1 files changed, 2 insertions, 2 deletions

diff --git a/doc/user/application_security/dast/checks/16.7.md b/doc/user/application_security/dast/checks/16.7.md
index edaace407ae..d407234d2c2 100644
--- a/doc/user/application_security/dast/checks/16.7.md
+++ b/doc/user/application_security/dast/checks/16.7.md
@@ -22,8 +22,8 @@ Only three directives are applicable for the `Strict-Transport-Security` header.
 1. `includeSubDomains`: This optional, valueless directive signals that the policy applies to this host as well as any subdomains found under this host's domain.
 1. `preload`: While not part of the specification, setting this optional value allows major browser organizations to add this site into the browser's preloaded set of HTTPS sites. This requires further action on behalf of the website operator to submit their domain to the browser's HSTS preload list. See [hstspreload.org](https://hstspreload.org/) for more information.
 
-Invalid directives, or the `Strict-Transport-Security` header appearing more than once (if the
-values are different) is considered invalid.
+Note that invalid directives, or the `Strict-Transport-Security` header appearing more than once (if the values are
+different) is considered invalid.
 
 Prior to adding to this security configuration to your website, it is recommended you review the hstspreload.org [Deployment Recommendations](https://hstspreload.org/#deployment-recommendations).