Update security settings doc

db-cloudflare · db-cloudflare · commit c6a769406dd6 · 2025-07-21T09:16:57.000+01:00
diff --git a/src/content/docs/security/settings.mdx b/src/content/docs/security/settings.mdx
@@ -9,13 +9,15 @@ description: Configure different Cloudflare security features that protect your
 
 This page describes the settings available in **Security** > **Settings** for a given domain.
 
-## Security modules
+## Security setting categories
 
-### Web application exploits module
+Security settings and detection tools are categorized by the type of threat that they detect and mitigate.
 
-In the **Web application exploits** security module you can manage the following settings:
+### Web application exploits
 
-- Detections:
+In the **Web application exploits** security category you can manage the following settings:
+
+- Detection tools:
   - [Leaked credentials detection](/waf/detections/leaked-credentials/)
   - [Malicious uploads detection](/waf/detections/malicious-uploads/)
   - [Sensitive data detection](/waf/managed-rules/reference/sensitive-data-detection/)
@@ -28,12 +30,12 @@ In the **Web application exploits** security module you can manage the following
 Refer to each linked page for details.
 
 :::note
-The web application exploits module includes features and settings from the [Cloudflare WAF](/waf/) in the previous dashboard navigation structure.
+The web application exploits security category includes features and settings from the [Cloudflare WAF](/waf/) in the previous dashboard navigation structure.
 :::
 
-### DDoS attacks module
+### DDoS attacks
 
-The **DDoS protection** security module shows the multiple mitigation services against DDoS attacks provided by Cloudflare.
+The **DDoS protection** security category shows the multiple mitigation services against DDoS attacks provided by Cloudflare.
 
 You can create rules to override DDoS attack protection tools. DDoS attack protection overrides are only available to Enterprise customers with the Advanced DDoS Protection subscription.
 
@@ -59,9 +61,9 @@ Additionally, you can manage the following settings:
 - [Under Attack mode](/fundamentals/reference/under-attack-mode/) (under Security Level)
 - SSL/TLS DDoS attack protection
 
-### Bot traffic module
+### Bot traffic 
 
-In the **Bot traffic** security module you can manage the following settings:
+In the **Bot traffic** security category you can manage the following settings:
 
 - [AI Labyrinth](/bots/additional-configurations/ai-labyrinth/)
 - [Block AI Bots](/bots/concepts/bot/#ai-bots)
@@ -72,32 +74,32 @@ In the **Bot traffic** security module you can manage the following settings:
 - API [sequence detection](/api-shield/security/sequence-analytics/) (requires you to configure a session identifier)
 
 :::note
-The bot traffic module includes features and settings from [Bots](/bots/) in the previous dashboard navigation structure.
+The bot traffic security category includes features and settings from [Bots](/bots/) in the previous dashboard navigation structure.
 :::
 
-### API abuse module
+### API abuse
 
-In the **API abuse** security module you can manage the following settings:
+In the **API abuse** security category you can manage the following settings:
 
 - [Developer portal](/api-shield/management-and-monitoring/developer-portal/) creation
 - [Endpoint discovery](/api-shield/security/api-discovery/) (always enabled if included in your Enterprise subscriptions; requires you to configure a [session identifier](/api-shield/management-and-monitoring/session-identifiers/))
 - [Endpoint labels](/api-shield/management-and-monitoring/endpoint-labels/)
 - [JWT validation](/api-shield/security/jwt-validation/) (requires you to add a [JWT configuration](/api-shield/security/jwt-validation/api/#token-configurations))
 
 :::note
-The API abuse module includes features and settings from [API Shield](/api-shield/) in the previous dashboard navigation structure.
+The API abuse security category includes features and settings from [API Shield](/api-shield/) in the previous dashboard navigation structure.
 :::
 
-### Client-side abuse module
+### Client-side abuse
 
-In the **Client-side abuse** security module you can manage the following settings:
+In the **Client-side abuse** security category you can manage the following settings:
 
 - [Continuous script monitoring](/page-shield/how-it-works/) (previously [Page Shield](/page-shield/)):
   - [Reporting endpoint](/page-shield/reference/settings/#reporting-endpoint) to use your hostname instead of a Cloudflare-owned endpoint (only for Enterprise customers with a paid add-on)
   - [Data logged in client-side abuse reports](/page-shield/reference/settings/#connection-target-details) (only the hostname or the full URI)
 
 :::note
-The client-side abuse module includes features and settings from [Page Shield](/page-shield/) in the previous dashboard navigation structure.
+The client-side abuse security category includes features and settings from [Page Shield](/page-shield/) in the previous dashboard navigation structure.
 :::
 
 ## All settings
