This is alexander torrinsky, with the threat insights team here to discuss a new feature coming down the pipeline, which is filtering being able to filter vulnerabilities via custom scanner. So, right now we have a custom scanner with here and if we go into the scanner filter, we don't see any separation between git, lab vulnerabilities or vulnerabilities found from gitlab scanners or vulnerabilities found from custom scanners is simply by this work, this scanner type. So if I filter for dash, we get report type das in the url and these show up still.

But if we had get or vulnerabilities found by a gitlab das scanner, then those would show up as well and we want to make this filtering more granular. So what I have added is exactly that now in this skill uh scanner filter, we see that there are different sections, there's the all at the top, but then there's get lab filters and there are the custom filter and so for every custom, fil scanner or custom scanner filter for every custom scanner you have. This will be, there will be a new section below so I have there.

This is sam custom scanner, if I add another one called alexander custom scanner that would show up under a new header and new filters and our new options and under there is das and then the name of the the scanner and click on that, and um you get what you expect another added feature. You might have noticed that there's some now contrast these are grayed out, and these are these are all disabled.

You can't click on any of these, I'm clicking on them right now, because in the uh they wouldn't yield any vulnerabilities. So in the past, if I go here, I search for das. If I go all and I choose secret detection, we get this empty page. Sorry, your filter produces no results. Well. Why we now get that information on whether a filter will produce results up front, and so we are using that new information to disable all these scanners. That would not produce any results. So these are all disabled here, which is very excellent.

Now you can only click on either all or das, and that is great. This works on the in the url. That's going to change it! A little bit before, if I go over here, if I choose dast, we were just searching by report type das, which again did not discriminate between scanners, gitlab or third party. Now the url is a little bit longer because we need a little bit of extra information to discern between git lab and third-party scanners, and if I refresh this.

uh It should choose the right one. It did not in this instance that is a bug, and I will work on that, um but it should choose the correct one. There is expected to be a little bit of delay, because these custom scanners are retrieved from the back end, so they take a little bit of time. So when the page first loads- and we don't see any vulnerabilities, the scanner may show up incorrectly. It may show git lab one because we create that by default, but um it should update appropriately.

I will work on that as you'd expect. This is on the project level dashboard, but also the group and instance, level dashboard. So here's the group, I have the scanner, it's again, it's separated by uh vendors. So there's the gitlab section, there's the custom scanner section or sam customer scanner section again. If you had another custom scanner, it would show up down here as another section. These are all disabled.

You can filter, as you would expect.

And it works as one would expect um and then we're here. We are at the instance level. I moved the scanner filter first, because the group and instance level have this project extra project scanner, but which I wanted at the same spot, and I want the scanner filter the same spot. So now it's first, so it's always first that ordering is correct on all of them and then here we're at the instance. You see there's a few more options here and, um as you want, one would expect you get all the appropriate uh there.

It is there all the appropriate vulnerabilities um yeah. So that is the new feature. If you have any questions, feel free to reach out to the threat, insights, team. Otherwise I'll talk to you all later bye.