diff --git a/assets/images/help/security-configurations/current-ghas-license-usage.png b/assets/images/help/security-configurations/current-ghas-license-usage.png
new file mode 100644
index 0000000000..cdcaa9f006
Binary files /dev/null and b/assets/images/help/security-configurations/current-ghas-license-usage.png differ
diff --git a/assets/images/help/security-configurations/ghas-licenses-used-or-freed.png b/assets/images/help/security-configurations/ghas-licenses-used-or-freed.png
new file mode 100644
index 0000000000..de6d3b79af
Binary files /dev/null and b/assets/images/help/security-configurations/ghas-licenses-used-or-freed.png differ
diff --git a/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md b/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md
index fbbfe8791a..16376dbba4 100644
--- a/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md
+++ b/content/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md
@@ -16,7 +16,15 @@ shortTitle: Manage GitHub Advanced Security
 
 ## About management of {% data variables.product.prodname_advanced_security %} features
 
-You can use {% data variables.product.prodname_advanced_security %} features to harden security for the organizations in your enterprise. To streamline management of {% data variables.product.prodname_advanced_security %}, you can enable or disable each feature for all existing and/or new repositories within the organizations owned by your enterprise.
+You can use {% data variables.product.prodname_advanced_security %} features to harden security for the organizations in your enterprise. {% ifversion security-configurations %}{% data reusables.security-configurations.enable-security-features-with-gh-config %}
+
+{% note %}
+
+**Note:** {% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+
+To manage individual {% data variables.product.prodname_GH_advanced_security %} features, {% else %}To streamline management of {% data variables.product.prodname_advanced_security %}, {% endif %}you can enable or disable each feature for all existing and/or new repositories within the organizations owned by your enterprise.
 
 {% ifversion secret-scanning-enterprise-level-api %}{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}{% endif %}
 
diff --git a/content/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security.md b/content/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security.md
index 7c809d7aef..e446578d35 100644
--- a/content/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security.md
+++ b/content/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security.md
@@ -23,7 +23,7 @@ shortTitle: Advanced Security billing
 
 {% ifversion fpt %}
 
-If you want to use {% data variables.product.prodname_GH_advanced_security %} features on any repository apart from a public repository on {% data variables.product.prodname_dotcom_the_website %}, you will need a {% data variables.product.prodname_GH_advanced_security %} license, available with {% data variables.product.prodname_ghe_cloud %} or {% data variables.product.prodname_ghe_server %}. {% data reusables.advanced-security.ghas-trial %}
+{% data reusables.advanced-security.ghas-license-info-for-fpt %}
 
 {% note %}
 
@@ -37,6 +37,17 @@ For information about billing for {% data variables.product.prodname_GH_advanced
 
 If you want to use {% data variables.product.prodname_GH_advanced_security %} features on any repository apart from a public repository on {% data variables.product.prodname_dotcom_the_website %}, you will need a {% data variables.product.prodname_GH_advanced_security %} license. For more information about {% data variables.product.prodname_GH_advanced_security %}, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)."
 
+{% ifversion security-configurations %}
+{% data reusables.security-configurations.managing-GHAS-licenses %}
+
+{% note %}
+
+**Note:** {% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+
+{% endif %}
+
 {% data reusables.advanced-security.ghas-trial-availability %} For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/setting-up-a-trial-of-github-advanced-security)."
 
 {% data reusables.advanced-security.ghas-trial-invoiced %}
@@ -47,6 +58,17 @@ For other billing-related questions, contact {% data variables.contact.github_su
 
 You can make extra features for code security available to users by buying and uploading a license for {% data variables.product.prodname_GH_advanced_security %}. For more information about {% data variables.product.prodname_GH_advanced_security %}, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)."
 
+{% ifversion security-configurations %}
+{% data reusables.security-configurations.managing-GHAS-licenses %}
+
+{% note %}
+
+**Note:** {% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+
+{% endif %}
+
 {% endif %}
 
 {% ifversion ghes or ghec %}
diff --git a/content/billing/managing-billing-for-github-advanced-security/managing-your-github-advanced-security-licensing.md b/content/billing/managing-billing-for-github-advanced-security/managing-your-github-advanced-security-licensing.md
index 27d08d1e16..0031132310 100644
--- a/content/billing/managing-billing-for-github-advanced-security/managing-your-github-advanced-security-licensing.md
+++ b/content/billing/managing-billing-for-github-advanced-security/managing-your-github-advanced-security-licensing.md
@@ -15,7 +15,17 @@ shortTitle: Manage Advanced Security licensing
 
 Each license for {% data variables.product.prodname_GH_advanced_security %} specifies a maximum number of accounts that can use these features. Each active committer to at least one repository with the feature enabled uses one {% ifversion ghas-billing-UI-update %}license{% else %}seat{% endif %}. A committer is considered active if one of their commits has been pushed to the repository within the last 90 days, regardless of when it was originally authored. For more information about committer numbers, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)." For information about purchasing a license, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/signing-up-for-github-advanced-security)."
 
-## Managing the number of GitHub Advanced Security committers
+## Managing the number of committers in your subscription
+
+{% ifversion security-configurations %}
+{% note %}
+
+**Note:** {% data reusables.security-configurations.managing-GHAS-licenses %}
+
+{% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+{% endif %}
 
 {% data reusables.enterprise-accounts.access-enterprise %}
 {% data reusables.enterprise-accounts.settings-tab %}
diff --git a/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md b/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md
index ce137754a0..a3c3236064 100644
--- a/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md
+++ b/content/billing/managing-billing-for-github-advanced-security/viewing-your-github-advanced-security-usage.md
@@ -40,6 +40,16 @@ You can view the enterprise account's current {% ifversion ghas-billing-UI-updat
 
    If you run out of licenses, the section will be red and show "Limit exceeded." You should either reduce your use of {% data variables.product.prodname_GH_advanced_security %} or purchase more licenses. For more information, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security#getting-the-most-out-of-github-advanced-security)" and "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/managing-your-github-advanced-security-licensing)."
 
+{% ifversion security-configurations %}
+      {% note %}
+
+      **Note:** {% data reusables.security-configurations.managing-GHAS-licenses %}
+
+      {% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+      {% endnote %}
+{% endif %}
+
 {% elsif ghes %}
 
 {% data reusables.enterprise-accounts.access-enterprise %}
@@ -66,6 +76,15 @@ You can view the enterprise account's current {% ifversion ghas-billing-UI-updat
 
   For more information, see "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)."
 
+{% ifversion security-configurations %}
+{% note %}
+
+**Note:** {% data reusables.security-configurations.managing-GHAS-licenses %}
+
+{% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+{% endif %}
 {% endif %}
 
 ## Downloading {% data variables.product.prodname_GH_advanced_security %} license usage information
diff --git a/content/code-security/adopting-github-advanced-security-at-scale/index.md b/content/code-security/adopting-github-advanced-security-at-scale/index.md
index 0860423f12..5c5978632d 100644
--- a/content/code-security/adopting-github-advanced-security-at-scale/index.md
+++ b/content/code-security/adopting-github-advanced-security-at-scale/index.md
@@ -1,6 +1,6 @@
 ---
 title: Adopting GitHub Advanced Security at scale
-shortTitle: Adopting GHAS at scale
+shortTitle: Adopt GHAS at scale
 intro: A phased approach to rolling out GitHub Advanced Security at your company using industry and GitHub best practices.
 versions:
   ghes: '*'
diff --git a/content/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md b/content/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md
index f22b78ee61..1c71a088a0 100644
--- a/content/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md
+++ b/content/code-security/adopting-github-advanced-security-at-scale/phase-3-pilot-programs.md
@@ -31,6 +31,20 @@ If you haven't already enabled GHAS for your {% data variables.product.prodname_
 
 You need to enable GHAS for each pilot project, either by enabling the GHAS features for each repository or for all repositories in any organizations taking part in the pilot. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)" or "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)"
 
+{% ifversion security-configurations %}
+
+## Piloting all {% data variables.product.prodname_GH_advanced_security %} features (beta)
+
+{% data reusables.security-configurations.enable-security-features-with-gh-config %}
+
+{% note %}
+
+**Note:** {% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+
+{% endif %}
+
 ## Piloting {% data variables.product.prodname_code_scanning %}
 
 {% ifversion ghes %}
diff --git a/content/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning.md b/content/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning.md
index d73f18d082..b846aa3655 100644
--- a/content/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning.md
+++ b/content/code-security/adopting-github-advanced-security-at-scale/phase-5-rollout-and-scale-code-scanning.md
@@ -15,6 +15,16 @@ This article is part of a series on adopting {% data variables.product.prodname_
 
 {% endnote %}
 
+{% ifversion security-configurations %}
+{% note %}
+
+**Note:** {% data reusables.security-configurations.enable-security-features-with-gh-config %}
+
+{% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+{% endif %}
+
 ## Enabling code scanning
 
 {% ifversion default-setup-ghas-enablement %}
diff --git a/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md b/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md
index b5ccc7eda0..61f45dd090 100644
--- a/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md
+++ b/content/code-security/adopting-github-advanced-security-at-scale/phase-6-rollout-and-scale-secret-scanning.md
@@ -17,6 +17,16 @@ This article is part of a series on adopting {% data variables.product.prodname_
 
 You can enable secret scanning for individual repositories or for all repositories in an organization or enterprise. For more information, see "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)", "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)", or "[AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)."
 
+{% ifversion security-configurations %}
+{% note %}
+
+**Note:** {% data reusables.security-configurations.enable-security-features-with-gh-config %}
+
+{% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+{% endif %}
+
 This article explains a high-level process focusing on enabling {% data variables.product.prodname_secret_scanning %} for all repositories in an organization. The principles described in this article can still be applied even if you take a more staggered approach of enabling {% data variables.product.prodname_secret_scanning %} for individual repositories.
 
 ## 1. Focus on newly committed secrets
diff --git a/content/code-security/getting-started/dependabot-quickstart-guide.md b/content/code-security/getting-started/dependabot-quickstart-guide.md
index e76e83eec7..b06d974862 100644
--- a/content/code-security/getting-started/dependabot-quickstart-guide.md
+++ b/content/code-security/getting-started/dependabot-quickstart-guide.md
@@ -20,11 +20,7 @@ shortTitle: Dependabot quickstart
 
 This quickstart guide walks you through setting up and enabling {% data variables.product.prodname_dependabot %}  and viewing {% data variables.product.prodname_dependabot_alerts %} and updates for a repository.
 
-{% data variables.product.prodname_dependabot %} consists of three different features that help you manage your dependencies:
-
-- {% data variables.product.prodname_dependabot_alerts %}—inform you about vulnerabilities in the dependencies that you use in your repository.
-- {% data variables.product.prodname_dependabot_security_updates %}—automatically raise pull requests to update the dependencies you use that have known security vulnerabilities.
-- {% data variables.product.prodname_dependabot_version_updates %}—automatically raise pull requests to keep your dependencies up-to-date.
+{% data reusables.dependabot.dependabot-overview %}
 
 ## Prerequisites
 
diff --git a/content/code-security/getting-started/index.md b/content/code-security/getting-started/index.md
index e47622cbf9..452a2f6624 100644
--- a/content/code-security/getting-started/index.md
+++ b/content/code-security/getting-started/index.md
@@ -14,8 +14,8 @@ topics:
 children:
   - /github-security-features
   - /dependabot-quickstart-guide
-  - /securing-your-repository
-  - /securing-your-organization
+  - /quickstart-for-securing-your-repository
+  - /quickstart-for-securing-your-organization
   - /adding-a-security-policy-to-your-repository
   - /auditing-security-alerts
   - /best-practices-for-preventing-data-leaks-in-your-organization
diff --git a/content/code-security/getting-started/securing-your-organization.md b/content/code-security/getting-started/quickstart-for-securing-your-organization.md
similarity index 93%
rename from content/code-security/getting-started/securing-your-organization.md
rename to content/code-security/getting-started/quickstart-for-securing-your-organization.md
index a070006cd0..20245a84e4 100644
--- a/content/code-security/getting-started/securing-your-organization.md
+++ b/content/code-security/getting-started/quickstart-for-securing-your-organization.md
@@ -1,7 +1,9 @@
 ---
-title: Securing your organization
+title: Quickstart for securing your organization
 intro: "You can use a number of {% data variables.product.prodname_dotcom %} features to help keep your organization secure."
 permissions: Organization owners and security managers can manage security features for an organization.
+redirect_from:
+  - /code-security/getting-started/securing-your-organization
 versions:
   fpt: "*"
   ghes: "*"
@@ -12,7 +14,7 @@ topics:
   - Dependencies
   - Vulnerabilities
   - Advanced Security
-shortTitle: Secure your organization
+shortTitle: Secure organization quickstart
 ---
 
 ## Introduction
@@ -49,7 +51,16 @@ There are some features you must configure for each repository individually. For
 
 When you have decided to enable a security feature, the next step is to decide how to roll out that feature across your organization.
 
-- If you want to roll out a feature as quickly as possible, you can enable it for all eligible repositories at once. For more information, see "[Enabling a feature for all repositories](#enabling-a-feature-for-all-repositories)."
+{% ifversion security-configurations %}
+- If you want to enable multiple security features at scale, you can use the {% data variables.product.prodname_github_security_configuration %}, a collection of security enablement settings you can apply to repositories in your organization. See "[AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale)."
+
+    {% note %}
+
+    **Note:** {% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+    {% endnote %}
+{% endif %}
+- If you want to roll out a {% ifversion security-configurations %}single {% endif %}feature as quickly as possible, you can enable it for all eligible repositories at once. For more information, see "[Enabling a feature for all repositories](#enabling-a-feature-for-all-repositories)."
 - If you want control over how quickly you roll out a feature, and which features are enabled in which repositories, you can enable a feature for a selection of repositories. For more information, see "[Enabling a feature for a selection of repositories](#enabling-a-feature-for-a-selection-of-repositories)."
 
 When you have decided how to enable a feature for your organization's existing repositories, you must also decide how to handle any new repositories that are created in your organization in the future. For more information, see "[Enabling a feature for new repositories](#enabling-a-feature-for-new-repositories)."
@@ -94,7 +105,7 @@ If you're not sure about the impact a feature will have, you may want to test th
 
 On this view, you can use checkboxes to select specific repositories, or you can use the search bar to find the repositories where you want to enable a feature. For example, you can use filters to identify repositories where a certain team has write or admin access, or exclude repositories that don't require the same level of protection, such as test repositories or repositories for internal documentation. Then you can enable features for all selected repositories at once. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."
 
-{% else %}When you have identified the repositories that require a feature, you can enable the feature for each repository individually. As an organization owner or security manager, you can configure the security settings for each repository in your organization. For more information, see "[AUTOTITLE](/code-security/getting-started/securing-your-repository)."
+{% else %}When you have identified the repositories that require a feature, you can enable the feature for each repository individually. As an organization owner or security manager, you can configure the security settings for each repository in your organization. For more information, see "[AUTOTITLE](/code-security/getting-started/quickstart-for-securing-your-repository)."
 
 {% ifversion fpt %}For organizations on {% data variables.product.prodname_ghe_cloud %}, you can use the "Security coverage" view to identify repositories that require a feature, then enable that feature for those repositories. For more information, see "[AUTOTITLE](/enterprise-cloud@latest/code-security/security-overview/enabling-security-features-for-multiple-repositories)" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}
 
diff --git a/content/code-security/getting-started/securing-your-repository.md b/content/code-security/getting-started/quickstart-for-securing-your-repository.md
similarity index 95%
rename from content/code-security/getting-started/securing-your-repository.md
rename to content/code-security/getting-started/quickstart-for-securing-your-repository.md
index b40f767adc..bcfb23a57d 100644
--- a/content/code-security/getting-started/securing-your-repository.md
+++ b/content/code-security/getting-started/quickstart-for-securing-your-repository.md
@@ -1,10 +1,11 @@
 ---
-title: Securing your repository
+title: Quickstart for securing your repository
 intro: 'You can use a number of {% data variables.product.prodname_dotcom %} features to help keep your repository secure.'
 permissions: Repository administrators and organization owners can configure repository security settings.
 redirect_from:
   - /github/administering-a-repository/about-securing-your-repository
   - /github/code-security/getting-started/about-securing-your-repository
+  - /code-security/getting-started/securing-your-repository
 versions:
   fpt: '*'
   ghes: '*'
@@ -15,7 +16,7 @@ topics:
   - Dependencies
   - Vulnerabilities
   - Advanced Security
-shortTitle: Secure your repository
+shortTitle: Secure repository quickstart
 ---
 
 ## Introduction
@@ -79,7 +80,7 @@ For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-aler
 
 Dependency review lets you visualize dependency changes in pull requests before they are merged into your repositories. For more information, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)."
 
-Dependency review is a {% data variables.product.prodname_GH_advanced_security %} feature. {% ifversion fpt or ghec %}Dependency review is already enabled for all public repositories. {% ifversion fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_advanced_security %} can additionally enable dependency review for private and internal repositories. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/getting-started/securing-your-repository#managing-dependency-review). {% endif %}{% endif %}{% ifversion ghec or ghes %}To enable dependency review for a {% ifversion ghec %}private or internal {% endif %}repository, ensure that the dependency graph is enabled and enable {% data variables.product.prodname_GH_advanced_security %}.
+Dependency review is a {% data variables.product.prodname_GH_advanced_security %} feature. {% ifversion fpt or ghec %}Dependency review is already enabled for all public repositories. {% ifversion fpt %}Organizations that use {% data variables.product.prodname_ghe_cloud %} with {% data variables.product.prodname_advanced_security %} can additionally enable dependency review for private and internal repositories. For more information, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/getting-started/quickstart-for-securing-your-repository#managing-dependency-review). {% endif %}{% endif %}{% ifversion ghec or ghes %}To enable dependency review for a {% ifversion ghec %}private or internal {% endif %}repository, ensure that the dependency graph is enabled and enable {% data variables.product.prodname_GH_advanced_security %}.
 
 1. From the main page of your repository, click **{% octicon "gear" aria-label="The Settings gear" %}Settings**.
 1. Click **Security & analysis**.
diff --git a/content/code-security/index.md b/content/code-security/index.md
index 317a7f6024..5ae6ce3e59 100644
--- a/content/code-security/index.md
+++ b/content/code-security/index.md
@@ -9,14 +9,14 @@ introLinks:
   try_ghas_for_free: '{% ifversion ghec %}/billing/managing-billing-for-github-advanced-security/setting-up-a-trial-of-github-advanced-security{% endif %}'
 featuredLinks:
   startHere:
-    - /code-security/getting-started/securing-your-repository
-    - /code-security/getting-started/securing-your-organization
+    - /code-security/getting-started/quickstart-for-securing-your-repository
+    - /code-security/getting-started/quickstart-for-securing-your-organization
     - '{% ifversion fpt or ghec %}/code-security/security-advisories/working-with-repository-security-advisories/creating-a-repository-security-advisory{% endif %}'
     - '{% ifversion code-scanning-without-workflow %}/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning{% endif %}'
     - '{% ifversion ghes < 3.9 %}/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning{% endif %}'
   guideCards:
-    - '/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates'
-    - '/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates'
+    - /code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates
+    - /code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates
     - '{% ifversion code-scanning-without-workflow %}/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning{% endif %}'
     - '{% ifversion ghes < 3.9 %}/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/configuring-advanced-setup-for-code-scanning{% endif %}'
     - /code-security/supply-chain-security/end-to-end-supply-chain/end-to-end-supply-chain-overview
@@ -45,6 +45,7 @@ topics:
 children:
   - /getting-started
   - /adopting-github-advanced-security-at-scale
+  - /securing-your-organization
   - /secret-scanning
   - /code-scanning
   - /codeql-cli
@@ -53,3 +54,4 @@ children:
   - /dependabot
   - /security-overview
 ---
+
diff --git a/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization.md b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization.md
new file mode 100644
index 0000000000..55accc07c6
--- /dev/null
+++ b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization.md
@@ -0,0 +1,53 @@
+---
+title: Applying the GitHub-recommended security configuration in your organization
+shortTitle: Apply recommended configuration
+intro: 'Secure your code with the security enablement settings created, managed, and recommended by {% data variables.product.company_short %}.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note-opt-out %}
+
+## About the {% data variables.product.prodname_github_security_configuration %}
+
+The {% data variables.product.prodname_github_security_configuration %} is a collection of enablement settings for {% data variables.product.company_short %}'s security features that is created and maintained by subject matter experts at {% data variables.product.company_short %}. The {% data variables.product.prodname_github_security_configuration %} is designed to successfully reduce the security risks for low- and high-impact repositories. We recommend you apply this configuration to all the repositories in your organization.
+
+## Applying the {% data variables.product.prodname_github_security_configuration %} to all repositories in your organization
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. In the "{% data variables.product.company_short %} recommended" row of the configurations table for your organization, select the **Apply to** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **All repositories** or **All repositories without configurations**.
+{% data reusables.security-configurations.apply-configuration-by-default %}
+
+    {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}
+
+{% data reusables.security-configurations.apply-configuration %}
+
+## Applying the {% data variables.product.prodname_github_security_configuration %} to specific repositories in your organization
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. Optionally, in the "Apply configurations" section, filter the view to find the repositories you would like to apply the {% data variables.product.prodname_github_security_configuration %} to. To learn how to filter the repository table, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table)."
+1. In the repository table, select repositories with one of three methods:
+     - Select each individual repository you would like to apply the {% data variables.product.prodname_security_configuration %} to.
+     - To select all repositories on the current page of the repository table, select **NUMBER repositories**.
+     - After selecting **NUMBER repositories**, to select all repositories in your organization that match your filter criteria, click **Select all**.
+1. Select the **Apply configuration** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **{% data variables.product.company_short %} recommended**.
+{% data reusables.security-configurations.apply-configuration-by-default %}
+
+    {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}
+
+{% data reusables.security-configurations.apply-configuration %}
+
+## Next steps
+
+After you apply the {% data variables.product.prodname_github_security_configuration %}, you can customize your organization-level security settings with {% data variables.product.prodname_global_settings %}. See "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization)."
+
+{% data reusables.security-configurations.troubleshooting-next-step %}
diff --git a/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization.md b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization.md
new file mode 100644
index 0000000000..ffe4e6181f
--- /dev/null
+++ b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization.md
@@ -0,0 +1,132 @@
+---
+title: Configuring global security settings for your organization
+shortTitle: Configure global settings
+intro: 'Customize {% data variables.product.prodname_GH_advanced_security %} features and create security managers to strengthen the security of your organization.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note-opt-out %}
+
+## About {% data variables.product.prodname_global_settings %}
+
+Alongside {% data variables.product.prodname_security_configurations %}, which determine repository-level security settings, you should also configure {% data variables.product.prodname_global_settings %} for your organization. {% data variables.product.prodname_global_settings_caps %} apply to your entire organization, and can customize {% data variables.product.prodname_GH_advanced_security %} features based on your needs. You can also create security managers on the {% data variables.product.prodname_global_settings %} page to monitor and maintain your organization's security.
+
+## Accessing the {% data variables.product.prodname_global_settings %} page for your organization
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+1. In the "Security" section of the sidebar, select the **Code security** dropdown menu, then click **{% data variables.product.prodname_global_settings_caps %}**.
+
+## Configuring global {% data variables.product.prodname_dependabot %} settings
+
+{% data reusables.dependabot.dependabot-overview %}
+
+You can customize several {% data variables.product.prodname_global_settings %} for {% data variables.product.prodname_dependabot %}:
+
+- [Creating and managing {% data variables.dependabot.auto_triage_rules %}](#creating-and-managing-dependabot-auto-triage-rules)
+- [Grouping {% data variables.product.prodname_dependabot %} security updates](#grouping-dependabot-security-updates){% ifversion fpt or ghec %}
+- [Enabling {% data variables.product.prodname_dependabot %} on {% data variables.product.company_short %}-hosted runners](#enabling-dependabot-on-github-hosted-runners){% endif %}{% ifversion fpt %}
+- [Granting {% data variables.product.prodname_dependabot %} access to private repositories](#granting-dependabot-access-to-private-repositories){% else %}
+- [Granting {% data variables.product.prodname_dependabot %} access to private and internal repositories](#granting-dependabot-access-to-private-and-internal-repositories){% endif %}
+
+### Creating and managing {% data variables.dependabot.auto_triage_rules %}
+
+You can create and manage {% data variables.dependabot.auto_triage_rules %} to instruct {% data variables.product.prodname_dependabot %} to automatically dismiss or snooze {% data variables.product.prodname_dependabot_alerts %}, and even open pull requests to attempt to resolve them. To configure {% data variables.dependabot.auto_triage_rules %}, click {% octicon "gear" aria-label="Configure {% data variables.product.prodname_dependabot %} rules" %}, then create or edit a rule:
+  - You can create a new rule by clicking **New rule**, then entering the details for your rule and clicking **Create rule**.
+  - You can edit an existing rule by clicking {% octicon "pencil" aria-label="Edit CURATED-OR-CUSTOM rule" %}, then making the desired changes and clicking **Save rule**.
+
+For more information on {% data variables.dependabot.auto_triage_rules %}, see "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/about-dependabot-auto-triage-rules)" and "[AUTOTITLE](/code-security/dependabot/dependabot-auto-triage-rules/customizing-auto-triage-rules-to-prioritize-dependabot-alerts#adding-custom-auto-triage-rules-to-your-organization)."
+
+### Grouping {% data variables.product.prodname_dependabot_security_updates %}
+
+{% data variables.product.prodname_dependabot %} can group all automatically suggested security updates into a single pull request to reduce noise. To enable grouped security updates, select **Grouped security updates**. For more information about grouped updates and customization options, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates#grouping-dependabot-security-updates-into-a-single-pull-request)."
+
+{% ifversion fpt or ghec %}
+
+### Enabling {% data variables.product.prodname_dependabot %} on {% data variables.product.company_short %}-hosted runners
+
+You can allow {% data variables.product.prodname_dependabot %} to use {% data variables.product.company_short %}-hosted runners and the {% data variables.product.prodname_dependabot %} action to perform dependency updates. To enable {% data variables.product.prodname_dependabot %} for {% data variables.product.company_short %}-hosted runners on all repositories in your organization, click **Enable all**. To automatically enable {% data variables.product.prodname_dependabot %} for {% data variables.product.company_short %}-hosted runners on new repositories in your organization, select **Automatically enable for new repositories**.
+
+{% endif %}
+
+### Granting {% data variables.product.prodname_dependabot %} access to private {% ifversion ghec or ghes %}and internal {% endif %}repositories
+
+To update private dependencies of repositories in your organization, {% data variables.product.prodname_dependabot %} needs access to those repositories. To grant {% data variables.product.prodname_dependabot %} access to the desired private {% ifversion ghec or ghes %}or internal {% endif %}repository, scroll down to the "Grant {% data variables.product.prodname_dependabot %} access to private repositories" section, then use the search bar to find and select the desired repository. Be aware that granting {% data variables.product.prodname_dependabot %} access to a repository means all users in your organization will have access to the contents of that repository through {% data variables.product.prodname_dependabot_updates %}. For more information about the supported ecosystems for private repositories, see "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates#supported-repositories-and-ecosystems)."
+
+## Configuring global {% data variables.product.prodname_code_scanning %} settings
+
+{% data reusables.code-scanning.about-code-scanning %}
+
+You can customize several {% data variables.product.prodname_global_settings %} for {% data variables.product.prodname_code_scanning %}:
+
+- [Recommending the extended query suite for default setup](#recommending-the-extended-query-suite-for-default-setup){% ifversion code-scanning-autofix %}
+- [Enabling autofix for {% data variables.product.prodname_codeql %}](#enabling-autofix-for-codeql) {% endif %}
+- [Setting a failure threshold for {% data variables.product.prodname_code_scanning %} checks in pull requests](#setting-a-failure-threshold-for-code-scanning-checks-in-pull-requests)
+
+### Recommending the extended query suite for default setup
+
+{% data variables.product.prodname_code_scanning_caps %} offers specific groups of {% data variables.product.prodname_codeql %} queries, called {% data variables.product.prodname_codeql %} query suites, to run against your code. By default, the "Default" query suite is run. {% data variables.product.company_short %} also offers the "Extended" query suite, which contains all the queries in the "Default" query suite, plus additional queries with lower precision and severity. To suggest the "Extended" query suite across your organization, select **Recommend the extended query suite for repositories enabling default setup**. For more information on built-in query suites for {% data variables.product.prodname_codeql %} default setup, see "[AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites)."
+
+{% ifversion code-scanning-autofix %}
+
+### Enabling autofix for {% data variables.product.prodname_codeql %}
+
+You can select **Autofix for {% data variables.product.prodname_codeql %}** to enable autofix for all the repositories in your organization that use {% data variables.product.prodname_codeql %} default setup or {% data variables.product.prodname_codeql %} advanced setup. Autofix is a {% data variables.product.prodname_copilot %}-powered expansion of {% data variables.product.prodname_code_scanning %} that suggests fixes for {% data variables.product.prodname_code_scanning %} alerts in pull requests. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning)."
+
+{% endif %}
+
+### Setting a failure threshold for {% data variables.product.prodname_code_scanning %} checks in pull requests
+
+You can choose the severity levels at which {% data variables.product.prodname_code_scanning %} check runs on pull requests will fail. To choose a security severity level, select the **Security: SECURITY-SEVERITY-LEVEL** dropdown menu, then click a security severity level. To choose an alert severity level, select the **OTHER: ALERT-SEVERITY-LEVEL** dropdown menu, then click an alert severity level. For more information, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-code-scanning-alerts#about-alert-severity-and-security-severity-levels)."
+
+## Configuring global {% data variables.product.prodname_secret_scanning %} settings
+
+{% data reusables.security-configurations.secret-scanning-security-configs-summary %}
+
+You can customize several {% data variables.product.prodname_global_settings %} for {% data variables.product.prodname_secret_scanning %}:
+
+{% ifversion secret-scanning-validity-check-partner-patterns %}
+- [Verifying partner pattern secrets automatically](#verifying-partner-pattern-secrets-automatically){% endif %}{% ifversion secret-scanning-non-provider-patterns %}
+- [Scanning for non-provider patterns](#scanning-for-non-provider-patterns){% endif %}
+- [Adding a resource link for blocked commits](#adding-a-resource-link-for-blocked-commits){% ifversion ghec or ghes %}
+- [Defining custom patterns](#defining-custom-patterns){% endif %}
+
+{% ifversion secret-scanning-validity-check-partner-patterns %}
+
+### Verifying partner pattern secrets automatically
+
+To reduce the rate of false positive {% data variables.product.prodname_secret_scanning %} alerts, you can automatically verify the validity of some partner pattern secrets by sending each secret to the provider. To enable this automatic verification, select **Automatically verify if a secret is valid by sending it to the relevant partner**. For information on which partners support validity checks, see "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning#checking-a-secrets-validity)."
+
+{% endif %}
+{% ifversion secret-scanning-non-provider-patterns %}
+
+### Scanning for non-provider patterns
+
+You can choose to scan for non-provider patterns, such as private keys, to detect non-provider secrets before they are leaked. To enable these scans, select **Scan for non-provider patterns**. Be aware that non-provider tokens often have a higher rate of false positives. To learn more about non-provider patterns, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-patterns#about-user-alerts)" and "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning#other-alerts-list)."
+
+   {% data reusables.secret-scanning.non-provider-patterns-beta %}
+
+{% endif %}
+
+### Adding a resource link for blocked commits
+
+To provide context for developers when {% data variables.product.prodname_secret_scanning %} blocks a commit, you can display a link with more information on why the commit was blocked. To include a link, select **Add a resource link in the CLI and the web UI when a commit is blocked**. In the text box, type the link to the desired resource, then click **Save**.
+{% ifversion ghec or ghes %}
+
+### Defining custom patterns
+
+You can define custom patterns for {% data variables.product.prodname_secret_scanning %} with regular expressions. Custom patterns can identify secrets that are not detected by the default patterns supported by {% data variables.product.prodname_secret_scanning %}. To create a custom pattern, click **New pattern**, then enter the details for your pattern and click **Save and dry run**. For more information on custom patterns, see "[AUTOTITLE](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)."
+
+{% endif %}
+
+## Creating security managers for your organization
+
+The security manager role grants members of your organization the ability to manage security settings and alerts across your organization. To grant all members of a team the security manager role, in the "Search for teams" text box, type the name of the desired team. In the dropdown menu that appears, click the team, then click **I understand, grant security manager permissions**.
+
+Security managers can view data for all repositories in your organization through security overview. To learn more about the security manager role, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)."
diff --git a/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/index.md b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/index.md
new file mode 100644
index 0000000000..feb9e34d86
--- /dev/null
+++ b/content/code-security/securing-your-organization/enabling-security-features-in-your-organization/index.md
@@ -0,0 +1,14 @@
+---
+title: Enabling security features in your organization
+shortTitle: Enable security features
+intro: 'Enable the {% data variables.product.prodname_github_security_configuration %} and customize your {% data variables.product.prodname_global_settings %} to quickly secure your organization.'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+children:
+  - /applying-the-github-recommended-security-configuration-in-your-organization
+  - /configuring-global-security-settings-for-your-organization
+---
diff --git a/content/code-security/securing-your-organization/index.md b/content/code-security/securing-your-organization/index.md
new file mode 100644
index 0000000000..e574e06cd0
--- /dev/null
+++ b/content/code-security/securing-your-organization/index.md
@@ -0,0 +1,17 @@
+---
+title: Securing your organization
+shortTitle: Secure your organization
+intro: 'Secure your organization at scale with {% data variables.product.company_short %}''s security products through {% data variables.product.prodname_security_configurations %} and {% data variables.product.prodname_global_settings %}.'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+children:
+  - /introduction-to-securing-your-organization-at-scale
+  - /enabling-security-features-in-your-organization
+  - /meeting-your-specific-security-needs-with-custom-security-configurations
+  - /managing-the-security-of-your-organization
+  - /troubleshooting-security-configurations
+---
diff --git a/content/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale.md b/content/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale.md
new file mode 100644
index 0000000000..2d05ac2a54
--- /dev/null
+++ b/content/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale.md
@@ -0,0 +1,37 @@
+---
+title: About enabling security features at scale
+shortTitle: About organization security
+intro: 'You can quickly secure your organization at scale with {% data variables.product.prodname_security_configurations %} and {% data variables.product.prodname_global_settings %}.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note-opt-out %}
+
+## About securing your organization
+
+{% data variables.product.company_short %} offers many code security products and features including {% data variables.product.prodname_GH_advanced_security %}, a suite of features designed to protect your organization from vulnerabilities in your code, insecure dependencies, leaked secrets, and more. For more information on {% data variables.product.prodname_GH_advanced_security %}, see "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)."
+
+You can easily enable and manage {% data variables.product.company_short %}'s security features throughout your organization with {% data variables.product.prodname_security_configurations %}, which control repository-level security features, and {% data variables.product.prodname_global_settings %}, which control security features at the organization level. We recommend applying {% data variables.product.prodname_security_configurations %} _and_ customizing your {% data variables.product.prodname_global_settings %} to create a system that best meets the security needs of your organization.
+
+## About {% data variables.product.prodname_security_configurations %}
+
+{% data reusables.security-configurations.define-security-configurations %} There are two types of {% data variables.product.prodname_security_configuration %}:
+
+- **The {% data variables.product.prodname_github_security_configuration %}**. This configuration is a collection of enablement settings created and managed by subject matter experts at {% data variables.product.company_short %}. The {% data variables.product.prodname_github_security_configuration %} is designed to adequately secure any repository, and can easily be applied to all repositories in your organization.
+- **{% data variables.product.prodname_custom_security_configurations_caps %}**. These are configurations you can create and edit yourself, allowing you to choose different enablement settings for groups of repositories with specific security needs.
+
+Each repository can only have one {% data variables.product.prodname_security_configuration %} applied to it. To find out how you should get started with {% data variables.product.prodname_security_configurations %}, see "[AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/choosing-a-security-configuration-for-your-repositories)."
+
+## About {% data variables.product.prodname_global_settings %}
+
+While {% data variables.product.prodname_security_configurations %} determine repository-level security settings, {% data variables.product.prodname_global_settings %} determine your organization-level security settings, which are then inherited by all repositories. With {% data variables.product.prodname_global_settings %}, you can customize how security features analyze your organization, as well as create security managers with permission to manage security alerts and settings across your organization.
+
+## Next steps
+
+To determine which {% data variables.product.prodname_security_configurations %} are right for the repositories in your organization, see "[AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/choosing-a-security-configuration-for-your-repositories)."
diff --git a/content/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/choosing-a-security-configuration-for-your-repositories.md b/content/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/choosing-a-security-configuration-for-your-repositories.md
new file mode 100644
index 0000000000..a9ee6310d7
--- /dev/null
+++ b/content/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/choosing-a-security-configuration-for-your-repositories.md
@@ -0,0 +1,43 @@
+---
+title: Choosing a security configuration for your repositories
+shortTitle: Choose security configuration
+intro: 'Find out which type of {% data variables.product.prodname_security_configuration %} will meet the security needs of the repositories in your organization.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note-opt-out %}
+
+## About choosing a {% data variables.product.prodname_security_configuration %}
+
+{% data reusables.security-configurations.define-security-configurations %} {% data variables.product.company_short %} offers two types of {% data variables.product.prodname_security_configurations %}:
+
+- The {% data variables.product.prodname_github_security_configuration %}
+- {% data variables.product.prodname_custom_security_configurations_caps %}
+
+_We recommend that organizations initially apply the {% data variables.product.prodname_github_security_configuration %}_. After you have applied the {% data variables.product.prodname_github_security_configuration %} to repositories in your organization, you can evaluate the security findings for each repository and determine if you instead want to create and apply a {% data variables.product.prodname_custom_security_configuration %}.
+
+## Choosing the {% data variables.product.prodname_github_security_configuration %}
+
+The {% data variables.product.prodname_github_security_configuration %} offers a number of benefits:
+
+- It is created and managed by {% data variables.product.company_short %}'s subject matter experts.
+- It is the quickest {% data variables.product.prodname_security_configuration %} to apply to all repositories in your organization.
+- It is designed to effectively secure both low- and high-impact repositories.
+
+To start securing repositories in your organization with the {% data variables.product.prodname_github_security_configuration %}, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization)."
+
+## Choosing a {% data variables.product.prodname_custom_security_configuration %}
+
+If you are familiar with {% data variables.product.company_short %}'s security products, and you have specific security needs that the {% data variables.product.prodname_github_security_configuration %} can't meet, you can create and apply {% data variables.product.prodname_custom_security_configurations %}. With {% data variables.product.prodname_custom_security_configurations %}, you can:
+
+- Edit the enablement settings for different security features
+- Create several configurations for repositories with different security needs
+- Manage your {% data variables.product.prodname_GH_advanced_security %} licensing by including or excluding {% data variables.product.prodname_GH_advanced_security %} features for a particular configuration
+
+To start securing repositories in your organization with {% data variables.product.prodname_custom_security_configurations %}, see "[AUTOTITLE](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/creating-a-custom-security-configuration)."
diff --git a/content/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/index.md b/content/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/index.md
new file mode 100644
index 0000000000..afa2400e53
--- /dev/null
+++ b/content/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/index.md
@@ -0,0 +1,14 @@
+---
+title: Introduction to securing your organization at scale
+shortTitle: Introduction
+intro: 'Learn about securing your organization with {% data variables.product.prodname_security_configurations %} and {% data variables.product.prodname_global_settings %}.'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+children:
+  - /about-enabling-security-features-at-scale
+  - /choosing-a-security-configuration-for-your-repositories
+---
diff --git a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/deleting-a-custom-security-configuration.md b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/deleting-a-custom-security-configuration.md
new file mode 100644
index 0000000000..620c47352c
--- /dev/null
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/deleting-a-custom-security-configuration.md
@@ -0,0 +1,33 @@
+---
+title: Deleting a custom security configuration
+shortTitle: Delete custom configuration
+intro: 'You can delete unnecessary {% data variables.product.prodname_custom_security_configurations %} in your organization.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note %}
+
+## About deleting a {% data variables.product.prodname_custom_security_configuration %}
+
+If you no longer need a {% data variables.product.prodname_custom_security_configuration %}, you can delete that configuration to ensure it will not be applied to any repositories in the future. If you are deleting a {% data variables.product.prodname_custom_security_configuration %} because you want to change the security enablement settings in that configuration, you can instead edit the configuration. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/editing-a-custom-security-configuration)."
+
+{% warning %}
+
+**Warning:** Deleting a {% data variables.product.prodname_custom_security_configuration %} will detach all repositories that are linked to that configuration. The existing security settings for those repositories will be unchanged, but you must apply a different {% data variables.product.prodname_security_configuration %} or manage their security settings at the repository level to keep their settings up to date.
+
+{% endwarning %}
+
+## Deleting a {% data variables.product.prodname_custom_security_configuration %} from your organization
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. In the configurations table, click the name of the {% data variables.product.prodname_custom_security_configuration %} you want to delete.
+1. Scroll to the bottom of the "Security settings" section, then click **Delete configuration**.
+1. In the "Delete this configuration?" window, read the warning to confirm you are comfortable deleting the {% data variables.product.prodname_custom_security_configuration %}, then click **Delete configuration**.
diff --git a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/detaching-repositories-from-their-security-configurations.md b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/detaching-repositories-from-their-security-configurations.md
new file mode 100644
index 0000000000..ca4446d74b
--- /dev/null
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/detaching-repositories-from-their-security-configurations.md
@@ -0,0 +1,33 @@
+---
+title: Detaching repositories from their security configurations
+shortTitle: Detach security configuration
+intro: 'You can unlink repositories from their {% data variables.product.prodname_security_configurations %} and instead manage their security enablement settings at the repository level.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note %}
+
+## About detaching repositories from their {% data variables.product.prodname_security_configurations %}
+
+If you decide that the security needs of a repository are too specific for a {% data variables.product.prodname_security_configuration %} to be useful, you can detach that repository from the linked configuration and instead manage security enablement settings at the repository level. Detaching a repository from a {% data variables.product.prodname_security_configuration %} will not change the existing security enablement settings for that repository. For an introduction to securing your repository at the repository level, see "[AUTOTITLE](/code-security/getting-started/securing-your-repository)."
+
+Alternatively, if you want to apply a {% data variables.product.prodname_security_configuration %} to a repository that's already attached to a different configuration, you can apply the configuration as normal, and you do not need to detach the current configuration. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization)" and "[AUTOTITLE](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/applying-a-custom-security-configuration)."
+
+## Detaching repositories from linked {% data variables.product.prodname_security_configurations %}
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. Optionally, in the "Apply configurations" section, filter for specific repositories you would like to detach from their configurations. To learn more, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table)."
+1. In the repository table, select repositories with one of three methods:
+    - Select each individual repository you would like to detach.
+    - To select all repositories displayed on the current page of the repository table, select **NUMBER repositories**.
+    - After selecting **NUMBER repositories**, to select _all_ repositories in your organization that match any filters you have applied, click **Select all**.
+1. Select the **Apply configuration** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **No configuration**.
+1. To finish detaching your repositories from their linked {% data variables.product.prodname_security_configurations %}, in the "No configuration?" window, click **No configuration**.
diff --git a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/editing-a-custom-security-configuration.md b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/editing-a-custom-security-configuration.md
new file mode 100644
index 0000000000..30e7c4c503
--- /dev/null
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/editing-a-custom-security-configuration.md
@@ -0,0 +1,38 @@
+---
+title: Editing a custom security configuration
+shortTitle: Edit custom configuration
+intro: 'Change the enablement settings in your {% data variables.product.prodname_custom_security_configuration %} to better meet the security needs of your repositories.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note %}
+
+## About editing a {% data variables.product.prodname_custom_security_configuration %}
+
+After creating and applying a {% data variables.product.prodname_custom_security_configuration %}, you may need to edit the enablement settings for that configuration to better secure your repositories. Any changes you make to the enablement settings of a {% data variables.product.prodname_security_configuration %} will automatically populate to all linked repositories.
+
+To determine if your {% data variables.product.prodname_custom_security_configuration %} is meeting your security needs, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/interpreting-security-findings-on-a-repository)."
+
+{% note %}
+
+**Note:** The {% data variables.product.prodname_github_security_configuration %} is managed by {% data variables.product.company_short %} and cannot be edited. If you would like to customize your security enablement settings, you need to create a {% data variables.product.prodname_custom_security_configuration %}. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/creating-a-custom-security-configuration)."
+
+{% endnote %}
+
+## Modifying your {% data variables.product.prodname_custom_security_configuration %}
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. In the "Code {% data variables.product.prodname_security_configurations %}" section, click the name of the {% data variables.product.prodname_custom_security_configuration %} you want to edit.
+1. Edit the name, description, and enablement settings of your {% data variables.product.prodname_custom_security_configuration %} as desired.
+
+    {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}
+
+1. To apply your changes, click **Update configuration**.
diff --git a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table.md b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table.md
new file mode 100644
index 0000000000..66dd70da42
--- /dev/null
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table.md
@@ -0,0 +1,35 @@
+---
+title: Filtering repositories in your organization using the repository table
+shortTitle: Filter repositories
+intro: 'You can filter the repository table for your organization to better manage the security settings of specific repositories.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+## About filtering repositories in your organization
+
+By default, when managing {% data variables.product.prodname_security_configurations %} for repositories in your organization, the repository table displays all repositories in your organization. You can filter the repository table to help you apply and detach {% data variables.product.prodname_security_configurations %}, as well as manage {% data variables.product.prodname_GH_advanced_security %} license usage in your organization.
+
+## Filtering the repository table with the search bar
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. In the "Apply configurations" section, use the **Search repositories** search bar to filter repositories in your organization in one of two ways:
+    - Find repositories by name with free-text search
+    - Select filters from the dropdown menu that appears once you click the search bar
+
+## Filtering the repository table with the advanced filter builder
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. To open the advanced filter dialog, in the "Apply configurations" section, click {% octicon "filter" aria-hidden="true" %} **Filter**.
+1. In the "Advanced filters" window, select the {% octicon "plus" aria-hidden="true" %} **Add a filter** dropdown menu, then click a filter.
+1. To search for repositories matching the selected filter, fill out the available fields for that filter, then click **Apply**. You can repeat this process to add as many filters as you would like to your search.
+1. Optionally, to remove a filter from your search, click {% octicon "filter" aria-hidden="true" %} **Filter**. In the row of the filter you want to remove, click {% octicon "x" aria-label="Delete FILTER-NUMBER: FILTER-PROPERTIES" %}, then click **Apply**.
diff --git a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/index.md b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/index.md
new file mode 100644
index 0000000000..c254cd07d7
--- /dev/null
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/index.md
@@ -0,0 +1,18 @@
+---
+title: Managing the security of your organization
+shortTitle: Manage organization security
+intro: 'You can interpret security findings and manage your security enablement settings to better secure your organization.'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+children:
+  - /interpreting-security-findings-on-a-repository
+  - /filtering-repositories-in-your-organization-using-the-repository-table
+  - /editing-a-custom-security-configuration
+  - /managing-your-github-advanced-security-license-usage
+  - /detaching-repositories-from-their-security-configurations
+  - /deleting-a-custom-security-configuration
+---
diff --git a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/interpreting-security-findings-on-a-repository.md b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/interpreting-security-findings-on-a-repository.md
new file mode 100644
index 0000000000..1ce1e85710
--- /dev/null
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/interpreting-security-findings-on-a-repository.md
@@ -0,0 +1,76 @@
+---
+title: Interpreting security findings on a repository
+shortTitle: Interpret security data
+intro: 'You can analyze security data on repositories in your organization to determine if you need to make changes to your security setup.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note %}
+
+## About security findings on a repository
+
+After you apply a {% data variables.product.prodname_security_configuration %} to a repository, the enabled security features will likely raise security findings on that repository. These findings may show up as feature-specific alerts, or as automatically generated pull requests designed to keep your repository secure. To best secure your organization, you should be able to understand and resolve these alerts and pull requests, then analyze the findings and make any necessary adjustments to your {% data variables.product.prodname_security_configuration %}.
+
+{% ifversion ghec or ghes %}
+
+## Finding repositories with security alerts using security overview
+
+{% data reusables.security-overview.information-varies-GHAS %}
+{% data reusables.organizations.navigate-to-org %}
+{% data reusables.organizations.security-overview %}
+{% data reusables.security-overview.open-security-risk-view %}
+{% data reusables.code-scanning.using-security-overview-risk %}
+{% data reusables.organizations.security-overview-feature-specific-page %}
+{% endif %}
+
+## Interpreting {% data variables.product.prodname_secret_scanning %} alerts
+
+{% data reusables.security-configurations.secret-scanning-security-configs-summary %} {% ifversion fpt or ghec %}There are two types of {% data variables.product.prodname_secret_scanning %} alerts:
+
+- {% data variables.secret-scanning.partner_alerts_caps %}, which are sent to the provider who issued the secret
+- {% data variables.secret-scanning.user_alerts_caps %}, which appear on {% data variables.product.product_name %} and can be resolved
+
+{% endif %}
+You can view {% data variables.product.prodname_secret_scanning %} alerts for a repository by navigating to the main page of that repository, clicking the {% octicon "shield" aria-hidden="true" %} **Security** tab, then clicking {% octicon "key" aria-hidden="true" %} **{% data variables.product.prodname_secret_scanning_caps %}**.
+
+For an introduction to {% data variables.product.prodname_secret_scanning %} alerts, see "[AUTOTITLE](/code-security/secret-scanning/about-secret-scanning#about-secret-scanning-alerts-for-users)."
+
+To learn how to interpret and resolve {% data variables.product.prodname_secret_scanning %} alerts, see "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning)."
+
+## Interpreting {% data variables.product.prodname_code_scanning %} alerts
+
+{% data reusables.code-scanning.about-code-scanning %} These problems are raised as {% data variables.product.prodname_code_scanning %} alerts, which contain detailed information on the vulnerability or error detected.
+
+You can view the {% data variables.product.prodname_code_scanning %} alerts for a repository by navigating to the main page of that repository, clicking the {% octicon "shield" aria-hidden="true" %} **Security** tab, then clicking {% octicon "codescan" aria-hidden="true" %} **{% data variables.product.prodname_code_scanning_caps %}**.
+
+For an introduction to {% data variables.product.prodname_code_scanning %} alerts, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-code-scanning-alerts)."
+
+To learn how to interpret and resolve {% data variables.product.prodname_code_scanning %} alerts, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository)."
+
+## Interpreting {% data variables.product.prodname_dependabot_alerts %}
+
+{% data variables.product.prodname_dependabot_alerts %} inform you about vulnerabilities in the dependencies that you use in your repository. You can view {% data variables.product.prodname_dependabot_alerts %} for a repository by navigating to the main page of that repository, clicking the {% octicon "shield" aria-hidden="true" %} **Security** tab, then clicking {% octicon "dependabot" aria-hidden="true" %} **{% data variables.product.prodname_dependabot %}**.
+
+For an introduction to {% data variables.product.prodname_dependabot_alerts %}, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)."
+
+To learn how to interpret and resolve {% data variables.product.prodname_dependabot_alerts %}, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/viewing-and-updating-dependabot-alerts)."
+
+{% note %}
+
+**Note:** If you enabled {% data variables.product.prodname_dependabot_security_updates %} or {% data variables.product.prodname_dependabot_version_updates %}, {% data variables.product.prodname_dependabot %} can also automatically raise pull requests to update the dependencies used in your repository. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)" and "[AUTOTITLE](/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates)."
+
+{% endnote %}
+
+## Next steps
+
+If you are using the {% data variables.product.prodname_github_security_configuration %}, and your findings indicate the security enablement settings are not meeting your needs, you should create a {% data variables.product.prodname_custom_security_configuration %}. To get started, see "[AUTOTITLE](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/creating-a-custom-security-configuration)."
+
+If you are using a {% data variables.product.prodname_custom_security_configuration %}, and your findings indicate the security enablement settings are not meeting your needs, you can edit your existing configuration. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/editing-a-custom-security-configuration)."
+
+Lastly, you can also edit your organization-level security settings with {% data variables.product.prodname_global_settings %}. To learn more, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/configuring-global-security-settings-for-your-organization)."
diff --git a/content/code-security/securing-your-organization/managing-the-security-of-your-organization/managing-your-github-advanced-security-license-usage.md b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/managing-your-github-advanced-security-license-usage.md
new file mode 100644
index 0000000000..3d6fc25f77
--- /dev/null
+++ b/content/code-security/securing-your-organization/managing-the-security-of-your-organization/managing-your-github-advanced-security-license-usage.md
@@ -0,0 +1,68 @@
+---
+title: Managing your GitHub Advanced Security license usage
+shortTitle: Manage GHAS licenses
+intro: 'You can understand and control {% data variables.product.prodname_GH_advanced_security %} license usage for repositories in your organization.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note %}
+
+## About {% data variables.product.prodname_GH_advanced_security %} billing and licenses
+
+{% ifversion fpt %}
+
+{% data reusables.advanced-security.ghas-license-info-for-fpt %}
+
+For information on managing your {% data variables.product.prodname_GH_advanced_security %} license usage, see the [{% data variables.product.prodname_ghe_cloud %} documentation](/enterprise-cloud@latest/code-security/securing-your-organization/managing-the-security-of-your-organization/managing-your-github-advanced-security-license-usage).
+
+{% else %}
+
+To use {% data variables.product.prodname_GH_advanced_security %} (GHAS) features on private or internal repositories with unique active committers, you must have available GHAS licenses. With {% data variables.product.prodname_security_configurations %}, you can easily understand the GHAS license usage of repositories in your organization, as well as the number of available GHAS licenses in your enterprise. Additionally, if you need to make more GHAS licenses available to secure a high-impact repository, you can quickly disable GHAS features on private and internal repositories at scale.
+
+To learn about GHAS licenses, as well as unique and active committers, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)."
+
+## Understanding your {% data variables.product.prodname_GH_advanced_security %} license usage
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. In the "Apply configurations" section, your current license usage will be displayed as "NUMBER-USED out of NUMBER-PURCHASED available {% data variables.product.prodname_GH_advanced_security %} licenses in use by YOUR-ENTERPRISE."
+
+    ![Screenshot of the "Apply configurations" section. The current GHAS license usage for the enterprise is outlined in dark orange.](/assets/images/help/security-configurations/current-ghas-license-usage.png)
+
+1. Optionally, to find specific repositories in your organization, filter the repository table. To learn more, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table)."
+1. To quickly identify the number of GHAS licenses needed to enable GHAS features on a specific repository, in that repository's row of the repository table, read "NUMBER licenses required".
+1. To view license usage for multiple repositories in your organization, select the repositories from the repository table. In the "Apply configurations" section, you will see the number of licenses required to apply GHAS features to the repositories, as well as the number of licenses made available if you disable GHAS features on those repositories.
+
+    ![Screenshot of the "Apply configurations" section. The potential changes to GHAS license usage for the enterprise are outlined in dark orange.](/assets/images/help/security-configurations/ghas-licenses-used-or-freed.png)
+
+## Turning off {% data variables.product.prodname_GH_advanced_security %} features on select repositories in your organization
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. Optionally, in the "Apply configurations" section, filter for specific repositories on which you would like to disable GHAS. To learn more, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table)."
+1. In the repository table, select repositories with one of three methods:
+     - Select each individual repository you would like to disable GHAS features on.
+     - To select all repositories displayed on the current page of the repository table, select **NUMBER repositories**.
+     - After selecting **NUMBER repositories**, to select _all_ repositories in your organization that match any filters you have applied, click **Select all**.
+
+    Once you have selected the desired repositories, in the "Apply configurations" section, you can see how many GHAS licenses will become available when you disable GHAS features on those repositories. For more information, see "[Understanding your {% data variables.product.prodname_GH_advanced_security %} license usage](#understanding-your-github-advanced-security-license-usage)."
+1. Select the **Apply configuration** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Disable {% data variables.product.prodname_GH_advanced_security %}**.
+1. To finish disabling GHAS features on the selected private or internal repositories, in the "Disable {% data variables.product.prodname_GH_advanced_security %}?" window, click **Disable {% data variables.product.prodname_GH_advanced_security %}**.
+
+    {% note %}
+
+    **Notes:**
+    - Disabling GHAS features for a private or internal repository will also detach that repository from any linked {% data variables.product.prodname_security_configuration %}.
+    - Disabling GHAS features through the repository table _will not_ disable those features on public repositories since they do not require {% data variables.product.prodname_GH_advanced_security %} licenses.
+
+    {% endnote %}
+
+{% endif %}
diff --git a/content/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/applying-a-custom-security-configuration.md b/content/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/applying-a-custom-security-configuration.md
new file mode 100644
index 0000000000..caa67bd8a0
--- /dev/null
+++ b/content/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/applying-a-custom-security-configuration.md
@@ -0,0 +1,43 @@
+---
+title: Applying a custom security configuration
+shortTitle: Apply custom configuration
+intro: 'You can apply your {% data variables.product.prodname_custom_security_configuration %} to repositories in your organization to meet the specific security needs of those repositories.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note %}
+
+## About applying a {% data variables.product.prodname_custom_security_configuration %}
+
+After you create a {% data variables.product.prodname_custom_security_configuration %}, you need to apply it to repositories in your organization to enable the configuration's settings on those repositories. To learn how to create a {% data variables.product.prodname_custom_security_configuration %}, see "[AUTOTITLE](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/creating-a-custom-security-configuration)."
+
+## Applying your {% data variables.product.prodname_custom_security_configuration %} to repositories in your organization
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. Optionally, in the "Apply configurations" section, filter for specific repositories you would like to apply your {% data variables.product.prodname_custom_security_configuration %} to. To learn how to filter the repository table, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/filtering-repositories-in-your-organization-using-the-repository-table)."
+1. In the repository table, select repositories with one of three methods:
+     - Select each repository you would like to apply the {% data variables.product.prodname_security_configuration %} to.
+     - To select all repositories displayed on the current page of the repository table, select **NUMBER repositories**.
+     - After selecting **NUMBER repositories**, to select _all_ repositories in your organization that match any filters you have applied, click **Select all**.
+1. Select the **Apply configuration** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **YOUR-CONFIGURATION-NAME**.
+{% data reusables.security-configurations.apply-configuration-by-default %}
+
+    {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}
+
+{% data reusables.security-configurations.apply-configuration %}
+
+## Next steps
+
+To learn how to interpret security findings from your {% data variables.product.prodname_custom_security_configuration %} on a repository, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/interpreting-security-findings-on-a-repository)."
+
+{% data reusables.security-configurations.edit-configuration-next-step %}
+
+{% data reusables.security-configurations.troubleshooting-next-step %}
diff --git a/content/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/creating-a-custom-security-configuration.md b/content/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/creating-a-custom-security-configuration.md
new file mode 100644
index 0000000000..a37051fe32
--- /dev/null
+++ b/content/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/creating-a-custom-security-configuration.md
@@ -0,0 +1,64 @@
+---
+title: Creating a custom security configuration
+shortTitle: Create custom configuration
+intro: 'Build a {% data variables.product.prodname_custom_security_configuration %} to meet the specific security needs of repositories in your organization.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% data reusables.security-configurations.security-configurations-beta-note %}
+
+## About {% data variables.product.prodname_custom_security_configurations %}
+
+We recommend securing your organization with the {% data variables.product.prodname_github_security_configuration %}, then evaluating the security findings on your repositories before configuring {% data variables.product.prodname_custom_security_configurations %}. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization/applying-the-github-recommended-security-configuration-in-your-organization)."
+
+With {% data variables.product.prodname_custom_security_configurations %}, you can create collections of enablement settings for {% data variables.product.company_short %}'s security products to meet the specific security needs of your organization. For example, you can create a different {% data variables.product.prodname_custom_security_configuration %} for each group of repositories to reflect their different levels of visibility, risk tolerance, and impact.
+
+## Creating a {% data variables.product.prodname_custom_security_configuration %}
+
+{% note %}
+
+**Note:** The enablement status of some security features is dependent on other, higher-level security features. For example, disabling dependency graph will also disable {% data variables.product.prodname_dependabot %}, vulnerability exposure analysis, and security updates. For {% data variables.product.prodname_security_configurations %}, dependent security features are indicated with indentation and {% octicon "reply" aria-hidden="true" %}.
+
+{% endnote %}
+
+{% data reusables.profile.access_org %}
+{% data reusables.organizations.org_settings %}
+{% data reusables.security-configurations.view-configurations-page %}
+1. In the "Code security configurations" section, click **New configuration**.
+1. To help identify your {% data variables.product.prodname_custom_security_configuration %} and clarify its purpose on the "Code {% data variables.product.prodname_security_configurations %}" page, name your configuration and create a description.
+1. In the "{% data variables.product.prodname_GH_advanced_security %} features" row, choose whether to include or exclude {% data variables.product.prodname_GH_advanced_security %} (GHAS) features. If you plan to apply a {% data variables.product.prodname_custom_security_configuration %} with GHAS features to private repositories, you must have available GHAS licenses for each active unique committer to those repositories, or the features will not be enabled. To learn more about committers and GHAS licensing, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)."
+1. In the "Dependency graph" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for the following security features:
+    - Dependency graph. To learn about dependency graph, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph)."
+    - {% data variables.product.prodname_dependabot %}. To learn about {% data variables.product.prodname_dependabot %}, see "[AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)."
+    - Security updates. To learn about security updates, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)."
+
+    {% note %}
+
+    **Note:** You cannot manually change the enablement settings for vulnerable function calls. If {% data variables.product.prodname_GH_advanced_security %} features and {% data variables.product.prodname_dependabot_alerts %} are enabled, vulnerable function calls is also enabled. Otherwise, it is disabled.
+
+    {% endnote %}
+
+1. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for {% data variables.product.prodname_code_scanning %} default setup. To learn about default setup, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#about-default-setup)."
+1. In the "{% data variables.product.prodname_secret_scanning_caps %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for the following security features:
+    - {% data variables.product.prodname_secret_scanning_caps %}. To learn about {% data variables.product.prodname_secret_scanning %}, see "[AUTOTITLE](/code-security/secret-scanning/about-secret-scanning)."
+    - Push protection. To learn about push protection, see "[AUTOTITLE](/code-security/secret-scanning/push-protection-for-repositories-and-organizations)."
+{% ifversion fpt or ghec %}
+1. In the "Private vulnerability reporting" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for private vulnerability reporting. To learn about private vulnerability reporting, see "[AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository)."
+{% endif %}
+1. Optionally, in the "Policy" section, you can choose to automatically apply the {% data variables.product.prodname_security_configuration %} to newly created repositories depending on their visibility. Select the **None** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Public**, or **Private and internal**, or both.
+
+    {% data reusables.security-configurations.default-configuration-exception-repo-transfers %}
+
+1. To finish creating your {% data variables.product.prodname_custom_security_configuration %}, click **Save configuration**.
+
+## Next steps
+
+To apply your {% data variables.product.prodname_custom_security_configuration %} to repositories in your organization, see "[AUTOTITLE](/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/applying-a-custom-security-configuration)."
+
+{% data reusables.security-configurations.edit-configuration-next-step %}
diff --git a/content/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/index.md b/content/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/index.md
new file mode 100644
index 0000000000..aeffc1f828
--- /dev/null
+++ b/content/code-security/securing-your-organization/meeting-your-specific-security-needs-with-custom-security-configurations/index.md
@@ -0,0 +1,14 @@
+---
+title: Meeting your specific security needs with custom security configurations
+shortTitle: Customize organization security
+intro: 'You can create {% data variables.product.prodname_security_configurations %} with custom security enablement settings to best secure repositories in your organization.'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+children:
+  - /creating-a-custom-security-configuration
+  - /applying-a-custom-security-configuration
+---
diff --git a/content/code-security/securing-your-organization/troubleshooting-security-configurations/a-repository-has-an-existing-advanced-setup-for-code-scanning.md b/content/code-security/securing-your-organization/troubleshooting-security-configurations/a-repository-has-an-existing-advanced-setup-for-code-scanning.md
new file mode 100644
index 0000000000..4d0c591783
--- /dev/null
+++ b/content/code-security/securing-your-organization/troubleshooting-security-configurations/a-repository-has-an-existing-advanced-setup-for-code-scanning.md
@@ -0,0 +1,36 @@
+---
+title: A repository has an existing advanced setup for code scanning
+shortTitle: Existing advanced setup
+intro: 'You need to override existing advanced setups at the repository level before you can apply a {% data variables.product.prodname_security_configuration %} with {% data variables.product.prodname_code_scanning %} enabled.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% note %}
+
+**Note:** {% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+
+To successfully apply a {% data variables.product.prodname_security_configuration %} with {% data variables.product.prodname_code_scanning %} default setup enabled, the target repository cannot have an existing advanced setup for {% data variables.product.prodname_code_scanning %}. {% data variables.product.prodname_security_configurations_caps %} cannot override advanced setups since advanced setups are tailored to the specific security needs of their repositories, and organization owners or security managers enabling default setup at scale may not realize they are overriding those custom settings.
+
+If you try to apply a {% data variables.product.prodname_security_configuration %} with {% data variables.product.prodname_code_scanning %} enabled to a repository with an existing advanced setup for {% data variables.product.prodname_code_scanning %}, security settings will be enabled as follows:
+
+  - {% data variables.product.prodname_code_scanning_caps %} default setup _will not_ be enabled on the repository, and the existing advanced setup will continue to run as normal.
+  - Aside from {% data variables.product.prodname_code_scanning %}, all security features enabled in the configuration _will_ be enabled on the repository.
+  - The {% data variables.product.prodname_security_configuration %} _will not_ be attached to the repository, since only some features from the configuration are enabled.
+
+For all repositories without an existing advanced setup for {% data variables.product.prodname_code_scanning %}, the {% data variables.product.prodname_security_configuration %} will be applied as expected, and {% data variables.product.prodname_code_scanning %} default setup will be enabled.
+
+{% note %}
+
+**Note:** If you cannot successfully apply a configuration to a private{% ifversion ghec or ghes %} or internal{% endif %} repository without {% data variables.product.prodname_code_scanning %} advanced setup enabled, you should make sure you have sufficient available {% data variables.product.prodname_GH_advanced_security %} licenses to apply that configuration. For more information, see "[AUTOTITLE](/code-security/securing-your-organization/troubleshooting-security-configurations/not-enough-github-advanced-security-licenses)."
+
+{% endnote %}
+
+To apply a {% data variables.product.prodname_security_configuration %} with {% data variables.product.prodname_code_scanning %} enabled to a repository with advanced setup, you must first configure default setup at the repository level, then apply the {% data variables.product.prodname_security_configuration %} as normal. For more information, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning)."
diff --git a/content/code-security/securing-your-organization/troubleshooting-security-configurations/index.md b/content/code-security/securing-your-organization/troubleshooting-security-configurations/index.md
new file mode 100644
index 0000000000..13214eb0e3
--- /dev/null
+++ b/content/code-security/securing-your-organization/troubleshooting-security-configurations/index.md
@@ -0,0 +1,14 @@
+---
+title: Troubleshooting security configurations
+shortTitle: Troubleshooting configurations
+intro: 'To successfully apply a {% data variables.product.prodname_security_configuration %}, you may need to troubleshoot unexpected issues.'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+children:
+  - /a-repository-has-an-existing-advanced-setup-for-code-scanning
+  - /not-enough-github-advanced-security-licenses
+---
diff --git a/content/code-security/securing-your-organization/troubleshooting-security-configurations/not-enough-github-advanced-security-licenses.md b/content/code-security/securing-your-organization/troubleshooting-security-configurations/not-enough-github-advanced-security-licenses.md
new file mode 100644
index 0000000000..698d87f23a
--- /dev/null
+++ b/content/code-security/securing-your-organization/troubleshooting-security-configurations/not-enough-github-advanced-security-licenses.md
@@ -0,0 +1,28 @@
+---
+title: Not enough GitHub Advanced Security licenses
+shortTitle: Not enough GHAS licenses
+intro: 'You need available GHAS licenses to enable GHAS features on a private{% ifversion ghec or ghes %} or internal{% endif %} repository.'
+permissions: '{% data reusables.security-configurations.security-configurations-permissions %}'
+versions:
+  feature: security-configurations
+topics:
+  - Advanced Security
+  - Organizations
+  - Security
+---
+
+{% note %}
+
+**Note:** {% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+
+You must have an available {% data variables.product.prodname_GH_advanced_security %} (GHAS) license for each unique active committer to enable GHAS features on a private{% ifversion ghec or ghes %} or internal{% endif %} repository. To learn about GHAS licensing, as well as unique and active committers, see "[AUTOTITLE](/billing/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)."
+
+If you try to apply a {% data variables.product.prodname_security_configuration %} with GHAS features to your repositories and don't have enough GHAS licenses, the configuration will only be successfully applied to public repositories. For private {% ifversion ghec or ghes %}and internal {% endif %}repositories, only free security features will be enabled due to the license limitation, resulting in the following outcomes:
+
+  - Free security features enabled in the configuration _will_ be enabled for _all_ private {% ifversion ghec or ghes %}and internal {% endif %}repositories.
+  - GHAS features _will not_ be enabled for _any_ private {% ifversion ghec or ghes %}or internal {% endif %}repositories.
+  - The {% data variables.product.prodname_security_configuration %} _will not_ be applied to _any_ private {% ifversion ghec or ghes %}or internal {% endif %}repositories, since only some features from the configuration are enabled.
+
+For more information on managing GHAS licenses for your organization, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/managing-your-github-advanced-security-license-usage)."
diff --git a/content/code-security/security-overview/assessing-code-security-risk.md b/content/code-security/security-overview/assessing-code-security-risk.md
index 3a0bc44f1b..30c09b32b6 100644
--- a/content/code-security/security-overview/assessing-code-security-risk.md
+++ b/content/code-security/security-overview/assessing-code-security-risk.md
@@ -25,7 +25,7 @@ redirect_from:
 
 You can use security overview to see which repositories and teams are free from any security alerts and which have unresolved security alerts. The "Security risk" page shows a summary and detailed information on which repositories in an organization {% ifversion security-overview-org-risk-coverage-enterprise %}or enterprise {% endif %}are affected by security alerts, with a breakdown of alert by severity. You can filter the view to show a subset of repositories using the "affected" and "unaffected" links, the links under "Open alerts", the "Teams" dropdown menu, and a search field in the page header. This view is a great way to understand the broader picture for a repository, team, or group of repositories because you can see security alerts of all types in one view.
 
-![Screenshot of the header section of the "Security risk" view on the "Security" tab for an organization. The options for filtering are outlined in dark orange, including "affected"/"unaffected" links, "Teams" selector, and search field.](/assets/images/help/security-overview/security-risk-view-summary.png)
+![Screenshot of the header section of the "Security risk" view on the "Security" tab for an organization.](/assets/images/help/security-overview/security-risk-view-summary.png)
 
 {% ifversion security-overview-export-data %}
 You can download a CSV file of the data displayed on the "Security risk" page. This data file can be used for efforts like security research and in-depth data analysis, and can integrate easily with external datasets. For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-the-risk-and-coverage-pages)."
@@ -45,10 +45,10 @@ You can download a CSV file of the data displayed on the "Security risk" page. T
 
 {% data reusables.organizations.navigate-to-org %}
 {% data reusables.organizations.security-overview %}
-1. To display the "Security risk" view, in the sidebar, click **{% octicon "shield" aria-hidden="true"  %} Risk**.
+{% data reusables.security-overview.open-security-risk-view %}
 {% data reusables.code-scanning.using-security-overview-risk %}
 
-   ![Screenshot of the header section of the "Security risk" view on the "Security" tab for an organization. The options for filtering are outlined in dark orange, including "affected"/"unaffected" links, alert severity links, "Teams" selector, archived repositories, and search field.](/assets/images/help/security-overview/security-risk-view-highlights.png)
+   ![Screenshot of the "Security risk" view for an organization. The options for filtering are outlined in dark orange.](/assets/images/help/security-overview/security-risk-view-highlights.png)
 
 {% data reusables.organizations.security-overview-feature-specific-page %}
 
@@ -60,9 +60,10 @@ You can download a CSV file of the data displayed on the "Security risk" page. T
 {% data reusables.organizations.filter-security-overview %}
 {% ifversion security-overview-alert-views %}
 {% data reusables.organizations.security-overview-feature-specific-page %}
-   ![Screenshot of the {% data variables.product.prodname_code_scanning %} alerts page on the "Security" tab. Features apart from filters, dropdown menus, and sidebar are grayed out.](/assets/images/help/security-overview/security-overview-code-scanning-alerts.png)
-{% endif %}
 
+   ![Screenshot of the {% data variables.product.prodname_code_scanning %} alerts page on the "Security" tab. Features apart from filters, dropdown menus, and sidebar are grayed out.](/assets/images/help/security-overview/security-overview-code-scanning-alerts.png)
+
+{% endif %}
 {% endif %}
 
 {% data reusables.security-overview.alert-differences %}
@@ -87,7 +88,9 @@ You can view data for security alerts across organizations in an enterprise. {%
 1. To display the "Security coverage" view, in the sidebar, click **Risk**.
 {% data reusables.code-scanning.using-security-overview-risk %}
 
-   ![Screenshot of the "Security risk" view for an enterprise. The options for filtering are outlined in dark orange, including "affected"/"unaffected" links, alert severity links, "Teams" selector, archived repositories, and search field.](/assets/images/help/security-overview/security-risk-view-highlights-enterprise.png){% else %}
+    ![Screenshot of the "Security risk" view for an enterprise. The options for filtering are outlined in dark orange.](/assets/images/help/security-overview/security-risk-view-highlights-enterprise.png)
+
+{% else %}
 {% data reusables.organizations.security-overview-feature-specific-page %}{% endif %}
 {% endif %}
 
diff --git a/content/get-started/learning-about-github/about-github-advanced-security.md b/content/get-started/learning-about-github/about-github-advanced-security.md
index c3cf74eb2e..8b2fab1455 100644
--- a/content/get-started/learning-about-github/about-github-advanced-security.md
+++ b/content/get-started/learning-about-github/about-github-advanced-security.md
@@ -83,6 +83,16 @@ To learn about what you need to know to plan your {% data variables.product.prod
 
 ## Enabling {% data variables.product.prodname_advanced_security %} features
 
+{% ifversion security-configurations %}
+{% data reusables.security-configurations.enable-security-features-with-gh-config %}
+
+{% note %}
+
+**Note:** {% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+
+{% endif %}
 {%- ifversion ghes %}
 The site administrator must enable {% data variables.product.prodname_advanced_security %} for {% data variables.location.product_location %} before you can use these features. For more information, see "[AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise).
 
diff --git a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md
index aa0f9c057f..a28c2b30ae 100644
--- a/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md
+++ b/content/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization.md
@@ -23,6 +23,16 @@ shortTitle: Manage security & analysis
 {% ifversion ghec or ghes %}If your organization is owned by an enterprise with a license for {% data variables.product.prodname_GH_advanced_security %}, then extra options for managing security and analysis settings may be available. For more information, see "[AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise)."{% endif %}
 
 {% data reusables.security.some-security-and-analysis-features-are-enabled-by-default %}
+{% ifversion security-configurations %}
+{% data reusables.security-configurations.enable-security-features-with-gh-config %}
+
+{% note %}
+
+**Note:** {% data reusables.security-configurations.security-configurations-beta-note-short %}
+
+{% endnote %}
+
+{% endif %}
 {% data reusables.security.security-and-analysis-features-enable-read-only %}
 
 ## Displaying the security and analysis settings
diff --git a/data/features/security-configurations.yml b/data/features/security-configurations.yml
new file mode 100644
index 0000000000..6aa37553b7
--- /dev/null
+++ b/data/features/security-configurations.yml
@@ -0,0 +1,6 @@
+# Reference: #12711
+# Documentation for security configurations and global settings.
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '>3.12'
diff --git a/data/reusables/advanced-security/ghas-license-info-for-fpt.md b/data/reusables/advanced-security/ghas-license-info-for-fpt.md
new file mode 100644
index 0000000000..3ab273cb98
--- /dev/null
+++ b/data/reusables/advanced-security/ghas-license-info-for-fpt.md
@@ -0,0 +1 @@
+If you want to use {% data variables.product.prodname_GH_advanced_security %} features on any repository apart from a public repository on {% data variables.product.prodname_dotcom_the_website %}, you will need a {% data variables.product.prodname_GH_advanced_security %} license, available with {% data variables.product.prodname_ghe_cloud %} or {% data variables.product.prodname_ghe_server %}. {% data reusables.advanced-security.ghas-trial %}
diff --git a/data/reusables/dependabot/dependabot-overview.md b/data/reusables/dependabot/dependabot-overview.md
new file mode 100644
index 0000000000..efd344aa64
--- /dev/null
+++ b/data/reusables/dependabot/dependabot-overview.md
@@ -0,0 +1,5 @@
+{% data variables.product.prodname_dependabot %} consists of three different features that help you manage your dependencies:
+
+- {% data variables.product.prodname_dependabot_alerts %}—inform you about vulnerabilities in the dependencies that you use in your repository.
+- {% data variables.product.prodname_dependabot_security_updates %}—automatically raise pull requests to update the dependencies you use that have known security vulnerabilities.
+- {% data variables.product.prodname_dependabot_version_updates %}—automatically raise pull requests to keep your dependencies up-to-date.
diff --git a/data/reusables/security-configurations/apply-configuration-by-default.md b/data/reusables/security-configurations/apply-configuration-by-default.md
new file mode 100644
index 0000000000..d0ba867b64
--- /dev/null
+++ b/data/reusables/security-configurations/apply-configuration-by-default.md
@@ -0,0 +1 @@
+1. Optionally, in the confirmation dialog, you can choose to automatically apply the {% data variables.product.prodname_security_configuration %} to newly created repositories depending on their visibility. Select the **None** {% octicon "triangle-down" aria-hidden="true" %} dropdown menu, then click **Public**, or **Private and internal**, or both.
diff --git a/data/reusables/security-configurations/apply-configuration.md b/data/reusables/security-configurations/apply-configuration.md
new file mode 100644
index 0000000000..5f28d4e441
--- /dev/null
+++ b/data/reusables/security-configurations/apply-configuration.md
@@ -0,0 +1 @@
+1. To apply the {% data variables.product.prodname_security_configuration %}, click **Apply**.
diff --git a/data/reusables/security-configurations/default-configuration-exception-repo-transfers.md b/data/reusables/security-configurations/default-configuration-exception-repo-transfers.md
new file mode 100644
index 0000000000..50713005c6
--- /dev/null
+++ b/data/reusables/security-configurations/default-configuration-exception-repo-transfers.md
@@ -0,0 +1,5 @@
+{% note %}
+
+**Note:** The default {% data variables.product.prodname_security_configuration %} for an organization is only automatically applied to new repositories created in your organization. If a repository is transferred into your organization, you will still need to apply an appropriate {% data variables.product.prodname_security_configuration %} to the repository manually.
+
+{% endnote %}
diff --git a/data/reusables/security-configurations/define-security-configurations.md b/data/reusables/security-configurations/define-security-configurations.md
new file mode 100644
index 0000000000..baffb6a25f
--- /dev/null
+++ b/data/reusables/security-configurations/define-security-configurations.md
@@ -0,0 +1 @@
+{% data variables.product.prodname_security_configurations_caps %} are collections of enablement settings for {% data variables.product.company_short %}'s security features that you can apply to any repository within your organization.
diff --git a/data/reusables/security-configurations/edit-configuration-next-step.md b/data/reusables/security-configurations/edit-configuration-next-step.md
new file mode 100644
index 0000000000..bb6eb69ea4
--- /dev/null
+++ b/data/reusables/security-configurations/edit-configuration-next-step.md
@@ -0,0 +1 @@
+To learn how to edit your {% data variables.product.prodname_custom_security_configuration %}, see "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/editing-a-custom-security-configuration)."
diff --git a/data/reusables/security-configurations/enable-security-features-with-gh-config.md b/data/reusables/security-configurations/enable-security-features-with-gh-config.md
new file mode 100644
index 0000000000..2071d7ddd0
--- /dev/null
+++ b/data/reusables/security-configurations/enable-security-features-with-gh-config.md
@@ -0,0 +1 @@
+You can quickly enable security features at scale with the {% data variables.product.prodname_github_security_configuration %}, a collection of security enablement settings you can apply to repositories in an organization. You can then further customize {% data variables.product.prodname_GH_advanced_security %} features at the organization level with {% data variables.product.prodname_global_settings %}. See "[AUTOTITLE](/code-security/securing-your-organization/introduction-to-securing-your-organization-at-scale/about-enabling-security-features-at-scale)."
diff --git a/data/reusables/security-configurations/managing-GHAS-licenses.md b/data/reusables/security-configurations/managing-GHAS-licenses.md
new file mode 100644
index 0000000000..aec91d13d0
--- /dev/null
+++ b/data/reusables/security-configurations/managing-GHAS-licenses.md
@@ -0,0 +1 @@
+With {% data variables.product.prodname_security_configurations %}, you can manage {% data variables.product.prodname_GH_advanced_security %} feature enablement and license usage for your organization. See "[AUTOTITLE](/code-security/securing-your-organization/managing-the-security-of-your-organization/managing-your-github-advanced-security-license-usage)."
diff --git a/data/reusables/security-configurations/secret-scanning-security-configs-summary.md b/data/reusables/security-configurations/secret-scanning-security-configs-summary.md
new file mode 100644
index 0000000000..4a1159f764
--- /dev/null
+++ b/data/reusables/security-configurations/secret-scanning-security-configs-summary.md
@@ -0,0 +1 @@
+{% data variables.product.prodname_secret_scanning_caps %} is a security tool that scans the entire Git history of your repository, as well as issues{% ifversion secret-scanning-enhancements-prs-discussions %}, pull requests, and discussions{% endif %} in that repository, for leaked secrets that have been accidentally committed, such as tokens or private keys.
diff --git a/data/reusables/security-configurations/security-configurations-beta-note-opt-out.md b/data/reusables/security-configurations/security-configurations-beta-note-opt-out.md
new file mode 100644
index 0000000000..674e1c0855
--- /dev/null
+++ b/data/reusables/security-configurations/security-configurations-beta-note-opt-out.md
@@ -0,0 +1,7 @@
+{% note %}
+
+**Note:** {% data variables.product.prodname_security_configurations_caps %} and {% data variables.product.prodname_global_settings %} are in beta and subject to change. To provide feedback on these features, see the [feedback discussion](https://github.com/orgs/community/discussions/114519).
+
+To learn how to opt out of {% data variables.product.prodname_security_configurations %} and {% data variables.product.prodname_global_settings %}, see "[AUTOTITLE](/get-started/using-github/exploring-early-access-releases-with-feature-preview#exploring-beta-releases-with-feature-preview)."
+
+{% endnote %}
diff --git a/data/reusables/security-configurations/security-configurations-beta-note-short.md b/data/reusables/security-configurations/security-configurations-beta-note-short.md
new file mode 100644
index 0000000000..61fc6eaec8
--- /dev/null
+++ b/data/reusables/security-configurations/security-configurations-beta-note-short.md
@@ -0,0 +1 @@
+{% data variables.product.prodname_security_configurations_caps %} and {% data variables.product.prodname_global_settings %} are in beta and subject to change.
diff --git a/data/reusables/security-configurations/security-configurations-beta-note.md b/data/reusables/security-configurations/security-configurations-beta-note.md
new file mode 100644
index 0000000000..6d411a55c6
--- /dev/null
+++ b/data/reusables/security-configurations/security-configurations-beta-note.md
@@ -0,0 +1,5 @@
+{% note %}
+
+**Note:** {% data variables.product.prodname_security_configurations_caps %} and {% data variables.product.prodname_global_settings %} are in beta and subject to change. To provide feedback on these features, see the [feedback discussion](https://github.com/orgs/community/discussions/114519).
+
+{% endnote %}
diff --git a/data/reusables/security-configurations/security-configurations-permissions.md b/data/reusables/security-configurations/security-configurations-permissions.md
new file mode 100644
index 0000000000..de1d447551
--- /dev/null
+++ b/data/reusables/security-configurations/security-configurations-permissions.md
@@ -0,0 +1 @@
+Organization owners and security managers can manage {% data variables.product.prodname_security_configurations %} and {% data variables.product.prodname_global_settings %} for an organization.
diff --git a/data/reusables/security-configurations/troubleshooting-next-step.md b/data/reusables/security-configurations/troubleshooting-next-step.md
new file mode 100644
index 0000000000..745b344ce6
--- /dev/null
+++ b/data/reusables/security-configurations/troubleshooting-next-step.md
@@ -0,0 +1 @@
+You may encounter an error when you attempt to apply a {% data variables.product.prodname_security_configuration %}. For information on common errors, see "[AUTOTITLE](/code-security/securing-your-organization/troubleshooting-security-configurations/)."
diff --git a/data/reusables/security-configurations/view-configurations-page.md b/data/reusables/security-configurations/view-configurations-page.md
new file mode 100644
index 0000000000..400953e163
--- /dev/null
+++ b/data/reusables/security-configurations/view-configurations-page.md
@@ -0,0 +1 @@
+1. In the "Security" section of the sidebar, select the **Code security** dropdown menu, then click **Configurations**.
diff --git a/data/reusables/security-overview/open-security-risk-view.md b/data/reusables/security-overview/open-security-risk-view.md
new file mode 100644
index 0000000000..64fb0f67b3
--- /dev/null
+++ b/data/reusables/security-overview/open-security-risk-view.md
@@ -0,0 +1 @@
+1. To display the "Security risk" view, in the sidebar, click **{% octicon "shield" aria-hidden="true" %} Risk**.
diff --git a/data/variables/product.yml b/data/variables/product.yml
index 4dfd8cd1ef..ddfa405da3 100644
--- a/data/variables/product.yml
+++ b/data/variables/product.yml
@@ -208,6 +208,18 @@ prodname_security_link: 'https://securitylab.github.com/'
 prodname_security_advisories: 'GitHub Security Advisories'
 prodname_advisory_database: 'GitHub Advisory Database'
 
+# Security configurations and organization-level security settings
+prodname_security_configurations: 'security configurations'
+prodname_security_configurations_caps: 'Security configurations'
+prodname_security_configuration: 'security configuration'
+prodname_github_security_configuration: 'GitHub-recommended security configuration'
+prodname_custom_security_configurations: 'custom security configurations'
+prodname_custom_security_configuration: 'custom security configuration'
+prodname_custom_security_configurations_caps: 'Custom security configurations'
+prodname_custom_security_configuration_caps: 'Custom security configuration'
+prodname_global_settings: 'global settings'
+prodname_global_settings_caps: 'Global settings'
+
 # Secret scanning
 prodname_secret_scanning: 'secret scanning' # Overall feature name and name for GHES
 prodname_secret_scanning_caps: 'Secret scanning'