diff --git a/app/assets/javascripts/security_configuration/components/feature_card_badge.vue b/app/assets/javascripts/security_configuration/components/feature_card_badge.vue
index 0907e33c8e24dda8291650e165d23c1d9be4384a..8d34f26b525c29f899847e746409ea1a6b7f6771 100644
--- a/app/assets/javascripts/security_configuration/components/feature_card_badge.vue
+++ b/app/assets/javascripts/security_configuration/components/feature_card_badge.vue
@@ -26,13 +26,11 @@ export default {
       v-if="badge.tooltipText"
       placement="top"
       boundary="window"
-      title="Tooltip title"
+      :title="badge.tooltipText"
       :target="() => $refs.badge"
-    >
-      {{ badge.tooltipText }}
-    </gl-tooltip>
+    />
     <span ref="badge">
-      <gl-badge size="sm" :href="badgeHref" :variant="badge.variant">
+      <gl-badge size="sm" class="gl-cursor-pointer" :href="badgeHref" :variant="badge.variant">
         {{ badge.text }}
       </gl-badge>
     </span>
diff --git a/lib/gitlab/security/features.rb b/lib/gitlab/security/features.rb
index 2daf1a14b0a4006ac5e47c8ceba56878e06712e5..2faacd17099c83c2b8a9fb109dbd21de7d79347c 100644
--- a/lib/gitlab/security/features.rb
+++ b/lib/gitlab/security/features.rb
@@ -31,7 +31,7 @@ def self.data
               text: _('Available on demand'),
               tooltip_text: _(
                 'On-demand scans run outside of the DevOps cycle and find vulnerabilities in your projects'),
-              variant: 'info'
+              variant: 'neutral'
             },
             secondary: {
               type: 'dast_profiles',
@@ -108,7 +108,7 @@ def self.data
               text: s_('SecurityConfiguration|Incubating feature'),
               tooltip_text: s_('SecurityConfiguration|Breach and Attack Simulation is an incubating ' \
                                'feature extending existing security testing by simulating adversary activity.'),
-              variant: 'info'
+              variant: 'neutral'
             },
             description: s_('SecurityConfiguration|Simulate breach and attack scenarios against your ' \
                             'running application by attempting to detect and exploit known vulnerabilities.'),
diff --git a/spec/lib/gitlab/security/scan_configuration_spec.rb b/spec/lib/gitlab/security/scan_configuration_spec.rb
index 0cedcb69bcdc17f689ff67af1dcbb22548c3fddf..b9c899739a7464ac94a133f7e4afe1b68a4bfdd2 100644
--- a/spec/lib/gitlab/security/scan_configuration_spec.rb
+++ b/spec/lib/gitlab/security/scan_configuration_spec.rb
@@ -109,7 +109,7 @@
         badge: { text: "Available on demand",
                  tooltip_text: "On-demand scans run outside of the DevOps " \
                                "cycle and find vulnerabilities in your projects",
-                 variant: "info" },
+                 variant: "neutral" },
         secondary: {
           type: "dast_profiles",
           name: "DAST profiles",
@@ -163,7 +163,7 @@
                  tooltip_text: "Breach and Attack Simulation is an incubating feature " \
                                "extending existing security " \
                                "testing by simulating adversary activity.",
-                 variant: "info" },
+                 variant: "neutral" },
         description: "Simulate breach and attack scenarios against your running " \
                      "application by attempting to detect " \
                      "and exploit known vulnerabilities.",