►
From YouTube: GitLab 13.10 Kickoff - Secure: Static Analysis
Description
GitLab Secure: Static Analysis Product Manager, Taylor McCaslin, provides an Overview of 13.10 release plans.
Content from the video:
- 13.10 Planning Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/301217
- Static Analysis Team Development Process: https://about.gitlab.com/handbook/engineering/development/secure/static-analysis/
- Replacing SAST Analyzers with Semgrep: https://gitlab.com/gitlab-org/gitlab/-/issues/262068
- 14.0 Removals and Deprecations: https://gitlab.com/gitlab-org/gitlab/-/issues/273620#static-analysis
- Improved Vulnerability Tracking - https://gitlab.com/groups/gitlab-org/-/epics/5144
A
Hi
everyone,
my
name,
is
taylor,
mccaslin
and
I'm
a
principal
product
manager
here,
working
with
our
static
analysis
team
and
today,
I'm
going
to
give
you
a
quick
overview
of
our
13.10
plan
to
start
off
we're
moving
forward
with
our
replacement
of
sas
analyzers
with
sim
grip.
So
this
transition
is
been
explored
and
we're
moving
forward
to
to
transition
some
of
our
scanners.
To
this.
A
A
So
you've
got
about
two
releases
to
adjust
and
fix
anything
before
these
removals
happen
in
our
next
major
release
and
then
finally,
we're
also
working
on
improving
the
accuracy
of
tracking
for
sas
and
secret
detection
findings.
This
is
using
a
new
fingerprinting
solution
that
we've
been
working
on,
we're
being
very
careful
as
we
roll
this
out.