Docs: Improve the introduction of application security testing
-
Start this issue's title with Docs:orDocs feedback:.
Problem to solve
The introduction of GitLab application security testing [1] does not make it clear that a critical aspect of the vulnerability management workflow is a feedback loop. An outcome of the triage, analyze, and remediate stages can be recognition that the detection of vulnerabilities needs to be tuned (optimized). The documentation does not make this clear.
[1] https://docs.gitlab.com/user/application_security/
Further details
N/A
Proposal
Edit and, if necessary, restructure the "Application security" docs page to describe the feedback loop and its importance. If necessary, mention the feedback loop in the triage, analyze, and remediate docs pages.
Note: For the triage, analyze, and remediate docs pages the mention of the feedback loop should be a minimal valuable change, not a significant rewrite. In a future iteration that content will be reviewed and possibly rewritten.