Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-04-14 03:09:39 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-04-14 03:09:39 +0000
commit: 52cacdb89bb29f355e0c3a33c3250ac2d3fea036 (patch)
tree: 106e4128d0b9e454f60287c9895fc2182e82db21 /doc/user/application_security
parent: 9398d718d92a40a0a917040645a55dea51467a91 (diff)
download: gitlab-ce-52cacdb89bb29f355e0c3a33c3250ac2d3fea036.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md
index 57d2a383768..c9c7129dd7b 100644
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -148,6 +148,9 @@ The results will be saved as a
 that you can later download and analyze.
 Due to implementation limitations, we always take the latest DAST artifact available.
 
+DANGER: **Danger:**
+**DO NOT** run an authenticated scan against a production server. When an authenticated scan is run, it may perform *any* function that the authenticated user can. This includes modifying and deleting data, submitting forms, following links, and so on. Only run an authenticated scan against a test server.
+
 ### Full scan
 
 DAST can be configured to perform [ZAP Full Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan), which
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-04-14 03:09:39 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-04-14 03:09:39 +0000
commit	52cacdb89bb29f355e0c3a33c3250ac2d3fea036 (patch)
tree	106e4128d0b9e454f60287c9895fc2182e82db21 /doc/user/application_security
parent	9398d718d92a40a0a917040645a55dea51467a91 (diff)
download	gitlab-ce-52cacdb89bb29f355e0c3a33c3250ac2d3fea036.tar.gz