diff --git a/docs/siem/images/ml-ui.png b/docs/siem/images/ml-ui.png
new file mode 100644
index 00000000000000..168ff6363186af
Binary files /dev/null and b/docs/siem/images/ml-ui.png differ
diff --git a/docs/siem/index.asciidoc b/docs/siem/index.asciidoc
index 2eb9441b3f5889..c947e000c81384 100644
--- a/docs/siem/index.asciidoc
+++ b/docs/siem/index.asciidoc
@@ -50,3 +50,4 @@ SIEM can ingest and normalize events from ECS-compatible data sources.
 
 
 include::siem-ui.asciidoc[]
+include::machine-learning.asciidoc[]
diff --git a/docs/siem/machine-learning.asciidoc b/docs/siem/machine-learning.asciidoc
new file mode 100644
index 00000000000000..dd1016d8550ef2
--- /dev/null
+++ b/docs/siem/machine-learning.asciidoc
@@ -0,0 +1,16 @@
+[role="xpack"]
+[[machine-learning]]
+== Anomaly Detection with Machine Learning
+
+For *https://www.elastic.co/cloud/elasticsearch-service/signup[Free Trial]*
+and *https://www.elastic.co/subscriptions[Platinum License]* deployments,
+Machine Learning functionality is available throughout the SIEM app. You can
+view the details of detected anomalies within the `Anomalies` table widget
+shown on the Hosts, Network and associated Details pages, or even narrow to
+the specific daterange of an anomaly from the `Max Anomaly Score` details in
+the overview of the Host and IP Details pages. Each of these interfaces also
+offer the ability to drag and drop details of the anomaly to Timeline, such
+as the `Entity` itself, or any of the associated `Influencers`.
+
+[role="screenshot"]
+image::siem/images/ml-ui.png[Machine Learning - Max Anomaly Score]