Update "application security" user docs for explaining how jobs work and what statuses mean
Problem to solve
Customers are unsure how our analyzers work and what the job statuses etc mean
we need to provide, for all scanners, clarity around that, as well as consistency
then each scanner can link to that area for an explanation of "how it works by default"
each scanner can then provide directions to alter that if a user wants.
Further details
Proposal
Create a new section in the Application Security user documentation to explain the new behavior:
- a successful job means
- a failed/allowed to fail scanning job means
- a failed scanning job means
Also, make it clear the status of the scanning job depends on vulnerability findings. As a result, a job is failed/allowed to fail (warning icon) even if all detected vulnerabilities have been dismissed in the UI.
This is NOT developer documentation and there's no need to be specific about the exit code.
MR - !55127 (closed)
Who can address the issue
backend engineers and tech writers