diff options
Diffstat (limited to 'doc/user/application_security/vulnerability_report/index.md')
-rw-r--r-- | doc/user/application_security/vulnerability_report/index.md | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/doc/user/application_security/vulnerability_report/index.md b/doc/user/application_security/vulnerability_report/index.md index e6353264f39..0826258de9e 100644 --- a/doc/user/application_security/vulnerability_report/index.md +++ b/doc/user/application_security/vulnerability_report/index.md @@ -19,6 +19,9 @@ At all levels, the Vulnerability Report contains: - Filters for common vulnerability attributes. - Details of each vulnerability, presented in tabular layout. +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +For an overview, see [Vulnerability Management](https://www.youtube.com/watch?v=8SJHz6BCgXM). + The **Activity** column contains icons to indicate the activity, if any, taken on the vulnerability in that row: @@ -45,7 +48,7 @@ At the project level, the Vulnerability Report also contains: To view the project-level vulnerability report: 1. On the top bar, select **Main menu > Projects** and find your project. -1. On the left sidebar, select **Security & Compliance > Vulnerability report**. +1. On the left sidebar, select **Security and Compliance > Vulnerability report**. ## Vulnerability Report actions @@ -158,7 +161,8 @@ If Jira issue support is enabled, the issue link found in the Activity entry lin ## Change status of vulnerabilities -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/292636) in GitLab 13.10, all statuses became selectable. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/292636) in GitLab 13.10, all statuses became selectable. +> - Providing a comment and dismissal reason [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/408366) in GitLab 16.0. From the Vulnerability Report you can change the status of one or more vulnerabilities. @@ -167,9 +171,11 @@ To change the status of vulnerabilities in the table: 1. Select the checkbox beside each vulnerability you want to update the status of. To select all, select the checkbox in the table header. 1. In the **Set status** dropdown list, select the desired status. +1. If the **Dismissed** status is chosen, select the desired reason in the **Set dismissal reason** dropdown list. +1. In the **Add a comment** input, you can provide a comment. For the **Dismissed** status, a comment is required. 1. Select **Change status**. -![Project Vulnerability Report](img/project_security_dashboard_status_change_v14_2.png) +![Project Vulnerability Report](img/project_security_dashboard_status_change_v16_0.png) ## Sort vulnerabilities by date detected @@ -242,7 +248,7 @@ Vulnerability records cannot be deleted, so a permanent record always remains. You can dismiss a vulnerability in projects and groups: 1. Select the vulnerability in the Security Dashboard. -1. In the upper right, from the **Status** selector menu, select **Dismissed**. +1. In the upper-right corner, from the **Status** dropdown list, select **Dismissed**. 1. Optional. Add a reason for the dismissal and select **Save comment**. To undo this action, select a different status from the same menu. @@ -256,7 +262,7 @@ To undo this action, select a different status from the same menu. To add a new vulnerability finding from your project level Vulnerability Report page: 1. On the top bar, select **Main menu > Projects** and find your project. -1. On the left sidebar, select **Security & Compliance > Vulnerability Report**. +1. On the left sidebar, select **Security and Compliance > Vulnerability Report**. 1. Select **Submit vulnerability**. 1. Complete the fields and submit the form. |