[CF1] ELI5 on CASB docs (#29703)

* [CF1] Fix CASB docs: grammar, navigation path, and terminology inconsistencies

- Fix subject-verb agreement in casb-dlp.mdx ('contains' -> 'contain')
- Align troubleshoot navigation path to canonical 'Cloud & SaaS findings > Integrations'
- Align toggle label to 'Scan for findings' per manage-integrations partial
- Replace undocumented 'Suppress' action with cross-link to ignore/hide workflow
- Apply same fixes to duplicate troubleshoot file in integrations folder

* [CF1] Improve CASB docs clarity from ELI5 review

- Split long CASB intro sentence and explain 'API-driven' inline (index.mdx)
- Add DLP profile parenthetical definition (casb-dlp.mdx)
- Add caution callout for full-scan vs incremental-scan distinction (casb-dlp.mdx)
- Rephrase ambiguous Java/R minimum size limitation (casb-dlp.mdx)
- Add OCR cross-link to clarify that CASB does not scan images but DLP does via Gateway (casb-dlp.mdx)
- Add parenthetical for 'data at rest' (manage-findings.mdx)
- Add ignore vs hide comparison before procedures (manage-findings.mdx)
- Clarify Failed vs Rejected remediation statuses (manage-findings.mdx)
- Rewrite Gateway policy intro to bridge CASB-to-Gateway concept (manage-findings.mdx)
- Add finding ID location hint (troubleshoot-casb.mdx)

* Removing outdated limitation

Author: Oxyjun

src/content/docs/cloudflare-one/cloud-and-saas-findings/casb-dlp.mdx

@@ -11,7 +11,7 @@ import { Render } from "~/components";
 Requires Cloudflare CASB and Cloudflare DLP.
 :::
 
-You can use [Cloudflare Data Loss Prevention (DLP)](/cloudflare-one/data-loss-prevention/) to discover if files stored in a SaaS application contains sensitive data. To perform DLP scans in a SaaS app, first configure a [DLP profile](#configure-a-dlp-profile) with the data patterns you want to detect, then [add the profile](#enable-dlp-scans-in-casb) to a CASB integration.
+You can use [Cloudflare Data Loss Prevention (DLP)](/cloudflare-one/data-loss-prevention/) to discover if files stored in a SaaS application contain sensitive data. To perform DLP scans in a SaaS app, first configure a [DLP profile](#configure-a-dlp-profile) (a set of patterns that define what counts as sensitive data) with the data patterns you want to detect, then [add the profile](#enable-dlp-scans-in-casb) to a CASB integration.
 
 ## Supported integrations
 
@@ -64,12 +64,13 @@ If you enable a DLP profile from the **Manage integrations** page, CASB will onl
 - Owner of the file
 - Location of the file (for example, moved to a different folder)
 
-In order to scan historical data, you must enable the DLP profile during the [integration setup flow](#add-a-new-integration).
+:::caution
+If you add a DLP profile to an existing integration, CASB only scans files modified after you enabled the profile. To scan all files, you must enable the DLP profile during the [integration setup flow](#add-a-new-integration).
+:::
 
 ## Limitations
 
 DLP in CASB will only scan:
 
-- [Text-based files](/cloudflare-one/data-loss-prevention/#supported-file-types) such as documents, spreadsheets, and PDFs. Images are not supported.
-- Files less than or equal 100 MB in size.
-- Source code with a minimum size of 5 KB for Java and R.
+- Files less than or equal to 100 MB in size.
+- Java and R source code files that are at least 5 KB. Smaller files in these languages are skipped.

src/content/docs/cloudflare-one/cloud-and-saas-findings/index.mdx

@@ -16,7 +16,7 @@ Available for all Zero Trust users.
 Free users can configure up to two CASB integrations. You must upgrade to an Enterprise plan to view the details of a finding instance.
 :::
 
-Cloudflare's API-driven [Cloud Access Security Broker](https://www.cloudflare.com/learning/access-management/what-is-a-casb/) (CASB) integrates with SaaS applications and cloud environments to scan for misconfigurations, unauthorized user activity, <GlossaryTooltip term="shadow IT" link="https://www.cloudflare.com/learning/access-management/what-is-shadow-it/">shadow IT</GlossaryTooltip>, and other data security issues that can occur after a user has successfully logged in.
+Cloudflare's [Cloud Access Security Broker](https://www.cloudflare.com/learning/access-management/what-is-a-casb/) (CASB) connects to SaaS application and cloud environment APIs to scan for security issues that can occur after a user has successfully logged in. These include misconfigurations (such as overly permissive sharing settings), unauthorized user activity, <GlossaryTooltip term="shadow IT" link="https://www.cloudflare.com/learning/access-management/what-is-shadow-it/">shadow IT</GlossaryTooltip>, and other data security issues.
 
 For a list of available findings, refer to [Cloud and SaaS integrations](/cloudflare-one/integrations/cloud-and-saas/). You can also send posture finding instances to external systems with [CASB webhooks](/cloudflare-one/integrations/cloud-and-saas/webhooks/).
 

src/content/docs/cloudflare-one/cloud-and-saas-findings/manage-findings.mdx

@@ -10,7 +10,7 @@ head:
 
 import { TabItem, Tabs, Details } from "~/components";
 
-Findings are security issues detected within SaaS and cloud applications that involve users, data at rest, and other configuration settings. With Cloudflare CASB, you can review a comprehensive list of findings in Cloudflare One and immediately start taking action on the issues found.
+Findings are security issues detected within SaaS and cloud applications that involve users, data at rest (files stored in your apps), and other configuration settings. With Cloudflare CASB, you can review a comprehensive list of findings in Cloudflare One and take action on the issues found.
 
 ## Prerequisites
 
@@ -93,6 +93,9 @@ File findings for some integrations (such as [Microsoft 365](/cloudflare-one/int
 
 After reviewing your findings, you may decide that certain posture findings are not applicable to your organization. Cloudflare CASB allows you to remove findings or individual instances of findings from your list of active issues. CASB will continue to scan for these issues, but any detections will appear in a separate tab.
 
+- **Ignore a finding** — Moves the entire finding type from **Active** to **Ignored**. New detections of this finding type still appear, but in the **Ignored** tab.
+- **Hide an instance** — Moves a single occurrence from **Active** to **Hidden**. Future occurrences for the same user or file go to the **Hidden** tab automatically.
+
 ### Ignore a finding
 
 1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Posture Findings**.
@@ -169,13 +172,13 @@ Remediated findings will appear in **Cloud & SaaS findings** > **Posture Finding
 | Failed     | CASB unsuccessfully remediated the finding.                                                                     |
 | Rejected   | CASB does not have the correct permissions to remediate the finding.                                            |
 
-If the status is **Completed**, remediation succeeded. If the status is **Failed** or **Rejected**, remediation failed, and you can select the finding to take action again.
+If the status is **Completed**, remediation succeeded. If the status is **Failed** or **Rejected**, remediation failed, and you can select the finding to take action again. A **Rejected** status indicates that CASB does not have the correct permissions to remediate the finding.
 
 CASB will log remediation actions in **Logs** > **Admin**. For more information, refer to [Cloudflare One Logs](/cloudflare-one/insights/logs/).
 
 ## Resolve finding with a Gateway policy
 
-Using the security findings from CASB allows for fine-grained Gateway policies which prevent future unwanted behavior while still allowing usage that aligns to your organization's security policy. You can view a CASB finding, like the use of an unapproved application, then immediately prevent or control access with Gateway.
+CASB detects security issues that already exist in your SaaS environment. To prevent the same issues from recurring, you can create a [Gateway HTTP policy](/cloudflare-one/traffic-policies/http-policies/) directly from a CASB finding. For example, you can block users from sharing files publicly or accessing unsanctioned applications.
 
 CASB supports creating a Gateway policy for findings from the [Google Workspace integration](/cloudflare-one/integrations/cloud-and-saas/google-workspace/):
 

src/content/docs/cloudflare-one/cloud-and-saas-findings/troubleshoot-casb.mdx

@@ -4,7 +4,7 @@ pcx_content_type: troubleshooting
 sidebar:
   order: 4
 tags:
-- Debugging
+  - Debugging
 ---
 
 Use this guide to troubleshoot common issues with Cloud Access Security Broker (CASB).
@@ -45,11 +45,10 @@ CASB integrations do not provide real-time updates. Scans are performed periodic
 
 To trigger a new scan:
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Cloud & SaaS integrations**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Integrations**.
 2. Find your integration and select **Configure**.
-3. Go to **CASB**.
-4. Turn off **Findings scanning**.
-5. After a few minutes, turn on **Findings scanning** again.
+3. Turn off **Scan for findings**.
+4. After a few minutes, turn on **Scan for findings** again.
 
 This action will queue a fresh scan of your integration. Allow several hours for your findings to reflect the new results.
 
@@ -91,8 +90,8 @@ Carefully examine the evidence provided in the finding. An object's status in th
 
 ### Report the issue
 
-If you confirm the finding is a false positive, report the behavior to Cloudflare Support. Provide the finding ID and as much detail as possible. This helps the Support team refine the detection logic for all customers.
+If you confirm the finding is a false positive, report the behavior to Cloudflare Support. Provide the finding ID (visible in the finding's detail view) and as much detail as possible. This helps the Support team refine the detection logic for all customers.
 
-### Ignore or hide the finding
+### Hide the finding
 
-While Cloudflare investigates the issue, you can use **Move to ignore** on the finding or **Move to hidden** on an individual instance to remove it from your active list and reduce noise.
+While Cloudflare investigates the issue, you can [ignore the finding or hide individual instances](/cloudflare-one/cloud-and-saas-findings/manage-findings/#hide-findings) to remove it from your active list and reduce noise.

src/content/docs/cloudflare-one/integrations/cloud-and-saas/troubleshooting/casb.mdx

@@ -48,11 +48,10 @@ CASB integrations do not provide real-time updates. Scans are performed periodic
 
 To trigger a new scan:
 
-1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Cloud & SaaS integrations**.
+1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Integrations**.
 2. Find your integration and select **Configure**.
-3. Go to **CASB**.
-4. Turn off **Findings scanning**.
-5. After a few minutes, turn on **Findings scanning** again.
+3. Turn off **Scan for findings**.
+4. After a few minutes, turn on **Scan for findings** again.
 
 This action will queue a fresh scan of your integration. Allow several hours for your findings to reflect the new results.
 
@@ -96,6 +95,6 @@ Carefully examine the evidence provided in the finding. An object's status in th
 
 If you confirm the finding is a false positive, report the behavior to Cloudflare Support. Provide the finding ID and as much detail as possible. This helps the Support team refine the detection logic for all customers.
 
-### Ignore or hide the finding
+### Hide the finding
 
-While Cloudflare investigates the issue, you can use **Move to ignore** on the finding or **Move to hidden** on an individual instance to remove it from your active list and reduce noise.
+While Cloudflare investigates the issue, you can [ignore the finding or hide individual instances](/cloudflare-one/cloud-and-saas-findings/manage-findings/#hide-findings) to remove it from your active list and reduce noise.