Rewrite and restructure the main DAST docs page
Problem to solve
The DAST documentation could be improved. This description is essentially a "brain dump" of content that resulted from reviewing the following docs page: https://docs.gitlab.com/ee/user/application_security/dast/.
Further details
After the improvements have been identified, and stakeholders have had an opportunity to review and provide feedback, specifics will be detailed in this issue's description and implemented via MRs.
Proposal
The aim of this issue is to review, edit, and restructure the DAST-specific docs. They should provide an introduction to DAST, including where it fits into the development life cycle, then provide practical steps to enable and make use of its features. The introduction should emphasise that it's part of the Secure suite of functionality, but remain focused on DAST.
-
Ensure the DAST introductory docs detail the What and How of DAST. Ensure this ties in to the parent Secure docs. Note: The Secure docs are also to be improved upon. -
Idea: Add a graphic to the introduction which illustrates where DAST fits in the development life cycle. -
Move the "How to" content (tasks) into separate pages. -
Remove the "Overview" heading as it's not necessary. -
Check if the image in the (current) Overview section is matched by equivalent text. -
Delete the second image. -
Remove the "Use cases" section, instead working this content into the introduction. -
Requirements: include a link to the CI/CD overview docs. -
Move the "Security Dashboard" section. -
Create separate sections for: (1) Enable DAST, (2) Configure DAST.
Who can address the issue
Technical writer assigned to DAST, with SME from engineers.
Other links/references
This issue is related to but not a prerequisite of #300508 (closed).