",
     "xpack.securitySolution.hostsRiskTable.riskTitle": "主机风险分类",
     "xpack.securitySolution.hostsRiskTable.tableTitle": "主机风险",
     "xpack.securitySolution.hostsRiskTable.usersTableTooltip": "用户风险表不受 KQL 时间范围影响。本表显示每个用户最新记录的风险分数。",
     "xpack.securitySolution.hostsTable.firstLastSeenToolTip": "相对于选定日期范围",
-    "xpack.securitySolution.hostsTable.hostRiskToolTip": "主机风险分类由主机风险分数决定。分类为紧急或高的主机即表示存在风险。",
     "xpack.securitySolution.hostsTable.hostsTitle": "所有主机",
     "xpack.securitySolution.hostsTable.lastSeenTitle": "最后看到时间",
     "xpack.securitySolution.hostsTable.nameTitle": "主机名",
@@ -33064,9 +33045,6 @@
     "xpack.securitySolution.investigationEnrichment.requestError": "请求威胁情报时发生错误",
     "xpack.securitySolution.ja3.fingerprint.ja3.fingerprintLabel": "ja3",
     "xpack.securitySolution.kpiHosts.hosts.title": "主机",
-    "xpack.securitySolution.kpiHosts.riskyHosts.errorMessage": "提取有风险主机 API 时出错",
-    "xpack.securitySolution.kpiHosts.riskyHosts.inspectTitle": "有风险主机",
-    "xpack.securitySolution.kpiHosts.riskyHosts.title": "有风险主机",
     "xpack.securitySolution.kpiHosts.uniqueIps.destinationChartLabel": "目标",
     "xpack.securitySolution.kpiHosts.uniqueIps.destinationUnitLabel": "目标",
     "xpack.securitySolution.kpiHosts.uniqueIps.sourceChartLabel": "源",
@@ -33582,11 +33560,9 @@
     "xpack.securitySolution.risk_score.toast.viewDashboard": "查看仪表板",
     "xpack.securitySolution.riskDeprecated.entity.upgradeRiskScoreDescription": "当前数据不再受支持。请迁移您的数据并升级该模块。启用此模板后，可能需要一小时才能生成数据。",
     "xpack.securitySolution.riskInformation.buttonLabel": "如何计算风险分数？",
-    "xpack.securitySolution.riskInformation.classificationHeader": "分类",
     "xpack.securitySolution.riskInformation.closeBtn": "关闭",
     "xpack.securitySolution.riskInformation.criticalRiskDescription": "90 及以上",
     "xpack.securitySolution.riskInformation.informationAriaLabel": "信息",
-    "xpack.securitySolution.riskInformation.link": "此处",
     "xpack.securitySolution.riskInformation.unknownRiskDescription": "小于 20",
     "xpack.securitySolution.riskScore.api.ingestPipeline.create.errorMessageTitle": "无法创建采集管道",
     "xpack.securitySolution.riskScore.api.storedScript.create.errorMessageTitle": "无法创建存储脚本",
@@ -34109,7 +34085,6 @@
     "xpack.securitySolution.user.details.overview.osTitle": "操作系统",
     "xpack.securitySolution.user.details.overview.userDomainTitle": "域",
     "xpack.securitySolution.user.details.overview.userIdTitle": "用户 ID",
-    "xpack.securitySolution.user.details.overview.userRiskClassification": "用户风险分类",
     "xpack.securitySolution.user.details.overview.userRiskScoreTitle": "用户风险分数",
     "xpack.securitySolution.user.ipDetails.ipOverview.lastSeenTitle": "最后看到时间",
     "xpack.securitySolution.userDetails.failSearchDescription": "无法对用户详情执行搜索",
@@ -34124,13 +34099,11 @@
     "xpack.securitySolution.usersKpiAuthentications.failSearchDescription": "无法对用户 KPI 身份验证执行搜索",
     "xpack.securitySolution.usersRiskTable.userNameTitle": "用户名",
     "xpack.securitySolution.usersRiskTable.userRiskScoreTitle": "用户风险分数",
-    "xpack.securitySolution.usersRiskTable.userRiskToolTip": "用户风险分类由用户风险分数决定。分类为紧急或高的用户即表示存在风险。",
     "xpack.securitySolution.usersTable.domainTitle": "域",
     "xpack.securitySolution.usersTable.lastSeenTitle": "最后看到时间",
     "xpack.securitySolution.usersTable.riskTitle": "用户风险分类",
     "xpack.securitySolution.usersTable.title": "用户",
     "xpack.securitySolution.usersTable.userNameTitle": "用户名",
-    "xpack.securitySolution.usersTable.userRiskToolTip": "用户风险分类由用户风险分数决定。分类为紧急或高的用户即表示存在风险。",
     "xpack.securitySolution.userTab.errorFetchingsData": "无法查询用户数据",
     "xpack.securitySolution.visualizationActions.addToCaseSuccessContent": "已成功将可视化添加到案例",
     "xpack.securitySolution.visualizationActions.addToExistingCase": "添加到现有案例",
diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/enrichments.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/enrichments.cy.ts
index 4432a1c6c90a7..0c5662146b810 100644
--- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/enrichments.cy.ts
+++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_alerts/enrichments.cy.ts
@@ -33,8 +33,8 @@ import { ALERTS_URL } from '../../urls/navigation';
 import { deleteRiskEngineConfiguration } from '../../tasks/api_calls/risk_engine';
 import { enableRiskEngine } from '../../tasks/entity_analytics';
 
-const CURRENT_HOST_RISK_CLASIFICATION = 'Current host risk classification';
-const ORIGINAL_HOST_RISK_CLASIFICATION = 'Original host risk classification';
+const CURRENT_HOST_RISK_LEVEL = 'Current host risk level';
+const ORIGINAL_HOST_RISK_LEVEL = 'Original host risk level';
 
 // TODO: https://github.com/elastic/kibana/issues/161539
 describe('Enrichment', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, () => {
@@ -80,16 +80,16 @@ describe('Enrichment', { tags: ['@ess', '@serverless', '@brokenInServerless'] },
         scrollAlertTableColumnIntoView(ACTION_COLUMN);
         expandFirstAlert();
         cy.get(ENRICHED_DATA_ROW).contains('Low');
-        cy.get(ENRICHED_DATA_ROW).contains(CURRENT_HOST_RISK_CLASIFICATION);
+        cy.get(ENRICHED_DATA_ROW).contains(CURRENT_HOST_RISK_LEVEL);
         cy.get(ENRICHED_DATA_ROW).contains('Critical').should('not.exist');
-        cy.get(ENRICHED_DATA_ROW).contains(ORIGINAL_HOST_RISK_CLASIFICATION).should('not.exist');
+        cy.get(ENRICHED_DATA_ROW).contains(ORIGINAL_HOST_RISK_LEVEL).should('not.exist');
 
         closeAlertFlyout();
         cy.task('esArchiverUnload', 'risk_hosts');
         cy.task('esArchiverLoad', { archiveName: 'risk_hosts_updated' });
         expandFirstAlert();
         cy.get(ENRICHED_DATA_ROW).contains('Critical');
-        cy.get(ENRICHED_DATA_ROW).contains(ORIGINAL_HOST_RISK_CLASIFICATION);
+        cy.get(ENRICHED_DATA_ROW).contains(ORIGINAL_HOST_RISK_LEVEL);
       });
     });
 
@@ -124,16 +124,16 @@ describe('Enrichment', { tags: ['@ess', '@serverless', '@brokenInServerless'] },
         scrollAlertTableColumnIntoView(ACTION_COLUMN);
         expandFirstAlert();
         cy.get(ENRICHED_DATA_ROW).contains('Critical');
-        cy.get(ENRICHED_DATA_ROW).contains(CURRENT_HOST_RISK_CLASIFICATION);
+        cy.get(ENRICHED_DATA_ROW).contains(CURRENT_HOST_RISK_LEVEL);
         cy.get(ENRICHED_DATA_ROW).contains('Low').should('not.exist');
-        cy.get(ENRICHED_DATA_ROW).contains(ORIGINAL_HOST_RISK_CLASIFICATION).should('not.exist');
+        cy.get(ENRICHED_DATA_ROW).contains(ORIGINAL_HOST_RISK_LEVEL).should('not.exist');
 
         closeAlertFlyout();
         cy.task('esArchiverUnload', 'risk_scores_new');
         cy.task('esArchiverLoad', { archiveName: 'risk_scores_new_updated' });
         expandFirstAlert();
         cy.get(ENRICHED_DATA_ROW).contains('Low');
-        cy.get(ENRICHED_DATA_ROW).contains(ORIGINAL_HOST_RISK_CLASIFICATION);
+        cy.get(ENRICHED_DATA_ROW).contains(ORIGINAL_HOST_RISK_LEVEL);
       });
     });
   });
diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts
index 39d8e1476a6cd..a14aa11bc1cdd 100644
--- a/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts
+++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/dashboards/entity_analytics.cy.ts
@@ -162,7 +162,7 @@ describe('Entity Analytics Dashboard', { tags: ['@ess', '@brokenInServerless'] }
         cy.get(HOSTS_TABLE_ALERT_CELL).should('have.length', 5);
       });
 
-      it('filters by risk classification', () => {
+      it('filters by risk level', () => {
         openRiskTableFilterAndSelectTheLowOption();
 
         cy.get(HOSTS_DONUT_CHART).should('include.text', '1Total');
@@ -250,7 +250,7 @@ describe('Entity Analytics Dashboard', { tags: ['@ess', '@brokenInServerless'] }
         cy.get(USERS_TABLE_ALERT_CELL).should('have.length', 5);
       });
 
-      it('filters by risk classification', () => {
+      it('filters by risk level', () => {
         openRiskTableFilterAndSelectTheLowOption();
 
         cy.get(USERS_DONUT_CHART).should('include.text', '2Total');
@@ -382,7 +382,7 @@ describe('Entity Analytics Dashboard', { tags: ['@ess', '@brokenInServerless'] }
         cy.get(HOSTS_TABLE_ALERT_CELL).should('have.length', 5);
       });
 
-      it('filters by risk classification', () => {
+      it('filters by risk level', () => {
         cy.get(HOSTS_DONUT_CHART).should('include.text', '6Total');
         openRiskTableFilterAndSelectTheCriticalOption();
 
@@ -474,7 +474,7 @@ describe('Entity Analytics Dashboard', { tags: ['@ess', '@brokenInServerless'] }
         cy.get(USERS_TABLE_ALERT_CELL).should('have.length', 5);
       });
 
-      it('filters by risk classification', () => {
+      it('filters by risk level', () => {
         cy.get(USERS_DONUT_CHART).should('include.text', '7Total');
 
         openUserRiskTableFilterAndSelectTheLowOption(1);
diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/explore/host_details/risk_tab.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/explore/host_details/risk_tab.cy.ts
index 2ef24ae0df1ee..6c5af8a1601c3 100644
--- a/x-pack/test/security_solution_cypress/cypress/e2e/explore/host_details/risk_tab.cy.ts
+++ b/x-pack/test/security_solution_cypress/cypress/e2e/explore/host_details/risk_tab.cy.ts
@@ -52,7 +52,7 @@ describe('risk tab', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, (
 
       openRiskInformationFlyout();
 
-      cy.get(RISK_INFORMATION_FLYOUT_HEADER).contains('How is host risk calculated?');
+      cy.get(RISK_INFORMATION_FLYOUT_HEADER).contains('Entity Risk Analytics');
     });
   });
 
@@ -91,7 +91,7 @@ describe('risk tab', { tags: ['@ess', '@serverless', '@brokenInServerless'] }, (
 
       openRiskInformationFlyout();
 
-      cy.get(RISK_INFORMATION_FLYOUT_HEADER).contains('How is host risk calculated?');
+      cy.get(RISK_INFORMATION_FLYOUT_HEADER).contains('Entity Risk Analytics');
     });
   });
 });
diff --git a/x-pack/test/security_solution_cypress/cypress/screens/entity_analytics_management.ts b/x-pack/test/security_solution_cypress/cypress/screens/entity_analytics_management.ts
index e7b67db8399b7..ebdabcb67bb1e 100644
--- a/x-pack/test/security_solution_cypress/cypress/screens/entity_analytics_management.ts
+++ b/x-pack/test/security_solution_cypress/cypress/screens/entity_analytics_management.ts
@@ -7,7 +7,7 @@
 
 import { getDataTestSubjectSelector } from '../helpers/common';
 
-export const PAGE_TITLE = '[data-test-subj="entityAnalyticsManagmentPageTitle"]';
+export const PAGE_TITLE = '[data-test-subj="entityAnalyticsManagementPageTitle"]';
 
 export const HOST_RISK_PREVIEW_TABLE = '[data-test-subj="host-risk-preview-table"]';