►
Description
Sameer Kamani walks through what you need to know about dismissing multiple vulnerabilities in the GitLab 12.9 Show and Share.
A
Hello
party,
people,
I
hope
everyone
had
a
chance
to
review.
Adam
Olsen's
12.9
released
email
really
great
documentation
there,
but
for
some
fun
show
and
share.
We
have
a
Sameer
and
Sophie
are
going
to
walk
us
through
some
of
the
new
features.
So
Sameer
is
going
to
talk
about
dismissing
multiple
vulnerabilities
and
group
export
import
via
API.
Take
it
away.
Sameer
I.
B
Think
you
can
you
all
hear
me:
okay,
yes,
okay,
great!
Thank
you
all
right!
I'm
gonna
share
my
screen
here,
real
quick,
so
the
first
one
is
something
that's
near
and
dear
to
me.
Some
of
you
know
that
I
am
somewhat
of
a
security,
nut
and
I
do
a
lot
of
demonstrations
and
discussions
around
us
security
dashboard.
It
happens
to
be
my
main
stay.
That's
that's
what
I
lead
with
in
my
demos
as
well,
so
some
of
you
by
well.
All
of
you
should
know
that
we
have
a
security
dashboard
at
a
project
level.
B
It's
that
so
when
you
see
the
dashboard
you'll
see
the
number
of
vulnerabilities
that
that
have
been
caught
on
that
particular
scan
all
the
different
types
of
reports,
so
nothing's
changed
in
terms
of
how
you
sort
and
slice
and
dice
the
data.
However,
a
little
check
box
has
appeared
next
to
each
of
the
vulnerabilities,
as
well
as
the
header
and,
as
you
would
expect
this
to
function,
if
you
click
on
the
header,
it
selects
all
the
vulnerabilities
that
are
there
on
that
page.
B
So
it's
doing
page
by
page
there
are
20
vulnerabilities
per
page
and
then
it
says,
dismiss
20
select
one
abilities
that
widget
pops
open.
You
can
select
this
particular
reason
that
you
want,
and
then
you
hit
the
scylla,
the
dismiss
selected
and
it
will
dismiss
off
to
all
of
those
for
our
brothers.
You
could
us
also
pick
and
choose
the
ones
that
you
want,
so
this
is
kind
of
beneficial.
If
you
want
to
do.
You
know
like,
for
example,
I
I
know
that
this
cups
and
gcg
ones
are
not
particularly
interesting
to
me.
B
I'm,
not
worried
about
those
things
or
whatever.
It
is
again
when
I
select
them
I
get
the
dismissed.
Three
selected
vulnerabilities
same
thing:
I
can
pick
whichever
reason
I
want
and
then
dismiss
them.
So,
let's
take
for
the
the
term
false
positive
and
I
say
dismissed
selected.
It
essentially
hides
those
vulnerabilities
off
my
dashboard,
and
this
is
older,
video
introduced,
which
is
the
high
dismissed
piece
if
you
on,
if
you
unhide
them,
basically
you
show
them,
then
they
all
show
up
anyway,
and
then
you
can
unde
assist
them.
B
If
you
want
now
there's
a
little
bit
of
a
hitch
in
terms
of
how
this
functionality
has
been
implemented,
so
some
of
you
or
all
of
you
should
have
seen
when
you
click
on
the
vulnerability
you
used
to
be
able
to
click
the
dismiss
vulnerability,
but
well
that
one
never
allowed
you
to
really
put
a
reason.
That
was
a
selective
reason.
B
You
could
put
a
comment
or
you
could
put
the
dismiss
vulnerability
or
just
click
the
dismiss
for
everybody,
but
it,
whereas
with
the
new
feature
what's
happening,
is
that
you
are
able
to
sort
of
like
a
a
reason.
So
there's
a
little
bit
of
a
distinction
in
how
you
know
you
approach
this
and
how
you
present
us
to
the
customer.
I
will
be
creating
an
issue
describing
this.
This
inconsistency
in
behavior,
but
I
want
everybody
to
understand
that
that's
what's
going
on
over
here
it
looks
kind
of
different,
but
it
it
acts.
B
The
same
way
essentially
just
gives
you
a
predefined
set
of
reasons
that
you
can
pick
so
with
that
I'm
gonna
open
it
up
for
questions
in
a
minute,
but
it
would
be.
The
other
thing
is
this
same:
functionality
is
also
a
bibble
at
the
roof
security
dashboard
level
yeah.
Some
of
you
may
have
seen
this
from
this
air
pop-up.
It's
a
angry
air
that
shows
up
on
demos.
It's
really
bad.
B
We've
notified
the
team
they're
working
on
it,
hopefully
in
the
next
release,
we'll
have
a
fix
for
it,
but
the
same
functionality
exists
at
the
group
level
as
well,
where
you
can
pick
sudden
set
of
vulnerabilities
and
select
the
reason
so
with
that
I'm
going
to
pause
here
before
I
move
on
to
the
next
function.
Any
questions
yes.
C
A
Rabb
real,
quick,
something
that
I've
seen
pop
up
every
once
in
a
while
is,
is
that
you
know
when
you
get
to
that
screen
where
it
says
you
dismissed
or
whatever
on
some
of
them.
It
shows
the
line
that
it
detected.
The
vulnerability
on,
but
I
haven't
seen
that
in
a
while
I'm,
not
sure
if
I'm
looking
at
the
wrong
kind
of
code,
one
vulnerability
or
what
is.