diff --git a/docs/management/admin/response-actions-config.asciidoc b/docs/management/admin/response-actions-config.asciidoc
index 3f4f9295f3..6508250c48 100644
--- a/docs/management/admin/response-actions-config.asciidoc
+++ b/docs/management/admin/response-actions-config.asciidoc
@@ -6,8 +6,6 @@
 :frontmatter-tags-content-type: [how-to]
 :frontmatter-tags-user-goals: [manage]
 
-preview::[]
-
 You can direct third-party endpoint protection systems to perform response actions on enrolled hosts, such as isolating a suspicious endpoint from your network, without leaving the {elastic-sec} UI. This page explains the configuration steps needed to enable response actions for these third-party systems:
 
 * CrowdStrike
diff --git a/docs/management/admin/third-party-actions.asciidoc b/docs/management/admin/third-party-actions.asciidoc
index c2367a16f3..ac2b549f4b 100644
--- a/docs/management/admin/third-party-actions.asciidoc
+++ b/docs/management/admin/third-party-actions.asciidoc
@@ -6,8 +6,6 @@
 :frontmatter-tags-content-type: [reference]
 :frontmatter-tags-user-goals: [manage]
 
-preview::[]
-
 You can perform response actions on hosts enrolled in other third-party endpoint protection systems, such as CrowdStrike or SentinelOne. For example, you can direct the other system to isolate a suspicious endpoint from your network, without leaving the {elastic-sec} UI.
 
 .Requirements
diff --git a/docs/serverless/endpoint-response-actions/response-actions-config.asciidoc b/docs/serverless/endpoint-response-actions/response-actions-config.asciidoc
index 8d870d646d..77989686ad 100644
--- a/docs/serverless/endpoint-response-actions/response-actions-config.asciidoc
+++ b/docs/serverless/endpoint-response-actions/response-actions-config.asciidoc
@@ -5,8 +5,6 @@
 // :keywords: serverless, security, how-to, configure
 
 
-preview::[]
-
 You can direct third-party endpoint protection systems to perform response actions on enrolled hosts, such as isolating a suspicious endpoint from your network, without leaving the {elastic-sec} UI. This page explains the configuration steps needed to enable response actions for these third-party systems:
 
 * CrowdStrike
diff --git a/docs/serverless/endpoint-response-actions/third-party-actions.asciidoc b/docs/serverless/endpoint-response-actions/third-party-actions.asciidoc
index 9963946888..bff6bd0e2b 100644
--- a/docs/serverless/endpoint-response-actions/third-party-actions.asciidoc
+++ b/docs/serverless/endpoint-response-actions/third-party-actions.asciidoc
@@ -5,8 +5,6 @@
 // :keywords: serverless, security, defend, reference, manage
 
 
-preview::[]
-
 You can perform response actions on hosts enrolled in other third-party endpoint protection systems, such as CrowdStrike or SentinelOne. For example, you can direct the other system to isolate a suspicious endpoint from your network, without leaving the {elastic-sec} UI.
 
 .Requirements