fix new-found 404 links

src/pages/explanations/compliance/csaf-vex-explained.mdx

@@ -96,7 +96,9 @@ Details vulnerabilities at component level using <Tooltip><TooltipTrigger asChil
 
 <Callout type="info" emoji="🔄">
     CSAF upstream sources integrate with DevGuard's event handling. See
-    [External Vulnerability Sync](external-vulnerability-sync) for details.
+    [External Vulnerability
+    Sync](/explanations/vulnerability-management/external-vuln-sync) for
+    details.
 </Callout>
 
 ## Use Cases
@@ -111,9 +113,9 @@ Details vulnerabilities at component level using <Tooltip><TooltipTrigger asChil
 
 ## Related Documentation
 
-- [External Vulnerability Sync](external-vulnerability-sync) - Importing/exporting vulnerability data
+- [External Vulnerability Sync](/explanations/vulnerability-management/external-vuln-sync) - Importing/exporting vulnerability data
 - [Vulnerability States](/explanations/vulnerability-management/vulnerability-lifecycle) - VEX states and justifications
-- [Why Compliance Matters](why-compliance-matters) - Business case for standards
+- [Why Compliance Matters](/explanations/compliance/why-compliance-matters) - Business case for standards
 
 ## References
 

src/pages/explanations/compliance/why-compliance-matters.mdx

@@ -131,6 +131,6 @@ Not all vulnerabilities are equally critical:
 
 ## Related Documentation
 
-- [Vulnerability Lifecycle](vulnerability-lifecycle) - Managing vulnerabilities throughout their lifecycle
-- [External Vulnerability Sync](external-vulnerability-sync) - SBOM/VEX generation and sharing
+- [Vulnerability Lifecycle](/explanations/vulnerability-management/vulnerability-lifecycle) - Managing vulnerabilities throughout their lifecycle
+- [External Vulnerability Sync](/explanations/vulnerability-management/external-vuln-sync) - SBOM/VEX generation and sharing
 - [Vulnerability Risk Assessment](/explanations/vulnerability-management/risk-assessment-methodology) - Risk-based prioritization approach

src/pages/explanations/supply-chain-security/provenance-tracking.mdx

@@ -108,7 +108,7 @@ Provenance Tracking is the bridge between the chaotic world of development (comm
 
 It converts the software supply chain from a "trust me" model to a "show me" model. By capturing the Builder, the Recipe, and the Materials for every single artifact, organizations create an immutable audit trail that serves as the foundation for security, compliance, and debugging.
 
-This concludes the [Supply Chain Security](/explanations/supply-chain-security) explanation chapter. In the following sections, we will explore the specific [Compliance](/explanations/compliance) standards that often mandate these practices.
+This concludes the **supply chain security** explanation chapter. In the following sections, we will explore the specific [compliance](/explanations/compliance/why-compliance-matters) standards that often mandate these practices.
 
 ---
 

src/pages/how-to-guides/compliance/attestation-policies.mdx

@@ -90,8 +90,8 @@ Navigate to **Organization** → **Compliance** → **Policies**
 
 - [View Compliance Dashboards](./compliance-dashboards.mdx) - Monitor all policy results
 - [Generate VEX Documents](./generate-vex-documents.mdx) - Document vulnerability assessments
-- [Understand Compliance Frameworks](../../explanations/compliance-frameworks/iso.mdx) - Learn ISO 27001 requirements
-  Generate CSAF Reports](./generate-csaf-reports.mdx) - Create compliance-focused security advisories
+- [Understand Compliance Frameworks](/explanations/compliance/iso-27001-mapping) - Learn ISO 27001 requirements
+- [Generate CSAF Reports](./generate-csaf-reports.mdx) - Create compliance-focused security advisories
 - [Generate VEX Documents](./generate-vex-documents.mdx) - Document vulnerability assessments
 - [Export SBOMs](./export-sbom.mdx) - Download component inventories for audit purposes
 - [Manage Attestations](../security/supply-chain/manage-attestations.mdx) - Ensure required attestations exist

src/pages/how-to-guides/compliance/audit-logs.mdx

@@ -10,7 +10,9 @@ import { Callout } from 'nextra/components'
 DevGuard automatically records every action taken on vulnerabilities, creating an audit trail of decisions and justifications. Access this event history on each vulnerability's detail page.
 
 <Callout type="info">
-  Event timelines provide comprehensive audit trails for compliance frameworks like ISO 27001, SOC 2, and CRA. Every vulnerability decision includes timestamps, user attribution, and justification.
+    Event timelines provide comprehensive audit trails for compliance frameworks
+    like ISO 27001, SOC 2, and CRA. Every vulnerability decision includes
+    timestamps, user attribution, and justification.
 </Callout>
 
 ## Prerequisites
@@ -21,14 +23,13 @@ Before you begin, ensure you have:
 - An asset with scanned vulnerabilities
 - Read access to vulnerability details
 
-
 ## View Event Details Across Assets
 
 For organization-wide compliance tracking, see [Compliance Dashboards](./compliance-dashboards.mdx) for vulnerability metrics and trends that reflect the cumulative impact of these vulnerability events.
 
 ### Generate PDF Reports for audits
 
-1. Navigate to **Organization** → **Overview** 
+1. Navigate to **Organization** → **Overview**
 2. Select Artifact on the left side.
 
 ![Download PDF-Report](../../../assets/downloading-pdf-report.png)
@@ -44,11 +45,9 @@ To include vulnerability event history in compliance documentation:
 
 These reports can be downloaded and provided to auditors as evidence of your vulnerability management process.
 
-
-
 ## Related Documentation
 
 - [Create Vulnerability Events](../vulnerability-management/create-vuln-events.mdx) - Add and manage events
 - [Compliance Audit Trails](../../explanations/compliance/audit-trails.mdx) - Understand audit logging concepts
 - [Generate CSAF Reports](./generate-csaf-reports.mdx) - Export event justifications
-- [Vulnerability Lifecycle](../../explanations/compliance/vulnerability-lifecycle.mdx) - Understand decision workflows
+- [Vulnerability Lifecycle](/explanations/vulnerability-management/vulnerability-lifecycle.mdx) - Understand decision workflows

src/pages/how-to-guides/integrations/github/setup-github-integration.mdx

@@ -43,7 +43,7 @@ If the integration is successful, you will see your chosen GitHub project in the
 
 Go to the `security control center` of the asset and click on `Create Personal Access Token`. Then copy the token.
 
-You can find more information about the DevGuard Personal Access Token [here](/how-to-guides/security/api-tokens).
+You can find more information about the DevGuard Personal Access Token [here](/how-to-guides/security/access-control/api-tokens).
 
 ![Create a Personal Access Token](../../../../assets/github-setup/github8.png)
 

src/pages/how-to-guides/security/access-control/manage-users.mdx

@@ -77,6 +77,6 @@ Organization Level
 - Revoking Member status at any level removes all sub-level access
 - External members (from GitHub/GitLab) have read-only access
 
-- [Create and Manage API Tokens](./api-tokens.mdx) - Generate tokens for API access
+- [Create and Manage API Tokens](/how-to-guides/security/access-control/api-tokens) - Generate tokens for API access
 - [Configure Webhooks](/how-to-guides/integrations/create-webhook) - Automate integrations
 - [Setup GitHub App](/how-to-guides/integrations/github/setup-github-integration) - GitHub integration