diff --git a/core/mondoo-linux-security.mql.yaml b/core/mondoo-linux-security.mql.yaml
index c0aa713c..1ac688ed 100644
--- a/core/mondoo-linux-security.mql.yaml
+++ b/core/mondoo-linux-security.mql.yaml
@@ -236,7 +236,7 @@ queries:
     docs:
       desc: Periodic checking of the filesystem integrity is needed to detect changes to the filesystem.
       remediation: |-
-        _If cron will be used to schedule and run aide check_
+        ### To run aide using cron
 
         Run this command:
 
@@ -250,7 +250,7 @@ queries:
         0 5 * * * /usr/sbin/aide --check
         ```
 
-        _OR if aidecheck.service and aidecheck.timer will be used to schedule and run aide check:_
+        ### To run aide using a systemd timer
 
         Create or edit the file `/etc/systemd/system/aidecheck.service` and add the following lines:
 
@@ -1363,13 +1363,13 @@ queries:
         -w /var/log/tallylog -p wa -k logins
         ```
 
-        ### Add the following additional line for Debian/Ubuntu based systems:
+        Add the following additional line for Debian/Ubuntu based systems:
 
         ```
         -w /var/log/faillog -p wa -k logins
         ```
 
-        ### Add the following additional line for Red Hat/Fedora/Amazon Linux based systems:
+        Add the following additional line for Red Hat/Fedora/Amazon Linux based systems:
 
         ```
         -w /var/run/faillock -p wa -k logins