Skip to content

Add security scanning data to Compliance Report

Problem to solve

Compliance-minded organizations require specific scans to run with each code deploy. This information is available in one form via the Security Dashboard but can provide value when shown in aggregate and for each project at a high-level. There isn't a consolidated, single view of these scan results for every project in a group for an admin or group owner to analyze.

Intended users

Further details

This is an iteration on the Compliance Dashboard.

Providing a high-level view of compliance-related data about each project supports our vision to answer all questions a compliance user or auditor might have within GitLab. Showing security data can help save the time of digging into each project and allows users to target specific projects more easily.

Proposal

Add a visual indicator for each project to show if security scan(s) are enabled or not along with the project's grade (from Security scanning) similar to pipeline results.

Edited by Austin Regnery