links fixed

docs/faq/README.mdx

@@ -87,7 +87,7 @@ to integrate with your infrastructure, e.g. for integrating with Kafka outside o
 
 Sure, in fact we recommend that you roll out IBAC gradually, to grow your and your organization's confidence in this approach.
 Change, even when positive, is not always easy to manage. Tools such as the network mapper let you bootstrap intents files to make
-adoption by teams that own specific services much easier. Read the various tutorials for [network policies](/quick-tutorials/access-control/k8s-network-policies), [Kafka](/quick-tutorials/access-control/k8s-kafka-mtls), [network mapping](/quick-tutorials/visualization/k8s-network-mapper), and [mTLS](/quick-tutorials/access-control/k8s-mtls)
+adoption by teams that own specific services much easier. Read the various tutorials for [network policies](/quick-start/access-control/k8s-network-policies), [Kafka](/quick-start/access-control/k8s-kafka-mtls), [network mapping](/quick-start/visualization/k8s-network-mapper), and [mTLS](/quick-start/access-control/k8s-mtls)
 to see how to roll out IBAC gradually for various use cases.
 
 </details>
@@ -98,7 +98,7 @@ to see how to roll out IBAC gradually for various use cases.
 
 Otterize's approach is to configure and use your existing infrastructure as much as possible, rather than replacing existing components, and help you achieve zero-trust through effective use of authentication and authorization across heterogeneous infrastructures and tech stacks. The drivers for authentication and authorization are client intents: metadata that's used to configure enforcement points.
 
-In contrast, service meshes aim to solve a whole slew of problems and tasks related to microservices, such as request routing and load balancing, circuit breaking, retries, rate limiting, blue/green deployment, service discovery, observability and metrics, as well as authentication and authorization. Otterize does not aim to do all of these things &mdash; only authentication and authorization. And even there, it does not aim to replace enforcement points for authN/authZ &mdash; it just configures them based on client intents and any overriding rules. So if a service mesh is used to enforce access, Otterize would configure it based on client intents (and any override rules) &mdash; as we do with [our support for Istio](/quick-tutorials/access-control/k8s-istio-authorization-policies).
+In contrast, service meshes aim to solve a whole slew of problems and tasks related to microservices, such as request routing and load balancing, circuit breaking, retries, rate limiting, blue/green deployment, service discovery, observability and metrics, as well as authentication and authorization. Otterize does not aim to do all of these things &mdash; only authentication and authorization. And even there, it does not aim to replace enforcement points for authN/authZ &mdash; it just configures them based on client intents and any overriding rules. So if a service mesh is used to enforce access, Otterize would configure it based on client intents (and any override rules) &mdash; as we do with [our support for Istio](/quick-start/access-control/k8s-istio-authorization-policies).
 
 Unlike Otterize, service meshes generally aim to be the a one-stop-shop for all your needs, replacing many of the technologies you currently use. For many, this actually turns out to be friction, especially if you just want to apply authorization, and don't wish to change various technologies that are already working for you.
 

docs/otterize-oss/README.mdx

@@ -24,7 +24,7 @@ This list will grow over time, as more capabilities are added, in particular sup
 
 The Otterize OSS code base and issues are managed [on GitHub](https://github.com/otterize).
 
-To get started with Otterize OSS, see the tutorials for [network policies](/quick-tutorials/access-control/k8s-network-policies), [Kafka](/quick-tutorials/access-control/k8s-kafka-mtls), [network mapping](/quick-tutorials/visualization/k8s-network-mapper), and [Istio service mesh](/quick-tutorials/access-control/k8s-istio-authorization-policies).
+To get started with Otterize OSS, see the tutorials for [network policies](/quick-start/access-control/k8s-network-policies), [Kafka](/quick-start/access-control/k8s-kafka-mtls), [network mapping](/quick-start/visualization/k8s-network-mapper), and [Istio service mesh](/quick-start/access-control/k8s-istio-authorization-policies).
 
 ## Usage metrics
 

docs/quick-start/access-control/k8s-istio-authorization-policies.mdx

@@ -279,10 +279,8 @@ Try to create an intents file yourself for **client-other**, and apply it to all
 
 ## What's next
 
-- Get started with the [Otterize network mapper for Istio](/quick-tutorials/visualization/k8s-istio-watcher) to help you bootstrap intents files with HTTP resources
+- Get started with the [Otterize network mapper for Istio](/quick-start/visualization/k8s-istio-watcher) to help you bootstrap intents files with HTTP resources
   for use in [intent-based access control (IBAC)](https://otterize.com/ibac).
-- See in advance what calls will be allowed or blocked, by running Otterize in **shadow mode** — just follow the [quick visual tutorial for IBAC with Istio authorization policies](/quick-visual-tutorials/visual-ibac-istio-authorization-policies).
-- Learn how to easily secure Kafka with IBAC, in [a hands-on tutorial](/quick-tutorials/access-control/k8s-kafka-mtls) or [a more visual tutorial](/quick-visual-tutorials/visual-ibac-kafka-k8s).
 
 ## Teardown
 

docs/quick-start/access-control/k8s-kafka-mtls-cert-manager.mdx

@@ -8,7 +8,7 @@ import TabItem from "@theme/TabItem";
 
 This tutorial will walk you through declaring and applying intents to easily secure access to Kafka running inside a Kubernetes cluster, automating the management of [Kafka ACLs](https://docs.confluent.io/platform/current/kafka/authorization.html), and the generation and deployment of certificates for mTLS between Kafka and its clients using cert-manager as the certificate provider.
 
-If you prefer to generate certificates using Otterize Cloud, try [the tutorial for Otterize Cloud](/quick-tutorials/access-control/k8s-kafka-mtls).
+If you prefer to generate certificates using Otterize Cloud, try [the tutorial for Otterize Cloud](/quick-start/access-control/k8s-kafka-mtls).
 
 In this tutorial, we will:
 
@@ -451,7 +451,6 @@ This was achieved by using the built-in Kafka ACL mechanism, which the intents o
 
 - [Learn more about credentials-operator works with cert-manager](/reference/configuration/credentials-operator#cert-manager).
 - [Enable the credentials-operator `CertificateRequest` auto-approver](/reference/configuration/credentials-operator/helm-chart#cert-manager-parameters) for production deployments of cert-manager where the default auto-approver is disabled.
-- Learn how to easily secure pod-to-pod access with IBAC using Kubernetes network policies, in [a hands-on tutorial](/quick-tutorials/access-control/k8s-network-policies) or [a more visual tutorial](/quick-visual-tutorials/visual-ibac-network-policies).
 
 ## Teardown
 

docs/quick-start/access-control/k8s-kafka-mtls.mdx

@@ -361,11 +361,6 @@ This allowed the _client_ pod its access and protected `mytopic` from any uninte
 
 </details>
 
-## What's next
-
-- Follow [a more visual tutorial](/quick-visual-tutorials/visual-ibac-kafka-k8s) for securing Kafka with IBAC in a demo ecommerce application.
-- Learn how to easily secure pod-to-pod access with IBAC using Kubernetes network policies, in [a hands-on tutorial](/quick-tutorials/access-control/k8s-network-policies) or [a more visual tutorial](/quick-visual-tutorials/visual-ibac-network-policies).
-
 ## Teardown
 
 :::caution

docs/quick-start/access-control/k8s-mtls.mdx

@@ -328,8 +328,8 @@ For more information, see [the documentation for the credentials operator](/refe
 
 ## What's next
 
-- Learn how to manage and [automatically provision mTLS](/quick-tutorials/access-control/k8s-mtls) credentials within a Kubernetes cluster.
-- Enforce [secure Kafka access](/quick-tutorials/access-control/k8s-kafka-mtls) with mTLS.
+- Learn how to manage and [automatically provision mTLS](/quick-start/access-control/k8s-mtls) credentials within a Kubernetes cluster.
+- Enforce [secure Kafka access](/quick-start/access-control/k8s-kafka-mtls) with mTLS.
 - Learn more about how the [Otterize credentials operator](/reference/configuration/credentials-operator) works.
 
 ## Teardown

docs/quick-start/access-control/k8s-network-policies.mdx

@@ -299,10 +299,8 @@ Try to create an intents file yourself for **client-other**, and apply it to all
 
 ## What's next
 
-- Get started with the [Otterize network mapper](/quick-tutorials/visualization/k8s-network-mapper) to help you bootstrap intents files
+- Get started with the [Otterize network mapper](/quick-start/visualization/k8s-network-mapper) to help you bootstrap intents files
   for use in [intent-based access control (IBAC)](https://otterize.com/ibac).
-- See in advance what calls will be allowed or blocked, by running Otterize in **shadow mode** — just follow the [quick visual tutorial for IBAC with network policies](/quick-visual-tutorials/visual-ibac-network-policies).
-- Learn how to easily secure Kafka with IBAC, in [a hands-on tutorial](/quick-tutorials/access-control/k8s-kafka-mtls) or [a more visual tutorial](/quick-visual-tutorials/visual-ibac-kafka-k8s).
 
 ## Teardown
 

docs/quick-start/visualization/k8s-istio-watcher.mdx

@@ -152,11 +152,9 @@ the intents files. We'll see more of that below.
 
 Where to go next?
 
-- You can [see a larger network map](/quick-visual-tutorials/visual-k8s-cluster-mapping), based on a demo ecommerce application.
-- Learn how to roll out [Istio authorization-policy-based access control](/quick-tutorials/access-control/k8s-istio-authorization-policies) using intents.
-- Explore a larger example visually, and [use shadow mode to roll out IBAC](/quick-visual-tutorials/visualization/visual-ibac-istio-authorization-policies).
-- If you haven't already, see the [automate network policies tutorial](/quick-tutorials/access-control/k8s-network-policies).
-- Or go to the next tutorial to [automate secure access for Kafka](/quick-tutorials/access-control/k8s-kafka-mtls).
+- Learn how to roll out [Istio authorization-policy-based access control](/quick-start/access-control/k8s-istio-authorization-policies) using intents.
+- If you haven't already, see the [automate network policies tutorial](/quick-start/access-control/k8s-network-policies).
+- Or go to the next tutorial to [automate secure access for Kafka](/quick-start/access-control/k8s-kafka-mtls).
 
 ### Teardown
 

docs/quick-start/visualization/k8s-kafka-mapping.mdx

@@ -153,9 +153,7 @@ You can consume this information in various ways:
 
 ## What's next
 
-- Try our [secure access for Kafka](/quick-tutorials/access-control/k8s-kafka-mtls) tutorial
-- Follow [a more visual tutorial](/quick-visual-tutorials/visual-ibac-kafka-k8s) for securing Kafka with IBAC in a demo ecommerce application.
-- Learn how to easily secure pod-to-pod access with IBAC using Kubernetes network policies, in [a hands-on tutorial](/quick-tutorials/access-control/k8s-network-policies) or [a more visual tutorial](/quick-visual-tutorials/visual-ibac-network-policies).
+- Try our [secure access for Kafka](/quick-start/access-control/k8s-kafka-mtls) tutorial
 
 ## Teardown
 

docs/quick-start/visualization/k8s-network-mapper.mdx

@@ -112,9 +112,8 @@ the intents files. We'll see more of that below.
 
 Where to go next?
 
-- You can [see a larger network map](/quick-visual-tutorials/visual-k8s-cluster-mapping), based on a demo ecommerce application.
-- If you haven't already, see the [automate network policies tutorial](/quick-tutorials/access-control/k8s-network-policies).
-- Or go to the next tutorial to [automate secure access for Kafka](/quick-tutorials/access-control/k8s-kafka-mtls).
+- If you haven't already, see the [automate network policies tutorial](/quick-start/access-control/k8s-network-policies).
+- Or go to the next tutorial to [automate secure access for Kafka](/quick-start/access-control/k8s-kafka-mtls).
 
 ### Teardown
 

docs/reference/cli/README.mdx

@@ -4,7 +4,7 @@ title: CLI
 ---
 
 The Otterize command line interface (CLI) offers the following capabilities:
-- [Interact with](#network-mapper) the [Otterize network mapper](/quick-tutorials/visualization/k8s-network-mapper) running in a Kubernetes cluster.
+- [Interact with](#network-mapper) the [Otterize network mapper](/quick-start/visualization/k8s-network-mapper) running in a Kubernetes cluster.
 - [Transform](#otterize-intents-convert--f-path) [intents files](/reference/intents-and-intents-files/#intents-file-formats) from plain YAML format to Kubernetes custom resource YAML format.
 - Interact with the Otterize Cloud, through its REST API.
 

docs/reference/configuration/intents-operator/README.mdx

@@ -19,7 +19,7 @@ to connect to Kafka using mTLS — the Otterize intents operator works with
 To deploy the operator, [use the Helm chart](/reference/configuration/intents-operator/helm-chart).
 
 ## Controlling access using the intents operator
-To learn how to use the intents operator to control access, consult the guides for [managing network policies using intents](/quick-tutorials/access-control/k8s-network-policies), [Kafka ACLs using intents](/quick-tutorials/access-control/k8s-kafka-mtls) and [Istio AuthorizationPolicy using intents](/quick-tutorials/access-control/k8s-istio-authorization-policies).
+To learn how to use the intents operator to control access, consult the guides for [managing network policies using intents](/quick-start/access-control/k8s-network-policies), [Kafka ACLs using intents](/quick-start/access-control/k8s-kafka-mtls) and [Istio AuthorizationPolicy using intents](/quick-start/access-control/k8s-istio-authorization-policies).
 
 ## Pod annotations
 

docs/reference/configuration/network-mapper/README.mdx

@@ -8,8 +8,8 @@ The Otterize network mapper creates a map of in-cluster traffic by (1) capturing
 You can then use the Otterize CLI to list the traffic by client, reset the traffic the mapper remembers, or export it as JSON or YAML, which serves as ClientIntents Kubernetes resources). ClientIntents can be consumed by the [Otterize intents operator](/reference/configuration/intents-operator) to apply network policies
 or Kafka ACLs to your cluster, implementing [intent-based access control](/intent-based-access-control).
 
-To get started, follow the [quick hands-on tutorial](/quick-tutorials/visualization/k8s-network-mapper)
-or the [quick, more visual tutorial](/quick-visual-tutorials/visual-k8s-cluster-mapping). Here's an example output for running the network mapper following the example:
+To get started, follow the [quick hands-on tutorial](/quick-start/visualization/k8s-network-mapper)
+
 ```shell
 cartservice in namespace otterize-ecom-demo calls:
  - redis-cart

docs/reference/configuration/network-mapper/helm-chart.mdx

@@ -7,7 +7,7 @@ To deploy the network mapper, do the following:
 {@include: ../../../_common/install-otterize-network-mapper.md}
 
 :::tip
-Checkout the network mapper [tutorial](/quick-tutorials/visualization/k8s-network-mapper) to see it in action.
+Checkout the network mapper [tutorial](/quick-start/visualization/k8s-network-mapper) to see it in action.
 :::
 
 # Parameters

docs/reference/mtls/README.mdx

@@ -7,7 +7,7 @@ import TabItem from '@theme/TabItem';
 
 Otterize can automatically provision mTLS credentials using Kubernetes pod identities
 and integrating with [SPIFFE/SPIRE](https://spiffe.io/docs/latest/spire-about/spire-concepts/).
-You can see a simple example in the tutorial: [deploy mTLS between pods](/quick-tutorials/access-control/k8s-mtls).
+You can see a simple example in the tutorial: [deploy mTLS between pods](/quick-start/access-control/k8s-mtls).
 Here we document how to generate mTLS credentials, how to consume them in a variety of languages,
 and how to verify them if needed.
 
@@ -205,5 +205,5 @@ The certificate belongs to a chain of trust rooted at the SPIRE server.
 
 ## What's next
 
-- Configure secure access between pods and Kafka running within the same Kubernetes cluster with this [guide](/quick-tutorials/access-control/k8s-kafka-mtls).
+- Configure secure access between pods and Kafka running within the same Kubernetes cluster with this [guide](/quick-start/access-control/k8s-kafka-mtls).
 - Read more about the [Otterize credentials operator](/reference/configuration/credentials-operator/)

docs/shadow-vs-active-enforcement/README.mdx

@@ -31,8 +31,7 @@ In general, of course, this will immediately block access from services that hav
 
 Whether this is a good thing or a problem depends on your situation. There are multiple ways of rolling out IBAC across the many services that may be running in some environment or Kubernetes cluster.
 - For example, you can insist that all services are protected by default from unauthorized access, with a global default-deny network policy. All clients must then declare and apply intents in order to reach their intended servers. It's a bit of a "big bang" approach, though.
-- You can also generate all the client intents files by putting load on the services in the cluster (so they make all the calls they should), and use the Otterize network mapper to build a network map and export it as client intents (see [this quick visual tutorial](/quick-visual-tutorials/visual-ibac-network-policies#protect-everything-easily)). You can then hand them over to the client developer teams to own and update as their code evolves, or manage them yourself — much more easily than managing network policies directly.
-- Or you can gradually roll out IBAC, service by service. This will often be the most appropriate when you're just starting with IBAC and want to build experience and get value with little risk of breaking anything. It's probably **the easiest way to start**, too. See the next section, on shadow mode.
+- You can also gradually roll out IBAC, service by service. This will often be the most appropriate when you're just starting with IBAC and want to build experience and get value with little risk of breaking anything. It's probably **the easiest way to start**, too. See the next section, on shadow mode.
 
 To help you manage the rollout of IBAC, consider starting with shadow enforcement.