Add latest changes from gitlab-org/gitlab@master

1 files changed, 4 insertions, 4 deletions

diff --git a/doc/user/clusters/agent/vulnerabilities.md b/doc/user/clusters/agent/vulnerabilities.md
index a2dc50e43d7..4c6d4a9740b 100644
--- a/doc/user/clusters/agent/vulnerabilities.md
+++ b/doc/user/clusters/agent/vulnerabilities.md
@@ -20,7 +20,7 @@ If both `agent config` and `scan execution policies` are configured, the configu
 
 ### Enable via agent configuration
 
-To enable scanning of all images within your Kubernetes cluster via the agent configuration, add a `container_scanning` configuration block to your agent
+To enable scanning of images within your Kubernetes cluster via the agent configuration, add a `container_scanning` configuration block to your agent
 configuration with a `cadence` field containing a [CRON expression](https://en.wikipedia.org/wiki/Cron) for when the scans are run.
 
 ```yaml
@@ -39,9 +39,9 @@ Other elements of the [CRON syntax](https://docs.oracle.com/cd/E12058_01/doc/doc
 NOTE:
 The CRON expression is evaluated in [UTC](https://www.timeanddate.com/worldclock/timezone/utc) using the system-time of the Kubernetes-agent pod.
 
-By default, operational container scanning attempts to scan the workloads in all
-namespaces for vulnerabilities. You can set the `vulnerability_report` block with the `namespaces`
-field which can be used to restrict which namespaces are scanned. For example,
+By default, operational container scanning does not scan any workloads for vulnerabilities. 
+You can set the `vulnerability_report` block with the `namespaces`
+field which can be used to select which namespaces are scanned. For example,
 if you would like to scan only the `default`, `kube-system` namespaces, you can use this configuration:
 
 ```yaml