Changing Security Dashboard to Security Center

b03c6a68 · Matt Wilson · Nick Gaskill · 946bb702 · b03c6a68 · b03c6a68
Commit b03c6a68 authored Sep 18, 2020 by Matt Wilson Committed by Nick Gaskill Sep 18, 2020
5 changed files
--- a/doc/README.md
+++ b/doc/README.md
@@ -295,7 +295,7 @@ The following documentation relates to the DevOps **Secure** stage:
 | [Dependency Scanning](user/application_security/dependency_scanning/index.md) **(ULTIMATE)**          | Analyze your dependencies for known vulnerabilities.                   |
 | [Dynamic Application Security Testing (DAST)](user/application_security/dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities.            |
 | [Group Security Dashboard](user/application_security/security_dashboard/index.md#group-security-dashboard) **(ULTIMATE)**      | View vulnerabilities in all the projects in a group and its subgroups. |
-| [Instance Security Dashboard](user/application_security/security_dashboard/index.md#instance-security-dashboard) **(ULTIMATE)**      | View vulnerabilities in all the projects you're interested in. |
+| [Instance Security Center](user/application_security/security_dashboard/index.md#instance-security-center) **(ULTIMATE)**      | View vulnerabilities in all the projects you're interested in. |
 | [License Compliance](user/compliance/license_compliance/index.md) **(ULTIMATE)**            | Search your project's dependencies for their licenses.                 |
 | [Pipeline Security](user/application_security/security_dashboard/index.md#pipeline-security) **(ULTIMATE)**    | View the security reports for your project's pipelines.               |
 | [Project Security Dashboard](user/application_security/security_dashboard/index.md#project-security-dashboard) **(ULTIMATE)**    | View the latest security reports for your project.                     |

--- a/doc/development/integrations/secure_partner_integration.md
+++ b/doc/development/integrations/secure_partner_integration.md
@@ -44,7 +44,7 @@ best place to integrate your own product and its results into GitLab.
 - If certain policies (such as [merge request approvals](../../user/project/merge_requests/merge_request_approvals.md))
  are in place for a project, developers must resolve specific findings or get
  an approval from a specific list of people.
- The [security dashboard](../../user/application_security/security_dashboard/index.md#gitlab-security-dashboard)
+- The [security dashboard](../../user/application_security/security_dashboard/index.md)
  also shows results which can developers can use to quickly see all the
  vulnerabilities that need to be addressed in the code.
 - When the developer reads the details about a vulnerability, they are

--- a/doc/user/application_security/security_dashboard/img/instance_security_center_settings_v13_4.png
+++ b/doc/user/application_security/security_dashboard/img/instance_security_center_settings_v13_4.png
--- a/doc/user/application_security/security_dashboard/img/instance_security_dashboard_v13_4.png
+++ b/doc/user/application_security/security_dashboard/img/instance_security_dashboard_v13_4.png
--- a/doc/user/application_security/security_dashboard/index.md
+++ b/doc/user/application_security/security_dashboard/index.md
@@ -5,21 +5,26 @@ group: Threat Insights
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 ---
-# GitLab Security Dashboard **(ULTIMATE)**
+# GitLab Security Dashboard, Security Center, and Vulnerability Reports **(ULTIMATE)**
-The Security Dashboard is a good place to get an overview of all the security
+GitLab provides a comprehensive set of features for viewing and managing vulnerabilities:
-vulnerabilities in your groups, projects, and pipelines.
+- Security dashboards: An overview of the security status in your instance, groups, and projects.
+- Vulnerability reports: Detailed lists of all vulnerabilities for the instance, group, project, or
+  pipeline. This is where you triage and manage vulnerabilities.
+- Security Center: A dedicated area for vulnerability management at the instance level. This
+  includes a security dashboard, vulnerability report, and settings.
 You can also drill down into a vulnerability and get extra information. This includes the project it
 comes from, any related file(s), and metadata that helps you analyze the risk it poses. You can also
 dismiss a vulnerability or create an issue for it.
-To benefit from the Security Dashboard you must first configure one of the
+To benefit from these features, you must first configure one of the
 [security scanners](../index.md).
 ## Supported reports
-The Security Dashboard displays vulnerabilities detected by scanners such as:
+The vulnerability report displays vulnerabilities detected by scanners such as:
 - [Container Scanning](../container_scanning/index.md)
 - [Dynamic Application Security Testing](../dast/index.md)
@@ -29,7 +34,7 @@ The Security Dashboard displays vulnerabilities detected by scanners such as:
 ## Requirements
-To use the instance, group, project, or pipeline security dashboard:
+To use the security dashboards and vulnerability reports:
 1. At least one project inside a group must be configured with at least one of
   the [supported reports](#supported-reports).
@@ -112,38 +117,43 @@ Next to the timeline chart is a list of projects, grouped and sorted by the seve
 Projects with no vulnerability tests configured will not appear in the list. Additionally, dismissed
 vulnerabilities are excluded.
-Navigate to the group's [Vulnerability Report](#vulnerability-list) to view the vulnerabilities found.
+Navigate to the group's [vulnerability report](#vulnerability-report) to view the vulnerabilities found.
+## Instance Security Center
-## Instance Security Dashboard
+> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3426) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.4.
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/6953) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.8.
+The Security Center is where you manage vulnerabilities for your instance. It displays the
+vulnerabilities present in the default branches of all the projects you configure. It includes the
+following:
-At the instance level, the Security Dashboard displays the vulnerabilities present in the default
+- The [group security dashboard's](#group-security-dashboard) features.
-branches of all the projects you configure to display on the dashboard. It includes all the
+- A [vulnerability report](#vulnerability-report).
-[group Security Dashboard's](#group-security-dashboard)
+- A dedicated settings area to configure which projects to display.
-features.
 ![Instance Security Dashboard with projects](img/instance_security_dashboard_v13_4.png)
-You can access the Instance Security Dashboard from the menu
+You can access the Instance Security Center from the menu
 bar at the top of the page. Under **More**, select **Security**.
-![Instance Security Dashboard navigation link](img/instance_security_dashboard_link_v12_4.png)
+![Instance Security Center navigation link](img/instance_security_dashboard_link_v12_4.png)
-The dashboard is empty before you add projects to it.
+The dashboard and vulnerability report are empty before you add projects.
-![Uninitialized Instance Security Dashboard](img/instance_security_dashboard_empty_v13_4.png)
+![Uninitialized Instance Security Center](img/instance_security_dashboard_empty_v13_4.png)
-### Adding projects to the dashboard
+### Adding projects to the Security Center
-To add projects to the dashboard:
+To add projects to the Security Center:
 1. Click **Settings** in the left navigation bar or click the **Add projects** button.
 1. Search for and add one or more projects using the **Search your projects** field.
 1. Click the **Add projects** button.
-After you add projects, the Security Dashboard displays the vulnerabilities found in those projects'
+![Adding projects to Instance Security Center](img/instance_security_center_settings_v13_4.png)
-default branches.
+After you add projects, the security dashboard and vulnerability report display the vulnerabilities
+found in those projects' default branches.
 ## Export vulnerabilities
@@ -192,14 +202,14 @@ When using [Auto DevOps](../../../topics/autodevops/index.md), use
 [special environment variables](../../../topics/autodevops/customize.md#environment-variables)
 to configure daily security scans.
-## Vulnerability list
+## Vulnerability report
-Each dashboard's vulnerability list contains vulnerabilities from the latest scans that were merged
+Each vulnerability report contains vulnerabilities from the latest scans that were merged
 into the default branch.
 ![Vulnerability Report](img/group_vulnerability_report_v13_4.png)
-You can filter which vulnerabilities the Security Dashboard displays by:
+You can filter which vulnerabilities the vulnerability report displays by:
 - Status
 - Severity