Add latest changes from gitlab-org/gitlab@master

23 files changed, 51 insertions, 53 deletions

diff --git a/doc/administration/audit_event_streaming.md b/doc/administration/audit_event_streaming.md
index 92ccbe8b1a6..f2626a5d969 100644
--- a/doc/administration/audit_event_streaming.md
+++ b/doc/administration/audit_event_streaming.md
@@ -41,7 +41,7 @@ Streaming destinations receive **all** audit event data, which could include sen
 Users with the Owner role for a group can add streaming destinations for it:
 
 1. On the top bar, select **Main menu > Groups** and find your group.
-1. On the left sidebar, select **Security & Compliance > Audit events**.
+1. On the left sidebar, select **Security and Compliance > Audit events**.
 1. On the main area, select **Streams** tab.
 1. Select **Add streaming destination** to show the section for adding destinations.
 1. Enter the destination URL to add.
@@ -119,7 +119,7 @@ Users with the Owner role for a group can list streaming destinations.
 To list the streaming destinations:
 
 1. On the top bar, select **Main menu > Groups** and find your group.
-1. On the left sidebar, select **Security & Compliance > Audit events**.
+1. On the left sidebar, select **Security and Compliance > Audit events**.
 1. On the main area, select **Streams** tab.
 1. To the right of the item, select **Edit** (**{pencil}**) to see all the custom HTTP headers.
 
@@ -164,7 +164,7 @@ Users with the Owner role for a group can update streaming destinations.
 To update a streaming destinations custom HTTP headers:
 
 1. On the top bar, select **Main menu > Groups** and find your group.
-1. On the left sidebar, select **Security & Compliance > Audit events**.
+1. On the left sidebar, select **Security and Compliance > Audit events**.
 1. On the main area, select **Streams** tab.
 1. To the right of the item, select **Edit** (**{pencil}**).
 1. Locate the **Custom HTTP headers** table.
@@ -218,14 +218,14 @@ When the last destination is successfully deleted, streaming is disabled for the
 To delete a streaming destination:
 
 1. On the top bar, select **Main menu > Groups** and find your group.
-1. On the left sidebar, select **Security & Compliance > Audit events**.
+1. On the left sidebar, select **Security and Compliance > Audit events**.
 1. On the main area, select the **Streams** tab.
 1. To the right of the item, select **Delete** (**{remove}**).
 
 To delete only the custom HTTP headers for a streaming destination:
 
 1. On the top bar, select **Main menu > Groups** and find your group.
-1. On the left sidebar, select **Security & Compliance > Audit events**.
+1. On the left sidebar, select **Security and Compliance > Audit events**.
 1. On the main area, select the **Streams** tab.
 1. To the right of the item, **Edit** (**{pencil}**).
 1. Locate the **Custom HTTP headers** table.
@@ -282,7 +282,7 @@ the destination's value when [listing streaming destinations](#list-streaming-de
 Users with the Owner role for a group can list streaming destinations and see the verification tokens:
 
 1. On the top bar, select **Main menu > Groups** and find your group.
-1. On the left sidebar, select **Security & Compliance > Audit events**.
+1. On the left sidebar, select **Security and Compliance > Audit events**.
 1. On the main area, select the **Streams**.
 1. View the verification token on the right side of each item.
 
diff --git a/doc/administration/audit_events.md b/doc/administration/audit_events.md
index 623ecc841ed..47833224c0a 100644
--- a/doc/administration/audit_events.md
+++ b/doc/administration/audit_events.md
@@ -49,7 +49,7 @@ You can view audit events scoped to a group or project.
 To view a group's audit events:
 
 1. Go to the group.
-1. On the left sidebar, select **Security & Compliance > Audit Events**.
+1. On the left sidebar, select **Security and Compliance > Audit Events**.
 
 Group events do not include project audit events. Group events can also be accessed using the
 [Group Audit Events API](../api/audit_events.md#group-audit-events). Group event queries are limited to a maximum of 30
diff --git a/doc/ci/runners/index.md b/doc/ci/runners/index.md
index 41cde709143..d3bbd7d8816 100644
--- a/doc/ci/runners/index.md
+++ b/doc/ci/runners/index.md
@@ -20,7 +20,7 @@ in your [subscription plan](https://about.gitlab.com/pricing/).
 
 ## Security for GitLab SaaS runners
 
-GitLab SaaS runners on Linux and Windows run on Google Compute Platform. The [Google Infrastructure Security Design Overview whitepaper](https://cloud.google.com/docs/security/infrastructure/design/resources/google_infrastructure_whitepaper_fa.pdf) provides an overview of how Google designs security into its technical infrastructure. The GitLab [Trust Center](https://about.gitlab.com/security/) and [GitLab Security Compliance Controls](https://about.staging.gitlab.com/handbook/engineering/security/security-assurance/security-compliance/sec-controls.html) pages provide an overview of the Security and Compliance controls that govern the GitLab SaaS runners.
+GitLab SaaS runners on Linux and Windows run on Google Compute Platform. The [Google Infrastructure Security Design Overview whitepaper](https://cloud.google.com/docs/security/infrastructure/design/resources/google_infrastructure_whitepaper_fa.pdf) provides an overview of how Google designs security into its technical infrastructure. The GitLab [Trust Center](https://about.gitlab.com/security/) and [GitLab Security Compliance Controls](https://about.staging.gitlab.com/handbook/engineering/security/security-assurance/security-compliance/sec-controls.html) pages provide an overview of the security and compliance controls that govern the GitLab SaaS runners.
 
 The runner that serves as a Runner Manager automatically initiates the creation and deletion of the virtual machines (VMs) used for CI jobs. When the Runner Manager picks up a GitLab SaaS CI job, it automatically executes that job on a new VM. There is no human or manual intervention in this process. The following section provides an overview of the additional built-in layers that harden the security of the GitLab Runner SaaS CI build environment.
 
diff --git a/doc/ci/yaml/index.md b/doc/ci/yaml/index.md
index 9a4c1711516..083df241958 100644
--- a/doc/ci/yaml/index.md
+++ b/doc/ci/yaml/index.md
@@ -1941,9 +1941,8 @@ rspec:
 
 ### `hooks`
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/381840) in GitLab 15.6 [with a flag](../../administration/feature_flags.md) named `ci_hooks_pre_get_sources_script`. Disabled by default.
-> - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/381840) in GitLab 15.9.
-> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/381840-link) in GitLab 15.10. Feature flag `ci_hooks_pre_get_sources_script` removed.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/356850) in GitLab 15.6 [with a flag](../../administration/feature_flags.md) named `ci_hooks_pre_get_sources_script`. Disabled by default.
+> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/381840) in GitLab 15.10. Feature flag `ci_hooks_pre_get_sources_script` removed.
 
 Use `hooks` to specify lists of commands to execute on the runner
 at certain stages of job execution, like before retrieving the Git repository.
@@ -1957,9 +1956,8 @@ at certain stages of job execution, like before retrieving the Git repository.
 
 #### `hooks:pre_get_sources_script`
 
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/381840) in GitLab 15.6 [with a flag](../../administration/feature_flags.md) named `ci_hooks_pre_get_sources_script`. Disabled by default.
-> - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/381840) in GitLab 15.9.
-> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/381840-link) in GitLab 15.10. Feature flag `ci_hooks_pre_get_sources_script` removed.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/356850) in GitLab 15.6 [with a flag](../../administration/feature_flags.md) named `ci_hooks_pre_get_sources_script`. Disabled by default.
+> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/381840) in GitLab 15.10. Feature flag `ci_hooks_pre_get_sources_script` removed.
 
 Use `hooks:pre_get_sources_script` to specify a list of commands to execute on the runner
 before retrieving the Git repository and any submodules. You can use it
diff --git a/doc/development/permissions.md b/doc/development/permissions.md
index bf7f99de1ab..6ce2b855e64 100644
--- a/doc/development/permissions.md
+++ b/doc/development/permissions.md
@@ -60,7 +60,7 @@ Additionally, the following project features can have different visibility level
   - Pipelines
 - Analytics
 - Requirements
-- Security & Compliance
+- Security and Compliance
 - Wiki
 - Snippets
 - Pages
diff --git a/doc/user/admin_area/custom_project_templates.md b/doc/user/admin_area/custom_project_templates.md
index 847f687d051..78819def5de 100644
--- a/doc/user/admin_area/custom_project_templates.md
+++ b/doc/user/admin_area/custom_project_templates.md
@@ -18,7 +18,7 @@ is created, based on the user's access permissions:
 
 - Public projects can be selected by any authenticated user as a template for a new project,
   if all enabled [project features](../project/settings/index.md#configure-project-visibility-features-and-permissions)
-  except for **GitLab Pages** and **Security & Compliance** are set to **Everyone With Access**.
+  except for **GitLab Pages** and **Security and Compliance** are set to **Everyone With Access**.
   The same applies to internal projects.
 - Private projects can be selected only by users who are members of the projects.
 
diff --git a/doc/user/application_security/api_fuzzing/index.md b/doc/user/application_security/api_fuzzing/index.md
index b55c5a1b299..e6fb994d9b7 100644
--- a/doc/user/application_security/api_fuzzing/index.md
+++ b/doc/user/application_security/api_fuzzing/index.md
@@ -98,7 +98,7 @@ a YAML snippet that you can paste in your GitLab CI/CD configuration.
 To generate an API Fuzzing configuration snippet:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Configuration**.
+1. On the left sidebar, select **Security and Compliance > Configuration**.
 1. In the **API Fuzzing** row, select **Enable API Fuzzing**.
 1. Complete the fields. For details see [Available CI/CD variables](#available-cicd-variables).
 1. Select **Generate code snippet**.
@@ -1994,7 +1994,7 @@ When configured correctly, a CI/CD pipeline contains a `fuzz` stage and an `apif
 typical operation, the job always succeeds even if faults are identified during fuzz testing.
 
 Faults are displayed on the **Security** pipeline tab with the suite name. When testing against the
-repositories default branch, the fuzzing faults are also shown on the Security & Compliance's
+repositories default branch, the fuzzing faults are also shown on the Security and Compliance's
 Vulnerability Report page.
 
 To prevent an excessive number of reported faults, the API fuzzing scanner limits the number of
@@ -2026,7 +2026,7 @@ Follow these steps to view details of a fuzzing fault:
 
 1. You can view faults in a project, or a merge request:
 
-   - In a project, go to the project's **Security & Compliance > Vulnerability Report**
+   - In a project, go to the project's **Security and Compliance > Vulnerability Report**
      page. This page shows all vulnerabilities from the default branch only.
    - In a merge request, go the merge request's **Security** section and select the **Expand**
      button. API Fuzzing faults are available in a section labeled
diff --git a/doc/user/application_security/configuration/index.md b/doc/user/application_security/configuration/index.md
index ea422f0b33c..f0ca5173275 100644
--- a/doc/user/application_security/configuration/index.md
+++ b/doc/user/application_security/configuration/index.md
@@ -41,7 +41,7 @@ all security features are configured by default.
 To view a project's security configuration:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Configuration**.
+1. On the left sidebar, select **Security and Compliance > Configuration**.
 
 Select **Configuration history** to see the `.gitlab-ci.yml` file's history.
 
diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md
index b37aa53e48a..d76f5ebcfba 100644
--- a/doc/user/application_security/container_scanning/index.md
+++ b/doc/user/application_security/container_scanning/index.md
@@ -328,7 +328,7 @@ To enable Container Scanning in a project, create a merge request from the Secur
 page:
 
 1. In the project where you want to enable Container Scanning, go to
-   **Security & Compliance > Configuration**.
+   **Security and Compliance > Configuration**.
 1. In the **Container Scanning** row, select **Configure with a merge request**.
 
 This automatically creates a merge request with the changes necessary to enable Container Scanning.
diff --git a/doc/user/application_security/coverage_fuzzing/index.md b/doc/user/application_security/coverage_fuzzing/index.md
index 5d2593a1bed..820c150597a 100644
--- a/doc/user/application_security/coverage_fuzzing/index.md
+++ b/doc/user/application_security/coverage_fuzzing/index.md
@@ -54,7 +54,7 @@ You can use the following fuzzing engines to test the specified languages.
 To confirm the status of coverage-guided fuzz testing:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Configuration**.
+1. On the left sidebar, select **Security and Compliance > Configuration**.
 1. In the **Coverage Fuzzing** section the status is:
    - **Not configured**
    - **Enabled**
@@ -168,7 +168,7 @@ artifacts files you can download from the CI/CD pipeline. Also, a project member
 To view details of the corpus registry:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Configuration**.
+1. On the left sidebar, select **Security and Compliance > Configuration**.
 1. In the **Coverage Fuzzing** section, select **Manage corpus**.
 
 ### Create a corpus in the corpus registry
@@ -196,7 +196,7 @@ provided by the `COVFUZZ_CORPUS_NAME` variable. The corpus is updated on every p
 To upload an existing corpus file:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Configuration**.
+1. On the left sidebar, select **Security and Compliance > Configuration**.
 1. In the **Coverage Fuzzing** section, select **Manage corpus**.
 1. Select **New corpus**.
 1. Complete the fields.
diff --git a/doc/user/application_security/dast_api/index.md b/doc/user/application_security/dast_api/index.md
index 0cdbb879cfc..c663beab2e5 100644
--- a/doc/user/application_security/dast_api/index.md
+++ b/doc/user/application_security/dast_api/index.md
@@ -1924,7 +1924,7 @@ variables:
 
 When configured correctly, a CI/CD pipeline contains a `dast` stage and an `dast_api` job. The job only fails when an invalid configuration is provided. During typical operation, the job always succeeds even if vulnerabilities are identified during testing.
 
-Vulnerabilities are displayed on the **Security** pipeline tab with the suite name. When testing against the repositories default branch, the DAST API vulnerabilities are also shown on the Security & Compliance's Vulnerability Report page.
+Vulnerabilities are displayed on the **Security** pipeline tab with the suite name. When testing against the repositories default branch, the DAST API vulnerabilities are also shown on the Security and Compliance's Vulnerability Report page.
 
 To prevent an excessive number of reported vulnerabilities, the DAST API scanner limits the number of vulnerabilities it reports per operation.
 
@@ -1941,7 +1941,7 @@ Follow these steps to view details of a vulnerability:
 
 1. You can view vulnerabilities in a project, or a merge request:
 
-   - In a project, go to the project's **Security & Compliance > Vulnerability Report**
+   - In a project, go to the project's **Security and Compliance > Vulnerability Report**
      page. This page shows all vulnerabilities from the default branch only.
    - In a merge request, go the merge request's **Security** section and select the **Expand**
      button. DAST API vulnerabilities are available in a section labeled
diff --git a/doc/user/application_security/dependency_list/index.md b/doc/user/application_security/dependency_list/index.md
index b86d98471ac..f46c5e5e801 100644
--- a/doc/user/application_security/dependency_list/index.md
+++ b/doc/user/application_security/dependency_list/index.md
@@ -13,7 +13,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 Use the dependency list to review your project's dependencies and key
 details about those dependencies, including their known vulnerabilities. It is a collection of dependencies in your project, including existing and new findings.
 
-To see the dependency list, go to your project and select **Security & Compliance > Dependency list**.
+To see the dependency list, go to your project and select **Security and Compliance > Dependency list**.
 
 This information is sometimes referred to as a Software Bill of Materials, SBOM, or BOM.
 
diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index 579dd4dfc4f..ccca3c90c67 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -553,7 +553,7 @@ always take the latest dependency scanning artifact available.
 To enable Dependency Scanning in a project, you can create a merge request:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Configuration**.
+1. On the left sidebar, select **Security and Compliance > Configuration**.
 1. In the **Dependency Scanning** row, select **Configure with a merge request**.
 1. Review and merge the merge request to enable Dependency Scanning.
 
diff --git a/doc/user/application_security/iac_scanning/index.md b/doc/user/application_security/iac_scanning/index.md
index c2f1257f989..907248b7d65 100644
--- a/doc/user/application_security/iac_scanning/index.md
+++ b/doc/user/application_security/iac_scanning/index.md
@@ -119,7 +119,7 @@ that you can download and analyze.
 To enable IaC Scanning in a project, you can create a merge request:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Configuration**.
+1. On the left sidebar, select **Security and Compliance > Configuration**.
 1. In the **Infrastructure as Code (IaC) Scanning** row, select **Configure with a merge request**.
 1. Review and merge the merge request to enable IaC Scanning.
 
diff --git a/doc/user/application_security/policies/index.md b/doc/user/application_security/policies/index.md
index be10be8e707..1f53b671ed1 100644
--- a/doc/user/application_security/policies/index.md
+++ b/doc/user/application_security/policies/index.md
@@ -13,7 +13,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 Policies in GitLab provide security teams a way to require scans of their choice to be run
 whenever a project pipeline runs according to the configuration specified. Security teams can
 therefore be confident that the scans they set up have not been changed, altered, or disabled. You
-can access these by navigating to your project's **Security & Compliance > Policies** page.
+can access these by navigating to your project's **Security and Compliance > Policies** page.
 
 GitLab supports the following security policies:
 
@@ -59,7 +59,7 @@ As a project owner, take the following steps to create or edit an association be
 project and a project that you would like to designate as the security policy project:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Policies**.
+1. On the left sidebar, select **Security and Compliance > Policies**.
 1. Select **Edit Policy Project**, and search for and select the
    project you would like to link from the dropdown list.
 1. Select **Save**.
@@ -83,7 +83,7 @@ policy's information (for example, description or enforcement
 status), and create and edit deployed policies:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Policies**.
+1. On the left sidebar, select **Security and Compliance > Policies**.
 
 ![Policies List Page](img/policies_list_v15_1.png)
 
@@ -94,7 +94,7 @@ status), and create and edit deployed policies:
 You can use the policy editor to create, edit, and delete policies:
 
 1. On the top bar, select **Main menu > Projects** and find your group.
-1. On the left sidebar, select **Security & Compliance > Policies**.
+1. On the left sidebar, select **Security and Compliance > Policies**.
    - To create a new policy, select **New policy** which is located in the **Policies** page's header.
      You can then select which type of policy to create.
    - To edit an existing policy, select **Edit policy** in the selected policy drawer.
diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md
index b0d84e4cff9..7cb381fe7e5 100644
--- a/doc/user/application_security/sast/index.md
+++ b/doc/user/application_security/sast/index.md
@@ -303,7 +303,7 @@ successfully, and an error may occur.
 To enable and configure SAST with customizations:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Configuration**.
+1. On the left sidebar, select **Security and Compliance > Configuration**.
 1. If the project does not have a `.gitlab-ci.yml` file, select **Enable SAST** in the Static
    Application Security Testing (SAST) row, otherwise select **Configure SAST**.
 1. Enter the custom SAST values.
@@ -330,7 +330,7 @@ successfully, and an error may occur.
 To enable and configure SAST with default settings:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance** > **Configuration**.
+1. On the left sidebar, select **Security and Compliance** > **Configuration**.
 1. In the SAST section, select **Configure with a merge request**.
 1. Review and merge the merge request to enable SAST.
 
diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md
index d6aab71a2c6..3155114d98a 100644
--- a/doc/user/application_security/secret_detection/index.md
+++ b/doc/user/application_security/secret_detection/index.md
@@ -185,7 +185,7 @@ error may occur. In that case, use the [manual](#edit-the-gitlabciyml-file-manua
 To enable Secret Detection automatically:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Configuration**.
+1. On the left sidebar, select **Security and compliance > Configuration**.
 1. In the **Secret Detection** row, select **Configure with a merge request**.
 1. Optional. Complete the fields.
 1. Select **Create merge request**.
diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md
index 398c86d094a..4b9aeefcfe9 100644
--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -64,7 +64,7 @@ Project Security Dashboards show statistics for all vulnerabilities with a curre
 To view total number of vulnerabilities over time:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Security Dashboard**.
+1. On the left sidebar, select **Security and Compliance > Security Dashboard**.
 1. Filter and search for what you need.
    - To filter the chart by severity, select the legend name.
    - To view a specific time frame, use the time range handles (**{scroll-handle}**).
@@ -77,7 +77,7 @@ To view total number of vulnerabilities over time:
 To download an SVG image of the vulnerabilities chart:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Security dashboard**.
+1. On the left sidebar, select **Security and Compliance > Security dashboard**.
 1. Select **Save chart as an image** (**{download}**).
 
 ## View vulnerabilities over time for a group
diff --git a/doc/user/application_security/vulnerabilities/index.md b/doc/user/application_security/vulnerabilities/index.md
index c13f8ccc18e..ede86f29fc9 100644
--- a/doc/user/application_security/vulnerabilities/index.md
+++ b/doc/user/application_security/vulnerabilities/index.md
@@ -54,7 +54,7 @@ no longer detected, and change their status.
 To change a vulnerability's status from its Vulnerability Page:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Vulnerability report**.
+1. On the left sidebar, select **Security and Compliance > Vulnerability report**.
 1. Select the vulnerability's description.
 1. From the **Status** dropdown list select a status, then select **Change status**.
 1. Optionally, at the bottom of the page, add a comment to the log entry.
@@ -80,7 +80,7 @@ that when Jira integration is enabled, the GitLab issue feature is not available
 To create a GitLab issue for a vulnerability:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Vulnerability report**.
+1. On the left sidebar, select **Security and Compliance > Vulnerability report**.
 1. Select the vulnerability's description.
 1. Select **Create issue**.
 
@@ -102,7 +102,7 @@ Prerequisites:
 To create a Jira issue for a vulnerability:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Vulnerability report**.
+1. On the left sidebar, select **Security and Compliance > Vulnerability report**.
 1. Select the vulnerability's description.
 1. Select **Create Jira issue**.
 1. If you're not already logged in to Jira, sign in.
@@ -135,7 +135,7 @@ Be aware of the following conditions between a vulnerability and a linked issue:
 To link a vulnerability to existing issues:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Vulnerability report**.
+1. On the left sidebar, select **Security and Compliance > Vulnerability report**.
 1. Select the vulnerability's description.
 1. In the **Linked issues** section, select the plus icon (**{plus}**).
 1. For each issue to be linked, either:
@@ -170,7 +170,7 @@ To resolve a vulnerability, you can either:
 To resolve the vulnerability with a merge request:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Vulnerability report**.
+1. On the left sidebar, select **Security and Compliance > Vulnerability report**.
 1. Select the vulnerability's description.
 1. From the **Resolve with merge request** dropdown list, select **Resolve with merge request**.
 
@@ -182,7 +182,7 @@ Process the merge request according to your standard workflow.
 To manually apply the patch that GitLab generated for a vulnerability:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Vulnerability report**.
+1. On the left sidebar, select **Security and Compliance > Vulnerability report**.
 1. Select the vulnerability's description.
 1. From the **Resolve with merge request** dropdown list, select **Download patch to resolve**.
 1. Ensure your local project has the same commit checked out that was used to generate the patch.
@@ -204,7 +204,7 @@ Security training helps your developers learn how to fix vulnerabilities. Develo
 To enable security training for vulnerabilities in your project:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Configuration**.
+1. On the left sidebar, select **Security and Compliance > Configuration**.
 1. On the tab bar, select **Vulnerability Management**.
 1. To enable a security training provider, turn on the toggle.
 
@@ -222,6 +222,6 @@ Vulnerabilities with a CWE are most likely to return a training result.
 To view the security training for a vulnerability:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Vulnerability report**.
+1. On the left sidebar, select **Security and Compliance > Vulnerability report**.
 1. Select the vulnerability for which you want to view security training.
 1. Select **View training**.
diff --git a/doc/user/application_security/vulnerability_report/index.md b/doc/user/application_security/vulnerability_report/index.md
index 6b2f7f0655d..3d7565f97bc 100644
--- a/doc/user/application_security/vulnerability_report/index.md
+++ b/doc/user/application_security/vulnerability_report/index.md
@@ -45,7 +45,7 @@ At the project level, the Vulnerability Report also contains:
 To view the project-level vulnerability report:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Vulnerability report**.
+1. On the left sidebar, select **Security and Compliance > Vulnerability report**.
 
 ## Vulnerability Report actions
 
@@ -256,7 +256,7 @@ To undo this action, select a different status from the same menu.
 To add a new vulnerability finding from your project level Vulnerability Report page:
 
 1. On the top bar, select **Main menu > Projects** and find your project.
-1. On the left sidebar, select **Security & Compliance > Vulnerability Report**.
+1. On the left sidebar, select **Security and Compliance > Vulnerability Report**.
 1. Select **Submit vulnerability**.
 1. Complete the fields and submit the form.
 
diff --git a/doc/user/compliance/compliance_report/index.md b/doc/user/compliance/compliance_report/index.md
index 5cd8012f78d..abf52be610c 100644
--- a/doc/user/compliance/compliance_report/index.md
+++ b/doc/user/compliance/compliance_report/index.md
@@ -32,7 +32,7 @@ Prerequisites:
 To view the compliance report:
 
 1. On the top bar, select **Main menu > Groups** and find your group.
-1. On the left sidebar, select **Security & Compliance > Compliance report**.
+1. On the left sidebar, select **Security and Compliance > Compliance report**.
 
 ### Severity levels scale
 
@@ -120,7 +120,7 @@ If the commit has a related merge commit, then the following are also included:
 To generate the Chain of Custody report:
 
 1. On the top bar, select **Main menu > Groups** and find your group.
-1. On the left sidebar, select **Security & Compliance > Compliance report**.
+1. On the left sidebar, select **Security and Compliance > Compliance report**.
 1. Select **List of all merge commits**.
 
 The Chain of Custody report is either:
@@ -137,7 +137,7 @@ Authenticated group owners can generate a commit-specific Chain of Custody repor
 - Using the GitLab UI:
 
   1. On the top bar, select **Main menu > Groups** and find your group.
-  1. On the left sidebar, select **Security & Compliance > Compliance report**.
+  1. On the left sidebar, select **Security and Compliance > Compliance report**.
   1. At the top of the compliance report, to the right of **List of all merge commits**, select the down arrow (**{chevron-lg-down}**).
   1. Enter the merge commit SHA, and then select **Export commit custody report**.
      SHA and then select **Export commit custody report**.
diff --git a/doc/user/group/custom_project_templates.md b/doc/user/group/custom_project_templates.md
index 2716db27037..d205e834e60 100644
--- a/doc/user/group/custom_project_templates.md
+++ b/doc/user/group/custom_project_templates.md
@@ -42,7 +42,7 @@ Projects in nested subgroups are not included in the template list.
 
 - Public and internal projects can be selected by any authenticated user as a template for a new project,
   if all [project features](../project/settings/index.md#configure-project-visibility-features-and-permissions)
-  except for **GitLab Pages** and **Security & Compliance** are set to **Everyone With Access**.
+  except for **GitLab Pages** and **Security and Compliance** are set to **Everyone With Access**.
 - Private projects can be selected only by users who are members of the projects.
 
 ## Example structure
diff --git a/doc/user/project/settings/index.md b/doc/user/project/settings/index.md
index ed4eea56514..7d3e5a72289 100644
--- a/doc/user/project/settings/index.md
+++ b/doc/user/project/settings/index.md
@@ -87,7 +87,7 @@ Use the toggles to enable or disable features in the project.
 | **Container Registry**           |                           | Activates a [registry](../../packages/container_registry/index.md) for your Docker images.                                                             |
 | **Analytics**                    | ✓                         | Enables [analytics](../../analytics/index.md).                                                                                                         |
 | **Requirements**                 | ✓                         | Control access to [Requirements Management](../requirements/index.md).                                                                                 |
-| **Security & Compliance**        | ✓                         | Control access to [security features](../../application_security/index.md).                                                                            |
+| **Security and Compliance**      | ✓                         | Control access to [security features](../../application_security/index.md).                                                                            |
 | **Wiki**                         | ✓                         | Enables a separate system for [documentation](../wiki/index.md).                                                                                       |
 | **Snippets**                     | ✓                         | Enables [sharing of code and text](../../snippets.md).                                                                                                 |
 | **Pages**                        | ✓                         | Allows you to [publish static websites](../pages/index.md).                                                                                            |