diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-31 12:13:01 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-08-31 12:13:01 +0000 |
| commit | 3034c7e6aa99d21c3d9fa1df01f60fdd3f32d914 (patch) | |
| tree | 424f5a291abf1a93ff9870667ecb301b899972fc /doc/development/sec | |
| parent | 6170bdc060501ecf6f817a530b3dc9f2e39ad4c3 (diff) | |
| download | gitlab-ce-3034c7e6aa99d21c3d9fa1df01f60fdd3f32d914.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/development/sec')
| -rw-r--r-- | doc/development/sec/index.md | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/doc/development/sec/index.md b/doc/development/sec/index.md index 0d1952cb7e4..9200311f731 100644 --- a/doc/development/sec/index.md +++ b/doc/development/sec/index.md @@ -44,21 +44,21 @@ flowchart LR ### Scanning The scanning part is responsible for finding vulnerabilities in given resources, and exporting results. -The scans are executed in CI/CD jobs via several small projects called [Analyzers](../../user/application_security/terminology/#analyzer), which can be found in our [Analyzers sub-group](https://gitlab.com/gitlab-org/security-products/analyzers). -The Analyzers are wrappers around security tools called [Scanners](../../user/application_security/terminology/#scanner), developed internally or externally, to integrate them into GitLab. +The scans are executed in CI/CD jobs via several small projects called [Analyzers](../../user/application_security/terminology/index.md#analyzer), which can be found in our [Analyzers sub-group](https://gitlab.com/gitlab-org/security-products/analyzers). +The Analyzers are wrappers around security tools called [Scanners](../../user/application_security/terminology/index.md#scanner), developed internally or externally, to integrate them into GitLab. The Analyzers are mainly written in Go. Some 3rd party integrators also make additional Scanners available by following our [integration documentation](../integrations/secure.md), which leverages the same architecture. -The results of the scans are exported as JSON reports that must comply with the [Secure report format](../../user/application_security/terminology/#secure-report-format) and are uploaded as [CI/CD Job Report artifacts](../../ci/pipelines/job_artifacts.md) to make them available for processing after the pipelines completes. +The results of the scans are exported as JSON reports that must comply with the [Secure report format](../../user/application_security/terminology/index.md#secure-report-format) and are uploaded as [CI/CD Job Report artifacts](../../ci/pipelines/job_artifacts.md) to make them available for processing after the pipelines completes. ### Processing, visualization, and management After the data is available as a Report Artifact it can be processed by the GitLab Rails application to enable our security features, including: -- [Security Dashboards](../../user/application_security/security_dashboard/), Merge Request widget, Pipeline view, and so on. -- [Interactions with vulnerabilities](../../user/application_security/#interact-with-findings-and-vulnerabilities). -- [Approval rules](../../user/application_security/#security-approvals-in-merge-requests). +- [Security Dashboards](../../user/application_security/security_dashboard/index.md), Merge Request widget, Pipeline view, and so on. +- [Interactions with vulnerabilities](../../user/application_security/index.md#interact-with-findings-and-vulnerabilities). +- [Approval rules](../../user/application_security/index.md#security-approvals-in-merge-requests). Depending on the context, the security reports may be stored either in the database or stay as Report Artifacts for on-demand access. |