[Improvement]: Update "Securing your organization" to help users decide how to enable security features (#38240)

Co-authored-by: Felicity Chapman <[email protected]>
Co-authored-by: github-actions <[email protected]>
Co-authored-by: mc <[email protected]>

Author: 4 people

assets/images/help/security/enable-for-new-repos.png

@@ -32,7 +32,7 @@ In addition, {% data variables.product.prodname_actions %} must be enabled for t
 
 {% ifversion code-security-multi-repo-enablement %}
 
-You can use security overview to find a set of repositories and enable or disable default setup for {% data variables.product.prodname_code_scanning %} for them all at the same time. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."
+You can use security overview to identify which repositories in an organization are eligible for default setup for {% data variables.product.prodname_code_scanning %}. Then you can enable code scanning for some or all of these repositories at the same time. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."
 
 You can also use the organization settings page for "Code security and analysis" to enable {% data variables.product.prodname_code_scanning %} for all repositories in the organization that are eligible for {% data variables.product.prodname_codeql %} default setup.
 
@@ -45,6 +45,8 @@ You can use the organization settings page for "Code security and analysis" to e
 
 {% endif %}
 
+{% data reusables.security.note-securing-your-org %}
+
 ### Eligibility criteria for organization-level enablement
 
 A repository must meet all the following criteria to be eligible for default setup, otherwise you need to use advanced setup.

content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-at-scale.md

@@ -3,7 +3,7 @@ title: Configuring code scanning for a repository
 shortTitle: Configure code scanning
 intro: 'You can configure {% data variables.product.prodname_code_scanning %} for a repository to find security vulnerabilities in your code.'
 product: '{% data reusables.gated-features.code-scanning %}'
-permissions: 'People with admin permissions to a repository, or the security manager role for the repository, can configure {% data variables.product.prodname_code_scanning %} for that repository.  People with write permissions to a repository can also configure {% data variables.product.prodname_code_scanning %}, but only by creating a workflow file or manually uploading a SARIF file.'
+permissions: 'Organization owners, security managers, and people with admin permissions to a repository can configure {% data variables.product.prodname_code_scanning %} for that repository. People with write permissions to a repository can also configure {% data variables.product.prodname_code_scanning %}, but only by creating a workflow file or manually uploading a SARIF file.'
 redirect_from:
   - /github/managing-security-vulnerabilities/configuring-automated-code-scanning
   - /github/finding-security-vulnerabilities-and-errors-in-your-code/enabling-code-scanning
@@ -45,6 +45,8 @@ The {% data variables.code-scanning.tool_status_page %} shows useful information
 
 {% endif %}
 
+You can also enable {% data variables.product.prodname_code_scanning %} for multiple repositories in an organization at the same time. For more information, see "[AUTOTITLE](/code-security/getting-started/securing-your-organization)."
+
 {% ifversion ghae %}
 
 ## Prerequisites

content/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository.md

@@ -85,7 +85,7 @@ An enterprise owner must first set up {% data variables.product.prodname_dependa
 
 ## Managing {% data variables.product.prodname_dependabot_alerts %} for your organization
 
-{% ifversion fpt or ghec or ghes > 3.8 %}You can enable or disable {% data variables.product.prodname_dependabot_alerts %} for all repositories owned by your organization. Your changes affect all repositories.
+{% ifversion fpt or ghec or ghes > 3.8 %}You can enable or disable {% data variables.product.prodname_dependabot_alerts %} for some or all repositories owned by your organization. {% data reusables.security.note-securing-your-org %}
 
 {% ifversion dependabot-alerts-ghes-enablement %}
 An enterprise owner must first set up {% data variables.product.prodname_dependabot %} for your enterprise before you can manage {% data variables.product.prodname_dependabot_alerts %} for your repository. For more information, see "[AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise)."{% endif %}
@@ -95,9 +95,9 @@ An enterprise owner must first set up {% data variables.product.prodname_dependa
 {% ifversion code-security-multi-repo-enablement %}
 You can use security overview to find a set of repositories and enable or disable {% data variables.product.prodname_dependabot_alerts %} for them all at the same time. For more information, see "[AUTOTITLE](/code-security/security-overview/enabling-security-features-for-multiple-repositories)."
 
-You can also use the organization settings page for "Code security and analysis" to enable or disable {% data variables.product.prodname_dependabot_alerts %} for all existing repositories in an organization:
+You can also use the organization settings page for "Code security and analysis" to enable or disable {% data variables.product.prodname_dependabot_alerts %} for all existing repositories in an organization.
 {% else %}
-You can use the organization settings page for "Code security and analysis" to enable {% data variables.product.prodname_code_scanning %} for all existing repositories in an organization:
+You can use the organization settings page for "Code security and analysis" to enable {% data variables.product.prodname_dependabot_alerts %} for all existing repositories in an organization.
 {% endif %}
 
 {% data reusables.profile.access_org %}

content/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts.md

@@ -30,9 +30,9 @@ topics:
 
 ## About configuring {% data variables.product.prodname_dependabot_security_updates %}
 
-You can enable {% data variables.product.prodname_dependabot_security_updates %} at the repository level or for all repositories owned by your personal account or organization. You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)."
+You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see "[AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)."
 
-You can disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository or for all repositories owned by your personal account or organization.
+You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository{% ifversion code-security-multi-repo-enablement %}, for a selection of repositories in an organization,{% endif %} or for all repositories owned by your personal account or organization. For more information about enabling security features in an organization, see "[AUTOTITLE](/code-security/getting-started/securing-your-organization)."
 
 {% ifversion fpt or ghec %}{% data reusables.dependabot.dependabot-tos %}{% endif %}