diff --git a/doc/user/application_security/vulnerability_report/_index.md b/doc/user/application_security/vulnerability_report/_index.md index 0844702b7552006ed8e4710dd78c0238c98c94b4..e01260b7ed4eea3d8e92b04f842913e92ced242e 100644 --- a/doc/user/application_security/vulnerability_report/_index.md +++ b/doc/user/application_security/vulnerability_report/_index.md @@ -115,8 +115,9 @@ To view the vulnerability report: {{< history >}} -- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/452492) the **Identifier** filter in GitLab 17.7 [with a flag](../../../administration/feature_flags/_index.md) named `vulnerability_filtering_by_identifier`. Enabled by default. -- [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/502930) in GitLab 17.9. Feature flag `vulnerability_filtering_by_identifier` removed. +- The **Identifier** filter was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/452492) in GitLab 17.7 [with a flag](../../../administration/feature_flags/_index.md) named `vulnerability_filtering_by_identifier`. Enabled by default. +- The **Identifier** filter was [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/502930) in GitLab 17.9. Feature flag `vulnerability_filtering_by_identifier` removed. +- The **Policy Violations** filter was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/561739) in GitLab 18.6 [with flags](../../../administration/feature_flags/_index.md) named `policy_violations_es_filter` and `security_policy_approval_warn_mode`. Enabled on GitLab.com. {{< /history >}} @@ -137,6 +138,7 @@ You can filter by: - **Project**: Filter vulnerabilities in specific projects (available only for groups). - **Reachability**: Filter based on whether the vulnerability is reachable: yes, not found, not available. - **Validity check**: Filter vulnerabilities by their validity status: active, inactive, possibly active. +- **PolicyViolation**: Filter based on the security policy violations bypass reason (requires [advanced vulnerability management](#advanced-vulnerability-management). Currently supporting filtering vulnerabilities introduced after bypassing a policy in warn mode. @@ -572,6 +574,7 @@ The newly-created vulnerability's detail page is opened. - Filters for OWASP 2021 grouping and identifiers in advanced search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/537673) in GitLab 18.1 with the feature flag `advanced_vulnerability_management`. Available in GitLab.com and GitLab Dedicated. Disabled by default. - Ingestion of vulnerability data into advanced search is [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/536299) on GitLab.com and GitLab Dedicated in GitLab 18.2. Feature flag `vulnerability_es_ingestion` removed. - Filters for OWASP 2021 grouping and identifiers in advanced search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/537673) in GitLab 18.2 with the feature flag `advanced_vulnerability_management`. Available in GitLab.com and GitLab Dedicated. Enabled by default. +- Filters for policy violations in advanced search [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/561739) in GitLab 18.6 with the feature flags `policy_violations_es_filter` and `security_policy_approval_warn_mode`. Available in GitLab.com and GitLab Dedicated. Enabled by default. {{< /history >}} @@ -590,6 +593,7 @@ Advanced search powers the following features: 1. Filtering based on a vulnerability's identifier in the vulnerability report for a project or group. 1. Filtering based on the reachability value in the vulnerability report for a project or group. 1. Filtering based on validity check value in the vulnerability report for a project or group. +1. Filtering based on the policy violation bypass reason. Advanced search is used only for these specific features, including when they are combined with other [filters](#filter-vulnerabilities). Other filters, when used independently, continue to use the standard PostgreSQL filtering.