gitlab-org--gitlab-foss/doc/user/application_security/threat_monitoring/index.md

1.9 KiB

type stage group info
reference, howto Protect Container Security To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments

Threat Monitoring (ULTIMATE)

Introduced in GitLab Ultimate 12.9.

The Threat Monitoring page provides alerts and metrics for the GitLab application runtime security features. You can access these by navigating to your project's Security & Compliance > Threat Monitoring page.

GitLab supports statistics for the following security features:

Container Network Policy Alert list

Introduced in GitLab Ultimate 13.9.

The policy alert list displays your policy's alert activity. You can sort the list by these columns:

  • Date and time
  • Events
  • Status

You can filter the list with the Policy Name filter and the Status filter at the top. Use the selector menu in the Status column to set the status for each alert:

  • Unreviewed
  • In review
  • Resolved
  • Dismissed

By default, the list doesn't display resolved or dismissed alerts.

Policy Alert List

Clicking an alert's row opens the alert drawer, which shows more information about the alert. A user can also create an incident from the alert and update the alert status in the alert drawer.

Clicking an alert's name takes the user to the alert details page.

For information on work in progress for the alerts dashboard, see this epic.