diff --git a/public/robots.txt b/public/robots.txt
index 2614eb35265613d..4c9d3a6fccebcb5 100644
--- a/public/robots.txt
+++ b/public/robots.txt
@@ -5,5 +5,6 @@ Disallow: /plans/
Disallow: /constellation
Disallow: /cdn-cgi/
Disallow: /google-tag-first-party-mode/
+Disallow: /security/
Sitemap: https://developers.cloudflare.com/sitemap-index.xml
diff --git a/src/components/overrides/Head.astro b/src/components/overrides/Head.astro
index 28199bac23f545d..e56f74f6e573928 100644
--- a/src/components/overrides/Head.astro
+++ b/src/components/overrides/Head.astro
@@ -10,6 +10,7 @@ import type { CollectionEntry } from "astro:content";
// grab the current top-level folder. Remove . characters for 1.1.1.1 URL
const currentSection = Astro.url.pathname.split("/")[1].replaceAll(".", "");
const head = Astro.locals.starlightRoute.entry.data.head;
+const noIndexProductsList = ["style-guide", "security"];
if (currentSection) {
const product = await getEntry("products", currentSection);
@@ -77,7 +78,7 @@ if (currentSection) {
}
}
- if (currentSection === "style-guide") {
+ if (noIndexProductsList.includes(currentSection)) {
head.push({
tag: "meta",
attrs: {
diff --git a/src/content/docs/api-shield/security/jwt-validation/index.mdx b/src/content/docs/api-shield/security/jwt-validation/index.mdx
index 8270b6083c3ff07..9e5bd43805c13f2 100644
--- a/src/content/docs/api-shield/security/jwt-validation/index.mdx
+++ b/src/content/docs/api-shield/security/jwt-validation/index.mdx
@@ -35,7 +35,8 @@ To automatically keep your JWKS up to date when your identity provider refreshes
1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/login) and select your account and domain.
2. Go to **Security** > **API Shield** > **API Rules**.
-3. Add a name for your rule.
+3.
+ Add a name for your rule.
4. Select a hostname to protect requests with saved endpoints using the rule.
5. Deselect any endpoints that you want JWT Validation to ignore (for example, an endpoint used to generate a JWT).
6. Select the Token Validation Configuration that corresponds to the incoming requests.
diff --git a/src/content/docs/api-shield/security/sequence-mitigation/index.mdx b/src/content/docs/api-shield/security/sequence-mitigation/index.mdx
index 1ec3ca47a75f782..2138097dfd11abd 100644
--- a/src/content/docs/api-shield/security/sequence-mitigation/index.mdx
+++ b/src/content/docs/api-shield/security/sequence-mitigation/index.mdx
@@ -45,7 +45,8 @@ For example, if there was an authorization bug that allowed users to iterate thr
1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account and domain.
2. Go to **Security** > **API Shield** > **API Rules**.
3. Select **Create sequence rule**.
-4. Name your rule.
+4.
+ Name your rule.
5. Select a starting endpoint. This is the endpoint that you expect users to hit first in their request flow when using your API.
1. Choose a hostname to display the list of endpoints for that hostname.
2. Choose an endpoint.
diff --git a/src/content/docs/page-shield/policies/create-dashboard.mdx b/src/content/docs/page-shield/policies/create-dashboard.mdx
index c0f54455ca9fc77..be65a950a7284da 100644
--- a/src/content/docs/page-shield/policies/create-dashboard.mdx
+++ b/src/content/docs/page-shield/policies/create-dashboard.mdx
@@ -13,7 +13,8 @@ description: Learn how to create a Page Shield policy in the Cloudflare dashboar
3. Select **Create policy**.
-4. Enter a descriptive name for the rule in **Description**.
+4.
+ Enter a descriptive name for the rule in **Description**.
5. Under **If incoming requests match**, define the policy scope. You can use the Expression Builder (specifying one or more values for **Field**, **Operator**, and **Value**) or manually enter an expression using the Expression Editor. For more information, refer to [Edit expressions in the dashboard](/ruleset-engine/rules-language/expressions/edit-expressions/).
@@ -23,7 +24,6 @@ description: Learn how to create a Page Shield policy in the Cloudflare dashboar
- To refresh the displayed sources based on Page Shield's detected resources, select **Refresh suggestions**.
:::note
-
Page Shield provides suggestions for **Default**, **Scripts**, and **Connections** directives. For the **Default** directive, suggestions are based on monitored scripts and connections resources.
:::
diff --git a/src/content/docs/security/analytics.mdx b/src/content/docs/security/analytics.mdx
new file mode 100644
index 000000000000000..4e00eaf7257080c
--- /dev/null
+++ b/src/content/docs/security/analytics.mdx
@@ -0,0 +1,58 @@
+---
+title: Security Analytics
+pcx_content_type: concept
+sidebar:
+ order: 3
+description: Security Analytics shows information about all incoming HTTP requests or mitigated requests (rule matches).
+---
+
+import { GlossaryTooltip } from "~/components";
+
+Security Analytics shows information about all incoming HTTP requests or only about requests mitigated by Cloudflare.
+
+Use Security Analytics as your starting point to understand and analyze traffic patterns, and to create security rules based on the filters you applied.
+
+## Traffic
+
+The **Traffic** tab displays information about all incoming HTTP requests for your domain, including requests not handled by Cloudflare security products.
+
+In this tab you can perform several tasks:
+
+- View the traffic distribution for your domain.
+- Understand which traffic is being mitigated by Cloudflare security products, and where non-mitigated traffic is being served from (Cloudflare global network or [origin server](https://www.cloudflare.com/learning/cdn/glossary/origin-server/)).
+- Analyze suspicious traffic and create tailored custom [security rules](/security/rules/) based on applied filters.
+- [Find an appropriate rate limit](/waf/rate-limiting-rules/find-rate-limit/) for incoming traffic.
+
+For information on how to use the **Traffic** tab, refer to [Security Analytics](/waf/analytics/security-analytics/#adjusting-displayed-data).
+
+If you need to modify existing security-related rules you already configured, consider also using the [Events](#events) tab. This tab displays information about requests affected by Cloudflare security products.
+
+### Suspicious activity
+
+The suspicious activity gives you information about suspicious requests that were identified by the Cloudflare detections you have enabled. The supported detections include:
+
+- [Account takeover](/bots/concepts/detection-ids/#account-takeover-detections)
+- [Leaked credential check](/waf/detections/leaked-credentials/) (only for user and password leaked)
+- [Malicious uploads](/waf/detections/malicious-uploads/)
+- Firewall for AI
+- [WAF attack score](/waf/detections/attack-score/)
+
+Each suspicious activity is classified with a severity score that can vary from critical to low. You can use the filter option to investigate further.
+
+:::note
+The **Traffic** tab includes functionality available in the [Security Analytics](/waf/analytics/security-analytics/) page in the previous dashboard navigation structure. However, some page elements will appear in a different order, or they may be unavailable in the **Traffic** tab, such as Insights or the score-based analyses sidebar.
+:::
+
+## Events
+
+Use the **Events** tab to review mitigated requests and to tailor your security configurations.
+
+The **Events** tab displays information about requests actioned or flagged by Cloudflare security products. Each incoming HTTP request might generate one or more security events. The tab only shows these events, not the HTTP requests themselves. To obtain information on all incoming HTTP requests, use the [Traffic](#traffic) tab.
+
+Users on a Free plan can view summarized events by date in sampled logs. Customers on paid plans have access to additional graphs and dashboards that summarize the most relevant information about the current behavior of Cloudflare's security features on your zone.
+
+For more information on the **Events** tab, refer to [Security Events](/waf/analytics/security-events/).
+
+:::note
+The **Events** tab corresponds to the [Security Events](/waf/analytics/security-events/) page in the previous dashboard navigation structure.
+:::
diff --git a/src/content/docs/security/index.mdx b/src/content/docs/security/index.mdx
new file mode 100644
index 000000000000000..c88c7f3a5d29444
--- /dev/null
+++ b/src/content/docs/security/index.mdx
@@ -0,0 +1,66 @@
+---
+title: Security dashboard (beta)
+pcx_content_type: overview
+sidebar:
+ order: 1
+description: The Security dashboard (beta) helps you understand the current security posture of your web applications and allows you configure different security rules for those applications.
+head:
+ - tag: title
+ content: Overview
+---
+
+import { Card, CardGrid, Feature, LinkTitleCard, RelatedProduct } from "~/components";
+
+The Security dashboard (beta) is your starting point to better understand the security posture of your web applications, and to configure rules to protect them.
+
+
+
+The new **Security** navigation in the Cloudflare dashboard is currently available in beta for users that opt in to the new user interface. To opt in:
+
+1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com), and select your account and domain.
+2. Open any page under **Security**.
+3. In the top right-hand corner of the page, select **Try new security dashboard**.
+
+You can swap back to the previous dashboard at any time by selecting **Return to old security dashboard** in the same page location.
+
+
+
+## Features
+
+
+ Get a high-level overview of your domain's security posture.
+
+
+
+ Shows information about all incoming HTTP requests or mitigated requests (rule
+ matches). Tailor your security configurations based on sampled logs.
+
+
+
+ Discover your web assets (including API endpoints) and instruct Cloudflare how
+ to best protect them.
+
+
+
+ Perform security actions on incoming requests that match specified filters.
+
+
+---
+
+## More resources
+
+
+
+
+ Compare available Cloudflare plans
+
+
+
diff --git a/src/content/docs/security/overview.mdx b/src/content/docs/security/overview.mdx
new file mode 100644
index 000000000000000..a20b3268efa1e6f
--- /dev/null
+++ b/src/content/docs/security/overview.mdx
@@ -0,0 +1,17 @@
+---
+title: Security overview
+pcx_content_type: concept
+sidebar:
+ order: 2
+---
+
+Security overview provides a high-level security overview of you zone. Security overview allows you to review the security posture of your domain. The security overview page is available on both the new security dashboard as well as the existing security dashboard.
+
+The Security overview page will display the following information:
+
+- **Traffic last 7 days**: Review traffic from the last seven days that has been mitigated, served by Cloudflare, and served by origin.
+- **Security posture**:
+ - **Configurations**: Review your currently enabled configurations, and whether additional configurations are required for them.
+ - **Suggestions**: Review security suggestions to improve your security posture.
+- **Rules with the most activity**: Review the number of times a security rule has been activated by matching requests.
+- **Last updated rules**: Review rules you recently changed.
diff --git a/src/content/docs/security/rules.mdx b/src/content/docs/security/rules.mdx
new file mode 100644
index 000000000000000..4aa323d5441475e
--- /dev/null
+++ b/src/content/docs/security/rules.mdx
@@ -0,0 +1,51 @@
+---
+title: Security rules
+pcx_content_type: concept
+sidebar:
+ order: 5
+description: Security rules perform security actions on incoming requests that match specified filters.
+---
+
+Security rules perform security-related actions on incoming requests that match specified filters. Rules are evaluated and executed in order, from first to last.
+
+## Security rules
+
+The **Security rules** tab includes a list of different types of rules configured in your zone to protect your applications and resources.
+
+To create a security rule:
+
+1. Log in to the [Cloudflare dashboard](https://dash.cloudflare.com/) and select your account and zone.
+2. Go to **Security** > **Security rules**.
+3. (Optional) Select **Templates**, and then select a template from the list. You can customize the default configuration of the template before deploying the new rule. Refer to the resources listed in the next step.
+4. Select **Create rule** > select the type of rule you want to create. Refer to the following resources about each rule type:
+ - [Custom rules](/waf/custom-rules/create-dashboard/#rule-form)
+ - [Rate limiting rules](/waf/rate-limiting-rules/create-zone-dashboard/#rule-form)
+ - [API sequence rules](/api-shield/security/sequence-mitigation/#rule-form)
+ - [API JWT validation rules](/api-shield/security/jwt-validation/#rule-form) (requires a [token configuration](/security/settings/#all-settings))
+ - [Managed rules exceptions](/waf/managed-rules/waf-exceptions/define-dashboard/#2-define-basic-exception-parameters)
+ - [Content security rules](/page-shield/policies/create-dashboard/#rule-form) (previously known as Page Shield policies)
+
+:::note[Notes]
+
+The **Security rules** tab includes functionality available in different products in the previous dashboard navigation structure, such as the [WAF](/waf/), [API Shield](/api-shield/), and [Page Shield](/page-shield/).
+
+The tab may show additional rule types if you have configured at least one of the following:
+
+- [IP access rules](/waf/tools/ip-access-rules/)
+- [User agent blocking rules](/waf/tools/user-agent-blocking/)
+- [Zone lockdown rules](/waf/tools/zone-lockdown/)
+
+:::
+
+## DDoS protection
+
+The **DDoS Protection** tab shows the multiple DDoS mitigation services provided by Cloudflare. You can create rules to override these mitigation tools. DDoS attack protection overrides are only available to Enterprise customers with the Advanced DDoS Protection subscription.
+
+To learn more about DDoS protection overrides, refer to the following resources:
+
+- [HTTP DDoS attack protection overrides](/ddos-protection/managed-rulesets/http/override-expressions/)
+- [Network-layer DDoS attack protection overrides](/ddos-protection/managed-rulesets/network/override-expressions/)
+
+:::note
+You define overrides for the Network-layer DDoS attack protection managed ruleset at the account level in Account Home > **L3/4 DDoS** > **Network-layer DDoS Protection**.
+:::
diff --git a/src/content/docs/security/settings.mdx b/src/content/docs/security/settings.mdx
new file mode 100644
index 000000000000000..afd59e40d6549cd
--- /dev/null
+++ b/src/content/docs/security/settings.mdx
@@ -0,0 +1,106 @@
+---
+title: Security settings
+pcx_content_type: concept
+sidebar:
+ order: 6
+ label: Settings
+description: Configure different Cloudflare security features that protect your web applications, APIs, and resources.
+---
+
+This page describes the settings available in **Security** > **Settings** for a given zone.
+
+## Security modules
+
+### Web application exploits module
+
+In the **Web application exploits** security module you can enable and configure the following managed rulesets and detections:
+
+- [Cloudflare Managed Ruleset](/waf/managed-rules/reference/cloudflare-managed-ruleset/)
+- [Cloudflare OWASP Core Ruleset](/waf/managed-rules/reference/owasp-core-ruleset/)
+- [Leaked credentials detection](/waf/detections/leaked-credentials/)
+- [Malicious upload detection](/waf/detections/malicious-uploads/)
+- [Sensitive data detection ruleset](/waf/managed-rules/reference/sensitive-data-detection/)
+- Firewall for AI
+
+Refer to each linked page for details.
+
+:::note
+The web application exploits module includes features and settings from the [Cloudflare WAF](/waf/) in the previous dashboard navigation structure.
+:::
+
+### DDoS attacks module
+
+The **DDoS protection** security module shows the multiple DDoS mitigation services provided by Cloudflare. You can create rules to override these mitigation tools. DDoS attack protection overrides are only available to Enterprise customers with the Advanced DDoS Protection subscription.
+
+To learn more about DDoS protection overrides, refer to the following resources:
+
+- [HTTP DDoS attack protection overrides](/ddos-protection/managed-rulesets/http/override-expressions/)
+- [Network-layer DDoS attack protection overrides](/ddos-protection/managed-rulesets/network/override-expressions/)
+
+:::note
+You define overrides for the Network-layer DDoS attack protection managed ruleset at the account level in Account Home > **L3/4 DDoS** > **Network-layer DDoS Protection**.
+:::
+
+### Bot traffic module
+
+In the **Bot traffic** security module you can perform the following tasks:
+
+- Enable [Bot fight mode](/bots/get-started/free/) (depending on your Cloudflare plan).
+- Enable [Super Bot fight mode](/bots/get-started/pro/) (depending on your Cloudflare plan).
+- Review information about [Bot Management](/bots/get-started/bm-subscription/) (always enabled if included in your Enterprise subscriptions).
+- Turn on [Block AI Bots](/bots/concepts/bot/#ai-bots).
+
+:::note
+The bot traffic module includes features and settings from [Bots](/bots/) in the previous dashboard navigation structure.
+:::
+
+### API abuse module
+
+In the **API abuse** security module you can perform the following tasks:
+
+- Review information about [Endpoint Discovery](/api-shield/security/api-discovery/) (always enabled if included in your Enterprise subscriptions).
+- Enable [Sequence Discovery](/api-shield/security/sequence-analytics/) (requires that you configure a session identifier).
+- Enable [Schema Validation](/api-shield/security/schema-validation/) (requires that you upload a schema or apply a learned schema).
+- Enable [JWT Validation](/api-shield/security/jwt-validation/) (requires that you add a [JWT configuration](/api-shield/security/jwt-validation/configure/#token-configurations)).
+
+:::note
+The API abuse module includes features and settings from [API Shield](/api-shield/) in the previous dashboard navigation structure.
+:::
+
+### Client-side abuse module
+
+In the **Client-side abuse** security module you can perform the following tasks:
+
+- Turn [continuous script monitoring](/page-shield/how-it-works/) on or off (previously you turned [Page Shield](/page-shield/) on or off).
+- Create a [client-side protection alert](/page-shield/reference/alerts/) (also known as a Page Shield alert).
+- Set the [reporting endpoint](/page-shield/reference/settings/#reporting-endpoint) to use your hostname instead of a Cloudflare-owned endpoint (only for Enterprise customers with a paid add-on).
+- Adjust the [data logged in client-side abuse reports](/page-shield/reference/settings/#connection-target-details) (only the hostname or the full URI).
+
+:::note
+The client-side abuse module includes features and settings from [Page Shield](/page-shield/) in the previous dashboard navigation structure.
+:::
+
+## All settings
+
+This section allows you to configure multiple security-related settings. The following table links to additional information about each setting:
+
+| Setting | Location in previous dashboard navigation |
+| ------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- |
+| [Endpoint labels](/api-shield/management-and-monitoring/endpoint-labels/) | **Security** > **Settings** > **Labels** |
+| [Session identifiers](/api-shield/management-and-monitoring/session-identifiers/#rule-form) | **Security** > **API Shield** > **Settings** |
+| [Uploaded schemas](/api-shield/security/schema-validation/) | **Security** > **API Shield** > **Schema Validation** |
+| [Learned schemas](/api-shield/security/schema-validation/) | **Security** > **API Shield** > **Schema Validation** |
+| [Token configuration](/api-shield/security/jwt-validation/#add-a-token-validation-configuration) | **Security** > **API Shield** > **Settings** |
+| [Alerts: client-side protection](/page-shield/detection/configure-alerts/#rule-form) | **Security** > **Page Shield** > **Settings** Account Home > **Notifications** |
+| [Reporting endpoint](/page-shield/reference/settings/#reporting-endpoint) | **Security** > **Page Shield** > **Settings** |
+| [Data processing](/page-shield/reference/settings/#connection-target-details) | **Security** > **Page Shield** > **Settings** |
+| [IP lists](/waf/tools/lists/custom-lists/#lists-with-ip-addresses-ip-lists) | Account Home > **Manage Account** > **Configurations** |
+| [Custom username and password location](/waf/detections/leaked-credentials/#custom-detection-locations) | **Security** > **Settings** |
+| [Custom content location](/waf/detections/malicious-uploads/#custom-scan-expressions) | **Security** > **Settings** |
+| [JavaScript detections](/bots/reference/javascript-detections/) | **Security** > **Bots** > **Configure Super Bot Fight Mode Security** > **Bots** > **Configure Bot Management** |
+| [Auto-update machine learning model](/bots/reference/machine-learning-models/) | **Security** > **Bots** > **Configure Bot Management** |
+| [Enable Security.txt](/security-center/infrastructure/security-file/) | **Security** > **Settings** |
+| [Challenge Passage](/waf/tools/challenge-passage/) | **Security** > **Settings** |
+| [Browser Integrity Check](/waf/tools/browser-integrity-check/) | **Security** > **Settings** |
+| [Replace insecure JavaScript libraries](/waf/tools/replace-insecure-js-libraries/) | **Security** > **Settings** |
+| [Security Level](/waf/tools/security-level/) | **Security** > **Settings** |
diff --git a/src/content/docs/security/web-asset-discovery.mdx b/src/content/docs/security/web-asset-discovery.mdx
new file mode 100644
index 000000000000000..17bd5cf3a7ade3f
--- /dev/null
+++ b/src/content/docs/security/web-asset-discovery.mdx
@@ -0,0 +1,77 @@
+---
+title: Web asset discovery
+pcx_content_type: concept
+sidebar:
+ order: 4
+description: Discover web assets such as your API endpoints and instruct Cloudflare how to best protect them.
+---
+
+Discover web assets such as your API endpoints and instruct Cloudflare how to best protect them.
+
+## Endpoints
+
+Use the **Endpoints** tab to manage endpoints available on your domain and monitor their health.
+
+You can save endpoints directly from [API Discovery](/api-shield/security/api-discovery/), [manually](/api-shield/management-and-monitoring/#add-endpoints-manually) by method, path, and host, or via [Schema Validation](/api-shield/management-and-monitoring/#add-endpoints-from-schema-validation).
+
+This will add the specified endpoints to your list of managed endpoints. You can view your list of managed endpoints in the **Endpoints** tab.
+
+Cloudflare will start collecting [performance data](/api-shield/management-and-monitoring/#endpoint-analysis) on your endpoint when you save an endpoint.
+
+For more information on how to manage your endpoints, refer to the following resources.
+
+- [Endpoint Management](/api-shield/management-and-monitoring/)
+- [Endpoint schema learning](/api-shield/management-and-monitoring/#endpoint-schema-learning)
+- [Endpoint Analysis](/api-shield/management-and-monitoring/#endpoint-analysis)
+
+## Discovery
+
+**Discovery** continuously finds your active API endpoints via path normalization.
+
+[Add endpoints](/api-shield/management-and-monitoring/#add-endpoints-from-api-discovery) to produce recommendations and analytics of your APIs. Your [session identifiers](/api-shield/management-and-monitoring/session-identifiers/) must match your API traffic. Otherwise, API endpoints are also discoverable via [Machine Learning](/api-shield/security/api-discovery/#machine-learning-based-discovery).
+
+## Sequences
+
+Use **Sequences** to discover how users interact with your API, by tracking the order of API session requests over time. Sequences will group and highlight popular user journeys across your API.
+
+Once you configure [session identifiers](/api-shield/management-and-monitoring/session-identifiers/), the **Sequences** tab will start grouping and highlighting important user journeys (sequences) across your API.
+
+To configure session identifiers, go to **Security** > **Settings** > **All settings** tab and select **Edit** next to **Session identifiers**.
+
+For more information on how Cloudflare identifies API sequences and how you can configure API sequence rules, refer to the following resources:
+
+- [Sequence analytics](/api-shield/security/sequence-analytics/)
+- [Sequence mitigation](/api-shield/security/sequence-mitigation/)
+
+:::note
+The **Sequences** tab includes functionality available in [API Shield](/api-shield/) in the previous dashboard navigation structure.
+:::
+
+## Schema validation
+
+Use **Schema validation** to check if your incoming traffic complies with a previously supplied API Schema.
+
+API Schemas are defined by the validity of the API request's properties such as target endpoint, path or query variable format, and HTTP method. A rule is created for incoming traffic and defines which traffic is allowed and which traffic is logged or blocked based on the API schema that you provide or select from the list of learned schemas.
+
+You can add schema validation by:
+
+- [Uploading a schema](/api-shield/security/schema-validation/#add-validation-by-uploading-a-schema)
+- [Applying a learned schema to a single endpoint](/api-shield/security/schema-validation/#add-validation-by-applying-a-learned-schema-to-a-single-endpoint)
+- [Applying a learned schema to an entire hostname](/api-shield/security/schema-validation/#add-validation-by-applying-a-learned-schema-to-an-entire-hostname)
+- [Adding a fallthrough rule](/api-shield/security/schema-validation/#add-validation-by-adding-a-fallthrough-rule)
+
+:::note
+The **Schema validation** tab includes functionality available in [API Shield](/api-shield/) in the previous dashboard navigation structure.
+:::
+
+## Client-side resources
+
+Use **Client-side resources** to [monitor scripts, connections, and cookies](/page-shield/detection/monitor-connections-scripts/) on your domain.
+
+If you notice unexpected scripts or connections on the dashboard, check them for signs of malicious activity. You should also check for any new or unexpected cookies.
+
+Enterprise customers with a paid add-on will have their connections and scripts [classified as potentially malicious](/page-shield/how-it-works/malicious-script-detection/) based on threat feeds.
+
+:::note
+The **Client-side resources** tab includes functionality available in [Page Shield](/page-shield/) in the previous dashboard navigation structure.
+:::
diff --git a/src/content/docs/waf/custom-rules/create-dashboard.mdx b/src/content/docs/waf/custom-rules/create-dashboard.mdx
index ba6b7b480f9e507..a4043d42d454223 100644
--- a/src/content/docs/waf/custom-rules/create-dashboard.mdx
+++ b/src/content/docs/waf/custom-rules/create-dashboard.mdx
@@ -18,7 +18,8 @@ import { Render } from "~/components";
3. To create a new empty rule, select **Create rule**. To duplicate an existing rule, select the three dots next to it > **Duplicate**.
-4. Enter a descriptive name for the rule in **Rule name**.
+4.
+ Enter a descriptive name for the rule in **Rule name**.
diff --git a/src/content/docs/waf/rate-limiting-rules/create-zone-dashboard.mdx b/src/content/docs/waf/rate-limiting-rules/create-zone-dashboard.mdx
index 8a3ffa104f81897..6beb45ca3e9d3ec 100644
--- a/src/content/docs/waf/rate-limiting-rules/create-zone-dashboard.mdx
+++ b/src/content/docs/waf/rate-limiting-rules/create-zone-dashboard.mdx
@@ -18,9 +18,10 @@ import { Render } from "~/components";
3. To create a new empty rule, select **Create rule**. To duplicate an existing rule, select the three dots next to it > **Duplicate**.
- 
+4.
+ Enter a descriptive name for the rule in **Rule name**.
-4. Enter a descriptive name for the rule in **Rule name**.
+ 
5. Under **If incoming requests match**, use the **Field** drop-down list to choose an HTTP property. For each request, the value of the property you choose for **Field** is compared to the value you specify for **Value** using the operator selected in **Operator**.
diff --git a/src/content/partials/api-shield/set-up-session-identifiers.mdx b/src/content/partials/api-shield/set-up-session-identifiers.mdx
index 05484de121ff969..c9e861f3346d52b 100644
--- a/src/content/partials/api-shield/set-up-session-identifiers.mdx
+++ b/src/content/partials/api-shield/set-up-session-identifiers.mdx
@@ -7,7 +7,8 @@
2. Go to **Security** > **API Shield**.
3. Select **Settings**.
4. On **Endpoint settings**, select **Manage identifiers**.
-5. Choose the type of session identifier (cookie, HTTP header, or JWT claim).
+5.
+ Choose the type of session identifier (cookie, HTTP header, or JWT claim).
:::note
The session identifier cookie must comply with RFC 6265. Otherwise, it will be rejected.
diff --git a/src/content/partials/page-shield/alerts-configure.mdx b/src/content/partials/page-shield/alerts-configure.mdx
index ed48d0203b734a2..c3d9d2dea30788c 100644
--- a/src/content/partials/page-shield/alerts-configure.mdx
+++ b/src/content/partials/page-shield/alerts-configure.mdx
@@ -6,7 +6,8 @@ To set up alerts:
1. Go to **Security** > **Page Shield**.
2. In the **Settings** tab, select **Manage alerts**.
-3. Select an [alert type](/page-shield/reference/alerts/).
+3.
+ Select an [alert type](/page-shield/reference/alerts/).
4. Enter the notification name and description.
5. (Optional) If you are an Enterprise customer with a paid add-on, you can [define the zones for which you want to filter alerts](/page-shield/detection/configure-alerts/#alerts-on-policies) based on the configured policies in **Policies of these zones**.
6. Select one or more notification destinations (notification email, webhooks, and connected notification services).
diff --git a/src/content/products/security.yaml b/src/content/products/security.yaml
new file mode 100644
index 000000000000000..0fb935865992f05
--- /dev/null
+++ b/src/content/products/security.yaml
@@ -0,0 +1,15 @@
+name: Security
+
+product:
+ title: "Security dashboard (beta)"
+ url: /security/
+ show: false
+
+meta:
+ title: Security dashboard docs
+ description: Documentation for the Security dashboard with an updated user interface (currently in beta).
+ author: "@cloudflare"
+
+externals:
+ - title: Cloudflare homepage
+ url: https://cloudflare.com
diff --git a/src/icons/security.svg b/src/icons/security.svg
new file mode 100644
index 000000000000000..87e56c083750c75
--- /dev/null
+++ b/src/icons/security.svg
@@ -0,0 +1 @@
+