►
From YouTube: GitLab 13.3 Kickoff - Secure:Threat Insights
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hey
everyone,
its
Matt
Wilson
product
manager,
for
the
secure
thread,
insights
team-
you
might
have
noticed
I
just
said
secure.
We
recently
decided
to
move
the
defend
stage
or
sorry.
The
defend
group
thread
insights,
which
includes
vulnerability
management
over
on
to
the
secure
stage.
It's
part
of
a
larger
strategy
to
better
align
the
vulnerability
management
aspects
with
scanner
teams
and
will
help
us
be
even
more
responsive,
as
we
try
to
mature
all
the
respective
characters,
as
well
as
Len
hand
and
our
request
for
ast
leadership.
So
same
team,
I'm,
I'm
still
doing
the
same
work.
A
The
engineering
team
is
still
the
same.
Our
mission
roadmap
goals
are
all
still
the
same,
we're
just
functionally
aligned
and
you're
secure
now,
so
look
for
the
videos
in
secure
and
not
defend
going
for
it
with
that
said,
this
is
the
thirteen
three
release,
kickoff
and
I'm,
going
to
talk
through
what
we
are
going
to
work
through.
A
So
we
do
this
one
a
little
bit
differently.
I'm
gonna
start
by
talking
about
the
two
things
that
we're
working
on
last
time,
so
the
majority
of
these
did
get
delivered,
but
there's
a
little
bit
on
the
fence,
so
I
just
want
to
mention.
What's
going
to
potentially
carry
over
to
13-3.
First,
is
this
vulnerability
list
enhancement?
So
this
was
a
pretty
big
effort
to
take
the
existing.
A
We
call
this
the
vulnerability
list
view.
So
this
is
what
you
see
on
the
project
dashboard
as
well
as
the
group
in
the
instance
level.
It's
a
little
bit
different
layout.
This
will
make
sense
when
I
talk
about
something
in
a
minute,
but
we
have
a
lot
more
real
estate
in
the
project
level
dashboard
because
we
don't
have
the
metric
switches
to
the
Snyder.
So,
as
you
can
see,
we
were
planning
to
add
a
lot
of
information
additional
information.
A
So
we
have
this
nice
identifier,
column,
which,
if
there's
a
CBE
or
a
cwe,
that's
provided
by
the
vulnerability
report
for
a
particular
scanner
working
on
display
that
adding
other
niceties
like
lime
number.
So
you
can
actually
see
the
specific
line
number
in
the
effective
file
for
certain
skin
types
as
well
as
more
detail
here.
So
we
used
to
refer
to
these
as
the
reports
scanners
a
little
bit
more
descriptive
to
your
name.
You'll
also
notice
that
we've
got
Titleist
scanner
with
there's
another
name
below
it,
as
they
say,
get
lab
whites.
A
Worse,
that's
one
of
our
official
integration
partners,
so
this
is
to
give
just
extra
clarity
about
where
the
result
comes
from
this
little
piece
right
here
is
something
that's
going
to
be
continued
to
be
hooked
onto
thirteen
three.
If
you
only
have
the
multiple
get
lab
scanners
that
are
included
with
ultimate
turned
on
by
default,
we're
not
going
to
show
the
name
there
because
it
would
be
redundant.
Information
should
get
live.
So
that's
one
little
minor
tweak.
A
Another
thing
we
didn't
quite
get
to
in
thirteen
two
that
will
continue
forward
to
thirty
three
are
showing
the
same
vendor
names
next
to
the
scanner.
That's
in
tightening
so
for
right!
Now
you're
gonna
see
this
name
behavior
in
the
scanner
drop-down,
instead
of
it
breaking
it
out
by
vendor,
go
to
see
simply
one
hundred
force
and
a
stochastic
cetera.
A
So
these
are
some
of
the
little
things
that
we're
going
to
be
working
on
for
this
issue,
but
the
majority
of
it
is
being
delivered
in
thirteen
two.
So
we're
really
excited
to
start
seeing
more
information
all
in
the
overview
page.
So
you
can
do
a
lot
more
without
having
to
drill
into
the
individual
vulnerability
details.
A
Another
one
that
I
want
to
mention
is
linking
an
existing
issue
to
a
vulnerability.
So
this
is
one
that
also
got
very
close
to
the
line
and
we
realized
at
the
very
end
that
there
was
something
that
was
a
little
bit
confusing.
So
we
actually
took
a
pass
to
read
surgery
to
a
little
bit
of
the
UX
here.
So
one
of
the
things
that
you
can
do,
of
course,
is
from
a
vulnerability.
A
You
can
create
an
issue
now
these
issues
or
the
issue
that
you
create
from
her
vulnerability
is
sort
of
a
special
linkage,
but
we
were
adding
in
the
ability
to
relate
other
issue.
So
for
any
project,
you
could
actually
take
an
existing
issue.
Just
like
you
can
add,
related
issues
inside
well
issues.
Today,
you
would
be
able
to
do
this
from
the
vulnerability
itself.
A
However,
this
would
be
sort
of
a
problem
if
you
unlink
the
issue,
you
can
create
it
directly
from
the
vulnerabilities
it's
a
special
link.
So
this
is
an
adjustment
we
were
making
to
the
original
plan.
You'll
notice
is
a
little
lock
icon
here.
If
you
hover
over
it'll,
tell
you
that
the
issue
that
you've
created
from
the
roller
vulnerability
cannot
be
removed,
but
you,
of
course,
can
still
remove
anything
else.
These
these
could
be
for
information.
This
could
be
tracking
the
putting
another
Raider
of
another
team.
A
What
have
you
so
just
another
little
improvement
that
will
be
carrying
over
from
13
and
into
33
now
I
mentioned
it
was
going
to
make
a
little
bit
more
sense
than
the
bowl
of
real
enhancement
list.
I
was
talking
about
things
being
specific
to
the
project
level
because
they
have
more
horizontal,
realistic.
A
Well,
to
that
end,
I
wouldn't
normally
talk
about
a
design
issue,
but
the
reason
I'm
going
to
focus
on
the
design
level
here
is
it's
a
better
way
to
get
sort
of
the
whole
picture
of
where
we're
going
to
go
over
the
next
couple
of
iterations.
So
the
group
level
security
dashboard
is
a
great
way
to
see
a
roll
up
of
all
vulnerability
information
inside
of
one
particular
group.
A
So
you
can
get
all
the
projects
and
we
also
have
some
metrics
widgets
for
lack
of
a
better
term
metrics
components
that
will
show
you
things
like
vulnerability
trends
over
time
as
well
as
the
project's
work,
art.
Well,
those
are
great,
but
they
do
is
sort
of
restrict
a
little
bit
of
the
parity
between
the
dashboards.
A
So
what
we're
going
to
move
towards
over
the
next
iteration
or
two
is
actually
splitting
out
so
today
we
only
have
one
entry
for
security
dashboard,
and
you
would
see
the
vulnerability
list
here
off
to
the
left,
and
these
comments
are
on
the
side,
so
we're
really
just
taking
the
same
information
we're
kind
of
breaking
it
apart.
This
is
more
about
setting
ourselves
up
for
the
future
than
anything
else.
A
So
by
making
this
a
we'll
call
a
a
true
dashboard,
we'll
have
the
flexibility
to
edit
many
more
components,
not
just
from
the
scanners
or
mobility
management
aspect
of
it,
but
other
parts
of
security
as
we
expand
out
the
product,
so
you'll
note
below
there
is
vulnerability
list,
so
this
will
be
a
new
submenu
component.
You'll
start
to
see
the
same
kind
of
behavior
metrics
might
get
bigger,
for
instance,
and
then
this
is
what
it
will
look
like.
A
Here
we're
going
to
try
to
split
the
existing
this
vulnerability
list
or
report
off
into
a
separate
page
for
13-3,
and
that's
the
group
instance
network.
Sorry,
the
group
network
and
then
finally,
we're
going
to
do
something
very
similar,
but
take
it
even
a
step
further
for
the
instance
security
dashboard
right
now,
when
you
go
up
to
the
more
menu
you
have
the
security
option.
This
is
how
you
go
to
the
instance
dashboard
and
it
kind
of
takes
you
to
a
standalone
page.
A
It's
a
little
disconnected,
there's
no
other
real
menu
items
and
it's
all
all
the
behaviors
hands
inside
of
a
single
page.
So
this
is
the
concept
that
we're
going
to
be
working
on
over
the
next
couple
of
iterations
to
really
start
filling
it
out
into
more
of
a
security
focused
area
at
the
instance
level.
A
So
the
first
thing
you
look:
we
have
the
security
dashboard
off
to
the
side
very,
very
similar
to
the
group
treatment,
basically
identical,
so
just
keeping
these
existing
metrics
components
here
and
then
we
can
start
filling
this
in
with
additional
security
information,
charts,
graphs,
high
level
teachers
over
time.
So
they
now
they
called
a
first
class
home
to
live
in.
A
We're
also
going
to
be
keeping
same
sort
of
if
it's
not
configured.
You've
got
your
same
messaging
inside
of
these
individual
pages,
so
you'll
get
the
prompt
to
enter
projects
so
I
think
that
exists
today.
You'll
see
the
same
thing
from
the
dashboard.
If
it's
not
configured
both
of
those
buttons
have
rural
district
events.
So
you'll
see
this
add
project
button.
This
was
on
both
both
of
these
tabs.
Nothing
is
configured.
It
will
take
you
to
this
move
settings
area.
This
is
again
existing
behavior
and
the
current
instance
dashboard.
A
This
is
where
you
search
for
and
select
which
specific
projects
that
you
would
actually
like
to
be
incorporated
into.
This
dashboard
seems
like
a
minor
change
to
split
it
out,
but
what
this
also
does
is.
It
gives
us
a
settings
area
for
other
instance,
level.
Security
features
going
forward,
so
this
again
could
be
scanner
level
configuration
across
an
entire
instance
that
maybe
something
on
the
container
side.
But
by
breaking
all
these
things
apart,
it's
opening
up
a
lot
of
flex
building
for
us
to
move
in
directions
that
would
be
challenging
with
the
UI
today.
A
So
that's
kind
of
what
I
wanted
to
give
a
full
overview
of
it,
we're
going
to
attempt
over
13:3
and
likely
into
13
for
iterating
towards
breaking
these
pieces
apart.
But
this
is
what
you
should
expect
to
see
over
the
next
couple
of
releases.
So
that's
what
I
have
for
everybody
today
I
hope
everyone
enjoyed
that
and
I
look
forward
to
seeing
all
the
evolution
of
our
security
dashboards
and
the
vulnerability
management
piece
in
general
over
time.
Thanks
for
watching.