FY26Q4 Stage Lead planning issue: Application Security Testing
Issue description
This issue outlines the themes that will be the focus of the Application Security Testing stage lead during Q4 of FY26.
Themes
Standardize configuration docs
- Short description: Standardize configuration docs content for all application security testing tools.
- Reasoning: Inconsistency of prerequisites and the configuration options available between tools creates unnecessary friction for users.
| Issue | Group(s) | Status | Effort | Priority | Details |
|---|---|---|---|---|---|
| Docs: Add prereqs to application security testi... (gitlab-org/gitlab#536451) | devopsapplication security testing |
|
Medium | Medium | Target milestone is TBA. |
| Docs: Improve the application security testing ... (gitlab-org/gitlab#565659) | devopsapplication security testing |
|
Medium | Medium | Target milestone is 18.7 |
Standardize feature name spelling
- Short description: Feature names in the application security testing section use a variety of spellings. We should edit them so each feature is in sentence case and is named consistently.
- Reasoning: Maintaining docs that differ from our current style is challenging. Customers might also have a hard time finding information if features aren't consistently named.
| Issue | Group(s) | Status | Effort | Priority | Details |
|---|---|---|---|---|---|
| Docs: Sentence case Secure section feature names (gitlab-org/gitlab#560856) | devopsapplication security testing |
|
High | High | Aim to spread work over the quarter. |
Quick wins
- Short description: Easy docs fixes an improvements across the AST docs.
- Reasoning: While it's important that big cross-stage improvements are planned and tracked, it's also important to recognize small but significant improvements.
display: table
title: Application Security Testing quick wins 🎉
description: Small improvements to the AppSec docs
fields: title, author, milestone, state
limit: 10
query: project = "gitlab-org/gitlab" AND label = (~"quick win" , ~"tw-lead::application security testing") AND type = MergeRequest AND created > 2025-10-11 and created < 2026-01-09Legend:
-
⏳ : Waiting for<...>.technical writer, orPM input, orEngineering input -
🚧 : In progress -
✅ : Complete -
🏋🏽 : Stretch goal (add next to any item that is aspirational this quarter)
Retrospective
After the quarter is complete, create discussion threads with the following titles. Use these discussion threads for self-reflection and to note feedback from others about how the quarter went.
## 👍 What went well?## 👎 What didn't go as well?## 📈 What could be improved for next time?Ongoing tasks
Manage TW-DRI assignments for all milestones:
Specific TW milestone planning issues:
References
Edited by Russell Dickenson