FEA408 Mitigate all GitLab Security dashboard problems
| Feature ID | FEA408 |
| Subsystem the feature is part of | Security |
| Responsible person | Anni Orilähde |
| Status | approved |
Description (Mitigate all GitLab Security dashboard problems)
Explain what the feature means and what can be done with it
Vulnerabilities: Update dependencies, apply patches, and follow security best practices.
Container Scanning: Update base images, remove unnecessary software, and regularly scan and update containers.
Dependency Scanning: Update dependencies, use automated tools, and consider alternative dependencies.
DAST (Dynamic Application Security Testing): Fix vulnerabilities, configure web application firewalls, and implement secure coding practices.
SAST (Static Application Security Testing): Review and fix code vulnerabilities, educate developers, and use automated code review tools.
Secret Detection: Remove hardcoded secrets, use secure storage methods, and regularly audit the codebase.
Restrictions, requirements and use cases related to this feature
All relevant issues related to or contributing to the definition of the feature are gathered here
| Use Case 1 | |
| Use Case 2 | |
| Requirement ReqID | |
| Requirement ReqID |
Preliminary user stories
- US051 As a security specialist, I want all the GitLab Security dashboard problems mitigated#51
These should be transferred to issue descriptions as soon as possible
User interface mock-up
Add a picture or a link here. The mock-up should be essentially related to the feature/functionality.
Testing / possible acceptance criteria
*The analytics should meet the requirements of ...
| Testcase | Test source | Responsible |
|---|---|---|
| Testcase 1 | Requirement ID? | |
| Testcase 2 | Requirement ID? | |
| Testcase 3 | Requirement ID? | |
| Testcase 4 | Requirement ID? | |