**Problem to Solve**: SAST VR only runs on new vulnerabilities (that are critical and high, and meet the FP % Threshold, as of writing). A key use case for Bulk SAST VR is addressing the 'backlog problem' which afflicts many customers. An automated way to resolve security debt is a critical use case for DAP+Ultimate users. **Business Case:** https://gitlab.com/groups/gitlab-org/-/work_items/21734#note_3275911646 **In Scope** * In the vulnerability report, users should be able to bulk-select findings to run the flow on. * Users would alternatively be able to utilise a "Select All" button to run the flow on the entire backlog. * Once a job is running, we should present the user with a progress bar/indicator in the vulnerability report page. * Once a job is running, we should also allow the user to cancel/terminate the job at will. **Out of Scope** * Grouping capabilities in parent epic. This is only for the bulk selection mechanism. Users can relate vulnerabilities in the meantime manually, and select and create a single MR for suspected groups. **Designs** cc @acummins9