An error occurred while fetching the assigned iteration of the selected issue.
📐 Dynamic Analysis - 14.3 Planning
🔒 Secure, Dynamic Analysis - Kickoff Videos
Assess your applications and services by scanning your running application for vulnerabilities and weaknesses.
devopssecure groupdynamic analysis
DAST
Feature | Issue | Priority | Deliverable |
---|---|---|---|
Database decomposition | #336170 (closed) #338009 (closed) | milestonep1 | Deliverable |
On-demand scheduling | &4876 (closed) | milestonep2 | Deliverable |
Meta-tag validation | &6460 (closed) | milestonep3 | Deliverable |
Stability, scalability, reliability work | https://gitlab.com/gitlab-org/gitlab/-/issues/337333#reliability-scalability-and-performance | milestonep4 | TBD |
Browser-based DAST
Feature | Issue | Priority | Deliverable |
---|---|---|---|
Investigate stability issues | #337713 (closed) | milestonep1 | No |
Bug fixes |
Missing Scan Results Scans Timing out |
milestonep2 | TBD |
Browserker produces a report in the Secure Report Format | #325237 (closed) | milestonep3 | Stretch |
Implement the X-Content-Type-Header Missing vulnerability check in Browserker | #335159 (closed) | milestonep4 | TBD |
API Security (DAST API & API Fuzzing)
Feature | Issue | Priority | Deliverable |
---|---|---|---|
Improve testing speed for static requests | #335931 (closed) | milestonep1 | TBD |
Coverage-guided Fuzzing
Feature | Issue | Priority | Deliverable |
---|---|---|---|
Add support for Coverage Fuzzing to persist the corpus to a registry | #334941 (closed) | milestonep1 | No |
Corpus Management - API Contract | #321618 (closed) | milestonep2 | No |
Themes
- SaaS stability and reliability
- Enterprise Readiness
In-progress designs
- DAST Site profile: Header addition redesign
- Generic On-demand landing page
- Validate settings before running scan
Release Post Candidates
- Meta-tag validation
- Scheduled on-demand scans