diff --git a/salt/soc/files/soc/changes.json b/salt/soc/files/soc/changes.json
index 715b84566..517816fcd 100644
--- a/salt/soc/files/soc/changes.json
+++ b/salt/soc/files/soc/changes.json
@@ -17,8 +17,9 @@
     { "summary": "Improved Elastic ingest parsers including Windows event logs and Sysmon logs shipped with WinLogbeat and Osquery (ECS)." },
     { "summary": "Elastic nodes are now HOT by default, making it easier to add a warm node later." },
     { "summary": "<i>so-allow</i> now runs at the end of an install so users can enable access right away." },
-    { "summary": "Alert severities across Wazuh, Suricata and Playbook (Sigma) have been standardized and copied to <i>event.severity</i>:<ol><li>Low</li><li>Medium</li><li>High</li><li>Critical</li></ol>" },
-    { "summary": "Initial implementation of alerting queues:<ul><li>Low & Medium alerts are accessible through Kibana & Hunt.</li><li>High & Critical alerts are accessible through Kibana, Hunt and TheHive for immediate analysis.</li><li>ATT&CK Navigator is now a statically-hosted site in the nginx container.</li></ul>" },
+    { "summary": "Alert severities across Wazuh, Suricata and Playbook (Sigma) have been standardized and copied to <i>event.severity</i>:<ul><li>1 = Low</li><li>2 = Medium</li><li>3 = High</li><li>4 = Critical</li></ul>" },
+    { "summary": "Initial implementation of alerting queues:<ul><li>Low & Medium alerts are accessible through Kibana & Hunt.</li><li>High & Critical alerts are accessible through Kibana, Hunt and TheHive for immediate analysis.</li></ul>" },
+    { "summary": "ATT&CK Navigator is now a statically-hosted site in the nginx container." },
     { "summary": "Playbook updates:<ul><li>All Sigma rules in the community repo (500+) are now imported and kept up to date.</li><li>Initial implementation of automated testing when a Play's detection logic has been edited (i.e., Unit Testing).</li><li>Updated UI Theme.</li><li>Once authenticated through SOC, users can now access Playbook with analyst permissions without login.</li></ul>" },
     { "summary": "Kolide Launcher has been updated to include the ability to pass arbitrary flags. This new functionality was sponsored by SOS." },
     { "summary": "Fixed issue with Wazuh authd registration service port not being correctly exposed." },