Make the wording of the OWASP action documentation more approachable.

traffic-policy/actions/owasp-crs-request.mdx

@@ -1,35 +1,31 @@
 ---
 title: OWASP CRS Request Action
 sidebarTitle: OWASP CRS Request
-description: The OWASP CRS Request Traffic Policy action enables OWASP CRS for use with ModSecurity or compatible web application firewalls.
+description: Block common web attacks with the `owasp-crs-request` action in Traffic Policy.
 ---
 
 import ActionExamples from "/snippets/traffic-policy/actions/owasp-crs-request/examples/index.mdx";
 import ActionVariablesDescription from "/snippets/traffic-policy/common/action-variables-description.mdx";
-import { YouTubeEmbed } from "/snippets/YouTubeEmbed.jsx";
+import { YouTubeEmbed } from "/snippets/TrafficPolicy.jsx";
 
 import { ConfigField } from "/snippets/ConfigTable.jsx";
 import { ConfigChildren } from "/snippets/ConfigChildren.jsx";
 
-The **OWASP CRS Request** Traffic Policy action enables OWASP (Open Worldwide Application
-Security Project) CRS (previously Core Rule Set), a set of generic attack detection
-rules for use with ModSecurity or compatible web application firewalls. It aims to protect
-web applications from a wide range of attacks, including the
-[OWASP Top Ten](https://owasp.org/www-project-top-ten/), with a minimum of false alerts.
-CRS provides protection against many common attack categories, including SQL Injection,
-Cross Site Scripting, Local File Inclusion, etc.
-
-The `owasp-crs-request` action only enables rule processing on _incoming_ HTTP requests to your
-endpoint. In addition to this action, we also recommend you enable the [OWASP CRS Response
-action](/traffic-policy/actions/owasp-crs-response/) to analyze _outgoing_ HTTP responses from your endpoint.
-
-
-## Video walkthrough
-
-The following video walks you through ngrok's OWASP CRS request and response actions in Traffic Policy, which let you add web application firewall protection directly to your ngrok endpoints without changing your existing infrastructure.
+[OWASP](https://owasp.org/) stands for the Open Web Application Security
+Project, an online community that, among other things, maintains annual lists of
+the most critical web application security risks. The [OWASP Core Rule
+Set](https://owasp.org/www-project-modsecurity-core-rule-set/) (CRS) is a set of
+attack detection rules that we expose for you to use in your Traffic Policies.
+It includes protections against attacks like SQL Injection, Cross Site
+Scripting, Local File Inclusion, and many others.
 
 <YouTubeEmbed videoId="HHxj5VGFTEA" title="Block web attacks with ngrok's OWASP CRS Request" />
 
+The `owasp-crs-request` action enables rule processing on incoming HTTP
+requests to your endpoint. We recommend you also enable the [OWASP CRS Response
+action](/traffic-policy/actions/owasp-crs-response/) to block attacks where
+it's the response that is malicious.
+
 ### Configuration Reference
 
 This is the [Traffic Policy](/traffic-policy/) configuration

traffic-policy/actions/owasp-crs-response.mdx

@@ -1,7 +1,7 @@
 ---
 title: OWASP CRS Response Action
 sidebarTitle: OWASP CRS Response
-description: The OWASP CRS Response action enables OWASP Core Rule Set (CRS) to analyze outgoing HTTP responses from your endpoint and protect against common web attacks.
+description: Block common web attacks with the `owasp-crs-response` action in Traffic Policy
 ---
 
 import ActionVariablesDescription from "/snippets/traffic-policy/common/action-variables-description.mdx";
@@ -10,25 +10,20 @@ import { YouTubeEmbed } from "/snippets/YouTubeEmbed.jsx";
 import { ConfigField } from "/snippets/ConfigTable.jsx";
 import { ConfigChildren } from "/snippets/ConfigChildren.jsx";
 
-The **OWASP CRS Response** Traffic Policy action enables OWASP (Open Worldwide Application
-Security Project) CRS (previously Core Rule Set), a set of generic attack detection
-rules for use with ModSecurity or compatible web application firewalls. It aims to protect
-web applications from a wide range of attacks, including the
-[OWASP Top Ten](https://owasp.org/www-project-top-ten/), with a minimum of false alerts.
-CRS provides protection against many common attack categories, including SQL Injection,
-Cross Site Scripting, Local File Inclusion, etc.
+[OWASP](https://owasp.org/) stands for the Open Web Application Security
+Project, an online community that, among other things, maintains annual lists of
+the most critical web application security risks. The [OWASP Core Rule
+Set](https://owasp.org/www-project-modsecurity-core-rule-set/) (CRS) is a set of
+attack detection rules that we expose for you to use in your Traffic Policies.
+It includes protections against attacks like SQL Injection, Cross Site
+Scripting, Local File Inclusion, and many others.
 
-The `owasp-crs-response` action only enables rule processing on _outgoing_ HTTP responses from your
-endpoint. In addition to this action, we also recommend you enable the [OWASP CRS Request
-action](/traffic-policy/actions/owasp-crs-request/) to analyze _incoming_ HTTP requests to your endpoint.
+<YouTubeEmbed videoId="HHxj5VGFTEA" title="Block web attacks with ngrok's OWASP CRS Request" />
 
-## Video walkthrough
-
-The video below walks you through ngrok's OWASP CRS request and response actions in Traffic Policy, which let you add web application firewall protection directly to your ngrok endpoints without changing your existing infrastructure.
-
-<YouTubeEmbed videoId="HHxj5VGFTEA" title="Block web attacks with ngrok's OWASP CRS Response" />
-
-<ActionOverview />
+The `owasp-crs-response` action enables rule processing on incoming HTTP
+requests to your endpoint. We recommend you also enable the [OWASP CRS Request
+action](/traffic-policy/actions/owasp-crs-request/) to block attacks where
+it's the request that is malicious.
 
 ### Configuration Reference