Commit e368faf0 authored by Russell Dickenson's avatar Russell Dickenson Committed by Nick Gaskill

Add note about DAST on-demand scans

parent baf8fccc
...@@ -608,8 +608,11 @@ Alternatively, you can use the variable `SECURE_ANALYZERS_PREFIX` to override th ...@@ -608,8 +608,11 @@ Alternatively, you can use the variable `SECURE_ANALYZERS_PREFIX` to override th
> - It's able to be enabled or disabled per-project. > - It's able to be enabled or disabled per-project.
> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-on-demand-scans). > - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-on-demand-scans).
Passive DAST scans may be run on demand against a target website, outside the DevOps lifecycle. These scans will Passive DAST scans may be run on demand against a target website, outside the DevOps lifecycle. These scans are
always be associated with the default or `master` branch of your project and the results can be seen in the project dashboard. always associated with the default or `master` branch of your project and the results can be seen in the project dashboard.
NOTE: **Note:**
You cannot run an on-demand DAST scan against a protected branch unless you have permission to do so. The `master` branch is protected by default. For more details, see [Pipeline security on protected branches](../../../ci/pipelines/index.md#pipeline-security-on-protected-branches).
![DAST On-Demand Scan](img/dast_on_demand_v13_2.png) ![DAST On-Demand Scan](img/dast_on_demand_v13_2.png)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment