diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-14 03:09:39 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-14 03:09:39 +0000 |
commit | 52cacdb89bb29f355e0c3a33c3250ac2d3fea036 (patch) | |
tree | 106e4128d0b9e454f60287c9895fc2182e82db21 /doc/user | |
parent | 9398d718d92a40a0a917040645a55dea51467a91 (diff) | |
download | gitlab-ce-52cacdb89bb29f355e0c3a33c3250ac2d3fea036.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user')
-rw-r--r-- | doc/user/application_security/dast/index.md | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index 57d2a383768..c9c7129dd7b 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -148,6 +148,9 @@ The results will be saved as a that you can later download and analyze. Due to implementation limitations, we always take the latest DAST artifact available. +DANGER: **Danger:** +**DO NOT** run an authenticated scan against a production server. When an authenticated scan is run, it may perform *any* function that the authenticated user can. This includes modifying and deleting data, submitting forms, following links, and so on. Only run an authenticated scan against a test server. + ### Full scan DAST can be configured to perform [ZAP Full Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan), which |