diff --git a/src/content/docs/waf/managed-rules/reference/exposed-credentials-check.mdx b/src/content/docs/waf/managed-rules/reference/exposed-credentials-check.mdx
index f3967c48b20a54..84dd8f58c4794e 100644
--- a/src/content/docs/waf/managed-rules/reference/exposed-credentials-check.mdx
+++ b/src/content/docs/waf/managed-rules/reference/exposed-credentials-check.mdx
@@ -26,7 +26,7 @@ Additionally, this managed ruleset also includes generic rules for other common
 - Check credentials sent as JSON with `email` and `password` keys
 - Check credentials sent as JSON with `username` and `password` keys
 
-The default action for the rules in managed ruleset is _Exposed-Credential-Check Header_ (named `rewrite` in the API).
+The default action for the rules in managed ruleset is _Exposed-Credential-Check Header_ (named `rewrite` in the API and the Security Events).
 
 The managed ruleset also contains a rule that blocks HTTP requests already containing the `Exposed-Credential-Check` HTTP header used by the _Exposed-Credential-Check Header_ action. These requests could be used to trick the origin into believing that a request contained (or did not contain) exposed credentials.