diff --git a/docs/experimental-features/experimental-features-intro.asciidoc b/docs/experimental-features/experimental-features-intro.asciidoc
index 047ebbb97c..c4ea7c97ed 100644
--- a/docs/experimental-features/experimental-features-intro.asciidoc
+++ b/docs/experimental-features/experimental-features-intro.asciidoc
@@ -1,8 +1,9 @@
 [[sec-experimental-intro]]
 = Technical preview
 
-The following features in this section are experimental and may be changed or removed completely in a future release. Elastic will make a best effort to fix any issues, but experimental features are not subject to the support of official GA features.
+The features in this section are experimental and may be changed or removed completely in future releases. Elastic will make a best effort to fix any issues, but experimental features are not supported to the same level as generally available (GA) features.
 
 
 include::host-risk-score.asciidoc[]
 include::beaconing-detection.asciidoc[]
+include::security-posture-management.asciidoc[]
diff --git a/docs/experimental-features/images/kspm-1.png b/docs/experimental-features/images/kspm-1.png
new file mode 100644
index 0000000000..c00479230b
Binary files /dev/null and b/docs/experimental-features/images/kspm-1.png differ
diff --git a/docs/experimental-features/images/kspm-2.png b/docs/experimental-features/images/kspm-2.png
new file mode 100644
index 0000000000..161bca094d
Binary files /dev/null and b/docs/experimental-features/images/kspm-2.png differ
diff --git a/docs/experimental-features/security-posture-management.asciidoc b/docs/experimental-features/security-posture-management.asciidoc
new file mode 100644
index 0000000000..16afd7c200
--- /dev/null
+++ b/docs/experimental-features/security-posture-management.asciidoc
@@ -0,0 +1,43 @@
+[[security-posture-management]]
+== Cloud security posture management
+
+NOTE: This feature requires {stack} version 8.3.0 or later.
+
+Cloud security posture management (CSPM) and Kubernetes security posture management (KSPM) continuously monitor and compare your cloud and Kubernetes infrastructure against security best practices to help you identify and remediate misconfigurations.
+
+The steps to enable this feature differ between {ecloud} and self-hosted deployments.
+
+[[enable-kspm-on-cloud]]
+[discrete]
+=== Enable KSPM for cloud deployments
+
+1. First, enable the KSPM flag for your deployment:
+
+  a. From {kib}, open the main menu and click  **Manage this deployment**.
++
+image::images/kspm-1.png[The Manage deployment button]
+
+  b. Under **My deployment**, select **{kib}**.
+  c. Under **Instances**, click the three-dot menu next to your instance, then click **Edit configuration**.
+  d. Click **Edit user settings** in the upper-right of the page.
+  e. Add `xpack.cloudSecurityPosture.enabled: true` to the user settings.
+  f. Click **Back**, then save your {kib} user settings.
++
+NOTE: It may take up to two minutes for the changes to take effect.
++
+2. Return to {kib}. From the main menu, go to **Security** -> **Cloud Security**.
++
+image::images/kspm-2.png[The Cloud Security button on the main menu, width=160]
++
+3. Follow the prompts to set up data ingestion.
+
+[[enable-kspm-on-selfhosted]]
+[discrete]
+=== Enable KSPM for self-hosted deployments
+1. Edit the `kibana.yml` file (typically found at `/config/kibana.yml`) to include `xpack.cloudSecurityPosture.enabled: true`.
+
+2. Return to {kib}. From the main menu, go to **Security** -> **Cloud Security**.
++
+image::images/kspm-2.png[The Cloud Security button on the main menu, width=160]
+
+3. Follow the prompts to set up data ingestion.