Add information for keeping security dashboard up-to-date.

a1bb61a2 · Evan Read · Achilleas Pipinellis · df22bdb3 · a1bb61a2
Commit a1bb61a2 authored Sep 14, 2018 by Evan Read Committed by Achilleas Pipinellis Sep 14, 2018
Show whitespace changes
Inline Side-by-side

Showing with 22 additions and 5 deletions

doc/user/project/security_dashboard.md doc/user/project/security_dashboard.md +22 -5

No files found.
--- a/doc/user/project/security_dashboard.md
+++ b/doc/user/project/security_dashboard.md
 # Project Security Dashboard

-> [Introduced][ee-6165] in [GitLab Ultimate][ee] 11.1.
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/6165) in [GitLab Ultimate](https://about.gitlab.com/pricing) 11.1.

 The Security Dashboard displays the latest security reports for your project.
 Use it to find and fix vulnerabilities affecting the [default branch](./repository/branches/index.md#default-branch).
@@ -9,10 +9,27 @@ Use it to find and fix vulnerabilities affecting the [default branch](./reposito

 ## How it works?

-To benefit from the Security Dashboard you must first configure the [Security Reports](./merge_requests/index.md#security-reports).
+To benefit from the Security Dashboard you must first configure the [Security Reports](merge_requests/index.md#security-reports).

 The Security Dashboard will then list security vulnerabilities from the latest pipeline run on the default branch (e.g., `master`).
-You will also be able to interact with the reports [the same way you can do on a merge request](./merge_requests/index.md#interacting-with-security-reports).

-[ee-6165]: https://gitlab.com/gitlab-org/gitlab-ee/issues/6165
-[ee]: https://about.gitlab.com/pricing
+You will also be able to interact with the reports [the same way you can on a merge request](merge_requests/index.md#interacting-with-security-reports).
+
+## Keeping the Security Dashboard updated
+
+The Security Dashboard displays information from the results of the most recent security scan on the default branch. Security scans are performed every time the branch is updated.
+
+If the default branch is updated infrequently, scans are run infrequently and the information on the Security Dashboard can become outdated as new vulnerabilities are discovered.
+
+To ensure the information on the Security Dashboard is regularly updated, configure a [scheduled pipeline](pipelines/schedules.md) to run a daily security scan. This will update the information displayed on the Security Dashboard regardless of how often the default branch is updated.
+
+A daily security scan can be configured to only execute jobs that to relate to security. For more information on configuring security-related jobs, see:
+
+- [Static Application Security Testing](merge_requests/sast.md) and [example](../../ci/examples/sast.md).
+- [Dynamic Application Security Testing](merge_requests/dast.md) and [example](../../ci/examples/dast.md).
+- [Dependency Scanning](merge_requests/dependency_scanning.md) and [example](../../ci/examples/dependency_scanning.md).
+- [Container Scanning](merge_requests/container_scanning.md) and [example](../../ci/examples/container_scanning.md).
+
+### Security scans using Auto DevOps
+
+When using [Auto DevOps](../../topics/autodevops/index.md), use [special environment variables](../../topics/autodevops/index.md#environment-variables) to configure daily security scans.