Add possibility of continuous security monitoring of specific commits / tags

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to solve

Currently, GitLab's Dependency Scanning feature provides vulnerability scans for branches only, but lacks the continuous monitoring capabilities when the branch does not match the deployment of a specific application. This gap in functionality may lead users to rely on external tools for ongoing (operational) vulnerability tracking (aside from Container-Scanning), reducing the effectiveness of GitLab as an all-in-one DevSecOps platform.

Proposal

• Allow users to enable continuous monitoring for specific commits or tags (apart from branches)
• Create a new dashboard to display monitoring results and trends
• also introduce alerts (generally discussed in #249117

Intended users

• Delaney (Development Team Lead)
• Sasha (Software Developer)
• Amy (Application Security Engineer)
• Alex (Security Operations Engineer)