►
From YouTube: GitLab 13.0 Kickoff - Defend:Threat Insights
Description
The Defend:Threat Insights Group is working on Instance-level exportable security reports for 13.0:
https://gitlab.com/groups/gitlab-org/-/boards/1241267?scope=all&utf8=%E2%9C%93&state=opened&label_name[]=devops%3A%3Adefend&label_name[]=direction&label_name[]=group%3A%3Athreat%20insights
A
A
We'll
take
a
look
at
the
Planning
Board,
so
413
dot
o.
We
don't
have
purposely
a
lot
of
things
in
with
the
direction
label
on
them.
So
as
if
you've
been
following,
along
with
our
release,
kickoff
video
for
threat
insights
well,
first
of
all,
you
may
have
previously
seen
it
as
the
vulnerability
management
group,
so
the
name
was
recently
changed.
Reflect
that
threat.
Insights
now
has
vulnerability
management
as
well
as
the
future.
You
EEA
and
responsible
disclosure
inside
of
it.
A
So
just
something
to
keep
in
mind
if
you,
so,
if
you've
watched
the
last
through
these
videos,
I've
been
talking
a
lot
about
standalone
vulnerabilities,
the
MDC
for
that.
Well,
we
are
working
right
now
to
wrap
that
up
with
the
1210
release
and
very
much
expect
that
that's
going
to
make
it
out
with
this
iteration,
so
very
excited
about
that.
It
has
been
a
very
long
and
hard
press
by
the
team.
A
They've
done
meant
astounding
amount
of
work,
and
you
know
really
a
very
short
amount
of
time
for
what
they've
done
so
we're
gonna
take
a
step
back
and
do
some
things
that
are
some
little
bit
of
left
over.
A
little
bit
of
cleanup
items
that
we
wanted
to
try
to
get
into
twelve
ten,
but
to
make
sure
we
got
the
MDC
at
the
door
there
that
we're
gonna
roll
them
over
to
thirteen
I
know.
All
that
said,
one
of
the
things
we're
going
to
continue
forward
with
is
exporting
the
security
reports
from
dashboards
so
1210.
A
We
also
were
working
on
project
level,
security,
dashboards
being
able
to
make
a
simple
CSV
export
of
what
you
the
vulnerability
list
that
you
see
on
the
screen.
We're
gonna
continue
that
forward
and
add
instance,
level,
exportable
security
reports.
Now
we're
going
to
get
to
the
group.
Eventually
we're
not
going
to
do
that
here,
just
because
this
one
is
a
little
bit
smaller
item
engineering-wise
and
it
made
sense
to
try
to
give
something
from
a
higher
level,
since
we've
got
that
low
level
the
project
as
well.
So
that's
what
we're
going
to
focus
on.
A
If
you
remember
the
project
level
exportable
security
reports.
This
is
basically
the
same
thing.
It
just
has
a
little
bit
more
detail
in
it.
It's
at
a
higher
level,
so
the
instance
level
dashboard
allows
you
to
configure
which
projects
you
want
to
see
on
it.
It
can
be
in
any
of
your
groups,
so
format
is
mostly
the
same.
It's
going
to
be
a
simple
CSV
format
containing
vulnerability
information
you'll,
see
that
it
has
things
like
you
know:
the
scanner
type,
the
vulnerability.
You
know
the
name,
the
details,
a
CBE
severity
score.
A
What's
different
is
here:
you'll
also
get
the
project
name
as
well
as
the
group
name,
so
that
you
know
exactly
where
this
particular
item
came
from
in
the
exported
report
and
then
visually
we'll
go
down
here
to
the
designs.
It's
basically
the
same,
so
you'll
see
an
example
of
the
instance.
Little
dashboard
you'll
now
have
right
next
to
the
Edit
dashboard,
where
you
can
add
and
remove
projects.