Support for Security Development Lifecycle checklists
A good practice to start Security Automation is to involve the Sec team as early as possible. We generally do that with a security survey at GitLab. This form is a manual process and some tools are available publicly to automate this process and create the corresponding issue.
For example, goSDL is a web application tool that serves as a self-service entry point for following a Security Development Lifecycle checklist in a software development project.
The first step of this issue is to determine where and how we would integrate this kind of tool in GitLab.
Edited by Philippe Lafoucrière