diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-14 21:10:12 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-14 21:10:12 +0000 |
commit | 7f35b02e86cd3d2e8b4a81c5c3a8483ff6973c5a (patch) | |
tree | 958f0603e4d8d0bcd5a5fa2e0a006b6f1b280068 /doc/user/application_security/index.md | |
parent | 3244feeb4f1980251fd9ff6cc263e34072fbf7c7 (diff) | |
download | gitlab-ce-7f35b02e86cd3d2e8b4a81c5c3a8483ff6973c5a.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/user/application_security/index.md')
-rw-r--r-- | doc/user/application_security/index.md | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md index 30db267d891..f58c146f773 100644 --- a/doc/user/application_security/index.md +++ b/doc/user/application_security/index.md @@ -499,8 +499,8 @@ GitLab provides two methods of accomplishing this, each with advantages and disa are recommended when: - Scan execution enforcement is required for DAST which uses a DAST site or scan profile. - - Scan execution enforcement is required for SAST, Secret Detection, or Container Scanning with project-specific variable - customizations. To accomplish this, users must create a separate security policy per project. + - Scan execution enforcement is required for SAST, Secret Detection, Dependency Scanning, or Container Scanning with project-specific +variable customizations. To accomplish this, users must create a separate security policy per project. - Scans are required to run on a regular, scheduled cadence. - Either solution can be used equally well when: @@ -514,7 +514,7 @@ Additional details about the differences between the two solutions are outlined | | Compliance Framework Pipelines | Scan Execution Policies | | ------ | ------ | ------ | -| **Flexibility** | Supports anything that can be done in a CI file. | Limited to only the items for which GitLab has explicitly added support. DAST, SAST, Secret Detection, and Container Scanning scans are supported. | +| **Flexibility** | Supports anything that can be done in a CI file. | Limited to only the items for which GitLab has explicitly added support. DAST, SAST, Secret Detection, Dependency Scanning, and Container Scanning scans are supported. | | **Usability** | Requires knowledge of CI YAML. | Follows a `rules` and `actions`-based YAML structure. | | **Inclusion in CI pipeline** | The compliance pipeline is executed instead of the project's `.gitlab-ci.yml` file. To include the project's `.gitlab-ci.yml` file, use an `include` statement. Defined variables aren't allowed to be overwritten by the included project's YAML file. | Forced inclusion of a new job into the CI pipeline. DAST jobs that must be customized on a per-project basis can have project-level Site Profiles and Scan Profiles defined. To ensure separation of duties, these profiles are immutable when referenced in a scan execution policy. All jobs can be customized as part of the security policy itself with the same variables that are normally available to the CI job. | | **Schedulable** | Can be scheduled through a scheduled pipeline on the group. | Can be scheduled natively through the policy configuration itself. | |