diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/1password-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/1password-source.md
index a473647079..a725b45b8e 100644
--- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/1password-source.md
+++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/1password-source.md
@@ -118,3 +118,16 @@ To resolve these errors:
 :::info
 Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
 :::
+
+## App installation
+
+Once you understand how and where 1Password data is collected, you can visualize and analyze that data by installing the Sumo Logic app for [1Password](/docs/integrations/saas-cloud/1password/).
+
+Installing the 1Password app enables you to:
+- Centralize visibility into 1Password sign-in and item usage activity.
+- Monitor authentication success and failures to spot suspicious access.
+- Analyze events by user, app, type, and geo-location for faster investigation.
+- Detect outliers and sign-in threats indicating risky behavior.
+- Track critical security and audit changes (accounts, emails, groups, roles).
+- Highlight high-risk locations through geographic activity insights.
+- Secure shared vaults with actionable access and threat intelligence.
\ No newline at end of file
diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/cisco-meraki-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/cisco-meraki-source.md
index 66a03beb1e..83cd9ccff1 100644
--- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/cisco-meraki-source.md
+++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/cisco-meraki-source.md
@@ -149,3 +149,15 @@ Sources can be configured using UTF-8 encoded JSON files with the Collector Ma
 :::info
 Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
 :::
+
+## App installation
+
+Once you understand how and where Cisco Meraki data is collected, you can visualize and analyze that data by installing the Sumo Logic app for [Cisco Meraki](/docs/integrations/saas-cloud/cisco-meraki-c2c/).
+
+Installing the Cisco Meraki app enables you to:
+- Gain real-time visibility into network events and admin activities from Cisco Meraki.
+- Detect potential network issues and security events early for faster investigation.
+- Monitor and optimize network performance with actionable insights.
+- Enhance security posture by identifying suspicious or risky activities.
+- Respond proactively to threats and reduce operational downtime.
+- Support efficient network administration and maintain a reliable, secure infrastructure.
\ No newline at end of file
diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/crowdstrike-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/crowdstrike-source.md
index 76cab2586a..703b942791 100644
--- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/crowdstrike-source.md
+++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/crowdstrike-source.md
@@ -115,3 +115,14 @@ https://github.com/SumoLogic/sumologic-documentation/blob/main/static/files/c2c/
 :::info
 Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
 :::
+
+## App installation
+
+Once you understand how and where CrowdStrike data is collected, you can visualize and analyze that data by installing the Sumo Logic app for [CrowdStrike Falcon Endpoint Protection](/docs/integrations/security-threat-detection/crowdstrike-falcon-endpoint-protection/).
+
+Installing the CrowdStrike Falcon Endpoint Protection app enables you to:
+- Provides visibility into your endpoint security posture using data from the CrowdStrike Falcon Endpoint Protection platform.
+- Helps analyze indicators of compromise (IOCs) by affected users, tactics, techniques, and objectives.
+- Identifies hosts across your network with the highest malware detections.
+- Includes prebuilt dashboards to detect threats and security incidents.
+- Enables drill-down investigations for faster threat analysis and response.
\ No newline at end of file
diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/duo-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/duo-source.md
index e8b320f056..05bcbfc405 100644
--- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/duo-source.md
+++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/duo-source.md
@@ -108,3 +108,15 @@ https://github.com/SumoLogic/sumologic-documentation/blob/main/static/files/c2c/
 :::info
 Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
 :::
+
+## App installation
+
+Once you understand how and where Duo data is collected, you can visualize and analyze that data by installing the Sumo Logic app for [Duo Security](/docs/integrations/security-threat-detection/duo-security/).
+
+Installing the Duo Security app enables you to:
+- Gain centralized visibility into authentication, admin, and telephony logs from Duo Security.
+- Monitor successful and failed authentications to quickly spot suspicious access attempts.
+- Analyze events by application, user, authentication factor, and geo-location for faster investigations.
+- Track administrator activities to maintain security and compliance.
+- Detect outliers and potential authentication threats through built-in threat analysis.
+- Strengthen overall identity and access security posture with actionable insights.
\ No newline at end of file
diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-workspace-alertcenter.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-workspace-alertcenter.md
index 1eb95f280e..6cc19eabf8 100644
--- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-workspace-alertcenter.md
+++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/google-workspace-alertcenter.md
@@ -110,3 +110,14 @@ https://github.com/SumoLogic/sumologic-documentation/blob/main/static/files/c2c/
 :::info
 Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
 :::
+
+## App installation
+
+Once you understand how and where Google Workspace AlertCenter data is collected, you can visualize and analyze that data by installing the Sumo Logic app for [Google Workspace](/docs/integrations/google/workspace/install-app-dashboards/).
+
+Installing the Google Workspace app enables you to:
+- Monitor admin and user activities across all Google Workspace applications from one place.
+- Analyze Google Drive usage and login activity for better usage and access visibility.
+- Gain full visibility into Alert Center alerts to investigate and correlate security events.
+- Detect and monitor potential threats across Workspace apps with unified dashboards.
+- Simplify security monitoring and compliance with prebuilt, comprehensive dashboards.
\ No newline at end of file
diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-azure-ad-inventory-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-azure-ad-inventory-source.md
index baab8471bc..9922133380 100644
--- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-azure-ad-inventory-source.md
+++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-azure-ad-inventory-source.md
@@ -139,3 +139,14 @@ https://github.com/SumoLogic/sumologic-documentation/blob/main/static/files/c2c/
 :::info
 Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
 :::
+
+## App installation
+
+Once you understand how and where Microsoft Azure AD Inventory data is collected, you can visualize and analyze that data by installing the Sumo Logic app for [Microsoft Azure AD Inventory](/docs/integrations/saas-cloud/microsoft-azure-ad-inventory/).
+
+Installing the Microsoft Azure AD Inventory app enables you to:
+- Monitor user sign-in activity to detect unauthorized or risky access.
+- Track user demographics and behavior for better identity governance.
+- Gain visibility into device inventory and device management.
+- Identify non-compliant or unmanaged devices proactively.
+- Support threat detection, compliance, and continuous security oversight across your Azure AD environment.
\ No newline at end of file
diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-security-api-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-security-api-source.md
index ddf02a9166..a1b0df13d3 100644
--- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-security-api-source.md
+++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/microsoft-graph-security-api-source.md
@@ -146,3 +146,8 @@ The "**Unauthorized request - Account is not provisioned**" error occurs when Mi
 :::info
 Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
 :::
+
+## App installation
+
+The Microsoft Graph Security API source in Sumo Logic serves as a single, unified entry point for ingesting Microsoft security signals and installing multiple security apps, helping you understand each app based on their security monitoring needs.
+
diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/okta-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/okta-source.md
index bada632cc2..0c19ecb89e 100644
--- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/okta-source.md
+++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/okta-source.md
@@ -105,3 +105,15 @@ Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
 ## Limitation
 
 During a polling interval, an Okta Source will make a request for every 1,000 logs available. The Okta API uses paging and only 1,000 logs are returned at a time.
+
+## App installation
+
+Once you understand how and where Okta data is collected, you can visualize and analyze that data by installing the Sumo Logic app for [Okta](/docs/integrations/saml/okta).
+
+Installing the Okta app enables you to:
+- Monitor administrative actions performed in Okta.
+- Track failed and successful login attempts.
+- Analyze user activity across applications accessed through Okta.
+- Gain visibility into application usage and access patterns.
+- Review user events and authentication behavior.
+- Monitor Multi-Factor Authentication (MFA) activity through preconfigured dashboards.
\ No newline at end of file
diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sentinelone-mgmt-api-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sentinelone-mgmt-api-source.md
index d59fb8c761..c5e57b54bf 100644
--- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sentinelone-mgmt-api-source.md
+++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sentinelone-mgmt-api-source.md
@@ -118,3 +118,14 @@ https://github.com/SumoLogic/sumologic-documentation/blob/main/static/files/c2c/
 :::info
 Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
 :::
+
+## App installation
+
+Once you understand how and where SentinelOne Mgmt API data is collected, you can visualize and analyze that data by installing the Sumo Logic app for [SentinelOne](/docs/integrations/saas-cloud/sentinelone/).
+
+Installing the SentinelOne app enables you to:
+- Ingest SentinelOne endpoint data in real time from agents into Sumo Logic for centralized analysis.
+- Gain clear visibility into endpoint security posture, including threats, endpoint activity, and system health from SentinelOne.
+- Detect and investigate suspicious behavior faster to respond quickly to security incidents.
+- Use prebuilt, customizable dashboards to visualize threats and key security metrics at a glance.
+- Monitor and prioritize what matters most by tailoring dashboards to your organization’s security needs.
\ No newline at end of file
diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/slack-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/slack-source.md
index f387f1adcd..26505e4364 100644
--- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/slack-source.md
+++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/slack-source.md
@@ -159,3 +159,14 @@ Each page adds to the overall number of API calls needed and adds time due to th
 :::info
 Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources.
 :::
+
+## App installation
+
+Once you understand how and where Slack data is collected, you can visualize and analyze that data by installing the Sumo Logic app for [Slack](/docs/integrations/saas-cloud/slack/).
+
+Installing the Slack app enables you to:
+- Monitor Slack user, channel, and access activity across supported workspace plans.
+- Analyze public channel activity to understand collaboration trends and usage.
+- Track workspace access logs for security and auditing purposes.
+- Gain centralized visibility into Slack operations through prebuilt analytics.
+- Support security monitoring and compliance for team collaboration environments.
\ No newline at end of file