Security Risk Management

Information security professionals face a daunting task when first adopting GitLab Application Security Testing, whether coming from other scanning software or entering the world of automated security testing for the first time. The workload can overwhelm them. We break it into two distinct phases:

Bulk Triage Phase

Handling vulnerabilities that appear in the Vulnerability Report when scanners are first run on a project

Continuous Security Phase

Handling vulnerabilities that appear after bulk triage has completed, whether because of code changes or newly understood vulnerabilities

Other resources

Issues within AppSec SME channel (GitLab team only)

2024-12-05 Technical Skills Exchange - Vulnerability Management (video)
Blueprint of Vulnerability Management configuration for large enterprise customers
Placeholder: Helping organizations manage vulnerabilites

GitLab Professional Services delivery kit - Security

Security Risk Management

Bulk Triage Phase

Continuous Security Phase

Other resources