3.8 KiB
3.8 KiB
| stage | group | description | info |
|---|---|---|---|
| Secure | Static Analysis | Container, dependency, and vulnerability scans. | To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments |
Secure your application
GitLab can check your applications for security vulnerabilities.
| Getting started {chevron-right} Overview of how features fit together. |
Application security {chevron-right} Scanning, vulnerabilities, compliance, customization, reporting. |
Security configuration {chevron-right} Configuration, testing, compliance, scanning, enablement. |
| Container Scanning {chevron-right} Image vulnerability scanning, configuration, customization, reporting. |
Dependency Scanning {chevron-right} Vulnerabilities, remediation, configuration, analyzers, reports. |
Comparison {chevron-right} Dependency Scanning compared to Container Scanning. |
| Dependency List {chevron-right} vulnerabilities, licenses, filtering, exporting. |
Continuous Vulnerability Scanning {chevron-right} Scanning, dependencies, advisories, background jobs. |
Static Application Security Testing {chevron-right} Scanning, configuration, analyzers, vulnerabilities, reporting, customization, integration. |
| Infrastructure as Code (IaC) Scanning {chevron-right} Vulnerability detection, configuration analysis, pipeline integration. |
Secret detection {chevron-right} Detection, prevention, monitoring, storage, revocation, reporting. |
Dynamic Application Security Testing (DAST) {chevron-right} Automated penetration testing, vulnerability detection, web application scanning, security assessment, CI/CD integration. |
| API Security {chevron-right} Protection, analysis, testing, scanning, discovery. |
Web API Fuzz Testing {chevron-right} Testing, security, vulnerabilities, automation, errors. |
Coverage-guided fuzz testing {chevron-right} Coverage-guided fuzzing, random inputs, unexpected behavior. |
| Security Dashboard {chevron-right} Security dashboards, vulnerability trends, project ratings, metrics. |
Offline environments {chevron-right} Offline security scanning, resolving vulnerabilities. |
Vulnerability Report {chevron-right} Filtering, grouping, exporting, manual addition. |
| Vulnerability Page {chevron-right} Vulnerability details, status, resolution, linking issues. |
Vulnerability severity levels {chevron-right} Classification, impact, prioritization, risk assessment. |
GitLab Advisory Database {chevron-right} Security advisories, vulnerabilities, dependencies, database, updates. |
| CVE ID requests {chevron-right} Vulnerability tracking, security disclosure. |
Policies {chevron-right} Security policies, enforcement, compliance, approvals, scans. |
Security scanner integration {chevron-right} Reporting, vulnerabilities, remediations, tracking. |