From 3cb812ee8cd8f3e40eabb6aa5556d5ed1bbc94c1 Mon Sep 17 00:00:00 2001 From: Avielle Wolfe <awolfe@gitlab.com> Date: Mon, 7 Sep 2020 16:57:11 -0500 Subject: [PATCH] Update ZAP argument passing example `-D` is being deprecated. This commit updates an example for passing arguments to ZAP to use an un-deprecated argument. --- doc/user/application_security/dast/index.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index a15bc2be10b5e..75d2047668c00 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -488,8 +488,8 @@ dast: ``` You must then overwrite the `script` command to pass in the appropriate -argument. For example, passive scanning can be delayed using option `-D`. The following -configuration delays passive scanning by five minutes: +argument. For example, vulnerability definitions in alpha can be included with +`-a`. The following configuration includes those definitions: ```yaml include: @@ -498,7 +498,7 @@ include: dast: script: - export DAST_WEBSITE=${DAST_WEBSITE:-$(cat environment_url.txt)} - - /analyze -D 300 -t $DAST_WEBSITE + - /analyze -a -t $DAST_WEBSITE ``` ### Custom ZAProxy configuration -- GitLab