diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
index db0e0e013b..fccb4020c3 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
@@ -190,8 +190,11 @@ It is crucial for you as Security and IT Administrators to work together and ens
 To conduct an inventory of software or software versions which have reached their end of life:
 1. From the Threat & Vulnerability Management menu, navigate to **Security recommendations**.
 2. Go to the **Filters** panel and select **Software uninstall** from **Remediation Type** options if you want to see the list of software recommendations associated with software which have reached their end-of-life (tagged as **EOL software**). Select **Software update** from **Remediation Type** options if you want to see the list of software recommendations associated with software and software versions which have reached their end-of-life (tagged as **EOL versions installed**). 
-3. Select a software that you'd like to investigate. A fly-out screen opens where you can select **Open software page**
+3. Select a software that you'd like to investigate. A fly-out screen opens where you can select **Open software page**.
+![Screenshot of Security recommendation for a software that reached its end of life page](images/secrec_flyout.png) 
+
 4. In the **Software page** select the **Version distribution** tab to know which versions of the software have reached their end-of-life, and how many vulnerabilities were discovered in it.
+![Screenshot of software details for a software that reached its end of life](images/secrec_sw_details.png) 
 
 After you have identified which software and software versions are vulnerable due to its end-of-life status, remediate them to lower your organizations exposure to vulnerabilities and advanced persistent threats. See [Remediation and exception](tvm-remediation.md) for details.