►
Description
This is part of a series of videos on the development of the Continuous Vulnerability Scans. Here we present the initial planning for this project to give a quick look at hour expected due date. Please keep in mind that at this point the level of predictability is pretty low and we need to further break down these high level tasks to refine the planning.
You might want to watch the Overview first at: https://www.youtube.com/watch?v=ahl8gTkuWZ4
You can read more on the corresponding epic: https://gitlab.com/groups/gitlab-org/-/epics/7886
A
A
This
was
made
as
soon
as
we
knew
the
new
ad
count
for
the
composition,
that
is,
this
team
and
basically
made
on
the
expectation
that
there
will
be
something
to
deliver
for
15.11
for
continuous
for
defense,
skinning
and
16.0
for
our
container
scanning.
This
is
a
line
with
the
occur
that
we
initially
designed
for
this
quarter,
but
unfortunately
we
already
know
this
is
something
that
is
not
very
realistic,
because
we
are
two
weeks
in
15.10
and
nothing
has
been
started.
A
Yet
this
the
team
is
still,
he
really
focused
on
completing
the
work
on
license
scanner
and
only
a
few
Engineers
started
to
jump
out
of
that
project,
and
it's
likely
that
we
will
start
this
by
next
week,
but
we
have
basically,
we
are
basically
already
two
weeks
left
two
weeks
late.
This
is
also
showing
the
confidence
level
that
is
reused
from
the
previous
video,
and
there
is
no
detail
on
the
level
of
efforts.
This
is
not
representative.
A
A
So
we
have
to
wait
for
that
proof
of
concept
to
be
completed
before
weekends
really
start
working
on
storing
advisories
for
the
pencil
scanning
advisories
for
container
scanning
and
the
matching
Logic
for
the
pencil
scanning.
Also,
you
can
quickly
see
there
the
sequential
aspect
about
having
things
done.
First,
in
the
pencil
scanning
before
they
can
be
started
in
container
scanning.
A
The
other
part
that
we
want
to
start
right
ahead
in
15.10
in
is
a
vs
bomb
work.
There
is
very
little
things
left
to
be
done
in
the
pencil
scanning,
but
there
might
be
some
database
changes.
So
that's
why
again
I'm
more
conservative
and
and
put
that
into
the
beginning
of
15.11
for
completion,
because
we
know
that
database
review
usually
takes
more
time
and
it's
not
100
sure
that
we
will
be
achieving
that
in
the
next
two
weeks
on
the
same
page
for
continuous
scanning.
A
A
The
other
part
that
we
have
already
completed
actually
Mike
Edington,
already
completed
that
Spike
for
the
advisories,
and
this
is
a
very
interesting
work.
We
are
not
yet
sure
if
we
will
be
able
to
reverse
that
immediately
for
the
MVC,
if
it
will
be
more
for
the
longer
term,
someone
will
have
to
take
over
the
work
for
in
our
group
and
figure
that
out.
A
It
might
also
be
EVD
influenced
by
the
result
of
the
proof
of
concept,
because
if
we
do
things
in
the
very
small
list,
it's
less
likely
that
we
can
leverage
this
new
stack
because
they're
a
very
brand
new
technical
component
that
might
not
fit
into
the
usual
deployment
of
our
Omnibus
project.
But
if
we
have
the
opportunity
to
do
that
rather
into
the
new
infrastructure
that
we
develop
for
the
new
license
scanner,
we
will
have
more
flexibility
into
using
new
components.
So
again,
there
is
no
much
more
that
we
know
today.
A
We
have
to
leave
the
team
working
through
the
planning,
breakdown
and
refining
those
epics,
so
that
we
have
a
better
idea
about
what
needs
to
be
done
for
those
big
parts
and
when
we
can
further
optimize
the
start
date
also,
we
haven't
yet
identified
a
quicker
path,
a
more
iterative
path
to
demonstrate
and
ship
something
to
the
users
as
before
the
end
of
the
old
project.
This
is
something
I
also
highlighted
in
the
previous
video,
but
we
will
try
to
challenge
the
team.
A
If
you
have
any
suggestions
feel
free
to
suggest
them
to
us.
They
are
very
welcome.
So,
hopefully,
by
next
in
the
next
two
weeks,
when
I'll
be
back
from
ptos
I
will
be
able
to
share
more
about
this
planning
and
stay
tuned.
If
you
want
to
know
more
about
when
we
expect
to
achieve
that,
thank
you
for
watching
and
see
you
soon.