Changes in AppSec runbooks to use AppSec Triage Dashboard as SSOT

Daniel Hauensteinrequested to merge
appsec_runbook_dashboard_changes into main

Why is this change being made?

We have introduced a triage dashboard for streamlining our work. These changes reflect the changes in our runbooks to use the dashboard as a SSOT. Additionally, any outdated references or tasks we deleted. Any tasks which should be covered by the PSIRT team were deleted, as those should be listed in the PSIRT runbooks.

Related issue: https://gitlab.com/gitlab-com/gl-security/product-security/appsec/triage-dashboard/-/issues/8

Author and Reviewer Checklist

Please verify the check list and ensure to tick them off before the MR is merged.

  • Provided a concise title for this Merge Request (MR)
  • Added a description to this MR explaining the reasons for the proposed change, per say why, not just what
    • Copy/paste the Slack conversation to document it for later, or upload screenshots. Verify that no confidential data is added, and the content is SAFE
  • Assign reviewers for this MR to the correct
    • The when to get approval handbook section explains when DRI approval is required
    • The who can approve handbook section explains how to identify the DRI
    • If the MR does not require DRI approval, consider asking someone on your team, such as your manager.
    • The approver may merge the MR. If they approve but don't merge, you can merge.
  • For transparency, share this MR with the audience that will be impacted.
    • Team: For changes that affect your direct team, share in your group Slack channel
    • Department: If the update affects your department, share the MR in your department Slack channel
    • Division: If the update affects your division, share the MR in your division Slack channel
    • Company: If the update affects all (or the majority of) GitLab team members, post an update in #whats-happening-at-gitlab linking to this MR

Commits

Edited by Daniel Hauenstein

Merge request reports