[Improvement]: Update "Securing your organization" to help users deci…

…de how to enable security features (#38240) Co-authored-by: Felicity Chapman <[email protected]> Co-authored-by: github-actions <[email protected]> Co-authored-by: mc <[email protected]>
github · Jul 11, 2023 · 56092ca · 56092ca
1 parent 67e5702
commit 56092ca
Show file tree

Hide file tree

Showing 11 changed files with 100 additions and 124 deletions.
diff --git a/assets/images/help/security/enable-for-new-repos.png b/assets/images/help/security/enable-for-new-repos.png
diff --git a/...-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-at-scale.md b/...-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-at-scale.md
@@ -32,7 +32,7 @@ In addition, {% data variables.product.prodname_actions %} must be enabled for t
 
 {% ifversion code-security-multi-repo-enablement %}
 
-You can use security overview to find a set of repositories and enable or disable default setup for {% data variables.product.prodname_code_scanning %} for them all at the same time. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."
+You can use security overview to identify which repositories in an organization are eligible for default setup for {% data variables.product.prodname_code_scanning %}. Then you can enable code scanning for some or all of these repositories at the same time. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."
 
 You can also use the organization settings page for "Code security and analysis" to enable {% data variables.product.prodname_code_scanning %} for all repositories in the organization that are eligible for {% data variables.product.prodname_codeql %} default setup.
 
@@ -45,6 +45,8 @@ You can use the organization settings page for "Code security and analysis" to e
 
 {% endif %}
 
+{% data reusables.security.note-securing-your-org %}
+
 ### Eligibility criteria for organization-level enablement
 
 A repository must meet all the following criteria to be eligible for default setup, otherwise you need to use advanced setup.

diff --git a/...de-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository.md b/...de-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository.md
@@ -3,7 +3,7 @@ title: Configuring code scanning for a repository
 shortTitle: Configure code scanning
 intro: 'You can configure {% data variables.product.prodname_code_scanning %} for a repository to find security vulnerabilities in your code.'
 product: '{% data reusables.gated-features.code-scanning %}'
-permissions: 'People with admin permissions to a repository, or the security manager role for the repository, can configure {% data variables.product.prodname_code_scanning %} for that repository.  People with write permissions to a repository can also configure {% data variables.product.prodname_code_scanning %}, but only by creating a workflow file or manually uploading a SARIF file.'
+permissions: 'Organization owners, security managers, and people with admin permissions to a repository can configure {% data variables.product.prodname_code_scanning %} for that repository. People with write permissions to a repository can also configure {% data variables.product.prodname_code_scanning %}, but only by creating a workflow file or manually uploading a SARIF file.'
 redirect_from:
   - /github/managing-security-vulnerabilities/configuring-automated-code-scanning
   - /github/finding-security-vulnerabilities-and-errors-in-your-code/enabling-code-scanning
@@ -45,6 +45,8 @@ The {% data variables.code-scanning.tool_status_page %} shows useful information
 
 {% endif %}
 
+You can also enable {% data variables.product.prodname_code_scanning %} for multiple repositories in an organization at the same time. For more information, see "[AUTOTITLE](/code-security/getting-started/securing-your-organization)."
+
 {% ifversion ghae %}
 
 ## Prerequisites

diff --git a/...ent/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md b/...ent/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md
@@ -85,7 +85,7 @@ An enterprise owner must first set up {% data variables.product.prodname_dependa
 
 ## Managing {% data variables.product.prodname_dependabot_alerts %} for your organization
 
-{% ifversion fpt or ghec or ghes > 3.8 %}You can enable or disable {% data variables.product.prodname_dependabot_alerts %} for all repositories owned by your organization. Your changes affect all repositories.
+{% ifversion fpt or ghec or ghes > 3.8 %}You can enable or disable {% data variables.product.prodname_dependabot_alerts %} for some or all repositories owned by your organization. {% data reusables.security.note-securing-your-org %}
 
 {% ifversion dependabot-alerts-ghes-enablement %}
 An enterprise owner must first set up {% data variables.product.prodname_dependabot %} for your enterprise before you can manage {% data variables.product.prodname_dependabot_alerts %} for your repository. For more information, see "[AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)."{% endif %}
@@ -95,9 +95,9 @@ An enterprise owner must first set up {% data variables.product.prodname_dependa
 {% ifversion code-security-multi-repo-enablement %}
 You can use security overview to find a set of repositories and enable or disable {% data variables.product.prodname_dependabot_alerts %} for them all at the same time. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."
 
-You can also use the organization settings page for "Code security and analysis" to enable or disable {% data variables.product.prodname_dependabot_alerts %} for all existing repositories in an organization:
+You can also use the organization settings page for "Code security and analysis" to enable or disable {% data variables.product.prodname_dependabot_alerts %} for all existing repositories in an organization.
 {% else %}
-You can use the organization settings page for "Code security and analysis" to enable {% data variables.product.prodname_code_scanning %} for all existing repositories in an organization:
+You can use the organization settings page for "Code security and analysis" to enable {% data variables.product.prodname_dependabot_alerts %} for all existing repositories in an organization.
 {% endif %}
 
 {% data reusables.profile.access_org %}

diff --git a/...pendabot/dependabot-security-updates/configuring-dependabot-security-updates.md b/...pendabot/dependabot-security-updates/configuring-dependabot-security-updates.md
@@ -30,9 +30,9 @@ topics:
 
 ## About configuring {% data variables.product.prodname_dependabot_security_updates %}
 
-You can enable {% data variables.product.prodname_dependabot_security_updates %} at the repository level or for all repositories owned by your personal account or organization. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)."
+You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)."
 
-You can disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository or for all repositories owned by your personal account or organization.
+You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository{% ifversion code-security-multi-repo-enablement %}, for a selection of repositories in an organization,{% endif %} or for all repositories owned by your personal account or organization. For more information about enabling security features in an organization, see "[AUTOTITLE](/code-security/getting-started/securing-your-organization)."
 
 {% ifversion fpt or ghec %}{% data reusables.dependabot.dependabot-tos %}{% endif %}