1 files changed, 29 insertions, 11 deletions

diff --git a/doc/user/application_security/configuration/index.md b/doc/user/application_security/configuration/index.md
index 1195d07d7b7..a6ad701360e 100644
--- a/doc/user/application_security/configuration/index.md
+++ b/doc/user/application_security/configuration/index.md
@@ -7,23 +7,41 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 
 # Security Configuration **(ULTIMATE)**
 
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6.
+> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6.
+> - SAST configuration was [enabled](https://gitlab.com/groups/gitlab-org/-/epics/3659) in 13.3 and [improved](https://gitlab.com/gitlab-org/gitlab/-/issues/232862) in 13.4.
+> - DAST Profiles feature was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40474) in 13.4.
 
-The Security Configuration page displays the configuration state of each security feature in the
-current project. The page uses the project's latest default branch [CI pipeline](../../../ci/pipelines/index.md)
-to determine each feature's configuration state. If a job with the expected security report artifact
-exists in the pipeline, the feature is considered enabled.
+The Security Configuration page displays the configuration state of each security control in the
+current project.
 
-You can only enable SAST from the Security Configuration page. Documentation links are included for
-the other features. For details about configuring SAST, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui).
+To view a project's security configuration, go to the project's home page,
+then in the left sidebar go to **Security & Compliance > Configuration**.
+
+For each security control the page displays:
+
+- **Status** - Status of the security control: enabled, not enabled, or available.
+- **Manage** - A management option or a link to the documentation.
+
+## Status
+
+The status of each security control is determined by the project's latest default branch
+[CI pipeline](../../../ci/pipelines/index.md).
+If a job with the expected security report artifact exists in the pipeline, the feature's status is
+_enabled_.
+
+For SAST, click **View history** to see the `.gitlab-ci.yml` file’s history.
 
 NOTE: **Note:**
 If the latest pipeline used [Auto DevOps](../../../topics/autodevops/index.md),
 all security features are configured by default.
 
-## View Security Configuration
+## Manage
 
-To view a project's security configuration:
+You can configure the following security controls:
 
-1. Go to the project's home page.
-1. In the left sidebar, go to **Security & Configuration** > **Configuration**.
+- Auto DevOps
+  - Click **Enable Auto DevOps** to enable it for the current project. For more details, see [Auto DevOps](../../../topics/autodevops/index.md).
+- SAST
+  - Click either **Enable** or **Configure** to use SAST for the current project. For more details, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui).
+- DAST Profiles
+  - Click **Manage** to manage the available DAST profiles used for on-demand scans. For more details, see [DAST on-demand scans](../dast/index.md#on-demand-scans).