### Problem to solve Full Dependency Scanning scans on SBOM changes have been enabled in %17.5 with https://gitlab.com/gitlab-org/gitlab/-/issues/395692. Though, this only covered the default branch workflow. Currently, this full SBOM scan is executed additionally to the existing CI based security scanning, so that users are not impacted by the existing feature parity gap. To pursue on our vision to replace CI based Dependency Scanning analysis with SBOM based Dependency Scanning analysis, we need to expand it to cover all existing workflows and reach an acceptable level of parity. This epics contains the work required to reach the Beta level https://docs.gitlab.com/ee/policy/experiment-beta-support.html#beta ### Proposal These are high level tasks to give an overview of the work to be done. SSOT will be attached issues and epics. **Beta level Requirements:** 1. Might not be ready for production use. 2. Are [supported on a commercially-reasonable effort basis](https://about.gitlab.com/support/statement-of-support/#experiment-beta-features), but with the expectation that issues require extra time and assistance from development to troubleshoot. 3. Might be unstable. 4. Have configuration and dependencies that are unlikely to change. 5. Have features and functions that are unlikely to change. However, breaking changes can occur outside of major releases or with less notice than for generally available features. 6. Have a low risk of data loss. 7. Have a user experience that is complete or near completion. ### Timeline The objective is to reach the Beta level before %17.9, so that we can offer an acceptable replacement when we announce the deprecation of the existing CI based Dependency Scanning analysis that uses the Gemnasium analyzer. See https://gitlab.com/groups/gitlab-org/-/epics/14146+