Commit 299208bf authored by Russell Dickenson's avatar Russell Dickenson

Merge branch 'sethgitlab-authenticated-scans-warning' into 'master'

Added warning on authenticated scans

See merge request gitlab-org/gitlab!28246
parents 1c9e3c40 764dd691
...@@ -148,6 +148,9 @@ The results will be saved as a ...@@ -148,6 +148,9 @@ The results will be saved as a
that you can later download and analyze. that you can later download and analyze.
Due to implementation limitations, we always take the latest DAST artifact available. Due to implementation limitations, we always take the latest DAST artifact available.
DANGER: **Danger:**
**DO NOT** run an authenticated scan against a production server. When an authenticated scan is run, it may perform *any* function that the authenticated user can. This includes modifying and deleting data, submitting forms, following links, and so on. Only run an authenticated scan against a test server.
### Full scan ### Full scan
DAST can be configured to perform [ZAP Full Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan), which DAST can be configured to perform [ZAP Full Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan), which
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment