DAST: Add pre-built scanner profiles

Insight

While conducting solution validation to test an upcoming redesign for DAST (CI/CD | On-demand), a number of users expected to find pre-build profiles that they could use when configuring DAST scanning.

Supporting evidence

40% of the participants in a recent solution validation study for DAST said that they expected to find pre-built profiles to use for their own configurations. 🕊 Dovetail Insight

User quotes:

...I will be able to create a different profile or select from, maybe, available by default profiles.

I was expecting to check some pre-made profiles where I can choose one of those...

I was thinking maybe there would be some examples, but as I can see here, no, there are not.

Action

Add pre-build scanner profiles to the DAST profile library (one for active scan mode and one for passive)

• Define attributes for each pre-build profile
• Define approach for populating profiles (i.e. add to existing projects or only new ones)
• Additional steps to be added...

Resources

• 🕊 Dovetail project
• 🔍 Research issue 1
• 🔍 Research issue 1

Tasks

• Assign this issue to the appropriate Product Manager, Product Designer, or UX Researcher.
• Add the appropriate Group (such as ~"group::source code") label to the issue. This helps identify and track actionable insights at the group level.
• Link this issue back to the original research issue in the GitLab UX Research project and the Dovetail project.
• Adjust confidentiality of this issue if applicable