summaryrefslogtreecommitdiff
path: root/doc/user/application_security/configuration/index.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/user/application_security/configuration/index.md')
-rw-r--r--doc/user/application_security/configuration/index.md122
1 files changed, 31 insertions, 91 deletions
diff --git a/doc/user/application_security/configuration/index.md b/doc/user/application_security/configuration/index.md
index 3cc88a40b6f..664fcd9b72f 100644
--- a/doc/user/application_security/configuration/index.md
+++ b/doc/user/application_security/configuration/index.md
@@ -11,9 +11,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w
> - SAST configuration was [enabled](https://gitlab.com/groups/gitlab-org/-/epics/3659) in 13.3 and [improved](https://gitlab.com/gitlab-org/gitlab/-/issues/232862) in 13.4. **(ULTIMATE)**
> - DAST Profiles feature was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40474) in 13.4. **(ULTIMATE)**
> - A simplified version was made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/294076) in GitLab 13.10.
-
-WARNING:
-This feature might not be available to you. Check the **version history** note above for details.
+> - [Redesigned](https://gitlab.com/gitlab-org/gitlab/-/issues/326926) in 14.2.
The Security Configuration page displays what security scans are available, links to documentation and also simple enablement tools for the current project.
@@ -22,35 +20,37 @@ then in the left sidebar go to **Security & Compliance > Configuration**.
For each security control the page displays:
-- **Security Control:** Name, description, and a documentation link.
-- **Manage:** A management option or a documentation link.
-
-## UI redesign
-
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/326926) in 14.0 for GitLab Free and Premium, behind a feature flag, disabled by default.
-> - Enabled on GitLab.com for Free & Premium.
-> - Recommended for production use.
-> - It can be enabled or disabled for a single project.
-> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-ui-redesign). **(FREE SELF)**
-> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/333109) in 14.1 for GitLab Ultimate, behind a feature flag, disabled by default.
-> - Disabled on GitLab.com.
-> - Not recommended for production use.
-> - It can be enabled or disabled for a single project.
-> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-ui-redesign-for-ultimate). **(ULTIMATE SELF)**
+- Its name, description and a documentation link.
+- Whether or not it is available.
+- A configuration button or a link to its configuration guide.
-WARNING:
-This feature might not be available to you. Check the **version history** note above for details.
+## Security testing
-The Security Configuration page has been redesigned in GitLab Free and Premium.
-The same functionality exists as before, but presented in a more extensible
-way.
+You can configure the following security controls:
-For each security control the page displays:
+- Auto DevOps
+ - Click **Enable Auto DevOps** on the alert to enable it for the current project. For more details, see [Auto DevOps](../../../topics/autodevops/index.md).
+- SAST
+ - Click **Enable SAST** to use SAST for the current project. For more details, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui).
+- DAST **(ULTIMATE)**
+ - Click **Enable DAST** to use DAST for the current Project. To manage the available DAST profiles used for on-demand scans Click **Manage Scans**. For more details, see [DAST on-demand scans](../dast/index.md#on-demand-scans).
+- Dependency Scanning **(ULTIMATE)**
+ - Select **Configure via Merge Request** to create a merge request with the changes required to
+ enable Dependency Scanning. For more details, see [Enable Dependency Scanning via an automatic merge request](../dependency_scanning/index.md#enable-dependency-scanning-via-an-automatic-merge-request).
-- Its name, description and a documentation link.
-- Whether or not it is available.
-- A configuration button or a link to its configuration guide.
+- Container Scanning **(ULTIMATE)**
+ - Can be configured via `.gitlab-ci.yml`. For more details, see [Container Scanning](../../../user/application_security/container_scanning/index.md#configuration).
+- Cluster Image Scanning **(ULTIMATE)**
+ - Can be configured via `.gitlab-ci.yml`. For more details, see [Cluster Image Scanning](../../../user/application_security/cluster_image_scanning/#configuration).
+- Secret Detection
+ - Select **Configure via Merge Request** to create a merge request with the changes required to
+ enable Secret Detection. For more details, see [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request).
+- API Fuzzing **(ULTIMATE)**
+ - Click **Enable API Fuzzing** to use API Fuzzing for the current Project. For more details, see [API Fuzzing](../../../user/application_security/api_fuzzing/index.md#enable-web-api-fuzzing).
+- Coverage Fuzzing **(ULTIMATE)**
+ - Can be configured via `.gitlab-ci.yml`. For more details, see [Coverage Fuzzing](../../../user/application_security/coverage_fuzzing/index.md#configuration).
+
## Status **(ULTIMATE)**
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6.
@@ -63,71 +63,11 @@ _enabled_.
If the latest pipeline used [Auto DevOps](../../../topics/autodevops/index.md),
all security features are configured by default.
-For SAST, click **View history** to see the `.gitlab-ci.yml` file's history.
+Click **View history** to see the `.gitlab-ci.yml` file's history.
-## Manage **(ULTIMATE)**
+## Compliance **(ULTIMATE)**
You can configure the following security controls:
-- Auto DevOps
- - Click **Enable Auto DevOps** to enable it for the current project. For more details, see [Auto DevOps](../../../topics/autodevops/index.md).
-- SAST
- - Click either **Enable** or **Configure** to use SAST for the current project. For more details, see [Configure SAST in the UI](../sast/index.md#configure-sast-in-the-ui).
-- DAST Profiles
- - Click **Manage** to manage the available DAST profiles used for on-demand scans. For more details, see [DAST on-demand scans](../dast/index.md#on-demand-scans).
-- Secret Detection
- - Select **Configure via Merge Request** to create a merge request with the changes required to
- enable Secret Detection. For more details, see [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request).
-- Dependency Scanning
- - Select **Configure via Merge Request** to create a merge request with the changes required to
- enable Dependency Scanning. For more details, see [Enable Dependency Scanning via an automatic merge request](../dependency_scanning/index.md#enable-dependency-scanning-via-an-automatic-merge-request).
-
-## Enable or disable UI redesign **(FREE SELF)**
-
-The Security Configuration redesign is under development, but is ready for
-production use. It is deployed behind a feature flag that is **disabled by
-default**.
-[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) can enable it.
-
-To enable it:
-
-```ruby
-# For the instance
-Feature.enable(:security_configuration_redesign)
-# For a single project
-Feature.enable(:security_configuration_redesign, Project.find(<project id>))
-```
-
-To disable it:
-
-```ruby
-# For the instance
-Feature.disable(:security_configuration_redesign)
-# For a single project
-Feature.disable(:security_configuration_redesign, Project.find(<project id>))
-```
-
-## Enable or disable UI redesign for Ultimate **(ULTIMATE SELF)**
-
-The Security Configuration redesign is under development, and is not ready for
-production use. It is deployed behind a feature flag that is **disabled by
-default**.
-[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) can enable it.
-
-To enable it:
-
-```ruby
-# For the instance
-Feature.enable(:security_configuration_redesign_ee)
-# For a single project
-Feature.enable(:security_configuration_redesign_ee, Project.find(<project id>))
-```
-
-To disable it:
-
-```ruby
-# For the instance
-Feature.disable(:security_configuration_redesign_ee)
-# For a single project
-Feature.disable(:security_configuration_redesign_ee, Project.find(<project id>))
-```
+- License Compliance **(ULTIMATE)**
+ - Can be configured via `.gitlab-ci.yml`. For more details, see [License Compliance](../../../user/compliance/license_compliance/index.md#configuration).
View Lorry Controller Status