From 798778378c748cea132ce611e34c6cae7352ffe1 Mon Sep 17 00:00:00 2001
From: Lucas Charles <me@lucascharles.me>
Date: Fri, 19 Aug 2022 03:16:12 +0000
Subject: [PATCH] doc: Add Sec Section development docs

Migrates seeded content from handbook tech docs page
---
 doc/development/feature_development.md |  1 +
 doc/development/sec/index.md           | 68 ++++++++++++++++++++++++++
 2 files changed, 69 insertions(+)
 create mode 100644 doc/development/sec/index.md

diff --git a/doc/development/feature_development.md b/doc/development/feature_development.md
index e50c1edd282e6..fd1c7f4afa549 100644
--- a/doc/development/feature_development.md
+++ b/doc/development/feature_development.md
@@ -174,6 +174,7 @@ See [database guidelines](database/index.md).
 ## Domain-specific guides
 
 - [CI/CD development documentation](cicd/index.md)
+- [Sec Section development documentation](sec/index.md)
 
 ## Technical Reference by Group
 
diff --git a/doc/development/sec/index.md b/doc/development/sec/index.md
new file mode 100644
index 0000000000000..0d1952cb7e4e7
--- /dev/null
+++ b/doc/development/sec/index.md
@@ -0,0 +1,68 @@
+---
+stage: Secure
+group: Static Analysis
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
+type: index, concepts, howto
+---
+
+# Sec Section development documentation **(FREE)**
+
+Development guides that are specific to Sec Section are listed here.
+
+See [Terminology](../../user/application_security/terminology) for an overview of our shared terminology.
+
+## Architecture
+
+- [Overview](#overview)
+- [Scanning](#scanning)
+- [Processing, visualization, and management](#processing-visualization-and-management)
+- [Severity Levels](../../user/application_security/vulnerabilities/severities.md)
+
+## Overview
+
+The architecture supporting the Secure features is split into two main parts:
+
+- Scanning
+- Processing, visualization, and management
+
+```mermaid
+flowchart LR
+  subgraph G1[Scanning]
+    Scanner
+    Analyzer
+    CI[CI Jobs]
+  end
+  subgraph G2[Processing, visualization, and management]
+   Parsers
+   Database
+   Views
+   Interactions
+  end
+  G1 --Report Artifact--> G2
+```
+
+### Scanning
+
+The scanning part is responsible for finding vulnerabilities in given resources, and exporting results.
+The scans are executed in CI/CD jobs via several small projects called [Analyzers](../../user/application_security/terminology/#analyzer), which can be found in our [Analyzers sub-group](https://gitlab.com/gitlab-org/security-products/analyzers).
+The Analyzers are wrappers around security tools called [Scanners](../../user/application_security/terminology/#scanner), developed internally or externally, to integrate them into GitLab.
+The Analyzers are mainly written in Go.
+
+Some 3rd party integrators also make additional Scanners available by following our [integration documentation](../integrations/secure.md), which leverages the same architecture.
+
+The results of the scans are exported as JSON reports that must comply with the [Secure report format](../../user/application_security/terminology/#secure-report-format) and are uploaded as [CI/CD Job Report artifacts](../../ci/pipelines/job_artifacts.md) to make them available for processing after the pipelines completes.
+
+### Processing, visualization, and management
+
+After the data is available as a Report Artifact it can be processed by the GitLab Rails application to enable our security features, including:
+
+- [Security Dashboards](../../user/application_security/security_dashboard/), Merge Request widget, Pipeline view, and so on.
+- [Interactions with vulnerabilities](../../user/application_security/#interact-with-findings-and-vulnerabilities).
+- [Approval rules](../../user/application_security/#security-approvals-in-merge-requests).
+
+Depending on the context, the security reports may be stored either in the database or stay as Report Artifacts for on-demand access.
+
+## CI/CD template development
+
+While CI/CD templates are the responsibiility of the Verify section, many are critical to the Sec Section's feature usage.
+If you are working with CI/CD templates, please read the [development guide for GitLab CI/CD templates](../cicd/templates.md).
-- 
GitLab