Apply suggestions from code review

Co-authored-by: André Meira <[email protected]>

Author: claudiacodacy

docs/codacy-api/examples/triggering-dast-scans.md

@@ -14,9 +14,9 @@ Thanks to the new app scanning capabilities available on the Security and risk m
 
 ## Creating targets
 
-Before the automation process itself, you need to create a target. Targets are individual configurations that define what Codacy will scan, including the target URL, its type (API or web application), and other fields like OpenAPI specification and optional authentication details for API targets.
+Before the automation process itself, you need to create a target. Targets are individual configurations that define what Codacy will scan, including the target URL, its type (API or web application), and other type-dependent fields like OpenAPI specification and optional authentication details for API targets.
 
-Targets only need to be created once. Note that **target URLs are immutable** — if you need to change the URL, definition, or authentication, you'll need to delete the target and create a new one.
+Targets only need to be created once. Note that **targets are immutable** — if you need to change the URL, definition, or authentication, you'll need to delete the target and create a new one.
 
 To create a target, use the following API request:
 
@@ -42,7 +42,7 @@ Replace the placeholders with your own values:
 | **API_KEY** | true | [Account API token](../api-tokens.md#account-api-tokens) used to authenticate on the Codacy API |
 | **GIT_PROVIDER** | true | Git provider hosting of the organization, using one of the values in the table below. <br/>**Options:** `gh` (GitHub Cloud), `ghe`(GitHub Enterprise), `gl` (Gitlab Cloud), `gle` (Gitlab Enterprise), `bb` (Bitbucket Cloud), `bbe` (Bitbucket Server) | 
 | **ORGANIZATION** | true | Name of the organization on the Git provider. You must have admin permissions over the organization on the Git provider.<br/>For example, `codacy` |
-| **TARGET_URL** | true | URL of the Web app or API that will be scanned. <br/>Must start with `http://` or `https://`|
+| **TARGET_URL** | true | URL of the Web app or API that will be scanned. <br/>Must start with `http://` or `https://`<br/>For example, `https://api.codacy.com/v1`|
 | **TARGET_TYPE** | false | Type of target to be scanned <br/> **Options:** `webapp` (default), `openapi` or `graphql`|
 | **API_DEFINITION_URL** | false * | The URL to a publicly accessible OpenAPI specification.<br/>*** Required for OpenAPI targets**|
 | **HEADER_NAME** | false | Name of the authentication header. <br/>For example, `Authentication`|
@@ -51,7 +51,7 @@ Replace the placeholders with your own values:
 Once you create the target you'll get the target `id` as a response. You will use it to trigger DAST scans in the next section.
 
 !!! important
-    Currently we only support one authentication header. If you need more, please let us know via support.
+    Currently we only support one authentication header. If you need more, please let us know via support or your account representative.
 
 ## Trigger DAST analysis scans
 

docs/organizations/managing-security-and-risk.md

@@ -568,7 +568,7 @@ To access the App scanning page, go to the [Overview page](#dashboard) and click
 
 ![Security and risk management app scanning page](images/security-risk-management-app-scanning.png)
 
-App scanning analyzes applications in runtime environments to help identify vulnerabilities such as misconfigurations, insecure authentication, or other security issues that occur in real-world usage. Because it doesn't rely on access to source code, it’s language-agnostic and useful for validating security across your entire stack. 
+App scanning analyzes applications in production or production-like environments to help identify vulnerabilities such as misconfigurations, insecure authentication, or other security issues that occur in real-world usage. Because it doesn't rely on access to source code, it’s language-agnostic and useful for validating security across your entire stack. 
 
 Codacy supports two types of scanning:
 
@@ -589,7 +589,7 @@ Codacy supports two types of scanning:
 
 ## Creating an App Scanning target
 
-When creating a scan target, you'll be able to choose between a Web App or an API. Codacy supports scanning for:
+When creating a scan target, you'll be able to choose between a Web App or an API. Configuring a Web App will only require a target URL, while APIs will have other requirements:
 
 - **REST APIs**, which require a publicly accessible OpenAPI specification URL.
 - **GraphQL APIs**, where the schema is inferred from the default path `{targetUrl}/graphql`.
@@ -600,7 +600,7 @@ API targets optionally support **header-based authentication**. As you create a
     Avoid running API scans on production enviroments as our API scanners may cause potential downtime.
 
 !!! important
-    If exposing your API specification is not feasible for your team, let us know via support or your account representative.
+    If exposing your API specification isn't feasible for your team, let us know via support or your account representative.
 
 
 ### How to scan a target