From 7de6fb18f9a284b8f70191effd442a48c232603b Mon Sep 17 00:00:00 2001
From: Adin Scannell <ascannell@google.com>
Date: Wed, 29 Apr 2020 11:45:04 -0700
Subject: Clean-up documentation.

---
 website/index.md | 34 ++++++++++++++--------------------
 1 file changed, 14 insertions(+), 20 deletions(-)

diff --git a/website/index.md b/website/index.md
index 31587fc2f..d72f746c9 100644
--- a/website/index.md
+++ b/website/index.md
@@ -8,7 +8,7 @@ layout: base
       <div class="col-md-6">
         <p>gVisor is an <b>application kernel</b> and <b>container runtime</b> providing defense-in-depth for containers <em>anywhere</em>.</p>
         <p style="margin-top: 20px;">
-          <a class="btn" href="/docs/">Get Started&nbsp;<i class="fas fa-arrow-alt-circle-right ml-2"></i></a>
+          <a class="btn" href="/docs/">Learn More&nbsp;<i class="fas fa-arrow-alt-circle-right ml-2"></i></a>
           <a class="btn btn-inverse" href="https://github.com/google/gvisor">GitHub&nbsp;<i class="fab fa-github ml-2"></i></a>
         </p>
       </div>
@@ -22,36 +22,30 @@ layout: base
 <div class="row">
   <div class="col-md-4">
     <h4 id="seamless-security">Container-native Security <i class="fas fa-lock"></i></h4>
-    <p>By providing each container with its own application kernel instance,
-    gVisor limits the attack surface of the host while still integrating
-    seamlessly with popular container orchestration systems, such as Docker and
-    Kubernetes. This includes support for advanced features, such as a volumes,
-    terminals and sidecars, and still providing visibility into the application
-    behavior through cgroups and other monitoring mechanisms.
-    </p>
+    <p>By providing each container with its own userspace kernel, gVisor limits
+    the attack surface of the host. This protection does not limit
+    functionality: gVisor runs unmodified binaries and integrates with container
+    orchestration systems, such as Docker and Kubernetes, and supports features
+    such as volumes and sidecars.</p>
     <a class="button" href="/docs/architecture_guide/security/">Read More &raquo;</a>
   </div>
 
   <div class="col-md-4">
     <h4 id="resource-efficiency">Resource Efficiency <i class="fas fa-feather-alt"></i></h4>
     <p>Containers are efficient because workloads of different shapes and sizes
-    can be packed together by sharing host resources. By using host native
-    abstractions such as threads and memory mappings, gVisor closely co-operates
-    with the host to enable the same resource model as native containers.
-    Sandboxed containers can safely and securely share host resources with each
-    other and native containers on the same system.
-    </p>
+    can be packed together by sharing host resources. gVisor uses host-native
+    abstractions, such as threads and memory mappings, to co-operate with the
+    host and enable the same resource model as native containers.</p>
     <a class="button" href="/docs/architecture_guide/resources/">Read More &raquo;</a>
   </div>
 
   <div class="col-md-4">
     <h4 id="platform-portability">Platform Portability <sup>&#9729;</sup>&#9729;</h4>
-    <p>Modern infrastructure spans multiple clouds and data centers, often using
-    a mix of virtualized instances and traditional servers. The pluggable
-    platform architecture of gVisor allows it to run anywhere, enabling security
-    policies to be enforced consistently across multiple environments.
-    Sandboxing requirements need not dictate where workloads can run.
-    </p>
+    <p>Modern infrastructure spans multiple cloud services and data centers,
+    often with a mix of managed services and virtualized or traditional servers.
+    The pluggable platform architecture of gVisor allows it to run anywhere,
+    enabling consistent security policies across multiple environments without
+    having to rearchitect your infrastructure.</p>
     <a class="button" href="/docs/architecture_guide/platforms/">Read More &raquo;</a>
   </div>
 </div>
-- 
cgit v1.2.3