diff --git a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-rules-in-windows-10-enterprise-e3.md b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-rules-in-windows-10-enterprise-e3.md
index 0eeee01dff..c9f391d415 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-rules-in-windows-10-enterprise-e3.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction-rules-in-windows-10-enterprise-e3.md
@@ -25,10 +25,10 @@ ms.custom: asr
 
 Attack surface reduction rules help prevent actions and apps that are typically used by exploit-seeking malware to infect machines. This feature area includes the rules, monitoring, reporting, and analytics necessary for deployment that are included in [Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md), and require the Windows 10 Enterprise E5 license. 
 
-A limited subset of basic attack surface reduction rules can technically be used with Windows 10 Enterprise E3. They can be used without the benefits of reporting, monitoring, and analytics, which provide the ease of deployment and management capabilities necessary for enterprises. 
-
 Attack surface reduction rules are supported on Windows Server 2019 as well as Windows 10 clients.
 
+To get the best protection, Windows Enterprise E5 enrollment is recommended. However, a limited subset of basic attack surface reduction rules can be used with Windows 10 Enterprise E3 (without the benefits of reporting, monitoring, and analytics). The following table lists attack surface reduction rules available in Windows E3 and Windows E5.
+
 |Rule |Windows E3 |Windows E5 |
 |--|--|--|
 [Block executable content from email client and webmail](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction#block-executable-content-from-email-client-and-webmail) |Yes |Yes |