Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
c01098a1
Commit
c01098a1
authored
Mar 23, 2021
by
Russell Dickenson
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Remove unwanted DAST content
parent
7ee3db47
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
16 additions
and
32 deletions
+16
-32
doc/user/application_security/dast/index.md
doc/user/application_security/dast/index.md
+16
-32
No files found.
doc/user/application_security/dast/index.md
View file @
c01098a1
...
...
@@ -718,6 +718,22 @@ variables:
DAST_ZAP_CLI_OPTIONS
:
"
-config
replacer.full_list(0).description=auth
-config
replacer.full_list(0).enabled=true
-config
replacer.full_list(0).matchtype=REQ_HEADER
-config
replacer.full_list(0).matchstr=Authorization
-config
replacer.full_list(0).regex=false
-config
replacer.full_list(0).replacement=TOKEN"
```
### Bleeding-edge vulnerability definitions
ZAP first creates rules in the
`alpha`
class. After a testing period with
the community, they are promoted to
`beta`
. DAST uses
`beta`
definitions by
default. To request
`alpha`
definitions, use the
`DAST_INCLUDE_ALPHA_VULNERABILITIES`
CI/CD variable as shown in the
following configuration:
```
yaml
include
:
template
:
DAST.gitlab-ci.yml
variables
:
DAST_INCLUDE_ALPHA_VULNERABILITIES
:
"
true"
```
### Cloning the project's repository
The DAST job does not require the project's repository to be present when running, so by default
...
...
@@ -1172,38 +1188,6 @@ dast:
-
gl-dast-report.json
```
## Security Dashboard
The Security Dashboard is a good place to get an overview of all the security
vulnerabilities in your groups, projects and pipelines. Read more about the
[
Security Dashboard
](
../security_dashboard/index.md
)
.
## Bleeding-edge vulnerability definitions
ZAP first creates rules in the
`alpha`
class. After a testing period with
the community, they are promoted to
`beta`
. DAST uses
`beta`
definitions by
default. To request
`alpha`
definitions, use the
`DAST_INCLUDE_ALPHA_VULNERABILITIES`
CI/CD variable as shown in the
following configuration:
```
yaml
include
:
template
:
DAST.gitlab-ci.yml
variables
:
DAST_INCLUDE_ALPHA_VULNERABILITIES
:
"
true"
```
## Interacting with the vulnerabilities
Once a vulnerability is found, you can interact with it. Read more on how to
[
address the vulnerabilities
](
../index.md#addressing-vulnerabilities
)
.
## Vulnerabilities database update
For more information about the vulnerabilities database update, check the
[
maintenance table
](
../index.md#maintenance-and-update-of-the-vulnerabilities-database
)
.
## Optimizing DAST
By default, DAST downloads all artifacts defined by previous jobs in the pipeline. If
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment