Fully unattended Auto Remediation
Problem to solve
Auto Remediation flow consists of two different parts:
- find the vulnerability and its solution
- apply the solution, deploy, monitor
While 1
can be automatically done by a pipeline (on commit or scheduled), the second part is triggered by a manual action: users have to click on a button to create the merge request.
To complete the Auto Remediation goal (fully automated), we should find a way to auto remediate all vulnerabilities as soon as they are spotted.
Target audience
- Devon, DevOps Engineer
- Sam, Security Analyst
Proposal
Auto remediate vulnerabilities without any manual intervention, as soon as a new vulnerability is found.
What does success look like, and how can we measure that?
Number of vulnerabilities fixed automatically.
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.