diff --git a/salt/elastic-fleet-package-registry/soc_elastic-fleet-package-registry.yaml b/salt/elastic-fleet-package-registry/soc_elastic-fleet-package-registry.yaml
index 84303fd30..3d8a2112b 100644
--- a/salt/elastic-fleet-package-registry/soc_elastic-fleet-package-registry.yaml
+++ b/salt/elastic-fleet-package-registry/soc_elastic-fleet-package-registry.yaml
@@ -1,4 +1,4 @@
 elastic_fleet_package_registry:
   enabled:
-    description: Enables or disables the Fleet package registry process. This process must remain enabled for proper HIDS functionality.
+    description: Enables or disables the Fleet package registry process. This process must remain enabled to allow Elastic Agent packages to be updated.
     advanced: True
diff --git a/salt/elasticfleet/soc_elasticfleet.yaml b/salt/elasticfleet/soc_elasticfleet.yaml
index 1c25e9d04..26efce941 100644
--- a/salt/elasticfleet/soc_elasticfleet.yaml
+++ b/salt/elasticfleet/soc_elasticfleet.yaml
@@ -1,6 +1,6 @@
 elasticfleet:
   enabled:
-    description: Enables or disables the Elastic Fleet process. This process is critical for ensuring HIDS events are made available in SOC.
+    description: Enables or disables the Elastic Fleet process. This process is critical for managing Elastic Agents.
     advanced: True
     helpLink: elastic-fleet.html
   enable_manager_output:
diff --git a/salt/idstools/soc_idstools.yaml b/salt/idstools/soc_idstools.yaml
index a27a0e683..4f7a53e91 100644
--- a/salt/idstools/soc_idstools.yaml
+++ b/salt/idstools/soc_idstools.yaml
@@ -1,6 +1,6 @@
 idstools:
   enabled:
-    description: Enables or disables the IDS tools process, which is used by the Detection system.
+    description: Enables or disables the IDStools process which is used by the Detection system.
   config:
     oinkcode:
       description: Enter your registration code or oinkcode for paid NIDS rulesets.
diff --git a/salt/suricata/soc_suricata.yaml b/salt/suricata/soc_suricata.yaml
index 35a9f6ce5..8b5ce7b11 100644
--- a/salt/suricata/soc_suricata.yaml
+++ b/salt/suricata/soc_suricata.yaml
@@ -1,6 +1,6 @@
 suricata:
   enabled: 
-    description: Enables or disables the Suricata process. This process is used for triggering alerts and optionally for packet meta-data collection and network packet recording.
+    description: Enables or disables the Suricata process. This process is used for triggering alerts and optionally for protocol metadata collection and full packet capture.
     helpLink: suricata.html
   thresholding:
     sids__yaml:
diff --git a/salt/zeek/soc_zeek.yaml b/salt/zeek/soc_zeek.yaml
index 47205bd69..f5f718114 100644
--- a/salt/zeek/soc_zeek.yaml
+++ b/salt/zeek/soc_zeek.yaml
@@ -1,6 +1,6 @@
 zeek:
   enabled:
-    description: Controls whether the Zeek (network packet inspection) process runs. Disabling this process could result in missed alerts and other important NIDS-related information. If Suricata was selected as the packet meta-data engine during setup then this will already be disabled.
+    description: Controls whether the Zeek (network packet inspection) process runs. Disabling this process could result in loss of network protocol metadata. If Suricata was selected as the protocol metadata engine during setup then this will already be disabled.
     helpLink: zeek.html
   config:
     local: