The following page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features or functionality remain at the sole discretion of GitLab Inc.
| Stage | Secure |
| Content Last Reviewed | 2025-03-26 |
| Content Last Updated | 2025-03-26 |
Dynamic Analysis is a group in the Secure stage. There are three categories in the group and details on the direction can be viewed on the following individual category pages:
| Priority | Name | Target release |
|---|---|---|
| 1 | DAST Crawler Improvements: form interactions | 17.11 |
| 2 | Collecting CI-based analyzer metrics | 17.10 |
| 3 | DAST Check CWE-79: Improper Neutralization of Input During Web Page Generation | 17.11 |
| 4 | OTP MFA support for DAST | 17.11 |
| 5 | DAST Detection parity with Default Secret Detection rules | TBD |
| 6 | DAST crawler improvements: W3C spec gap analysis | TBD |
| 7 | DAST Verbose logging enabled by default | TBD |
| 8 | Deduplicate scanning similar pages with DAST | TBD |
| 9 | Custom DAST Checks | TBD |
| 10 | DAST crawler improvements: Improve ability to detect previously seen elements | TBD |
| 11 | Close gaps for Browser Based DAST active checks | TBD |
| 12 | Close gaps in OpenAPI spec handling | TBD |
| 13 | Migrate API Checks to YAML | TBD |
| 14 | Update API Security Checks | TBD |
| 15 | API Discovery | TBD |
| 16 | API Inventory | TBD |
| 17 | Custom API Security Checks | TBD |
| 18 | Callback service for complex active attacks | TBD |
| 19 | API Risk Scoring | TBD |
| 20 | API Analysis | TBD |
| 21 | gRPC support for API Security Testing | TBD |
