diff --git a/github/github-accessors.go b/github/github-accessors.go
index f3a16c10ae1..7995145faa9 100644
--- a/github/github-accessors.go
+++ b/github/github-accessors.go
@@ -2662,6 +2662,190 @@ func (c *CodeSearchResult) GetTotal() int {
 	return *c.Total
 }
 
+// GetAdvancedSecurity returns the AdvancedSecurity field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetAdvancedSecurity() string {
+	if c == nil || c.AdvancedSecurity == nil {
+		return ""
+	}
+	return *c.AdvancedSecurity
+}
+
+// GetCodeScanningDefaultSetup returns the CodeScanningDefaultSetup field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetCodeScanningDefaultSetup() string {
+	if c == nil || c.CodeScanningDefaultSetup == nil {
+		return ""
+	}
+	return *c.CodeScanningDefaultSetup
+}
+
+// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetCreatedAt() Timestamp {
+	if c == nil || c.CreatedAt == nil {
+		return Timestamp{}
+	}
+	return *c.CreatedAt
+}
+
+// GetDependabotAlerts returns the DependabotAlerts field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetDependabotAlerts() string {
+	if c == nil || c.DependabotAlerts == nil {
+		return ""
+	}
+	return *c.DependabotAlerts
+}
+
+// GetDependabotSecurityUpdates returns the DependabotSecurityUpdates field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetDependabotSecurityUpdates() string {
+	if c == nil || c.DependabotSecurityUpdates == nil {
+		return ""
+	}
+	return *c.DependabotSecurityUpdates
+}
+
+// GetDependencyGraph returns the DependencyGraph field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetDependencyGraph() string {
+	if c == nil || c.DependencyGraph == nil {
+		return ""
+	}
+	return *c.DependencyGraph
+}
+
+// GetDependencyGraphAutosubmitAction returns the DependencyGraphAutosubmitAction field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetDependencyGraphAutosubmitAction() string {
+	if c == nil || c.DependencyGraphAutosubmitAction == nil {
+		return ""
+	}
+	return *c.DependencyGraphAutosubmitAction
+}
+
+// GetDependencyGraphAutosubmitActionOptions returns the DependencyGraphAutosubmitActionOptions field.
+func (c *CodeSecurityConfiguration) GetDependencyGraphAutosubmitActionOptions() *DependencyGraphAutosubmitActionOptions {
+	if c == nil {
+		return nil
+	}
+	return c.DependencyGraphAutosubmitActionOptions
+}
+
+// GetDescription returns the Description field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetDescription() string {
+	if c == nil || c.Description == nil {
+		return ""
+	}
+	return *c.Description
+}
+
+// GetEnforcement returns the Enforcement field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetEnforcement() string {
+	if c == nil || c.Enforcement == nil {
+		return ""
+	}
+	return *c.Enforcement
+}
+
+// GetHTMLURL returns the HTMLURL field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetHTMLURL() string {
+	if c == nil || c.HTMLURL == nil {
+		return ""
+	}
+	return *c.HTMLURL
+}
+
+// GetID returns the ID field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetID() int64 {
+	if c == nil || c.ID == nil {
+		return 0
+	}
+	return *c.ID
+}
+
+// GetName returns the Name field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetName() string {
+	if c == nil || c.Name == nil {
+		return ""
+	}
+	return *c.Name
+}
+
+// GetPrivateVulnerabilityReporting returns the PrivateVulnerabilityReporting field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetPrivateVulnerabilityReporting() string {
+	if c == nil || c.PrivateVulnerabilityReporting == nil {
+		return ""
+	}
+	return *c.PrivateVulnerabilityReporting
+}
+
+// GetSecretScanning returns the SecretScanning field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetSecretScanning() string {
+	if c == nil || c.SecretScanning == nil {
+		return ""
+	}
+	return *c.SecretScanning
+}
+
+// GetSecretScanningNonProviderPatterns returns the SecretScanningNonProviderPatterns field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetSecretScanningNonProviderPatterns() string {
+	if c == nil || c.SecretScanningNonProviderPatterns == nil {
+		return ""
+	}
+	return *c.SecretScanningNonProviderPatterns
+}
+
+// GetSecretScanningPushProtection returns the SecretScanningPushProtection field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetSecretScanningPushProtection() string {
+	if c == nil || c.SecretScanningPushProtection == nil {
+		return ""
+	}
+	return *c.SecretScanningPushProtection
+}
+
+// GetSecretScanningValidityChecks returns the SecretScanningValidityChecks field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetSecretScanningValidityChecks() string {
+	if c == nil || c.SecretScanningValidityChecks == nil {
+		return ""
+	}
+	return *c.SecretScanningValidityChecks
+}
+
+// GetTargetType returns the TargetType field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetTargetType() string {
+	if c == nil || c.TargetType == nil {
+		return ""
+	}
+	return *c.TargetType
+}
+
+// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetUpdatedAt() Timestamp {
+	if c == nil || c.UpdatedAt == nil {
+		return Timestamp{}
+	}
+	return *c.UpdatedAt
+}
+
+// GetURL returns the URL field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfiguration) GetURL() string {
+	if c == nil || c.URL == nil {
+		return ""
+	}
+	return *c.URL
+}
+
+// GetConfiguration returns the Configuration field.
+func (c *CodeSecurityConfigurationWithDefaultForNewRepos) GetConfiguration() *CodeSecurityConfiguration {
+	if c == nil {
+		return nil
+	}
+	return c.Configuration
+}
+
+// GetDefaultForNewRepos returns the DefaultForNewRepos field if it's non-nil, zero value otherwise.
+func (c *CodeSecurityConfigurationWithDefaultForNewRepos) GetDefaultForNewRepos() string {
+	if c == nil || c.DefaultForNewRepos == nil {
+		return ""
+	}
+	return *c.DefaultForNewRepos
+}
+
 // GetBillableOwner returns the BillableOwner field.
 func (c *Codespace) GetBillableOwner() *User {
 	if c == nil {
@@ -5358,6 +5542,14 @@ func (d *Dependency) GetScope() string {
 	return *d.Scope
 }
 
+// GetLabeledRunners returns the LabeledRunners field if it's non-nil, zero value otherwise.
+func (d *DependencyGraphAutosubmitActionOptions) GetLabeledRunners() bool {
+	if d == nil || d.LabeledRunners == nil {
+		return false
+	}
+	return *d.LabeledRunners
+}
+
 // GetDetector returns the Detector field.
 func (d *DependencyGraphSnapshot) GetDetector() *DependencyGraphSnapshotDetector {
 	if d == nil {
@@ -19790,6 +19982,22 @@ func (r *RepositoryActiveCommitters) GetName() string {
 	return *r.Name
 }
 
+// GetConfiguration returns the Configuration field.
+func (r *RepositoryCodeSecurityConfiguration) GetConfiguration() *CodeSecurityConfiguration {
+	if r == nil {
+		return nil
+	}
+	return r.Configuration
+}
+
+// GetState returns the State field if it's non-nil, zero value otherwise.
+func (r *RepositoryCodeSecurityConfiguration) GetState() string {
+	if r == nil || r.State == nil {
+		return ""
+	}
+	return *r.State
+}
+
 // GetBody returns the Body field if it's non-nil, zero value otherwise.
 func (r *RepositoryComment) GetBody() string {
 	if r == nil || r.Body == nil {
diff --git a/github/github-accessors_test.go b/github/github-accessors_test.go
index 2086baa0fda..bc6e2be8d01 100644
--- a/github/github-accessors_test.go
+++ b/github/github-accessors_test.go
@@ -3464,6 +3464,253 @@ func TestCodeSearchResult_GetTotal(tt *testing.T) {
 	c.GetTotal()
 }
 
+func TestCodeSecurityConfiguration_GetAdvancedSecurity(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{AdvancedSecurity: &zeroValue}
+	c.GetAdvancedSecurity()
+	c = &CodeSecurityConfiguration{}
+	c.GetAdvancedSecurity()
+	c = nil
+	c.GetAdvancedSecurity()
+}
+
+func TestCodeSecurityConfiguration_GetCodeScanningDefaultSetup(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{CodeScanningDefaultSetup: &zeroValue}
+	c.GetCodeScanningDefaultSetup()
+	c = &CodeSecurityConfiguration{}
+	c.GetCodeScanningDefaultSetup()
+	c = nil
+	c.GetCodeScanningDefaultSetup()
+}
+
+func TestCodeSecurityConfiguration_GetCreatedAt(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue Timestamp
+	c := &CodeSecurityConfiguration{CreatedAt: &zeroValue}
+	c.GetCreatedAt()
+	c = &CodeSecurityConfiguration{}
+	c.GetCreatedAt()
+	c = nil
+	c.GetCreatedAt()
+}
+
+func TestCodeSecurityConfiguration_GetDependabotAlerts(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{DependabotAlerts: &zeroValue}
+	c.GetDependabotAlerts()
+	c = &CodeSecurityConfiguration{}
+	c.GetDependabotAlerts()
+	c = nil
+	c.GetDependabotAlerts()
+}
+
+func TestCodeSecurityConfiguration_GetDependabotSecurityUpdates(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{DependabotSecurityUpdates: &zeroValue}
+	c.GetDependabotSecurityUpdates()
+	c = &CodeSecurityConfiguration{}
+	c.GetDependabotSecurityUpdates()
+	c = nil
+	c.GetDependabotSecurityUpdates()
+}
+
+func TestCodeSecurityConfiguration_GetDependencyGraph(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{DependencyGraph: &zeroValue}
+	c.GetDependencyGraph()
+	c = &CodeSecurityConfiguration{}
+	c.GetDependencyGraph()
+	c = nil
+	c.GetDependencyGraph()
+}
+
+func TestCodeSecurityConfiguration_GetDependencyGraphAutosubmitAction(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{DependencyGraphAutosubmitAction: &zeroValue}
+	c.GetDependencyGraphAutosubmitAction()
+	c = &CodeSecurityConfiguration{}
+	c.GetDependencyGraphAutosubmitAction()
+	c = nil
+	c.GetDependencyGraphAutosubmitAction()
+}
+
+func TestCodeSecurityConfiguration_GetDependencyGraphAutosubmitActionOptions(tt *testing.T) {
+	tt.Parallel()
+	c := &CodeSecurityConfiguration{}
+	c.GetDependencyGraphAutosubmitActionOptions()
+	c = nil
+	c.GetDependencyGraphAutosubmitActionOptions()
+}
+
+func TestCodeSecurityConfiguration_GetDescription(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{Description: &zeroValue}
+	c.GetDescription()
+	c = &CodeSecurityConfiguration{}
+	c.GetDescription()
+	c = nil
+	c.GetDescription()
+}
+
+func TestCodeSecurityConfiguration_GetEnforcement(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{Enforcement: &zeroValue}
+	c.GetEnforcement()
+	c = &CodeSecurityConfiguration{}
+	c.GetEnforcement()
+	c = nil
+	c.GetEnforcement()
+}
+
+func TestCodeSecurityConfiguration_GetHTMLURL(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{HTMLURL: &zeroValue}
+	c.GetHTMLURL()
+	c = &CodeSecurityConfiguration{}
+	c.GetHTMLURL()
+	c = nil
+	c.GetHTMLURL()
+}
+
+func TestCodeSecurityConfiguration_GetID(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue int64
+	c := &CodeSecurityConfiguration{ID: &zeroValue}
+	c.GetID()
+	c = &CodeSecurityConfiguration{}
+	c.GetID()
+	c = nil
+	c.GetID()
+}
+
+func TestCodeSecurityConfiguration_GetName(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{Name: &zeroValue}
+	c.GetName()
+	c = &CodeSecurityConfiguration{}
+	c.GetName()
+	c = nil
+	c.GetName()
+}
+
+func TestCodeSecurityConfiguration_GetPrivateVulnerabilityReporting(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{PrivateVulnerabilityReporting: &zeroValue}
+	c.GetPrivateVulnerabilityReporting()
+	c = &CodeSecurityConfiguration{}
+	c.GetPrivateVulnerabilityReporting()
+	c = nil
+	c.GetPrivateVulnerabilityReporting()
+}
+
+func TestCodeSecurityConfiguration_GetSecretScanning(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{SecretScanning: &zeroValue}
+	c.GetSecretScanning()
+	c = &CodeSecurityConfiguration{}
+	c.GetSecretScanning()
+	c = nil
+	c.GetSecretScanning()
+}
+
+func TestCodeSecurityConfiguration_GetSecretScanningNonProviderPatterns(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{SecretScanningNonProviderPatterns: &zeroValue}
+	c.GetSecretScanningNonProviderPatterns()
+	c = &CodeSecurityConfiguration{}
+	c.GetSecretScanningNonProviderPatterns()
+	c = nil
+	c.GetSecretScanningNonProviderPatterns()
+}
+
+func TestCodeSecurityConfiguration_GetSecretScanningPushProtection(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{SecretScanningPushProtection: &zeroValue}
+	c.GetSecretScanningPushProtection()
+	c = &CodeSecurityConfiguration{}
+	c.GetSecretScanningPushProtection()
+	c = nil
+	c.GetSecretScanningPushProtection()
+}
+
+func TestCodeSecurityConfiguration_GetSecretScanningValidityChecks(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{SecretScanningValidityChecks: &zeroValue}
+	c.GetSecretScanningValidityChecks()
+	c = &CodeSecurityConfiguration{}
+	c.GetSecretScanningValidityChecks()
+	c = nil
+	c.GetSecretScanningValidityChecks()
+}
+
+func TestCodeSecurityConfiguration_GetTargetType(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{TargetType: &zeroValue}
+	c.GetTargetType()
+	c = &CodeSecurityConfiguration{}
+	c.GetTargetType()
+	c = nil
+	c.GetTargetType()
+}
+
+func TestCodeSecurityConfiguration_GetUpdatedAt(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue Timestamp
+	c := &CodeSecurityConfiguration{UpdatedAt: &zeroValue}
+	c.GetUpdatedAt()
+	c = &CodeSecurityConfiguration{}
+	c.GetUpdatedAt()
+	c = nil
+	c.GetUpdatedAt()
+}
+
+func TestCodeSecurityConfiguration_GetURL(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfiguration{URL: &zeroValue}
+	c.GetURL()
+	c = &CodeSecurityConfiguration{}
+	c.GetURL()
+	c = nil
+	c.GetURL()
+}
+
+func TestCodeSecurityConfigurationWithDefaultForNewRepos_GetConfiguration(tt *testing.T) {
+	tt.Parallel()
+	c := &CodeSecurityConfigurationWithDefaultForNewRepos{}
+	c.GetConfiguration()
+	c = nil
+	c.GetConfiguration()
+}
+
+func TestCodeSecurityConfigurationWithDefaultForNewRepos_GetDefaultForNewRepos(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	c := &CodeSecurityConfigurationWithDefaultForNewRepos{DefaultForNewRepos: &zeroValue}
+	c.GetDefaultForNewRepos()
+	c = &CodeSecurityConfigurationWithDefaultForNewRepos{}
+	c.GetDefaultForNewRepos()
+	c = nil
+	c.GetDefaultForNewRepos()
+}
+
 func TestCodespace_GetBillableOwner(tt *testing.T) {
 	tt.Parallel()
 	c := &Codespace{}
@@ -6958,6 +7205,17 @@ func TestDependency_GetScope(tt *testing.T) {
 	d.GetScope()
 }
 
+func TestDependencyGraphAutosubmitActionOptions_GetLabeledRunners(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue bool
+	d := &DependencyGraphAutosubmitActionOptions{LabeledRunners: &zeroValue}
+	d.GetLabeledRunners()
+	d = &DependencyGraphAutosubmitActionOptions{}
+	d.GetLabeledRunners()
+	d = nil
+	d.GetLabeledRunners()
+}
+
 func TestDependencyGraphSnapshot_GetDetector(tt *testing.T) {
 	tt.Parallel()
 	d := &DependencyGraphSnapshot{}
@@ -25446,6 +25704,25 @@ func TestRepositoryActiveCommitters_GetName(tt *testing.T) {
 	r.GetName()
 }
 
+func TestRepositoryCodeSecurityConfiguration_GetConfiguration(tt *testing.T) {
+	tt.Parallel()
+	r := &RepositoryCodeSecurityConfiguration{}
+	r.GetConfiguration()
+	r = nil
+	r.GetConfiguration()
+}
+
+func TestRepositoryCodeSecurityConfiguration_GetState(tt *testing.T) {
+	tt.Parallel()
+	var zeroValue string
+	r := &RepositoryCodeSecurityConfiguration{State: &zeroValue}
+	r.GetState()
+	r = &RepositoryCodeSecurityConfiguration{}
+	r.GetState()
+	r = nil
+	r.GetState()
+}
+
 func TestRepositoryComment_GetBody(tt *testing.T) {
 	tt.Parallel()
 	var zeroValue string
diff --git a/github/orgs_codesecurity_configurations.go b/github/orgs_codesecurity_configurations.go
new file mode 100644
index 00000000000..b25845a4e8a
--- /dev/null
+++ b/github/orgs_codesecurity_configurations.go
@@ -0,0 +1,284 @@
+// Copyright 2024 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+)
+
+// DependencyGraphAutosubmitActionOptions represents the options for the DependencyGraphAutosubmitAction.
+type DependencyGraphAutosubmitActionOptions struct {
+	LabeledRunners *bool `json:"labeled_runners,omitempty"`
+}
+
+// CodeSecurityConfiguration represents a code security configuration.
+type CodeSecurityConfiguration struct {
+	ID                                     *int64                                  `json:"id,omitempty"`
+	TargetType                             *string                                 `json:"target_type,omitempty"`
+	Name                                   *string                                 `json:"name"`
+	Description                            *string                                 `json:"description,omitempty"`
+	AdvancedSecurity                       *string                                 `json:"advanced_security,omitempty"`
+	DependencyGraph                        *string                                 `json:"dependency_graph,omitempty"`
+	DependencyGraphAutosubmitAction        *string                                 `json:"dependency_graph_autosubmit_action,omitempty"`
+	DependencyGraphAutosubmitActionOptions *DependencyGraphAutosubmitActionOptions `json:"dependency_graph_autosubmit_action_options,omitempty"`
+	DependabotAlerts                       *string                                 `json:"dependabot_alerts,omitempty"`
+	DependabotSecurityUpdates              *string                                 `json:"dependabot_security_updates,omitempty"`
+	CodeScanningDefaultSetup               *string                                 `json:"code_scanning_default_setup,omitempty"`
+	SecretScanning                         *string                                 `json:"secret_scanning,omitempty"`
+	SecretScanningPushProtection           *string                                 `json:"secret_scanning_push_protection,omitempty"`
+	SecretScanningValidityChecks           *string                                 `json:"secret_scanning_validity_checks,omitempty"`
+	SecretScanningNonProviderPatterns      *string                                 `json:"secret_scanning_non_provider_patterns,omitempty"`
+	PrivateVulnerabilityReporting          *string                                 `json:"private_vulnerability_reporting,omitempty"`
+	Enforcement                            *string                                 `json:"enforcement,omitempty"`
+	URL                                    *string                                 `json:"url,omitempty"`
+	HTMLURL                                *string                                 `json:"html_url,omitempty"`
+	CreatedAt                              *Timestamp                              `json:"created_at,omitempty"`
+	UpdatedAt                              *Timestamp                              `json:"updated_at,omitempty"`
+}
+
+// CodeSecurityConfigurationWithDefaultForNewRepos represents a code security configuration with default for new repos param.
+type CodeSecurityConfigurationWithDefaultForNewRepos struct {
+	Configuration      *CodeSecurityConfiguration `json:"configuration"`
+	DefaultForNewRepos *string                    `json:"default_for_new_repos"`
+}
+
+// RepositoryCodeSecurityConfiguration represents a code security configuration for a repository.
+type RepositoryCodeSecurityConfiguration struct {
+	State         *string                    `json:"state,omitempty"`
+	Configuration *CodeSecurityConfiguration `json:"configuration,omitempty"`
+}
+
+// GetCodeSecurityConfigurations gets code security configurations for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#get-code-security-configurations-for-an-organization
+//
+//meta:operation GET /orgs/{org}/code-security/configurations
+func (s *OrganizationsService) GetCodeSecurityConfigurations(ctx context.Context, org string) ([]*CodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var configurations []*CodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &configurations)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configurations, resp, nil
+}
+
+// CreateCodeSecurityConfiguration creates a code security configuration for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#create-a-code-security-configuration
+//
+//meta:operation POST /orgs/{org}/code-security/configurations
+func (s *OrganizationsService) CreateCodeSecurityConfiguration(ctx context.Context, org string, c *CodeSecurityConfiguration) (*CodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations", org)
+
+	req, err := s.client.NewRequest("POST", u, c)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var configuration *CodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &configuration)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configuration, resp, nil
+}
+
+// GetDefaultCodeSecurityConfigurations gets default code security configurations for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#get-default-code-security-configurations
+//
+//meta:operation GET /orgs/{org}/code-security/configurations/defaults
+func (s *OrganizationsService) GetDefaultCodeSecurityConfigurations(ctx context.Context, org string) ([]*CodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/defaults", org)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var configurations []*CodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &configurations)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configurations, resp, nil
+}
+
+// DetachCodeSecurityConfigurationsFromRepositories detaches code security configuration from an organization's repositories.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#detach-configurations-from-repositories
+//
+//meta:operation DELETE /orgs/{org}/code-security/configurations/detach
+func (s *OrganizationsService) DetachCodeSecurityConfigurationsFromRepositories(ctx context.Context, org string, repoIDs []int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/detach", org)
+	type selectedRepoIDs struct {
+		SelectedIDs []int64 `json:"selected_repository_ids"`
+	}
+	req, err := s.client.NewRequest("DELETE", u, selectedRepoIDs{SelectedIDs: repoIDs})
+	if err != nil {
+		return nil, err
+	}
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+	return resp, nil
+}
+
+// GetCodeSecurityConfiguration gets a code security configuration available in an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#get-a-code-security-configuration
+//
+//meta:operation GET /orgs/{org}/code-security/configurations/{configuration_id}
+func (s *OrganizationsService) GetCodeSecurityConfiguration(ctx context.Context, org string, id int64) (*CodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v", org, id)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var configuration *CodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &configuration)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configuration, resp, nil
+}
+
+// UpdateCodeSecurityConfiguration updates a code security configuration for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#update-a-code-security-configuration
+//
+//meta:operation PATCH /orgs/{org}/code-security/configurations/{configuration_id}
+func (s *OrganizationsService) UpdateCodeSecurityConfiguration(ctx context.Context, org string, id int64, c *CodeSecurityConfiguration) (*CodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v", org, id)
+
+	req, err := s.client.NewRequest("PATCH", u, c)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var configuration *CodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &configuration)
+	if err != nil {
+		return nil, resp, err
+	}
+	return configuration, resp, nil
+}
+
+// DeleteCodeSecurityConfiguration deletes a code security configuration for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#delete-a-code-security-configuration
+//
+//meta:operation DELETE /orgs/{org}/code-security/configurations/{configuration_id}
+func (s *OrganizationsService) DeleteCodeSecurityConfiguration(ctx context.Context, org string, id int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v", org, id)
+
+	req, err := s.client.NewRequest("DELETE", u, nil)
+	if err != nil {
+		return nil, err
+	}
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil {
+		return resp, err
+	}
+	return resp, nil
+}
+
+// AttachCodeSecurityConfigurationsToRepositories attaches code security configurations to repositories for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#attach-a-configuration-to-repositories
+//
+//meta:operation POST /orgs/{org}/code-security/configurations/{configuration_id}/attach
+func (s *OrganizationsService) AttachCodeSecurityConfigurationsToRepositories(ctx context.Context, org string, id int64, scope string, repoIDs []int64) (*Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v/attach", org, id)
+	type selectedRepoIDs struct {
+		Scope       string  `json:"scope"`
+		SelectedIDs []int64 `json:"selected_repository_ids,omitempty"`
+	}
+	req, err := s.client.NewRequest("POST", u, selectedRepoIDs{Scope: scope, SelectedIDs: repoIDs})
+	if err != nil {
+		return nil, err
+	}
+	resp, err := s.client.Do(ctx, req, nil)
+	if err != nil && resp.StatusCode != http.StatusAccepted { // StatusAccepted(202) is the expected status code as job is queued for processing
+		return resp, err
+	}
+	return resp, nil
+}
+
+// SetDefaultCodeSecurityConfiguration sets a code security configuration as the default for an organization.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#set-a-code-security-configuration-as-a-default-for-an-organization
+//
+//meta:operation PUT /orgs/{org}/code-security/configurations/{configuration_id}/defaults
+func (s *OrganizationsService) SetDefaultCodeSecurityConfiguration(ctx context.Context, org string, id int64, newReposParam string) (*CodeSecurityConfigurationWithDefaultForNewRepos, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v/defaults", org, id)
+	type configParam struct {
+		DefaultForNewRepos string `json:"default_for_new_repos"`
+	}
+	req, err := s.client.NewRequest("PUT", u, configParam{DefaultForNewRepos: newReposParam})
+	if err != nil {
+		return nil, nil, err
+	}
+	var c *CodeSecurityConfigurationWithDefaultForNewRepos
+	resp, err := s.client.Do(ctx, req, &c)
+	if err != nil {
+		return nil, resp, err
+	}
+	return c, resp, nil
+}
+
+// GetRepositoriesForCodeSecurityConfiguration gets repositories associated with a code security configuration.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#get-repositories-associated-with-a-code-security-configuration
+//
+//meta:operation GET /orgs/{org}/code-security/configurations/{configuration_id}/repositories
+func (s *OrganizationsService) GetRepositoriesForCodeSecurityConfiguration(ctx context.Context, org string, id int64) ([]*Repository, *Response, error) {
+	u := fmt.Sprintf("orgs/%v/code-security/configurations/%v/repositories", org, id)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var repositories []*Repository
+	resp, err := s.client.Do(ctx, req, &repositories)
+	if err != nil {
+		return nil, resp, err
+	}
+	return repositories, resp, nil
+}
+
+// GetCodeSecurityConfigurationForRepository gets code security configuration that manages a repository's code security settings.
+//
+// GitHub API docs: https://docs.github.com/rest/code-security/configurations#get-the-code-security-configuration-associated-with-a-repository
+//
+//meta:operation GET /repos/{owner}/{repo}/code-security-configuration
+func (s *OrganizationsService) GetCodeSecurityConfigurationForRepository(ctx context.Context, org, repo string) (*RepositoryCodeSecurityConfiguration, *Response, error) {
+	u := fmt.Sprintf("repos/%v/%v/code-security-configuration", org, repo)
+
+	req, err := s.client.NewRequest("GET", u, nil)
+	if err != nil {
+		return nil, nil, err
+	}
+	var repoConfig *RepositoryCodeSecurityConfiguration
+	resp, err := s.client.Do(ctx, req, &repoConfig)
+	if err != nil {
+		return nil, resp, err
+	}
+	return repoConfig, resp, nil
+}
diff --git a/github/orgs_codesecurity_configurations_test.go b/github/orgs_codesecurity_configurations_test.go
new file mode 100644
index 00000000000..d59b37057ca
--- /dev/null
+++ b/github/orgs_codesecurity_configurations_test.go
@@ -0,0 +1,510 @@
+// Copyright 2024 The go-github AUTHORS. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package github
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"reflect"
+	"testing"
+
+	"encoding/json"
+)
+
+func TestOrganizationsService_GetCodeSecurityConfigurations(t *testing.T) {
+	t.Parallel()
+	ctx := context.Background()
+	client, mux, _ := setup(t)
+
+	mux.HandleFunc("/orgs/o/code-security/configurations", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "GET")
+		fmt.Fprint(w, `[
+		{
+			"id":1,
+			"name":"config1",
+			"code_scanning_default_setup": "enabled"
+		},
+		{
+			"id":2,
+			"name":"config2",
+			"private_vulnerability_reporting": "enabled"
+		}]`)
+	})
+
+	configurations, _, err := client.Organizations.GetCodeSecurityConfigurations(ctx, "o")
+	if err != nil {
+		t.Errorf("Organizations.GetOrganizationCodeSecurityConfigurations returned error: %v", err)
+	}
+
+	want := []*CodeSecurityConfiguration{
+		{ID: Int64(1), Name: String("config1"), CodeScanningDefaultSetup: String("enabled")},
+		{ID: Int64(2), Name: String("config2"), PrivateVulnerabilityReporting: String("enabled")},
+	}
+	if !reflect.DeepEqual(configurations, want) {
+		t.Errorf("Organizations.GetCodeSecurityConfigurations returned %+v, want %+v", configurations, want)
+	}
+	const methodName = "GetCodeSecurityConfigurations"
+	testBadOptions(t, methodName, func() (err error) {
+		_, _, err = client.Organizations.GetCodeSecurityConfigurations(ctx, "\n")
+		return err
+	})
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		got, resp, err := client.Organizations.GetCodeSecurityConfigurations(ctx, "o")
+		if got != nil {
+			t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
+		}
+		return resp, err
+	})
+}
+
+func TestOrganizationsService_GetCodeSecurityConfiguration(t *testing.T) {
+	t.Parallel()
+	client, mux, _ := setup(t)
+	ctx := context.Background()
+
+	mux.HandleFunc("/orgs/o/code-security/configurations/1", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "GET")
+		fmt.Fprint(w, `{
+			"id":1,
+			"name":"config1",
+			"code_scanning_default_setup": "enabled"
+		}`)
+	})
+
+	configuration, _, err := client.Organizations.GetCodeSecurityConfiguration(ctx, "o", 1)
+	if err != nil {
+		t.Errorf("Organizations.GetCodeSecurityConfiguration returned error: %v", err)
+	}
+
+	want := &CodeSecurityConfiguration{ID: Int64(1), Name: String("config1"), CodeScanningDefaultSetup: String("enabled")}
+	if !reflect.DeepEqual(configuration, want) {
+		t.Errorf("Organizations.GetCodeSecurityConfiguration returned %+v, want %+v", configuration, want)
+	}
+
+	const methodName = "GetCodeSecurityConfiguration"
+	testBadOptions(t, methodName, func() (err error) {
+		_, _, err = client.Organizations.GetCodeSecurityConfiguration(ctx, "\n", -1)
+		return err
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		got, resp, err := client.Organizations.GetCodeSecurityConfiguration(ctx, "o", 1)
+		if got != nil {
+			t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
+		}
+		return resp, err
+	})
+}
+
+func TestOrganizationsService_CreateCodeSecurityConfiguration(t *testing.T) {
+	t.Parallel()
+	client, mux, _ := setup(t)
+	ctx := context.Background()
+
+	input := &CodeSecurityConfiguration{
+		Name:                     String("config1"),
+		CodeScanningDefaultSetup: String("enabled"),
+	}
+
+	mux.HandleFunc("/orgs/o/code-security/configurations", func(w http.ResponseWriter, r *http.Request) {
+		v := new(CodeSecurityConfiguration)
+		err := json.NewDecoder(r.Body).Decode(v)
+		if err != nil {
+			t.Errorf("Organizations.CreateCodeSecurityConfiguration request body decode failed: %v", err)
+		}
+
+		if !reflect.DeepEqual(v, input) {
+			t.Errorf("Organizations.CreateCodeSecurityConfiguration request body = %+v, want %+v", v, input)
+		}
+
+		fmt.Fprint(w, `{
+			"id":1,
+			"name":"config1",
+			"code_scanning_default_setup": "enabled"
+		}`)
+	})
+
+	configuration, _, err := client.Organizations.CreateCodeSecurityConfiguration(ctx, "o", input)
+	if err != nil {
+		t.Errorf("Organizations.CreateCodeSecurityConfiguration returned error: %v", err)
+	}
+
+	want := &CodeSecurityConfiguration{ID: Int64(1), Name: String("config1"), CodeScanningDefaultSetup: String("enabled")}
+	if !reflect.DeepEqual(configuration, want) {
+		t.Errorf("Organizations.CreateCodeSecurityConfiguration returned %+v, want %+v", configuration, want)
+	}
+
+	const methodName = "CreateCodeSecurityConfiguration"
+	testBadOptions(t, methodName, func() (err error) {
+		_, _, err = client.Organizations.CreateCodeSecurityConfiguration(ctx, "\n", input)
+		return err
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		got, resp, err := client.Organizations.CreateCodeSecurityConfiguration(ctx, "o", input)
+		if got != nil {
+			t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
+		}
+		return resp, err
+	})
+}
+
+func TestOrganizationsService_GetDefaultCodeSecurityConfigurations(t *testing.T) {
+	t.Parallel()
+	client, mux, _ := setup(t)
+	ctx := context.Background()
+
+	mux.HandleFunc("/orgs/o/code-security/configurations/defaults", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "GET")
+		fmt.Fprint(w, `[
+		{
+			"id":1,
+			"name":"config1",
+			"code_scanning_default_setup": "enabled"
+		},
+		{
+			"id":2,
+			"name":"config2",
+			"private_vulnerability_reporting": "enabled"
+		}]`)
+	})
+
+	configurations, _, err := client.Organizations.GetDefaultCodeSecurityConfigurations(ctx, "o")
+	if err != nil {
+		t.Errorf("Organizations.GetDefaultCodeSecurityConfigurations returned error: %v", err)
+	}
+
+	want := []*CodeSecurityConfiguration{
+		{ID: Int64(1), Name: String("config1"), CodeScanningDefaultSetup: String("enabled")},
+		{ID: Int64(2), Name: String("config2"), PrivateVulnerabilityReporting: String("enabled")},
+	}
+	if !reflect.DeepEqual(configurations, want) {
+		t.Errorf("Organizations.GetDefaultCodeSecurityConfigurations returned %+v, want %+v", configurations, want)
+	}
+
+	const methodName = "GetDefaultCodeSecurityConfigurations"
+	testBadOptions(t, methodName, func() (err error) {
+		_, _, err = client.Organizations.GetDefaultCodeSecurityConfigurations(ctx, "\n")
+		return err
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		got, resp, err := client.Organizations.GetDefaultCodeSecurityConfigurations(ctx, "o")
+		if got != nil {
+			t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
+		}
+		return resp, err
+	})
+}
+
+func TestOrganizationsService_DetachCodeSecurityConfigurationsFromRepositories(t *testing.T) {
+	t.Parallel()
+	client, mux, _ := setup(t)
+	ctx := context.Background()
+
+	mux.HandleFunc("/orgs/o/code-security/configurations/detach", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "DELETE")
+		w.WriteHeader(http.StatusNoContent)
+	})
+
+	resp, err := client.Organizations.DetachCodeSecurityConfigurationsFromRepositories(ctx, "o", []int64{1})
+	if err != nil {
+		t.Errorf("Organizations.DetachCodeSecurityConfigurationsFromRepositories returned error: %v", err)
+	}
+
+	want := http.StatusNoContent
+	if resp.StatusCode != want {
+		t.Errorf("Organizations.DetachCodeSecurityConfigurationsFromRepositories returned status %d, want %d", resp.StatusCode, want)
+	}
+
+	const methodName = "DetachCodeSecurityConfigurationsFromRepositories"
+	testBadOptions(t, methodName, func() (err error) {
+		_, err = client.Organizations.DetachCodeSecurityConfigurationsFromRepositories(ctx, "\n", []int64{1})
+		return err
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		resp, err := client.Organizations.DetachCodeSecurityConfigurationsFromRepositories(ctx, "o", []int64{1})
+		return resp, err
+	})
+}
+
+func TestOrganizationsService_UpdateCodeSecurityConfiguration(t *testing.T) {
+	t.Parallel()
+	ctx := context.Background()
+	client, mux, _ := setup(t)
+
+	input := &CodeSecurityConfiguration{
+		Name:                     String("config1"),
+		CodeScanningDefaultSetup: String("enabled"),
+	}
+
+	mux.HandleFunc("/orgs/o/code-security/configurations/1", func(w http.ResponseWriter, r *http.Request) {
+		v := new(CodeSecurityConfiguration)
+		err := json.NewDecoder(r.Body).Decode(v)
+		if err != nil {
+			t.Errorf("Organizations.UpdateCodeSecurityConfiguration request body decode failed: %v", err)
+		}
+
+		if !reflect.DeepEqual(v, input) {
+			t.Errorf("Organizations.UpdateCodeSecurityConfiguration request body = %+v, want %+v", v, input)
+		}
+
+		fmt.Fprint(w, `{
+			"id":1,
+			"name":"config1",
+			"code_scanning_default_setup": "enabled"
+		}`)
+	})
+
+	configuration, _, err := client.Organizations.UpdateCodeSecurityConfiguration(ctx, "o", 1, input)
+	if err != nil {
+		t.Errorf("Organizations.UpdateCodeSecurityConfiguration returned error: %v", err)
+	}
+
+	want := &CodeSecurityConfiguration{ID: Int64(1), Name: String("config1"), CodeScanningDefaultSetup: String("enabled")}
+	if !reflect.DeepEqual(configuration, want) {
+		t.Errorf("Organizations.UpdateCodeSecurityConfiguration returned %+v, want %+v", configuration, want)
+	}
+
+	const methodName = "UpdateCodeSecurityConfiguration"
+	testBadOptions(t, methodName, func() (err error) {
+		_, _, err = client.Organizations.UpdateCodeSecurityConfiguration(ctx, "\n", -1, input)
+		return
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		got, resp, err := client.Organizations.UpdateCodeSecurityConfiguration(ctx, "o", 1, input)
+		if got != nil {
+			t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
+		}
+		return resp, err
+	})
+}
+
+func TestOrganizationsService_DeleteCodeSecurityConfiguration(t *testing.T) {
+	t.Parallel()
+	ctx := context.Background()
+	client, mux, _ := setup(t)
+
+	mux.HandleFunc("/orgs/o/code-security/configurations/1", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "DELETE")
+		w.WriteHeader(http.StatusNoContent)
+	})
+
+	resp, err := client.Organizations.DeleteCodeSecurityConfiguration(ctx, "o", 1)
+	if err != nil {
+		t.Errorf("Organizations.DeleteCodeSecurityConfiguration returned error: %v", err)
+	}
+
+	want := http.StatusNoContent
+	if resp.StatusCode != want {
+		t.Errorf("Organizations.DeleteCodeSecurityConfiguration returned status %d, want %d", resp.StatusCode, want)
+	}
+
+	const methodName = "DeleteCodeSecurityConfiguration"
+	testBadOptions(t, methodName, func() (err error) {
+		_, err = client.Organizations.DeleteCodeSecurityConfiguration(ctx, "\n", -1)
+		return
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		resp, err := client.Organizations.DeleteCodeSecurityConfiguration(ctx, "o", 1)
+		return resp, err
+	})
+}
+
+func TestOrganizationsService_AttachCodeSecurityConfigurationsToRepositories(t *testing.T) {
+	t.Parallel()
+	ctx := context.Background()
+	client, mux, _ := setup(t)
+
+	mux.HandleFunc("/orgs/o/code-security/configurations/1/attach", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "POST")
+		type request struct {
+			Scope                 string  `json:"scope"`
+			SelectedRepositoryIDS []int64 `json:"selected_repository_ids,omitempty"`
+		}
+		v := new(request)
+		err := json.NewDecoder(r.Body).Decode(v)
+		if err != nil {
+			t.Errorf("Organizations.AttachCodeSecurityConfigurationsToRepositories request body decode failed: %v", err)
+		}
+		if v.Scope != "selected" {
+			t.Errorf("Organizations.AttachCodeSecurityConfigurationsToRepositories request body scope = %s, want selected", v.Scope)
+		}
+		if !reflect.DeepEqual(v.SelectedRepositoryIDS, []int64{5, 20}) {
+			t.Errorf("Organizations.AttachCodeSecurityConfigurationsToRepositories request body selected_repository_ids = %+v, want %+v", v.SelectedRepositoryIDS, []int64{5, 20})
+		}
+		w.WriteHeader(http.StatusAccepted)
+	})
+
+	resp, err := client.Organizations.AttachCodeSecurityConfigurationsToRepositories(ctx, "o", int64(1), "selected", []int64{5, 20})
+	if err != nil {
+		t.Errorf("Organizations.AttachCodeSecurityConfigurationsToRepositories returned error: %v", err)
+	}
+
+	want := http.StatusAccepted
+	if resp.StatusCode != want {
+		t.Errorf("Organizations.AttachCodeSecurityConfigurationsToRepositories returned status %d, want %d", resp.StatusCode, want)
+	}
+
+	const methodName = "AttachCodeSecurityConfigurationsToRepositories"
+	testBadOptions(t, methodName, func() (err error) {
+		_, err = client.Organizations.AttachCodeSecurityConfigurationsToRepositories(ctx, "\n", -1, "", nil)
+		return
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		resp, err := client.Organizations.AttachCodeSecurityConfigurationsToRepositories(ctx, "o", 1, "selected", []int64{5, 20})
+		return resp, err
+	})
+}
+
+func TestOrganizationsService_SetDefaultCodeSecurityConfiguration(t *testing.T) {
+	t.Parallel()
+	ctx := context.Background()
+	client, mux, _ := setup(t)
+
+	mux.HandleFunc("/orgs/o/code-security/configurations/1/defaults", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "PUT")
+		fmt.Fprintf(w, `
+		{
+			"default_for_new_repos": "all",
+			"configuration":
+				{
+					"id": 1,
+					"name": "config1",
+					"code_scanning_default_setup": "enabled"
+				}
+		}`)
+		w.WriteHeader(http.StatusOK)
+	})
+	got, resp, err := client.Organizations.SetDefaultCodeSecurityConfiguration(ctx, "o", 1, "all")
+	if err != nil {
+		t.Errorf("Organizations.SetDefaultCodeSecurityConfiguration returned error: %v", err)
+	}
+	wantStatus := http.StatusOK
+	if resp.StatusCode != wantStatus {
+		t.Errorf("Organizations.SetDefaultCodeSecurityConfiguration returned status %d, want %d", resp.StatusCode, wantStatus)
+	}
+	want := &CodeSecurityConfigurationWithDefaultForNewRepos{
+		DefaultForNewRepos: String("all"),
+		Configuration: &CodeSecurityConfiguration{
+			ID: Int64(1), Name: String("config1"), CodeScanningDefaultSetup: String("enabled"),
+		},
+	}
+	if !reflect.DeepEqual(got, want) {
+		t.Errorf("Organizations.SetDefaultCodeSecurityConfiguration returned %+v, want %+v", got, want)
+	}
+
+	const methodName = "SetDefaultCodeSecurityConfiguration"
+	testBadOptions(t, methodName, func() (err error) {
+		_, _, err = client.Organizations.SetDefaultCodeSecurityConfiguration(ctx, "\n", -1, "")
+		return
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		got, resp, err := client.Organizations.SetDefaultCodeSecurityConfiguration(ctx, "o", 1, "all")
+		if got != nil {
+			t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
+		}
+		return resp, err
+	})
+}
+
+func TestOrganizationsService_GetRepositoriesForCodeSecurityConfiguration(t *testing.T) {
+	t.Parallel()
+	ctx := context.Background()
+	client, mux, _ := setup(t)
+
+	mux.HandleFunc("/orgs/o/code-security/configurations/1/repositories", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "GET")
+		fmt.Fprint(w, `[
+		{
+			"id":8,
+			"name":"repo8"
+		},
+		{
+			"id":42,
+			"name":"repo42"
+		}]`)
+	})
+
+	repositories, _, err := client.Organizations.GetRepositoriesForCodeSecurityConfiguration(ctx, "o", 1)
+	if err != nil {
+		t.Errorf("Organizations.GetRepositoriesForCodeSecurityConfiguration returned error: %v", err)
+	}
+
+	want := []*Repository{
+		{ID: Int64(8), Name: String("repo8")},
+		{ID: Int64(42), Name: String("repo42")},
+	}
+	if !reflect.DeepEqual(repositories, want) {
+		t.Errorf("Organizations.GetRepositoriesForCodeSecurityConfiguration returned %+v, want %+v", repositories, want)
+	}
+
+	const methodName = "GetRepositoriesForCodeSecurityConfiguration"
+	testBadOptions(t, methodName, func() (err error) {
+		_, _, err = client.Organizations.GetRepositoriesForCodeSecurityConfiguration(ctx, "\n", -1)
+		return
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		got, resp, err := client.Organizations.GetRepositoriesForCodeSecurityConfiguration(ctx, "o", 1)
+		if got != nil {
+			t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
+		}
+		return resp, err
+	})
+}
+
+func TestOrganizationsService_GetCodeSecurityConfigurationForRepository(t *testing.T) {
+	t.Parallel()
+	ctx := context.Background()
+	client, mux, _ := setup(t)
+
+	mux.HandleFunc("/repos/o/repo8/code-security-configuration", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "GET")
+		fmt.Fprint(w, `{
+		    "state": "attached",
+			"configuration": {
+				"id":42,
+				"name":"config42",
+				"code_scanning_default_setup": "enabled"
+			}
+		}`)
+		w.WriteHeader(http.StatusOK)
+	})
+
+	rc, _, err := client.Organizations.GetCodeSecurityConfigurationForRepository(ctx, "o", "repo8")
+	if err != nil {
+		t.Errorf("Organizations.GetCodeSecurityConfigurationForRepository returned error: %v", err)
+	}
+	c := &CodeSecurityConfiguration{ID: Int64(42), Name: String("config42"), CodeScanningDefaultSetup: String("enabled")}
+	want := &RepositoryCodeSecurityConfiguration{
+		State:         String("attached"),
+		Configuration: c,
+	}
+	if !reflect.DeepEqual(rc, want) {
+		t.Errorf("Organizations.GetCodeSecurityConfigurationForRepository returned %+v, want %+v", rc, want)
+	}
+
+	const methodName = "GetCodeSecurityConfigurationForRepository"
+	testBadOptions(t, methodName, func() (err error) {
+		_, _, err = client.Organizations.GetCodeSecurityConfigurationForRepository(ctx, "\n", "\n")
+		return
+	})
+
+	testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) {
+		got, resp, err := client.Organizations.GetCodeSecurityConfigurationForRepository(ctx, "o", "repo8")
+		if got != nil {
+			t.Errorf("testNewRequestAndDoFailure %v = %#v, want nil", methodName, got)
+		}
+		return resp, err
+	})
+}