Security Analyst Agent
# Security Analyst Agent Epic
This epic tracks the development, beta release, and feedback collection for the Security Analyst Agent - a specialized AI assistant that helps with vulnerability management and security analysis workflows in GitLab.
## Overview
The Security Analyst Agent is a foundational agent that extends Duo Chat's capabilities with security-specific expertise and context awareness. It combines deep security knowledge with understanding of GitLab's security features to provide targeted assistance for vulnerability management, risk assessment, and security workflow automation.
## Beta Release (18.5)
### Availability
- **Tier:** Ultimate
- **Add-on:** GitLab Duo Core, Pro, or Enterprise
- **Offering:** GitLab.com only
- **Status:** Beta
- **Access:** Via Duo Chat side panel within projects
## GA Release (18.7)
### Availability
- **Tier:** Ultimate
- **Add-on:** GitLab Duo Core, Pro, or Enterprise
- **Offering:** GitLab.com only
- **Status:** Beta
- **Access:** Via Duo Chat side panel within projects
### Current Capabilities
The Security Analyst Agent can:
**Vulnerability Management:**
- List all vulnerabilities in a project with filtering by severity and report types
- Get detailed vulnerability information including CVE data, EPSS scores, and reachability analysis
- Confirm vulnerabilities when verified as genuine security issues
- Dismiss false positives or acceptable risks with proper reasoning
- Update vulnerability severity levels based on security review
- Revert vulnerability status back to detected for re-assessment
**Issue Integration:**
- Create GitLab issues automatically linked to vulnerabilities
- Link existing issues to vulnerabilities for tracking remediation
**Analysis & Reporting:**
- Analyze vulnerability trends and security posture
- Provide remediation guidance and security recommendations
- Generate security summaries and compliance reports
### Beta Limitations
- Limited to Ultimate tier with Duo add-on subscription
- SaaS only (no Self-Managed or Dedicated support)
- May not understand all custom security workflows or policies
- Cannot directly modify code or apply security patches
- May not have access to all external security tools integrations
- Cannot perform automated penetration testing or active scanning
## Planned GA Features
- **Platform Expansion:** Self-Managed and Dedicated support
- **Enhanced Integrations:** External security tools and scanners
- **Advanced Compliance:** Automated compliance reporting and frameworks
- **Workflow Automation:** Automated remediation workflows and security actions
- **Cross-Project Analysis:** Security analysis across multiple projects
- **Dashboard Integration:** Integration with security boards and dashboards
## Success Metrics
### Beta Success Criteria
- [ ] Positive user feedback on vulnerability assessment accuracy
- [ ] Demonstrated time savings in security triage workflows
- [ ] Low false positive rate in security recommendations
- [ ] User adoption and engagement metrics meet targets
- [ ] Critical bugs identified and resolved
### GA Readiness Criteria
- [ ] Feature parity across all GitLab offerings (SaaS, Self-Managed, Dedicated)
- [ ] Integration with major external security tools
- [ ] Comprehensive compliance framework support
- [ ] Automated remediation capabilities
- [ ] Performance and scalability validation
## Key Use Cases
1. **Security Triage:** Rapidly assess and prioritize vulnerability findings
2. **Risk Assessment:** Evaluate business impact and exploitability of security issues
3. **Compliance Management:** Track and report on security compliance requirements
4. **Remediation Planning:** Create actionable plans to address security vulnerabilities
5. **False Positive Reduction:** Distinguish genuine threats from benign findings
6. **Security Reporting:** Generate executive summaries and security posture reports
## Related Work
- Security scanning and vulnerability detection improvements
- Duo Chat platform enhancements
- Compliance and governance tooling
- Security dashboard and reporting features
## Feedback Collection
Beta feedback is being collected via dedicated feedback issues to understand:
- Accuracy of vulnerability assessments
- Usefulness of security recommendations
- Quality of risk assessment and EPSS score interpretations
- Appropriateness of security expertise tone
- Missing capabilities and workflow gaps
- False positive identification effectiveness
---
This epic serves as the central tracking point for all Security Analyst Agent development, from Beta through GA release.
epic